Cyber Security: What Are You Doing?
May 20, 2021
I read “A Federal Government Left Completely Blind on Cyber attacks Looks to Force Reporting.” The write up uses a phrase for which there are a limited number of synonyms in English; namely, completely blind. There are numerous types of blindness. There’s the metaphorical blindness of William James, who coined the phrase “a certain blindness.” The wordy kin of the equally wordy Henry James means, I think, that some people just can’t “see” something. A friend says, “You will love working at Apple.” You say, “I don’t think so.” Hey, working at Apple is super, like the chaos monkeys on steroids.
Other types of blindness include losing one’s eyes; for example, Tiresias, who lost his vision seeing some interesting transformations. (Look it up.) There’s the Oedipus angle which involves breaking some Western cultural norms, ignoring inputs, and gouging out his eyes. Yep, that will do. Don’t listen, generate some inner angst, and poking one’s eyes. There are medical reasons galore. These range from protein build up, which is easily corrected today with some medical magic to truly weird stuff like nuclear radiation.
The point is that cyber security has left the US government “completely blind.” The write up says:
Lawmakers of both parties told POLITICO they are crafting legislation to mandate cyber attack reporting by critical infrastructure operators such as Colonial, along with major IT service providers and any other companies that do business with the government.
What are the “rules” now? The write up says:
No federal law or regulation requires pipeline operators to report any cybersecurity incidents to the government. Instead, suggested guidance from the Transportation Security Administration — the federal agency that oversees pipeline cybersecurity — recommends that they tell local and federal officials about significant breaches.
President Biden says, according to the article, “we have to do more than is being done now.”
Who agrees? If a commercial enterprise says, “Yo, breach”, won’t the stock or value of the brand decline. If a government agency says, “We’ve been hacked”, what happens to the security manager and his / her manager?
Are the cyber security vendors able to provide a solution? Maybe.
To sum up, lots of talk and more regulation. In the meantime, ransomware bad actors are seeing an open road, no traffic cops, and a dry, clear day. Put the pedal to the metal.
Stephen E Arnold, May 20, 2021
Surprise! Prabhakar Raghavan Runs Google
May 20, 2021
The revelation that the Google boss is Prabhakar Raghavan, a former Verity executive who jumped to Yahoo and bounced into Google. The article/interview “Prabhakar Raghavan Isn’t CEO of Google—He Just Runs the Place” is an entertaining romp through search and a number of other topics. Please, read the interview. I want to highlight three statements from the article and offer a few observations.
Dr. Raghavan is quoted as saying:
Even now, with all the resources of Alphabet, if you remove one of the biggest constraints, such as competition, the problem doesn’t become easier.
My interpretation of this statement is that Dr. Raghavan has admitted that Google has no competition. Perhaps the “if” is the word that allows my conclusion to be disputed. Nevertheless, search is tough; there’s no competition; and the first page of most query results are ads and Google-ized content. “Objective” and relevant search results may appear on subsequent results pages. Hunting for the optimal result is as tedious as digging through the pages of the paper version of the Readers’ Guide to Periodical Literature circa 1964.
Here’s another interesting statement:
For instance, if you ask, “What’s today’s weather?” I show you a module of the weather, I don’t send you off somewhere else.
I think this means that Google engineers stickiness into its search results. Google does not want the user to click away and possibly not enjoy more Googley goodness. Over the years, the stickiness has ossified into what is a walled garden. Google caches the most clicked on content and serves it from a point close to the user. The originating site is not involved in some cases. The walled garden is replacing Wild West swinging doors with those one-way doors found in secure facilities. Easy in but no way out.
My final circled item from the article/interview was:
There is no circumstance under which I would say let’s toss that out and become a conventional company, because that is not what is going to lead us to innovate and serve humanity.
Google does not want to be conventional.
Interesting. Google seems to be evolving into an entity which has not been seen for decades: A quasi-country which operates in a way that gives it as much control over what information flows as an old-fashioned dictatorship. The list of Google prohibited words is fascinating. The banned creators on YouTube is varied and evolving. The company’s approach to innovation is “me to, me to”. The short attention span for products and services is a challenge to developers.
How will Google fare in the harsh light of more legal scrutiny? Will Google’s handling of “ethical AI” become the standard for the emerging smart software sector? Will the learnings imparted at Verity transfer to the Google environment? Will Google deliver relevant search results without the curve balls that seem to be the go-to pitch for the core service?
No answers are available for these questions. Maybe in the next round of European Union and US legal activities.
Stephen E Arnold, May 20, 2021
Palantir: Pay Us in Bitcoin
May 19, 2021
I spotted an interesting article called “Palantir Technologies Accepts Bitcoin Payments, Might Hold on Balance Sheet.” Bitcoin is the poster child for digital currency. In some circles, Bitcoin evokes thoughts of money laundering and cyber crime. The write up points out in response to a question about crypto currency on the balance sheet:
Palantir’s CFO, David Glazer said, ‘The short answer is yes. We’re thinking about it and we’ve even discussed it internally. If you take a look at our balance sheet there’s $2.3 billion in cash at quarter-end including $151 million in cash flow in Q1. So it’s definitely on the table from a treasury perspective as well as other investments as we look across our business and beyond. Glazer went on to note that “in terms of accepting bitcoin from our customers, we do accept it as a form of payment. We’re open for business there.”
Some of the early investors in Palantir are enthused about digital currency. Business Insider reported that:
Block.one announced on Tuesday that it would launch a crypto exchange called Bullish. It’s landed over $10 billion in backing from Peter Thiel, Mike Novogratz, Louis Bacon, and Nomura. Novogratz said that Bullish’s scale and Block.one’s experience would make it “a formidable player.
Significant moves indeed. However, in the back of my mind is the thought that Bitcoin facilitates certain types of illegal activity. But that’s just my speculation.
Stephen E Arnold, May 19, 2021
TikTok: A Security Threat?
May 19, 2021
Some folks think the TikTok app is a security threat. On the other hand, there are some Silicon Valley poobahs who dismiss the idea that short videos viewed by millions is anything other than a harmless way to kill 30 seconds. These folks may perceive YouTube for Kids’s automatic playing of videos as harmless too. What’s the big deal? These are mostly kids.
“TikTok Banned from US Government Devices Due to Bill Deeming it ‘an Immediate Security Threat’” seems to suggest that some in Washington, DC, are concerned about the Chinese TikTok thing. The write up states:
the Senate Homeland Security and Governmental Affairs Committee has just unanimously passed a bill that would officially ban US federal workers from being able to download the now very popular app onto certain US government devices.
The intent of the bill is to keep the app off US government mobile devices. The reason? TikTok is a data harvester aligned with the Chinese government. lf TikTok does capture data and generate metadata about its users, new services introduced by ByteDance could be used to alter opinions and behavior of the services users? If TikTok does not, better safe than sorry maybe?
The new bill may not have the desired effect. The users of the service can access videos on another mobile, and the majority of the TikTok user base do not work in the US government. Meaningful regulation? On the surface, no.
Stephen E Arnold, May 19, 2021
Amazon: Better Web Tech for Al Qabas Than for the Wapo?
May 19, 2021
I know the Washington Post (hereinafter “Wapo”) is into technology. However, at first glance, it seems that AWS savvy Eurisko Mobility has glued together some of the AWS services to craft a next-generation “newspaper.” “Kuwaiti newspaper Al-Qabas partners with Eurisko Mobility to release innovative, AI-powered digital platform” reports:
This digital platform, designed and developed by Eurisko Mobility, will give readers on-the-go access to Al-Qabas TV, Al-Qabas audio books and their very own “My Page” section, a personalized news page tailored to each reader’s preferences.
The write up points out:
The AI-powered search and recommendation engine brings together the latest in high-end technologies, intelligent algorithms, optimization techniques and industry best practices to bring startlingly accurate and personalized results in a matter of milliseconds…
Will the Wapo emulate Al-Qabas?
Stephen E Arnold, May 19, 2021
Google Says, Roku You!
May 19, 2021
YouTube TV is a popular streaming service accessible through various sling boxes a.k.a. carriages. Apple TV, Amazon Fire, and Roku are the top carriages that offer YouTube TV. Roku, however, could soon be off that list says Android Police in: “Google Tells YouTube TV Customers To Spam Roku Support.”
Google owns YouTube and its affiliate TV streaming service and the search engine giant is pursuing a new contract with Roku. Google wants Roku to push YouTube TV to the front of its interface. Roku, however, claims Google is using its monopoly power to force them into a new contract.
“…Google is looking to position YouTube as the premier streaming destination on Roku, requesting a dedicated search page, boosted music results, and a full block on search returns from other sources while the YouTube app is open. In perhaps its most brazen move, the company has reportedly asked Roku to meet specific hardware requirements to continue carrying its apps. On paper, none of these demands have anything to do with YouTube TV. Instead, Roku alleges that Google is using negotiations for its cable streaming service to gain leverage for YouTube as a whole, a move labeled “anticompetitive” in this morning’s email.”
Roku reasonably requests its users to petition Google to keep YouTube TV on its carriage. Google denies that it wants access to user data or it would interfere with search results. They also told YouTube TV subscribers to message Roku’s customer support in order to keep the cable alternative.
Bicker, bicker, bicker. Google wants more power over Roku, but the company will not cave. Solution: Just stick the YouTube TV thing into the YouTube free thing. That’s a “Roku you” for sure.
Whitney Grace, May 19, 2021
Clarivate Buys ProQuest
May 18, 2021
I don’t want to go into the history of commercial database producers. (Those readings about Oliver Cromwell in my British history class were orders of magnitude more exciting.)
“ProQuest Bought by Clarivate in $5.3bn Deal” reports:
London-based Clarivate said the acquisition would establish it as “a premier provider of end-to-end research intelligence solutions” and significantly expand its content and data offerings.
Clarivate describes itself this way:
Together, we can create a better tomorrow.
The firm uses these phrases to communicate its business:
Every drop of potential needs to be squeezed from your IP
Make critical decisions with speed and certainty
Innovation in focus
Human ingenuity can change the world and improve our future
Accelerating innovation with actionable information and insights
If you are still unsure what the firm does, you will need to check the About page on the company’s Web site. Oh, sorry. There is no “About” page for Clarivate. A profile of the firm, which is assumed to be a household work, is available at this link.
ProQuest warrants its own Wikipedia entry which explains that
ProQuest LLC is an Ann Arbor, Michigan-based global information-content and technology company, founded in 1938 as University Microfilms by Eugene B. Power. ProQuest provides applications and products for libraries. ProQuest started as a producer of microfilm products, then became an electronic publisher, and later grew through acquisitions. Today, the company provides tools for discovery and citation management,[example needed] and platforms that allow library users to search, manage, use, and share research.
Net net: For fee online information access appears to mesh with the increased interest in subscription services. Challenges exist; for example, individuals like Sci Hub’s founder Alexandra Elbakyan and university professionals who can go off the reservation and present content outside of the peer reviewed journals, Dark Web archives, and customers mindful of the cost associated with an online for fee search may look for relevant information on Medium or Substack type services. My view is that this is a sale by ProQuest’s owner Cambridge Scientific Abstract comparable to Bill Ziff’s legendary deals.
Stephen E Arnold, May 18, 2021
UCF Cracks Sarcasm: With a Crocodile Smile?
May 18, 2021
I read some big news from Big News. The story “Researchers Develop A.I. That Can Detect Sarcasm” explains that smart software has the ability to parse text so that a determination can be made about the degree of non-smarty writing can be detected. The article states:
The team taught the computer model to find patterns that often indicate sarcasm and combined that with teaching the program to correctly pick out cue words in sequences that were more likely to indicate sarcasm. They taught the model to do this by feeding it large data sets and then checked its accuracy.
Presumably the hand-crafting of the training set is able to keep pace with the language of those seeking customer support. I have commented about the brilliance and responsiveness of the customer support available from major companies; for example, Microsoft and Verizon. Improving upon the clarity of information available from these organizations is difficult for me to envision. The excellent handling of SolarWinds by Microsoft and the management acumen demonstrated by Verizon with regard to Yahoo chisels a benchmark in marketing effectiveness.
The write up adds:
The multi-head self-attention module aids in identifying crucial sarcastic cue-words from the input, and the recurrent units learn long-range dependencies between these cue-words to better classify the input text.
Mix in sentiment analysis, and the simplicity of the method is evident.
I noted this statement:
Sarcasm detection in online communications from social networking platforms is much more challenging.
It seems that one of the final frontiers of human utterance has been cross. Sarcasm has been cracked. As I write this I manifest a crocodile smile. The reason? The time and cost of maintaining the training set so it reflects what TikTok and Dread users “do” with language may be a sticking point. Then the rules must be updated in near real time, assuming that the data flows are related to crime, war fighting, or financial fraud.
A big crocodile? Yes, and a big smile. But research grants and graduate students are eager to contribute because… degree.
Stephen E Arnold, May 18, 2021
Google and Apple App Stores Rebuked in Australia
May 18, 2021
In a conclusion that should surprise no one, the Australian Competition & Consumer Commission has found, “Dominance of Apple and Google’s App Stores Impacting Competition and Consumers.” The commission is in the midst of a five-year inquiry into the state of Australia’s digital-platform services market. Its second interim report suggests ways to reduce the outsized market power of both Google’s Play Store and Apple’s App Store. The media release states:
“The ACCC has put forward a series of potential measures in response to its findings, including that consumers be able to rate and review all apps, that consumers have the ability to change any pre-installed default app on their device, that app developers be allowed to provide consumers with information about alternative payment options and that information collected by Apple and Google in their capacity as app marketplace operators be ring-fenced from their other operations. ‘We have identified a number of areas where action is required and have put forward potential measures to address areas of particular concern. There is a window of opportunity for Apple and Google themselves to take steps to improve outcomes for app developers and consumers by adopting the potential measures we have identified,’ [ACCC Chair Rod] Sims said. The ACCC will revisit the issues raised in this report during the course of the five-year Digital Platform Services Inquiry and will take into account steps by Apple and Google to address the concerns identified.”
It is nice of the commission to give the tech firms a chance to comply with these suggestions, but will they? Sims and his team are not holding their breath—the commission is examining laws and proposals in other countries as it prepares to impose regulation should it be needed. Its third interim report is due on September 30.
Will Google hire the chaos monkey and ship him down under now that the Apple orchard acted with extreme prejudice?
Cynthia Murrell, May 18, 2021
Security: Survey Says, Not Buttoned Up
May 18, 2021
I read “Two Thirds of CISOs Admit They’re Not Ready to Face a Cyber attack.” Who would have guessed? Executives at SolarWinds, Microsoft, or Colonial Pipelines? Yet, we needed a survey to make insecurity visible it seems. The write up reports:
The 2021 edition of Proofpoint’s Voice of the CISO report — based on a survey of more than 1,400 CISOs in 14 countries — found 66 percent of the executives acknowledged their organizations were unprepared to handle a targeted cyber attack this year. In addition, more than half the CISOs (53 percent) admitted they are more concerned about the repercussions from a cyber attack this year than they were in 2020.
First, the good news. Cyber security executives are admitting that they are in reactive mode but admitting their work has been ineffective.
Now, the bad news. Bad actors can exploit the “gap” which exists between what executives license to protect their colleagues and their employers’ assets. That means that 2021 is not just going to be worse than 2020, one of the study’s findings. The survey data points out these findings:
- 64 percent of the survey respondents are “at risk of suffering a material cyber attack.” (Are those other 36 percent that confident?)
- 34 percent expect email compromises
- 27 percent anticipate ransomware. (73 percent of the sample are apparently not that nervous about ransomware. Odd because insiders and phishing deliver the goods, and the Colonial Pipeline incident makes clear that authorities can apply pressure to bad actors after the event. Predictive marketing jabber, not too helpful it seems.)
And threat intelligence, Dark Web indexes, and “special” content available to some cyber intelligence firms are more like looking in a rear view mirror than watching what’s ahead. Of course, this is my opinion, and I am confident that the venture fund fat cyber intelligence firms will beg to disagree.
Stephen E Arnold, May 18, 2021
-
- Subscribe to Beyond Search
Feature archive
News archive
-
