DarkCyber for May 18, 2021 Now Available
May 18, 2021
DarkCyber is a twice-a-month video news program usually available on YouTube at this link. The topics in the May 18, 2021, video include a look at what the Signal subpoena “signals” about advanced US intelware systems. The program also explores ways to spy on a mobile phone. If you want to purchase your own IMSI catcher, you will find a an online ecommerce site ready to respond. (Keep in mind intercepting mobile content can be problematic in some jurisdictions.) Reluctantly we revisit the increasingly embarrassing Microsoft security software and systems. We report that a UK cyber security company has entered into a partnership with Microsoft in order to put the polish on that digital Yugo. The program profiles a not-so-clever trick to smuggle liquid meth into the United States. The scheme included a drug mule, a VW SUV, and a fuel tank available from an auto parts shop. Hint: The ploy did not work. This program’s drone news explains the new features of the UAVTEK bug nano. This is a remarkable device which can operate in swarms, perform surveillance whether in the air or perched in an inconspicuous location. The new version can carry a payload; for example, additional sensors and micro-explosives.
DarkCyber is available at www.arnoldit.com/wordpress and on YouTube. (Sometimes the really smart software used to filter objectionable content becomes irritated with the video news program. Is it because the LE and intel centric content is troublesome? Is it because DarkCyber does not run ads (no big momma ads nor from individual companies), and the content is not sponsored. No wonder videos are objectionable. I mean no ads, no sponsorships, no shilling! Terrible, right?
Kenny Toth, May 18, 2021
PS. This video is available on Facebook (we think). Try this url: https://bit.ly/3wfTnNu
How To about Ransomware from Lawyers
May 17, 2021
Lawyers are sophisticated technologists in general. I was amazed with the advice in “Avoiding Ransomware Attacks is Not a Pipe Dream: Actionable Steps to Avoid Becoming the Next Victim.” Let’s run through the suggestions, shall we?
The first is to buy insurance. I am not sure how hedging financial losses is a way to “avoid ransomware.” If anything, insurance gives some people a false sense of security. My information comes from some individuals who suffered storm damage in Florida. Not a good sample I admit.
The second tip is to “understand what your IT provider is actually providing you.” My reaction to this brilliant chunk of “mom says” is that law firms may lack information technology professionals. I assume this dependence on outsourcing from individuals who have not read and understood the terms of their agreement with a service provider is a willing suspension of disbelief. Obviously any lawyer smart enough to buy insurance knows what an “IT provider provides.” Stellar logic.
The third tip is more reassuring: Understand what your “internal IT provides you.” Is there a cultural divide between the billable and the individuals who provide IT? No, it is helpful to speak with these IT professionals. For example, read the “data inventory.” Read the WISP or “written information security plan.” Know the firm’s “data breach response plan.” Know the “data retention plan.” (Absolutely. Without a copy of the information germane to a trial, how can those billable hours be counted. Perhaps keeping these data on a USB or a personal computer at one’s domicile is a great way to facilitate the “keep on billing” approach.) And, know the training plan. My goodness, it is possible that if a security training session is held at the firm, one should read about its plan. Attend? Yeah, well, maybe. One question, “Is there a Zoom or YouTube video one could watch if one is not billable?)
The final way to “avoid” ransomware is to talk with an attorney. What? I think the idea is that a firm may have its own legal counsel. But are recent hires permitted to call a firm’s legal advisors and spend the partners’ bonus money?
I am thrilled with this advice. Bad actors aware of law firms embracing this write up’s approach to security will seek a new line of work. Terrifyingly effective. Intellectually incisive. Practical. All-in-all wonderful.
Stephen E Arnold, May 17, 2021
Microsoft and Security: Bondo, Lead, or Duct Tape?
May 17, 2021
This round of updates will not fix all of Exchange’s vulnerabilities, but we may be getting closer to some semblance of security. The Register reports, “Microsoft Emits More Fixes for Exchange Server Plus Patches for Remote-Code Exec Holes in HTTP Stack, Visual Studio.” This release includes 55 CVE fixes for 32 MS apps and services, down from the 114 fixes released in April. Writer Thomas Claburn elaborates:
“Among the 55 CVEs identified by Microsoft, four are rated critical, 50 are rated important, and one is rated moderate. Those who recall the slew of Exchange Server fixes in March and April may experience a sense of deja vu: May brings still more Exchange Server fixes, for Exchange Server 2013 CU23, Exchange Server 2016 CU19 and CU20, and Exchange Server 2019 CU8 and CU9. The four Exchange bugs are all rated moderate; one, a security-feature bypass (CVE-2021-31207), is already publicly known. Dustin Childs, director of communications for the Zero Day Initiative, observes in an advisory that a number of Exchange bugs came out of the recent Pwn2Own exploit contest. ‘More Exchange patches are expected as not everything disclosed at the contest has been addressed,’ he said. Aware that state-sponsored miscreants have been breaking into Exchange Servers via earlier vulnerabilities, Microsoft said while it’s not aware of any active exploitation of these latest flaws, ‘our recommendation is to install these updates immediately to protect your environment.’”
Good idea. Childs points to several more vulnerabilities that warrant immediate attention in HTTP Protocol Stack, Hyper-V, Visual Studio, and Windows Wireless Networking. There are also two that depend on their victims accessing a website—an OLE Automation remote code execution vulnerability and a Scripting Engine memory corruption vulnerability. Will it be another month before Microsoft addresses these?
Cynthia Murrell, May 17, 2021
Search Share, Anyone? Qwant, Swisscows, Yandex, Yippy? (Oh, Sorry, Yippy May Be a Goner)
May 17, 2021
A recent study by marketing firm Adam & Eve DDB examined the impact of search-result placement on brand visibility over the past six years. McLellan Marketing Group summarizes the findings in it’s post, “Share of Search.” A company’s “share of search” is the percentage of searches for its product category that result in its site popping up near the top. The Google Analytics dashboard helpfully displays organizations’ referrals for specific keywords and phrases, while the Google Keyword Tool reports overall searches for each term or phrase. The study checked out the metrics for three examples. We learn:
“[Adam & Eve DDB’s Les] Binet explored three categories: an expensive considered purchase (automotive), a commodity (gas and electricity) and a lower-priced but very crowded brand segment (mobile phone handsets). The results were very telling. Here are some of the biggest takeaways:
Share of search correlates with market share in all three categories.
Share of search is a leading indicator/predictor of share of market – when share of search goes up, share of market tends to go up, and when share of search goes down, share of market falls.
This long-term prediction can also act as an early warning system for brands in terms of their market share.
Share of voice (advertising) has two effects on share of search: a significant short-term impact that produces a big burst but then fades rapidly, and a smaller, longer-term effect that lingers for a very long time.
The long-term effects build on each other, sustaining and growing over time.
Share of search could also be a new measure for brand strength or health of a brand by measuring the base level of share of search without advertising.
While share of search provides essential quantitative data, brands should also use qualitative research and sentiment analysis to get a more robust picture.”
We are told that when a brand’s search share surpasses its market share, growth is on the way. Yippee! How can one ensure such a result? Writer Drew McLellan reminds us that relevant content tailored to one’s audience is the key to organic search performance. Or one could just take the shortcut: buying Facebook and Google ads also does the trick. But we wonder—where is the fun in that? Yippy? Yippy? Duck Ducking the search thing?
Cynthia Murrell, May 17, 2021
Web Search: In Flux
May 17, 2021
I listened to an interview conducted by the host of the Big Technology podcast and Sridhar Ramaswamy, the former Xoogler who was in charge of Google Advertising for a number of years. Mr. Ramaswamy’s new venture is a subscription Web search engine. The interview was interesting, but I somehow missed the definition of what will be the “Web” content the system would index. I brought up this “missing question” at lunch today because the “Web” can mean different things to different searchers. Does the system search dynamic sites like those built on Shopify? Does it index forums and public discussion groups? Does it index password protected but no cost sites like Nextdoor.com? You get the idea without my tossing in videos, audio, and tabular data on government Web sites.
What the interview did not touch upon was the Infinity search system. You can get information about this $5.00 US per month service at this link. The system seems to be a combination of metasearch and proprietary indexing. Our tests, prior to its becoming a subscription service, were mixed. Overall, the results were not as useful as those retrieved from Swisscows.com, for example. The value proposition of the Xoogler’s subscription search service and Infinity seemed similar.
I want to mention that Yippy, the Web search component of Vivisimo seems to have gone offline. I thought the Vivisimo service was interesting even though the company focused on selling itself to IBM and becoming a cog in the IBM Big Data Watson world. The on-the-fly clustering was as good if not better than the original version of Northern Light clustering. As I listened to the explanation of why the time is right for subscription search of Web (whatever that means), I wondered why Yippy did not push aggressively for subscription revenues. Perhaps subscription services make sense when plugging assumptions into an Excel model? In real life, subscriptions are difficult.
The realities of Web (whatever that means) search is that costs go up. The brutal fact is that once content is indexed, that content must be revisited and changes discerned. Indexing changed content keeps the information in the index for those sites fresh. Also, the flows of new content mean that wonky new sites like those tallied by Product Hunt have to identified, indexed, and then passed to the update queue. The users are often indifferent to indexing update cycles. Web search engines have to allocate their resources among a number of different demands; for example, which sites get updated in near real time? What sites get indexed every six months like the US government Railway Retirement Board site? What sites get a look every couple of months?
And what about the rich media? The discussion groups? The Web sites which change their method of presenting content so that a crawler just skips the site? How deep does the crawler go? What happens to images? What about sites which require users to do something to get access; for example, a user name, a password, and then authentication on a smartphone?
Net net: The world of Web search is in flux. It is more difficult than at any time in my professional life to locate specific information. Maybe subscription services will do the trick? My hunch is that the lessons of the DataStars and Dialcoms and Lycoses will helpful to today’s innovators.
What you don’t remember DataStar? That’s one of the issues experts in search and retrieval face: Learning from yesterday’s innovators.
Stephen E Arnold, May 17, 2021
Google Tesla: A New Play for the Final Frontier?
May 14, 2021
I read some real “news provided by Google Cloud”. The story was “Google Cloud and SpaceX’s Starlink to Deliver Secure, Global Connectivity.” The write up said:
Google Cloud and SpaceX today announced a new partnership to deliver data, cloud services, and applications to customers at the network edge, leveraging Starlink’s ability to provide high-speed broadband internet around the world and Google Cloud’s infrastructure. Under this partnership, SpaceX will begin to locate Starlink ground stations within Google data center properties, enabling the secure, low-latency, and reliable delivery of data from more than 1,500 Starlink satellites launched to orbit to-date to locations at the network edge via Google Cloud. Google Cloud’s high-capacity private network will support the delivery of Starlink’s global satellite internet service, bringing businesses and consumers seamless connectivity to the cloud and Internet, and enabling the delivery of critical enterprise applications to virtually any location.
Tweets ensued. Pundits pundited.
Most of the comments focused on the key words the wordsmiths at the GOOG included; for example:
- Edge
- Organizations
- Private network
- Rural
- Seamless connectivity
Google knows what words are popular and elicit clicks. Very terrestrial.
However, the tie up — if it works out and does not get marginalized like Google’s Dodgeball, Orkut, and WebAccelerator efforts — could be something slightly more ambitious than connecting people to persistent advertising.
The deal makes the on-again, off-again lovebirds Google and Tesla the hot couple. The immediate payoff is publicity, usually good for a company’s stock price. The deal also may irritate some of the space-crazed wizards at Amazon, who also offer cloud services. Advertisers may like the idea of global delivery of compelling messages about vacation rentals, chicken sandwiches, and grammar checking software.
I see three different angles.
The first is that the Google – Tesla thing may represent a method for providing a new type of meta-fabric for innovation. If the service works, advertising may be available for those wanting to distribute messages globally to specific individuals who are going to buy something no matter where they are.
Second is that the service will be space-based. That alone provides a marketing and hyperbole edge. Even if the service burns up in the earth’s atmosphere, the deal is a juicy one. Think about those mid tier consultants writing “reports” this weekend. Boom. Consulting opportunities.
Third is that if the visions of the Musk-its (not Muscovites mind you) and the Googlers come to pass, we have a new type of information company in development. If the blended system works, the old AT&T is going to look even more old fashioned than it does at this time.
Net net: Satellites, a Saturday Night Live host, smart advertising, the “cloud” — what’s not to like? Will regulatory authorities buy the terrestrial spin in the Google news release? Probably. In the absence of regulatory controls, the sky’s the limit. Maybe I should say “the solar system” or maybe the “universe” is the limit. Amazon, Microsoft, Apple? Your move.
Stephen E Arnold, May 14, 2021
Who Watches? Mom or a 20-Something?
May 14, 2021
It is undeniable that COVID-19 has forever changed the work environment. In order to guarantee that telecommuting workers were being productive, organizations adopted new ways to monitor their performance. These include software that pushes the boundary between professionalism and Big Brother.
Organization heavily relied on Zoom for business meetings and calls, but that could be a thing of the past if NICE works. CFO Tech New Zealand has the details on the new employee management software: “NICE Rolls Out Agile Workforce Management For Distributed Workforces.”
NICE is a workforce engagement management (WEM) platform designed to virtually connect workforces in one location. Even thought workers can log onto a work network, engage in a Zoom conference call, or share work via the cloud it does not give them one centralized location.
It also does not allow organizations the chance to check in on their employees’ work. Before the pandemic, offices had “swivel chair assistance” or direct communication with workers. Worker engagement is at an all time low, but WEM could fix that. Here some NICE features:
“Gain visibility – understand employee activities and behaviors based on desktop analytics and workforce management (WFM) data from schedules and activities. By leveraging business-based key performance indicators (KPIs), such as average handle time (AHT), productivity and adherence, organizations can now drive team and employee focus. A holistic view of the blended office and workforce also enables better management of performance and skill gaps. Ensure performance – personalize employee coaching to meet and exceed business goals by focusing on direct data that emphasizes knowledge and gaps. This enables supervisors and managers to guide the workforce in the right direction. Share dedicated employee dashboards that provide insights to adjust their performance course. Drive engagement – boost workforce commitment and engagement by creating activities that challenge, motivate and reward employees to achieve results and support teamwork. Reward success by applying points and badges and enable their use for additional time off or related prizes.”
Exactly what does NICE do as part of its business? Does the firm provide specialized services to intelligence agencies, security, and law enforcement? That’s a good question. The answer may put these NICE workforce engagement tools in a different context.
Whitney Grace, May 14, 2021
Speak Using Our Words, Or Do Not Speak
May 14, 2021
Google has learned from legal misfortune, both its own and other companies’. That is why, “To Head Off Regulators, Google Makes Certain Words Taboo.” The Next Web post outlines several of the major antitrust investigations the company currently faces at home and abroad. It also describes the role language played in past lawsuits brought against Google and, notably, Microsoft. We learn employees are given specific instructions on their language and other parts of communication both inside and outside the company. Having acquired some internal documents, the journalist known as The Markup writes:
“The taboo words include ‘market,’ ‘barriers to entry,’ and ‘network effects,’ which is when products such as social networks become more valuable as more people use them. ‘Words matter. Especially in antitrust law,’ reads one document titled Five Rules of Thumb for Written Communications. ‘Alphabet gets sued a lot, and we have our fair share of regulatory investigations,’ reads another. ‘Assume every document will become public.’ The internal documents appear to be part of a self-guided training session for a wide range of the company’s more than 100,000 employees, from engineers to salespeople. One document, titled ‘Global Competition Policy,’ says it applies not only to interns and employees but also to temps, vendors, and contractors. The documents explain the basics of antitrust law and caution against loose talk that could have implications for government regulators or private lawsuits. In one of the documents, which appear to be written by the legal team, employees are advised to choose their words carefully and use only third-party data when referencing Google’s ‘position in search’ in sales pitches. They are further cautioned never to print or hand out their slides.”
The documents helpfully suggest alternative words, including “industry,” “space,” “area,” or the name of a region instead of “market;” “valuable to users” rather than “network effects;” and “challenges” instead of “barriers to entry.” Though employees may (mis)use terms innocently, history tells us lawyers and regulators can and will seize upon certain definitions to build their cases. The higher in the company one is, the riskier careless language becomes. Especially sensitive are phrasings that suggest Google dominates any market, intends to “crush” its competition, or makes any choice for its own advantage rather than for the benefit of users. Because, of course, Google would never do that.
Cynthia Murrell, May 14, 2021
Realistic AI Clones are Here
May 14, 2021
Is this the future of our now ubiquitous Zoom meetings? PetaPixel tells us that “AI Can Now Turn You Into a Fully Digital, Realistic Talking Clone.” Startup Hour One’ technology can create one’s digital clone and put words in its mouth. The article shares a clip of an example avatar, that of YouTube personality Taryn Southern. Southern only had to speak and sing for about seven minutes in front of a green screen to establish the AI clone, which was then fed a script by Hour One. The result is convincing. We do note it seems that, at least so far, the clone must sit still and squarely face the “camera.” Curious readers can see more examples on the company’s website. We see how this could be useful, if only to stay in pajamas while one’s clone took virtual meetings, but what could bad actors do with the tech? Reporter Jaron Schneider writes:
“Hundreds of videos can be generated in a matter of minutes just by submitting text to the platform. A creator would not need to record any audio at all. On the plus side, it doesn’t look like it would be possible to create an AI person without this studio time, but it also means that it would theoretically be possible to obtain the AI version of Southern and input any texts into the program which the AI would read as though it were her. The ramifications of that are daunting. Still, Hour One argues that the benefits of its technologies outweigh the possible downsides. The company claims that with this technology, content creators will see a drastic reduction in the time and cost of video production to a matter of minutes. Additionally, a video can be created without a time-intensive routine to look presentable for the camera (AI Taryn jokes that she can now create new YouTube videos ‘without the real Taryn having to shower or leave her bed.’). Additionally, any AI clone can speak multiple languages which allow for greater distribution of content to more people around the world.”
The company admits the approach will work for some formats, like news broadcasts, better than for others, like stand-up comedy. Schneider cautions readers not to confuse this tool with deep fakes, which overlay someone’s face over existing footage. Hour One’s tech goes beyond that to create completely new content. Founded in 2019, the company is based in Tel Aviv, Israel.
Cynthia Murrell, May 14, 2021
Microsoft Partners Up for Smarter Security
May 13, 2021
I noted “Microsoft Partners with Darktrace to Help Customers Combat Cyber Threats with AI.” You may know that Microsoft has been the subject of some attention. No, I am not talking about Windows 10 updates which cause printers to become doorstops. Nope. I am not talking about the fate of a leaner, meaner version of Windows. Yep, I am making a reference to the SolarWinds’ misstep and the alleged manipulation of Microsoft Exchange Server to create a reprise of “waiting on line for fuel.” This was a popular side show in the Washington, DC, area in the mid-1970s.
How does Microsoft address its security PR challenge? There are white papers from Microsoft threat experts. There are meetings in DC ostensibly about JEDI but which may — just by happenstance — bring up the issue of security. No big deal, of course. And Microsoft forms new security-centric partnerships.
The partner mentioned in the write up is Darktrace. The company relies on technology somewhat related to the systems and methods packaged in the Autonomy content processing system. That technology included Bayesian methods, was at one time owned by Cambridge Neurodynamics, and licensed to Autonomy. (A summary of Autonomy is available at this link. The write up points out that Bayesian methods are centuries old and often criticized because humans have to set thresholds for some applications of the numerical recipes. Thus, outputs are not “objective” and can vary as the method iterates.) Darktrace’s origins are in Cambridge and some of the firm’s funding came from Michael Lynch-affiliated Invoke Capital. The firm’s Web page states:
Founded by celebrated technologist and entrepreneur, Dr Mike Lynch OBE, Invoke Capital founds, invests in and advises fast-growing fundamental technology companies in Europe. With deep expertise in identifying and commercializing artificial intelligence research and a close relationship with the University of Cambridge, Invoke exists to realize the commercial possibilities of Britain’s extraordinary science and deep technology base. Since 2012, Invoke has been instrumental in founding, creating and developing prominent technologies, and then finding the right teams to scale them into global businesses. Invoke’s companies include Darktrace, a world-leading cyber AI company that employs more than 1,500 people globally, Luminance, an award-winning machine learning platform for the legal industry, and AI fraud-detection engine, Featurespace. Invoke exited data-driven medicine experts, Sophia Genetics, in 2020.
{The Register provides a run down of some of the legal activity associated with Mr. Lynch at this link. )
The item presenting the tie up of Microsoft and Darktrace states:
Microsoft announced today a new partnership with Darktrace, a UK-based cyber security AI firm that works with customers to address threats using what it describes as “self-learning artificial intelligence”. Darktrace’s threat response system is designed to counter insider threats, espionage, supply chain attacks, phishing, and ransomware. The partnership between Microsoft and Darktrace is meant to give organizations an automated way of investigating threats across multiple platforms. Darktrace’s system works by learning the data within a specific environment as well as how users behave. The goal is to tell which activity is benign or malicious.
For more information about Darktrace, one can consult the firm’s Web site. For a different view, an entity with the handle OneWithCommonSense provides his/her assessment of the system. You can find that document (verified online on May 13, 2021) at this link.
Why is this interesting?
- The use of a system and method which may be related to how the Autonomy system operates may be an example how one mathematical method can be extended to a different suite of use cases; specifically, cyber security.
- The Darktrace disclosures about its technology make it clear that the technology is in the category of “artificial intelligence” or what I call smart software. Systems and methods which are more efficient, economical, and more effective are reasons why smart software is an important product category to watch.
- Darktrace (to my knowledge) may have the capability to recognize and issue an alert about SolarWinds-type incursions. Other cyber security firms’ smart software dropped the ball and many were blindsided by the subsequent Microsoft Exchange Server and shell exploits.
As a side note, Microsoft acquired the Fast Search & Transfer company after there were legal inquiries into the company. That was a company based in Norway. With the Darktrace deal, Microsoft is again looking offshore for solution to what on the surface seems to be the Achilles’ heel of the company’s product portfolio: Its operating system and related services.
Will Darktrace’s technology address the debilitating foot injury Microsoft has suffered? Worth watching because bad actors are having a field day with free ice cream as a result of the revelations related to Microsoft’s security engineering. Windows Defender may get an injection of a technology that caught Dr. Lynch’s eye. Quick is better in my opinion.
Stephen E Arnold, May 13, 2021
-
- Subscribe to Beyond Search
Feature archive
News archive
-
