Searcher Beware or Turpiculo Puella Naso, Take What You Get
May 6, 2021
More Google ads, more questions like this one: How many would knowingly pay to have an algorithm dial a number for them? Apparently, searchers are being tricked into doing just that, we learn from this article posted at the Which? Press Office: “Misleading Customer Service Ads on Google are Costing Consumers, Which? Reveals.”
Researchers at Which?, a consumer advocacy organization in the UK, studied the results that popped up when they searched for car insurer’s phone numbers. They found both high-rate call connection services and claims-management companies often appeared at the top of the list, before the insurers’ own sites. The write-up tells us:
“Which? found one in five searches (21%) displayed adverts for ‘call connecting’ services at the top of the results. These adverts appear above the insurer’s number and when consumers tap on an advert, they’ll be taken to a website which displays a large phone number and a button that says ‘click to call’. Consumers will be put through to their insurer, but via a premium-rate phone number. The cost of making these calls can quickly escalate – with a 30-minute phone call costing £112.50 on Sky, £124.50 on Three and £127.50 on Vodafone.”
As of this writing, £1 equals $1.39 US. That is a lot to skip the bother of dialing (or copy-and-pasting) for oneself. Such ads officially violate Google’s rules, and the company swears it removes them. And yet, there they were. Then there are the claims management companies. We learn:
“The investigation also found ‘click to dial’ ads for claims management companies (CMCs) were rife and appeared in two in five searches (43%) for customer service phone numbers. ‘Click to dial’ ads have a clickable number in the search result itself. Some of these ads can trick customers to believe they’re contacting their insurer, when they’re actually being put through to a third-party to handle their claim, who will take a cut from any insurance payout. These charges often aren’t stated upfront on the CMCs websites and can catch consumers unaware.”
Insurers have been complaining to Google about these ads for years, but can do little about them but warn their customers. Only if the CMC performs certain deceptions, like using an insurer’s logo, can the company petition to have the ads removed. Less infringing tricks, like using the word “official,” are just fine by Google. To get their own ads to appear at the top, insurers must pay more and more protection (aka advertising) money to Google. Again, Google swears it does not allow misleading advertising. Which? is trying convince the search giant to do more to stop these ads, but they are battling uphill against the power of ad revenue. Meanwhile, users are reminded to check for the little word “Ad” in the top corner of search results and to check that results match the term they entered and state the name of the company they are trying to connect with. As long as Google refuses to protect its users, caution is required.
Cynthia Murrell, May 6, 2021
Privacy Challenges with Android Contact Tracing App
May 6, 2021
Why are we not surprised? We learn from The Markup that “Google Promised its Contact Tracing App Was Completely Private—But it Wasn’t.” The COVID contact-tracing framework, developed in a unique partnership with Apple, was used by several government agencies in their official apps. Millions of citizens took CEOs Sundar Pichai (Google) and Tim Cook (Apple) at their word that personal data would be kept private and downloaded the apps.
To trace contacts, enabled devices exchange anonymized Bluetooth signals with each other whenever people with the app are within 6 feet for 10 minutes or more. To make it harder to identify users, those symbols are changed every 15 minutes and are created from a key that changes every 24 hours. On Android (Google) devices, the exchanged signals are saved to the system logs where they are securely buried unless the user tests positive and chooses to share that information. At least, that’s the idea. Reporter Alfred Ng cites AppCensus forensics lead Joel Reardon as he writes:
“The issue, Reardon said, is that hundreds of preinstalled apps like Samsung Browser and Motorola’s MotoCare on Android devices have access to potentially sensitive information that the contact tracing apps store in system logs—a byproduct of how the preinstalled apps receive information about user analytics and crash reports. … Studies have found that more than 400 preinstalled apps on phones built by Samsung, Motorola, Huawei, and other companies have permission to read system logs for crash reports and analytic purposes. In the case of contact tracing apps, Reardon found that the system logs included data on whether a person was in contact with someone who tested positive for COVID-19 and could contain identifying information such as a device’s name, MAC address, and advertising ID from other apps. In theory, that information could be swept up by preinstalled apps and sent back to their company’s servers. He has not found that any apps have actually gathered that data, but there’s nothing preventing them from doing so.”
Ah, third-party preinstalled apps. Perhaps Google could be forgiven for overlooking that vulnerability if they had taken it seriously when it was brought to their attention. This past February, AppCensus researchers hired by the Department of Homeland Security found the problem and alerted Google. (They found no similar problems with the iPhone version.) Alas, Google has not fixed what Reardon calls a “one-line thing.” Instead the company has issued vague promises of rolling out an update of some sort at some time. Very reassuring.
Cynthia Murrell, May 6, 2021
Reddit Search Engines: Some Tweaks Might Be Useful
May 6, 2021
Reddit is a popular and vast social media network. It is also a big disorganized mess. The likelihood of finding a thread you read on the main page three weeks ago is zero to null, unless you happened to make a comment on it. That, however, requires a Reddit account, but not everyone has one. Google and other search engines attempt to locate information on Reddit. Reddit attempts to do the same for itself. Both options have limited results.
Reddit search is a can of worms, much like the web site itself. Information can be found, but it requires a lot of digging. A specialized search algorithm specifically designed to handle the information dump that is Reddit would be the best option. Github hosts a Reddit Search application that does a fair job of locating information, although it has some drawbacks. The search filters are perfect for Reddit, focusing on the author, subreddit, score, dates, search terms, and searching through posts or comments. The more one knows about the post/comment they wish to locate, the better the search application is. However, if searching for basic information on a topic without filling in the subreddit, date span, or author delimiters spits back hundreds of search results. Reddit Search is similar to how most out of the box search tools function. They work, but need a lot of fine tuning before they are actually useful. Reddit Search does work as long as you have specific information to fill in the search boxes. Otherwise, it only returns semi useful results. The good news is that old Reddit is still available. Hunting remains the name of the game for some online information retrieval tasks.
Whitney Grace, May 6, 2021
The Addiction Analogy: The Cancellation of Influencer Rand Fishkin
May 5, 2021
Another short item. I read a series of tweets which you may be able to view at this link. The main idea is that an influencer was to give a talk about marketing. The unnamed organizer did not like Influencer Fishkin’s content. And what was that content? Information and observations critical of the outstanding commercial enterprises Facebook and Google. The apparent points of irritation were Influencer Fishkin’s statements to the effect that the two estimable outfits (Facebook and Google) were not “friendly, in-your-corner partners.” Interesting, but for me that was only part of the story.
Here’s what I surmised from the information provided by Influencer Fishkin:
- Manipulation is central to the way in which these two lighthouse firms operate in the dark world of online
- Both venerated companies function without consequences for their actions designed to generated revenue
- The treasured entities apply the model and pattern to “sector after sector.”
Beyond Search loves these revered companies.
But there is one word which casts a Beijing-in-a-sandstorm color over Influencer Fishkin’s remarks. And that word is?
Addiction
The idea is that these cherished organizations use their market position (which some have described as a monopoly set up) and specific content to make it difficult for a “user” of the “free” service to kick the habit.
My hunch is that neither of these esteemed commercial enterprises wants to be characterized as purveyor of gateway drugs, digital opioids, or artificers who put large monkeys on “users” backs.
That’s not a good look.
Hence, cancellation is a pragmatic fix, is it not?
Stephen E Arnold, May 5, 2021
A Field of Data Silos: No Problem
May 5, 2021
The hype about silos has followed data to the cloud. IT Brief grumbles, “How Cloud Silos Are Holding Organisations Back.” Although the brief write-up acknowledges that silos can be desirable, it issues the familiar call to unify the data therein. PureStorage CTO Mark Jobbins writes:
“Overcoming the challenges presented by having cloud silos requires organisations to develop a robust data architecture. Having a common data platform should form the foundation of the data architecture, one that decouples applications and their data from their underlying infrastructure, preventing organizations from being locked into a single delivery model. Working with a multi-cloud architecture is valuable because it helps organizations utilize best-in-breed services from the various cloud service providers. It also reduces vendor lock-in, improves redundancy, and lets businesses choose the ideal features they need for their operations. It’s important to have a strong multi-cloud strategy to ensure the business gets the right mix of security, performance, and cost. The strategy should include the tools and technologies that consolidate cloud resources into a single, cohesive interface for managing cloud infrastructure. Hybrid clouds bring public and private clouds together.”
Such “hybrid clouds” allow an organization to retain those advantages of that multi-cloud architecture with the blessed unified platform. Of course, this is no simple task, so we are told one must recruit a gifted storage specialist to help. We presume this is where Jobbins’ company comes in.
Cynthia Murrell, May 5, 2021
Russia Keeps Backdoor Into US Security Networks
May 5, 2021
Russia and the US keep each other at arm’s length. While the two countries might not officially be at war, each are wary of what the other does behind closed doors. In March, the US Department of Homeland Security was hacked in what is now called the SolarWinds hack. US authorities believe it was Russia’s doing and, according to Engadget, they kept a back door open: “Report: Russia ‘Likely’ Kept Access To US Networks After SolarWinds Hack.”
Despite the US bolstering their firewalls and security systems in the wake of the SolarWinds hack, Russia’s SVR intelligence agency could still have access to them. Deputy National Security Director Anne Neuberger did not directly state that Russia still has access to the systems, but did say blaming Russia for the hacks was not going to prevent future attacks.
Russia has hacked US systems for years:
“A continued presence in American networks is consistent with history. Russia continued to mount cyber attacks against the US after the Obama administration imposed sanctions in late 2016, targeting politicians and other systems during the 2018 midterms and beyond. Even if the US successfully dislodged Russia from government systems, there was a good chance it would find another security hole.”
While the US has a robust digital security system with robust minds operating it, Russia has their own equivalent. Each country will continue to attack the other in order to have an edge in this post-Cold War world.
Whitney Grace, May 5, 2021
Amazing Moments in Cyber Security: The SolarWinds Awards
May 5, 2021
Believe it or not.
In a gem of an understatement, SolarWinds’ Sojung Lee called 2020 a “challenging year.” Lee made this assessment at his company’s recent APJ Q2 Virtual Partner Briefing where, as ChannelLife reports, “SolarWinds Celebrates Channel Partners in APJ Channel Awards.” Yes, that company gives out awards. We’re told:
“The awards recognize SolarWinds’ partners and distributors for their achievements in delivering services and expertise to customers. SolarWinds Asia Pacific and Jap vice president sales, Sojung Lee, says that 2020 was a challenging year but SolarWinds partners remained resilient.”
Resilient—yes, they would have to be. Readers can navigate to the brief write-up for the list of recipients, if curious. We just find it remarkable this list even exists at this point in time. What about these “winners’” security? We don’t know and maybe SolarWinds does not either. Sales, not security, could be job one.
Cynthia Murrell, May 5, 2021
Selective YouTube Upload Filtering or Erratic Smart Software?
May 4, 2021
I received some information about a YouTuber named Aquachiggers. I watched this person’s eight minute video in which Aquachigger explained that his videos had been downloaded from YouTube. Then an individual (whom I shall described as an alleged bad actor) uploaded those Aquachigger videos with a the alleged bad actor’s voice over. I think the technical term for this is a copyright violation taco.
I am not sure who did what in this quite unusual recycling of user content. What’s clear is that YouTube’s mechanism to determine if an uploaded video violates Google rules (who really knows what these are other than the magic algorithms which operate like tireless, non-human Amazon warehouse workers). Allegedly Google’s YouTube digital third grade teacher software can spot copyright violations and give the bad actor a chance to rehabilitate an offending video.
According to Aquachigger, content was appropriated, and then via logic which is crystalline to Googlers, notified Aquachigger that his channel would be terminated for copyright violation. Yep, the “creator” Aquachigger would be banned from YouTube, losing ad revenue and subscriber access, because an alleged bad actor took the Aquachigger content, slapped an audio track over it, and monetized that content. The alleged bad actor is generating revenue by unauthorized appropriation of another person’s content. The key is that the alleged bad actor generates more clicks than the “creator” Aquachigger.
Following this?
I decided to test the YouTube embedded content filtering system. I inserted a 45 second segment from a Carnegie Mellon news release about one of its innovations. I hit the upload button and discovered that after the video was uploaded to YouTube, the Googley system informed me that the video with the Carnegie Mellon news snip required further processing. The Googley system labored for three hours. I decided to see what would happen if I uploaded the test segment to Facebook. Zippity-doo. Facebook accepted my test video.
What I learned from my statistically insignificant test that I could formulate some tentative questions; for example:
- If YouTube could “block” my upload of the video PR snippet, would YouTube be able to block the Aquachigger bad actor’s recycled Aquachigger content?
- Why would YouTube block a snippet of a news release video from a university touting its technical innovation?
- Why would YouTube, create the perception that Aquachigger be “terminated”?
- Would YouTube be allowing the unauthorized use of Aquachigger content in order to derive more revenue from that content on the much smaller Aquachigger follower base?
Interesting questions. I don’t have answers, but this Aquachigger incident and my test indicate that consistency is the hobgoblin of some smart software. That’s why I laughed when I navigated to Jigsaw, a Google service, and learned that Google is committed to “protecting voices in conversation.” Furthermore:
Online abuse and toxicity stops people from engaging in conversation and, in extreme cases, forces people offline. We’re finding new ways to reduce toxicity, and ensure everyone can safely participate in online conversations.
I also learned:
Much of the world’s internet users experience digital censorship that restricts access to news, information, and messaging apps. We’re [Google] building tools to help people access the global internet.
Like I said, “Consistency.” Ho ho ho.
Stephen E Arnold, May 4, 2021
An Algorithm to Pinpoint Human Traffickers
May 4, 2021
We love applications of machine learning that actually benefit society. Here is one that may soon be “Taking Down Human Traffickers Through Online Ads,” reports the Eurasia Review. The algorithm began as a way to spot anomalies (like typos) in data but has evolved into something more. Now dubbed InfoShield, it was tweaked by researchers at Carnegie Mellon University and McGill University. The team presented a paper on its findings at the most recent IEEE International Conference on Data Engineering. We learn:
“The algorithm scans and clusters similarities in text and could help law enforcement direct their investigations and better identify human traffickers and their victims, said Christos Faloutsos, the Fredkin Professor in Artificial Intelligence at CMU’s School of Computer Science, who led the team. ‘Our algorithm can put the millions of advertisements together and highlight the common parts,’ Faloutsos said. ‘If they have a lot of things in common, it’s not guaranteed, but it’s highly likely that it is something suspicious.’”
According to the International Labor Organization, ads for four or more escorts penned by the same writer indicate the sort of organized activity associated with human trafficking. The similarities detected by InfoShield can pinpoint such common authorship. The organization also states that 55% of the estimated 24.9 million people trapped in forced labor are women and girls trafficked in the commercial sex industry. Online ads are the main way their captors attract customers. The write-up continues:
“To test InfoShield, the team ran it on a set of escort listings in which experts had already identified trafficking ads. The team found that InfoShield outperformed other algorithms at identifying the trafficking ads, flagging them with 85% precision.”
The researchers ran into a snag when it came to having peers verify their results. Due to the sensitive nature of their subject, they could neither share their data nor publish examples of the similarities InfoShield identified. Happily, they found a substitute data sample—tweets posted by Twitter bots presented a similar pattern of organized activity. We’re told:
“Among tweets, InfoShield outperformed other state-of-the-art algorithms at detecting bots. Vajiac said this finding was a surprise, given that other algorithms take into account Twitter-specific metrics such as the number of followers, retweets and likes, and InfoShield did not. The algorithm instead relied solely on the text of the tweets to determine bot or not.”
That does sound promising. We hope authorities can use InfoShield to find and prosecute many, many human traffickers and free their victims.
Cynthia Murrell, May 4, 2021
Content Bot Employs Powerful OpenAI Tech for Marketing Content
May 4, 2021
Great news. Now companies can launch spam fiestas, no humans required, for as little as $29 per month. Content Bot offers tools to generate persuasive marketing copy, powerful slogans, smooth landing pages, improved blog posts, and even something it calls “automated inspiration.” The site promises “human-like text.” If that sounds familiar, it should—the site’s developers must have scored one of the coveted OpenAI beta API slots, as its FAQ reveals:
“We make use of a variety of AI models, with the main model being GPT-3 by OpenAI. GPT-3, or Generative Pre-trained Transformer 3 is an autoregressive language model which uses deep learning to produce human-like text. It’s a game changer for content creators.”
Indeed it is. This is exactly the sort of thing we expected to see when OpenAI began releasing its API to a select few last year. Well, one of the things—the fake news will likely be less publicized. Content Bot’s FAQ also specifies:
“95% of the content generated by the AI is unique and original. We also provide a uniqueness score for longer form content generated so you can have peace of mind to know that the content you have received is unique.”
So one must trust their metric to verify their promise of uniqueness. Interesting. We also learn the platform is relying on Google Translate as a stopgap measure:
“We currently support all languages supported by Google Translate. We understand that although Google Translate may not be the best translation for your needs, we are currently exploring other options such as IBM Watson and OpenAI to provide better, or multiple translations at once.”
Will the price go up if they find a better translation option? The service currently costs $29 per month for the basic version, $79 for the one geared toward agencies—the latter generates three times as many blog posts and supplies a “paraphrase rewriter.” There is a free trial available, and non-profits are invited to write in for a discount. It was no surprise to learn Content Bot workers are fully remote, but the company maintains licenses and operating addresses in Florida and in South Africa. Who will be next to launch a product based on GPT-3?
Cynthia Murrell, May 4, 2021
-
- Subscribe to Beyond Search
Feature archive
News archive
-
