• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Cyber Security: Cyber Security Vendors May Have Missed a Scenario

I read a somewhat routine write up called “Work from Home Fueling Cyberattacks, Says Global Financial Watchdog.” The word watchdog scares me away. In the post SolarWinds’ era, where were those watchdogs? Come to think about it, “Where were the super smart, predictive threat intelligence systems?” I suppose even watchdogs have to catch some ZZZZs.

The article contained, in my opinion, a comment of exceptional perspicacity. Here it is:

“Most cyber frameworks did not envisage a scenario of near-universal remote working and the exploitation of such a situation by cyber threat actors,” the FSB said in a report to G20 ministers and central banks.

This is not napping. Nope. Missing a scenario makes it clear that cyber security vendors did not think through what would happen if their systems had to deal with off site working at scale. As a result, the systems probably are a-okay when monitoring a tire dealer’s computer system in Akron, Ohio. But in the work from home environment, the threat system was napping. I envision an ever vigilant junk yard dog with flashy icons on its spiked collar. Unfortunately the junk yard dog is chained to a rusting 1975 CJ7 and not on the prowl in the junk yard proper.

Net net: The defense mechanism keeps that old Jeep secure but the bad actors can haul off whatever auto parts of interest. There may be a couple of overlooked catalytic converters amidst the wreckage.

Stephen E Arnold, July 21, 2021

Governments Heavy Handed on Social Media Content

In the US, government entities “ask” for data. In other countries, there may be different approaches; for example, having data pushed directly to government data lakes.

Governments around the world are paying a lot more attention to content on Twitter and other social media, we learn from, “Twitter Sees Big Jump in Gov’t Demands to Remove Content of Journalists” at TechCentral. According to data released by the platform, demands increased by 26% in the second half of last year. We wonder how many of these orders involved false information and how many simply contained content governments did not like. That detail is not revealed, but we do learn the 199 journalist and news outlet accounts were verified. The report also does not divulge which countries made the demands or which ones Twitter obliged. We do learn:

“Twitter said in the report that India was now the single largest source of all information requests from governments during the second half of 2020, overtaking the US, which was second in the volume of requests. The company said globally it received over 14,500 requests for information between 1 July and 31 December, and it produced some or all of the information in response to 30% of the requests. Such information requests can include governments or other entities asking for the identities of people tweeting under pseudonyms. Twitter also received more than 38,500 legal demands to take down various content, which was down 9% from the first half of 2020, and said it complied with 29% of the demands. Twitter has been embroiled in several conflicts with countries around the world, most notably India over the government’s new rules aimed at regulating content on social media. Last week, the company said it had hired an interim chief compliance officer in India and would appoint other executives in order to comply with the rules.”

Other platforms are also receiving scrutiny from assorted governments. In response to protests, for example, Cuba has restricted access to Facebook and messaging apps. Also recently, Nigeria banned Twitter altogether and prohibited TV and radio stations from using it as a source of information. Meanwhile, social media companies continue to face scrutiny for the presence of hate speech, false information, and propaganda on their sites. We are reminded CEOs Jack Dorsey of Twitter, Mark Zuckerberg of Facebook, and Sundar Pichai of Google appeared in a hearing before the US congress on misinformation just last March. And most recently, all three platforms had to respond to criticisms over racist attacks against black players on England’s soccer team. Is it just me, or are these problems getting worse instead of better?

Cynthia Murrell, July 21, 2021

That Online Thing Spawns Emily Post-Type Behavior, Right?

Friendly virtual watering holes or platforms for alarmists? PC Magazine reports, “Neighborhood Watch Goes Rogue: The Trouble with Nextdoor and Citizen.” Writer Christopher Smith introduces his analysis:

“Apps like Citizen and Nextdoor, which ostensibly exist to keep us apprised of what’s going on in our neighborhoods, buzz our smartphones at all hours with crime reports, suspected illegal activity, and other complaints. But residents can also weigh in with their own theories and suspicions, however baseless and—in many cases—racist. It begs the question: Where do these apps go wrong, and what are they doing now to regain consumer trust and combat the issues within their platforms?”

Smith considers several times that both community-builder Nextdoor and the more security-focused Citizen hosted problematic actions and discussions. Both apps have made changes in response to criticism. For example, Citizen was named Vigilante when it first launched in 2016 and seemed to encourage users to visit and even take an active role in nearby crime scenes. After Apple pulled it from its App Store within two days, the app relaunched the next year with the friendlier name and warnings against reckless behavior. But Citizen still stirs up discussion by sharing publicly available emergency-services data like 911 calls, sometimes with truly unfortunate results. Though the app says it is now working on stronger moderation to prevent such incidents, it also happens to be ramping up its law-enforcement masquerade. Ironically, Citizen itself cannot seem to keep its users’ data safe.

Then there is Nextdoor. During last year’s protests following the murder of George Floyd, its moderators were caught removing posts announcing protests but allowing ones that advocated violence against protestors. The CEO promised reforms in response, and the company soon axed the “Forward to Police” feature. (That is okay, cops weren’t relying on it much anyway. Go figure.) It has also enacted a version of sensitivity training and language guardrails. Meanwhile, Facebook is making its way into the neighborhood app game. Surely that company’s foresight and conscientiousness are just what this situation needs. Smith concludes:

“In theory, community apps like Citizen, Nextdoor, and Facebook Neighborhoods bring people together at time when many of us turn to the internet and our devices to make connections. But it’s a fine line between staying on top of what’s going on around us and harassing the people who live and work there with ill-advised posts and even calls to 911. The companies themselves have a financial incentive to keep us engaged (Nextdoor just filed to go public), whether its users are building strong community ties or overreacting to doom-and-gloom notifications. Can we trust them not to lead us into the abyss, or is it on us not to get caught up neighborhood drama and our baser instincts?”

Absolutely not and, unfortunately, yes.

Cynthia Murrell, July 21, 2021

An Interesting Security Assertion for Apple

I noted an interesting assertion in “Pegasus: The New Global Weapon for Silencing Journalists.” Here’s the statement which caught my attention:

The iPhone is not bulletproof against cyberattacks.

I agree. The write up continues: Vendors of specialized software and services have an advantage. Here’s why:

attackers, partly because of their sheer number, will manage to stay a step ahead of the tech giant.

The idea, I think, is that Apple is one outfit. There are more attackers than Apple security wizards. The result? Apple is now playing defense and is in reaction mode.

Is there a fix? Well, sort of:

Patrick Wardle, founder of the Mac security developer Objective-See, in the same report, noted Apple’s “self-assured hubris” on its security features, and the closed system of the iPhone that prevents security researchers from seeing processes running under the hood, could also be factors that cyber-attackers could use for their gain. On Apple’s hubris, Wardle said, for instance, Microsoft would be more open to reports coming from security researchers whereas Apple would be a little more standoffish. Microsoft would more likely say, “‘We’re gonna put our ego aside, and ultimately realize that the security researchers are reporting vulnerabilities that at the end of the day are benefiting our users, because we’re able to patch them.’ I don’t think Apple has that same mindset.”

What an interesting idea! Apple should be more like Microsoft.

Stephen E Arnold, July 20, 2021

A Semi Interesting Comment: The Google and ab Assistive Device or Prop?

Big news zipping around. China and Facebook criticized by some in the US government. Another cyber threat intelligence company purchased by a cyber security specialist in order to — wait for it — become more cyber security capable. The Bezos blast. The Delta variant. Spoiled trip for some vacationers looking forward to a safari in Kruger National Park. And, who can overlook, the publicity implosion for a Israeli special services company?

I almost overlooked “Google Uses Its Dominance to Artificially Prop Up Products in New, Unrelated Sectors, Says a Former Senior Exec.” Please, keep in mind that you will have to pay to read this write up on the “real” news site Business Insider. Yikes, a Xoogler explaining that as he cashed paychecks, the outfit writing those checks gnawed at his conscience. Remarkable.

What jumped out at me other than a Xoogler criticizing the estimable Google.

First, the story is easily overlooked in the rush of tech-related news.

Second, the Xoogler who founded a for-fee (no ads yet) search engine allegedly said:

“It is not right for one company to take the massive profits generated in one area to artificially prop up and achieve dominant positions in other completely unrelated areas,” said Ramaswamy.

My hunch is that the Google might take issue with that statement. Opinions are still permitted, but the “real” words spoken by a former Google professional who cashed those Google checks might irritate some at the Google. What do you think?

Third, I found this statement interesting:

Insider approached Google for comment.

I assume that Google either did not get the call or email, didn’t want to respond, or simply did not care. Xooglers are no longer Googlers. When one is not a Googler, one is not a priority. No wonder the comment about “propping up” is not getting traction. I think the word I would suggest if some wizard at Google asked me about the comment is “synergy”; for example, synergy allows Google products and services to cooperatively interact to generate a combined effect greater than the sum of each component’s effect. Not a prop. Intentional synergism. MBAs and accountants understand this basic idea for maximizing return. Props are for theater majors.

Stephen E Arnold, July 20, 2021

Online Anonymity: Maybe a Less Than Stellar Idea

On one hand, there is a veritable industrial revolution in identifying, tracking, and pinpointing online users. On the other hand, there is the confection of online anonymity. The idea is that by obfuscation, using a fake name, or hijacking an account set up for one’s 75 year old spinster aunt — a person can be anonymous. And what fun some can have when their online actions are obfuscated either by cleverness, Tor cartwheels, and more sophisticated methods using free email and “trial” cloud accounts. I am not a big fan of online anonymity for three reasons:

1. Online makes it easy for a person to listen to one’s internal demons’ chatter and do incredibly inappropriate things. Anonymity and online, in my opinion, are a bit like reverting to 11 year old thinking often with an adult’s suppressed perceptions and assumptions about what’s okay and what’s not okay.
2. Having a verified identity linked to an online action imposes social constraints. The method may not be the same as a small town watching the actions of frisky teens and intervening or telling a parent at the grocery that their progeny was making life tough for the small kid with glasses who was studying Lepidoptera.
3. Individuals doing inappropriate things are often exposed, discovered, or revealed by friends, spouses angry about a failure to take out the garbage, or a small investigative team trying to figure out who spray painted the doors of a religious institution.

When I read “Abolishing Online Anonymity Won’t Tackle the Underlying Problems of Racist Abuse.” I agree. The write up states:

There is an argument that by forcing people to reveal themselves publicly, or giving the platforms access to their identities, they will be “held accountable” for what they write and say on the internet. Though the intentions behind this are understandable, I believe that ID verification proposals are shortsighted. They will give more power to tech companies who already don’t do enough to enforce their existing community guidelines to protect vulnerable users, and, crucially, do little to address the underlying issues that render racial harassment and abuse so ubiquitous.

The observation is on the money.

I would push back a little. Limiting online use to those who verify their identity may curtail some of the crazier behaviors online. At this time, fractious behavior is the norm. Continuous division of cultural norms, common courtesies, and routine interactions destroys.

My thought is that changing the anonymity to real identity might curtail some of the behavior online systems enable.

Stephen E Arnold, July 20, 2021

The Gray Lady Grinds on Big Blue

The New York Times may not be successful in selling ad space to IBM in the next few months. The estimable “real” news outfit published an entertaining discussion of Watson. Navigate to “What Ever Happened to IBM’s Watson.” Pay up. Read the 2,000 word business school, essay, opinion piece. Then check your portfolio to verify that IBM stock is down again, has new executives in new roles, and the tenacity to keep on with the “little engine that could” approach to dealing with the likes of Amazon, Google, and Microsoft as well as start ups offering everything from i2 Analyst Notebook clones to federating data systems to consulting services at a discount.

Yikes. Big Blue. The New York Times.

The write up has a number of zingers; for example:

• “Beware what you promise” about the “future of knowing.” 
• “Watson has not remade any industries. And it hasn’t lifted IBM’s fortunes.”
• [Watson] “was not realistic.”
• [Watson was] “a learning journey.”
• “… The grand visions of the past are gone.”
• “Watson is no longer the next big thing, but it may become a solid business for IBM.”

Yep, that is a conditional and instead of an Amazon AWS Sagemaker gusher of cash, a “solid business.” The wonderfulness of the NYT article omits a couple of minor points:

• The “cognitive computing” pitch. Baloney in my opinion.
• The manual effort required to train the mash up of home brew code, open source, and stuff acquired from outfits like Vivisimo takes time and subject matter experts. The result? Expensive stuff for sure. And once the system is trained, one has to keep on training whilst optimizing.
• The complexity of taking a bunch of parts and implementing them as “smart software” is very difficult. Amazon seems to be going for the “off the shelf” approach and “ready to roll” models.

Net net: Let’s ask Watson how about those AI start ups as acquisition targets. Marketing, not innovation, seems to be the go to strength of IBM. What do you say, Watson? Watson, are you there? Wow, that latency is a killer isn’t it?

Stephen E Arnold, July 20, 2021

Cheaper Lodgings Correlated with Violence: Stats 101 at Work

I don’t have a dog in this fight, but AirBnB- and VRBO-type disruptors do. ”AirBnB Listings Lead to Increased Neighborhood Violence, Study Finds” reports:

AirBnB removes social capital from the neighborhood in the form of stable households, weakening the associated community dynamics…

The write up explains:

Researchers at Northeastern University in Boston conducted a statistical analysis of AirBnB listings and data on different types of crime in their city. Covering a period from 2011 to 2017, the team found that the more AirBnB listings were in any given neighborhood, the higher the rates of violence in that neighborhood – but not public social disorder or private conflict.

Who causes the crime? The tourists? Nah, here’s what’s allegedly happening:

the transient population diminishes how communities prevent crime.

Interesting assertion. I have a small sample: One. One home in our neighborhood became an AirBnB-type outfit. No one stayed. The house was sold to a family.

No change in the crime rate, but that may be a result of the police patrols, the work from home people who walk dogs, jog, post to Nextdoor.com, and clean the lenses on their Amazon Ring doorbells.

Insightful.

Stephen E Arnold, July 20, 2021

A Good Question and an Obvious Answer: Maybe Traffic and Money?

I read “Euro 2020: Why Is It So Difficult to Track Down Racist Trolls and Remove Hateful Messages on Social Media?” The write up expresses understandable concern about the use of social media to criticize athletes. Some athletes have magnetism and sponsors want to use that “pull” to sell products and services. I remember a technology conference which featured a former football quarterback who explained how to succeed. He did not reference the athletic expertise of a former high school science club member and officer.  As I recall, the pitch was working hard, fighting (!), and a overcoming a coach calling a certain athlete (me, for example) a “fat slug.” Relevant to innovating in online databases? Yes, truly inspirational and an anecdote from the mists of time.

The write up frames its concern this way about derogatory social media “posts”:

Over a quarter of the comments were sent from anonymous private accounts with no posts of their own. But identifying perpetrators of online hate is just one part of the problem.

And the real “problem”? The article states:

It’s impossible to discover through open-source techniques that an account is being operated from a particular country.

Maybe.

Referencing Instagram (a Facebook property), the Sky story notes:

Other users may anonymise their existing accounts so that the comments they post are not traceable to them in the offline world.

Okay, automated systems with smart software don’t do the job. Will another government bill in the UK help.

The write up does everything but comment about the obvious; for example, my view is that online accounts must be linked to a human and verified before posts are permitted.

The smart software thing, the government law thing, and the humans making decision thing, are not particularly efficacious. Why? The online systems permit — if not encourage — anonymity because money maybe? That’s a question for the Sky Data and Forensics team. It is:

a multi-skilled unit dedicated to providing transparent journalism from Sky News. We gather, analyse and visualise data to tell data-driven stories. We combine traditional reporting skills with advanced analysis of satellite images, social media and other open source information. Through multimedia storytelling we aim to better explain the world while also showing how our journalism is done.

Okay.

Stephen E Arnold, July 19, 2021

Predicting the Future MIT Grads and Profs Helped Invent

Good news Monday!

MIT, the outfit that found Jeffrey Epstein—a wonderful human and inspiration to students and scholars, shares its brilliant insights into the future of humankind. Motherboard reports, “MIT Predicted in 1972 that Society Will Collapse This Century. New Research Shows We’re on Schedule.” Oh goodie. Reporter Nafeez Ahmed begins with a little background:

“In 1972, a team of MIT scientists got together to study the risks of civilizational collapse. Their system dynamics model published by the Club of Rome identified impending ‘limits to growth’ (LtG) that meant industrial civilization was on track to collapse sometime within the 21st century, due to overexploitation of planetary resources. The controversial MIT analysis generated heated debate, and was widely derided at the time by pundits who misrepresented its findings and methods. … The [new] study was published in the Yale Journal of Industrial Ecology in November 2020 and is available on the KPMG website. It concludes that the current business-as-usual trajectory of global civilization is heading toward the terminal decline of economic growth within the coming decade—and at worst, could trigger societal collapse by around 2040.”

The study’s author, Gaya Herrington, serves as Sustainability and Dynamic System Analysis Lead at accounting giant KPMG but makes clear she pursued this on her own as part of her Harvard University Masters thesis. The study examines data across 10 key variables: population, fertility rates, mortality rates, industrial output, food production, services, non-renewable resources, persistent pollution, human welfare, and ecological footprint. Herrington found recent data aligns most closely with two scenarios she calls “business-as-usual” and “comprehensive technology.” The most desirable outcome, “stabilized world,” is unfortunately the least likely. See the article for its explanation of each of these, including the related graphs.

The upshot: If we keep doing what we have been doing, we are in for dire food shortages, drastically reduced standards of living, and more chaos by 2040. There is hope, however, if we take drastic action within the next decade. Take one look at today’s Congress and assess the likelihood of that. Ahmed concludes:

“The best available data suggests that what we decide over the next 10 years will determine the long-term fate of human civilization. Although the odds are on a knife-edge, Herrington pointed to a ‘rapid rise’ in environmental, social and good governance priorities as a basis for optimism, signaling the change in thinking taking place in both governments and businesses. She told me that perhaps the most important implication of her research is that it’s not too late to create a truly sustainable civilization that works for all.”

Ah, optimism. Let us enjoy a sliver of it while we can.

Cynthia Murrell, July 19, 2021

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Pass a Law to Prevent Youngsters from Accessing Social Media. Yep, That Will Work Well
  • FOGINT: Telegram and Its Possible Latent Weakness
  • Deepfakes: An Interesting and Possibly Pernicious Arms Race
  • The Golden Fleecer of the Year: Boeing
  • Directories Have Value

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org