FOGINT: Internet Service Providers in the Hot Box
October 9, 2024
The only smart software involved in producing this short FOGINT post was Microsoft Copilot’s estimable art generation tool. Why? It is offered at no cost.
For several years, I have used the term “ghost providers” to describe online service providers as enablers of online crime. The advent of virtual machines and virtual servers operated by customers who just pay a monthly fee and do everything themselves provides a great foggy ground cover. If an investigators speaks with one of these providers, the response includes variations of “We don’t know” and “No clue, bro.” The reason is that the service provider provides access to a system, includes no support, and leaves it up to the person paying the bill to be the cook, bottlewasher, and janitor. These outfits are in the service business with a range of offerings: Full service to DIY.
“Oh, we cannot see what is on the virtual machines working as virtual servers,” says the bright ISP operator. Thanks, MSFT Copilot. That’s pretty lousy fog if I say so myself.
Italy wants to take action to prevent enablers who provide ghost services with bare metal and zero service other than pings, plumbing, and power. “ISPs ‘Betrayed’ Over Pirate Site-Blocking Threats, The Reckoning Will Be Invisible” reports that Italy’s
advanced legal weaponry is incapable of dealing with distant pirate IPTV services. Instead, it mainly targets communications infrastructure, much of it operated by rightsholders’ supposed allies – ISPs – who were given no say in the matter.
Torrent Freak’s view of the law is somewhat reserved, even skeptical. The cited article continues:
if pirate sites share an IP address with entirely innocent sites, and the innocent sites are outnumbered, ISPs, VPNs and DNS services will be legally required to block them all. Since nobody ever passes bad law and good laws hurt no one, blocking innocent sites can be conducted guilt-free from the moral high ground.
Among those with a strong view of the law is Giovanni Zorzoni, president of the Italian Internet Provider Association. No big surprise, FOGINT surmises. The article quotes him as saying:
“Irresponsible initiative that, in the sole interest of the football lobby, tramples on operators, [AGCOM] and the Internet ecosystem,” he said. “Thanks to the new law, they will be able to block sites that are no longer exclusively, but also ‘mainly’ used to distribute illegal content, substantially widening the scope of [rightsholders’] discretion. It may therefore happen, much more frequently, that even legitimate addresses that are only accidentally used for the transmission of pirated content are blocked,” Zorzoni added.
Google offered some input which Torrent Freak presented; to wit:
Diego Ciulli, Head of Government Affairs and Public Policy at Google in Italy, expressed concern over the likely effect on the justice system in Italy should Google be required to comply. Under the label of “fighting piracy”, Ciulli said that digital platforms will be required to notify the judicial authorities of ALL copyright infringements – present, past and future – when they become aware of them. That could be a problem. “Do you know how many there are in the case of Google? At the moment, 9,756,931,770. In short, the Senate is asking us to flood the judicial authorities with almost 10 billion URLs – and provides for prison if we miss a single notification. If the law is not amended, the risk is to do the opposite of the spirit of the law: clog up the judicial authorities, and take resources away from the fight against piracy,” he warned.
Yep, imagine if ISPs had to block packets containing information directly linked to illegal activities. That is, it seems, to be a lot of work for the ISPs to do.
Several observations:
- Some service providers are known for their willingness to facilitate content which breaks laws
- The “virtualization” of “services” provides a 24×7 disco dance fog machine to hide certain activities from staff, other customers, and government authorities
- The money derived from the customers who exploit the willful obfuscation makes the service provider business tick.
Is the Italian law a remedy? No. Will other countries crank up regulation of ISPs? Yes. But after decades of a digital Wild West, fences will not be erected overnight. As a result, the black sheep will roam among wild ponies and make a range of online crimes possible and lucrative. That’s quite a marketing position for some firms.
Stephen E Arnold, October 9, 2024
Dolma: Another Large Language Model
October 9, 2024
The biggest complaint AI developers have are the lack of variety and diversity in large language models (LLMs) to train the algorithms. According to the Cornell University computer science paper, “Dolma: An Open Corpus Of There Trillion Tokens For Language Model Pretraining Research” the LLMs do exist.
The paper’s abstract details the difficulties of AI training very succinctly:
“Information about pretraining corpora used to train the current best-performing language models is seldom discussed: commercial models rarely detail their data, and even open models are often released without accompanying training data or recipes to reproduce them. As a result, it is challenging to conduct and advance scientific research on language modeling, such as understanding how training data impacts model capabilities and limitations.”
Due to the lack of LLMs, the paper’s team curated their own model called Dolma. Dolma is a three-trillion-token English opus. It was built on web content, public domain books, social media, encyclopedias code, scientific papers, and more. The team thoroughly documented every information source so they wouldn’t deal with the same problems of other LLMs. These problems include stealing copyrighted material and private user data.
Dolma’s documentation also includes how it was built, design principles, and content summaries. The team share Dolma’s development through analyses and experimental test results. They are thoroughly documenting everything to guarantee that this is the ultimate LLM and (hopefully) won’t encounter problems other than tech related. Dolma’s toolkit is open source and the team want developers to use it. This is a great effort on behalf of Dolma’s creators! They support AI development and data curation, but doing it responsibly.
Give them a huge round of applause!
Cynthia Murrell, October 10, 2024
FOGINT: A Doggie Telegram Play in the Mists of Crypto
October 8, 2024
The FOGINT team has noticed an uptick about the Simplex messenger. You can download the end to end encrypted application from this link. According to chatter on interesting discussion services, individuals espousing certain beliefs are abandoning Telegram because Mr. Freedom (Pavel Durov is allegedly cooperating with law enforcement and other government officials in certain investigation). The causal link between Simplex and Telegram’s new, flexible approach to allegedly illegal activities may be clear to some people. That’s fine.
Some people will not be aware that the sheep are ignoring a government worker wearing a rather poor sheep disguise. Thanks, MSFT Copilot. How are those Windows updates going? Oh, how about those security changes?
However, Telegram continues to push into territory far more significant than fooling around with the craziness of those who use Telegram to organize traffic jams and sell contraband. The big fish is now on the dock. The fish mongers are crowding around to find out the value of the snatch.
“The First Telegram ICO Is Here: Dogizen, Launches Today” reveals what may be a more significant move in the underground financial ecosystem. The FOGINT teams thinks that Telegram is doing its part to undermine the US dollar, not make weird animal games available to people who want free money. The article reported on October 4, 2024:
This is the first ICO to offer investors the chance to purchase the DOGIZ token directly from within Telegram itself and could open up a whole new slice of the crypto community. DOGIZ will go on sale at $0.00007, with a total of one hundred billion presale tokens available for purchase. Dogizen finds itself in the midst of Telegram gaming’s surge, which has recently gained attention with multiple successful launches, collectively amassing a market cap nearing $2 billion in just six months.
Telegram ran into a brick wall several years ago when the US Securities & Exchange Commission blocked the messaging company’s initial foray into crypto. Now the Telegram plan is coming into focus. There are STARs, TONcoins, and deals with outfits like Tether. This play with doggies is a transactional platform applied to providing for a fee the plumbing necessary to ramp crypto with essentially zero friction. The estimable Durov brothers are demonstrating that there is more to a messaging application than groups, channels, advertising, and faux compliance with government officials.
The Durovs are doggies who want to grow up to be wolves.
Stephen E Arnold, October 8, 2024
Windows Fruit Loop Code, Oops. Boot Loop Code.
October 8, 2024
Windows Update Produces Boot Loops. Again.
Some Windows 11 users are vigilant about staying on top of the latest updates. Recently, such users paid for their diligence with infinite reboots, freezes, and/ or the dreaded blue screen of death. Digitaltrends warns, “Whatever You Do, Don’t Install the Windows 11 September Update.” Writer Judy Sanhz reports:
“The bug here can cause what’s known as a ‘boot loop.’ This is an issue that Windows versions have had for decades, where the PC will boot and restart endlessly with no way for users to interact, forcing a hard shutdown by holding the power button. Boot loops can be incredibly hard to diagnose and even more complicated to fix, so the fact that we know the latest Windows 11 update can trigger the problem already solves half the battle. The Automatic Repair tool is a built-in feature on your PC that automatically detects and fixes any issues that prevent your computer from booting correctly. However, recent Windows updates, including the September update, have introduced problems such as freezing the task manager and others in the Edge browser. If you’re experiencing these issues, our handy PC troubleshooting guide can help.”
So for many the update hobbled the means to fix it. Wonderful. It may be worthwhile to bookmark that troubleshooting guide. On multiple devices, if possible. Because this is not the first time Microsoft has unleased this particular aggravation on its users. In fact, the last instance was just this past August. The company has since issued a rollback fix, but one wonders: Why ship a problematic update in the first place? Was it not tested? And is it just us, or does this sound eerily similar to July’s CrowdStrike outage?
(Does the fruit loop experience come with sour grapes?)
Cynthia Murrell, October 8, 2024
Hey, Live to Be a 100 like a Tech Bro
October 8, 2024
If you, gentle reader, are like me, you have taken heart at tales of people around the world living past 100. Well, get ready to tamp down some of that hope. An interview at The Conversation declares, “The Data on Extreme Human Ageing Is Rotten from the Inside Out.” Researcher Saul Justin Newman recently won an Ig Nobel Prize (not to be confused with a Nobel Prize) for his work on data about ageing. When asked about his work, Newman summarizes:
“In general, the claims about how long people are living mostly don’t stack up. I’ve tracked down 80% of the people aged over 110 in the world (the other 20% are from countries you can’t meaningfully analyze). Of those, almost none have a birth certificate. In the US there are over 500 of these people; seven have a birth certificate. Even worse, only about 10% have a death certificate. The epitome of this is blue zones, which are regions where people supposedly reach age 100 at a remarkable rate. For almost 20 years, they have been marketed to the public. They’re the subject of tons of scientific work, a popular Netflix documentary, tons of cookbooks about things like the Mediterranean diet, and so on. Okinawa in Japan is one of these zones. There was a Japanese government review in 2010, which found that 82% of the people aged over 100 in Japan turned out to be dead. The secret to living to 110 was, don’t register your death.”
That is one way to go, we suppose. We learn of other places Newman found bad ageing data. Europe’s “blue zones” of Sardinia in Italy and Ikaria in Greece, for example. There can be several reasons for erroneous data. For example, wars or other disasters that destroyed public records. Or clerical errors that set the wrong birth years in stone. But one of the biggest factors seems to be pension fraud. We learn:
“Regions where people most often reach 100-110 years old are the ones where there’s the most pressure to commit pension fraud, and they also have the worst records. For example, the best place to reach 105 in England is Tower Hamlets. It has more 105-year-olds than all of the rich places in England put together. It’s closely followed by downtown Manchester, Liverpool and Hull. Yet these places have the lowest frequency of 90-year-olds and are rated by the UK as the worst places to be an old person.”
That does seem fishy. Especially since it is clear rich folks generally live longer than poor ones. (And that gap is growing, by the way.) So get those wills notarized, trusts set up, and farewell letters written sooner than later. We may not have as much time as we hoped.
Cynthia Murrell, October 8, 2024
From the Land of Science Fiction: AI Is Alive
October 7, 2024
Those somewhat erratic podcasters at Windows Central published a “real” news story. I am a dinobaby, and I must confess: I am easily amused. The “real” news story in question is “Sam Altman Admits ChatGPT’s Advanced Voice Mode Tricked Him into Thinking AI Was a Real Person: “I Kind of Still Say ‘Please’ to ChatGPT, But in Voice Mode, I Couldn’t Use the Normal Niceties. I Was So Convinced, Like, Argh, It Might Be a Real Person.“
I call Sam Altman Mr. AI Man. He has been the A Number One sales professional pitching OpenAI’s smart software. As far as I know, that system is still software and demonstrating some predictable weirdnesses. Even though we have done a couple of successful start ups and worked on numerous advanced technology projects, few forgot at Halliburton that nuclear stuff could go bang. At Booz, Allen no one forgot a heads up display would improve mission success rates and save lives as well. At Ziff, no one forgot our next-generation subscription management system as software, not a diligent 21 year old from Queens. Therefore, I find it just plain crazy the Sam AI-Man has forgotten that software coded by people who continue to abandon the good ship OpenAI wrote software.
Another AI believer has formed a humanoid attachment to a machine and software. Perhaps the female computer scientist is representative of a rapidly increasing cohort of people who have some personality quirks. Thanks, MSFT Copilot. How are those updates to Windows going? About as expected, right.
Last time I checked, the software I have is not alive. I just pinged ChatGPT’s most recent confection and received the same old error to a query I run when I want to benchmark “improvements.” Nope. ChatGPT is not alive. It is software. It is stupid in a way only neural networks can be. Like the hapless Googler who got fired because he went public with his belief that Google’s smart software was alive, Sam AI-Man may want to consider his remarks.
Let’s look at how the esteemed Windows Central write up tells the quite PR-shaped, somewhat sad story. The write up says without much humor, satire, or critical thinking:
In a short clip shared on r/OpenAI’s subreddit on Reddit, Altman admits that ChatGPT’s Voice Mode was the first time he was tricked into thinking AI was a real person.
Ah, an output for the Reddit users. PR, right?
The canny folk at Windows Central report:
In a recent blog post by Sam Altman, Superintelligence might only be “a few thousand days away.” The CEO outlined an audacious plan to edge OpenAI closer to this vision of “$7 trillion and many years to build 36 semiconductor plants and additional data centers.”
Okay, a “few thousand.”
Then the payoff for the OpenAI outfit but not for the staff leaving the impressive electricity consuming OpenAI:
Coincidentally, OpenAI just closed its funding round, where it raised $6.6 from investors, including Microsoft and NVIDIA, pushing its market capitalization to $157 billion. Interestingly, the AI firm reportedly pleaded with investors for exclusive funding, leaving competitors like Former OpenAI Chief Scientist Illya Sustever’s SuperIntelligence Inc. and Elon Musk’s xAI to fend for themselves. However, investors are still confident that OpenAI is on the right trajectory to prosperity, potentially becoming the world’s dominant AI company worth trillions of dollars.
Nope, not coincidentally. The money is the payoff from a full court press for funds. Apple seems to have an aversion for sweaty, easily fooled sales professionals. But other outfits want buy into the Sam AI-Man vision. The dream the money people have are formed from piles of real money, no HMSTR coin for these optimists.
Several observations, whether you want ‘em or not:
- OpenAI is an outfit which has zoomed because of the Microsoft deal and announcement that OpenAI would be the Clippy for Windows and Azure. Without that “play,” OpenAI probably would have remained a peculiarly structure non-profit thinking about where to find a couple of bucks.
- The revenue-generating aspect of OpenAI is working. People are giving Sam AI-Man money. Other outfits with AI are not quite in OpenAI’s league and most may never be within shouting distance of the OpenAI PR megaphone. (Yep, that’s you folks, Windows Central.)
- Sam AI-Man may believe the software written by former employees is alive. Okay, Sam, that’s your perception. Mine is that OpenAI is zeros and ones with some quirks; namely, making stuff up just like a certain luminary in the AI universe.
Net net: I wonder if this was a story intended for the Onion and rejected because it was too wacky for Onion readers.
Stephen E Arnold, October 7, 2024
FOGINT: Ukraine Government Telegram Restrictions
October 7, 2024
The only smart software involved in producing this short FOGINT post was Microsoft Copilot’s estimable art generation tool. Why? It is offered at no cost.
“Ukrainian Parliament to Restrict Telegram Usage” reports that Telegram faces new restrictions due to security concerns. The news story says:
The Verkhovna Rada (the Ukrainian parliament) will introduce restrictions on the use of the Telegram messenger app for official purposes.
Mr. Durov’s willingness to cooperate with government requests for user information is not the primary reason for this set of restrictions on Ukrainian government staff use of Telegram. The write up points out:
These measures are justified by past incidents where third parties gained access to government employees’ data through Telegram or created fake accounts
What are the measures used by Ukrainian officials to discourage the use of Telegram? Among those in use are:
- No contact synchronization
- No official information transmitted on a Telegram channel
- No Telegram app on work computers, government-provided mobile phones, or personal devices used for government communication
- “Technical blocks” will be implemented to prevent Telegram usage.
Will these measures work? The answer, “To some degree.” However, the increase in interest in alternatives has created a mini-boom for the Simple X end-to-end encrypted application. Certain ultra leaning groups are moving to other secure messaging systems.
A person who looks a bit like Pavel Durov demonstrates his patented exercise: A sudden twist and back flip from a cell in a French prison. Thanks, MSFT Copilot, good enough like some many things in 2024.
The problem, however, is that Telegram has more than 900 million users and offers a number of user-centric features not available in other E2EE applications; for example, Telegram does not charge for data storage or bandwidth. The fix is to acquire a burner phone or use specialized services.
The interesting facet of this move is that it comes after Telegram’s decision to block certain Ukrainian produced content from distribution to Telegram users in Russia. Prior to Telegram’s surprising action Ukrainian government officials disseminated text content to Russians who were members of Ukrainian Telegram channels.
That action made clear that Telegram was demonstrating its flexibility. Pavel Durov then did a cirque de soleil vault with his fancy move to cooperate with legitimate requests for information from unnamed government authorities.
FOGINT thinks Mr. Durov is confident he stuck his landing for this trick and scored a 10. FOGINT scored Mr. Durov an imaginary number.
Stephen E Arnold, October 7, 2024
Why Present Bad Sites?
October 7, 2024
I read “Google Search Is Testing Blue Checkmark Feature That Helps Users Spot Genuine Websites.” I know this is a test, but I have a question: What’s genuine mean to Google and its smart software? I know that Google cannot answer this question without resorting to consulting nonsensicalness, but “genuine” is a word. I just don’t know what’s genuine to Google. Is a Web site that uses SEO trickery to appear in a results list? Is it a blog post written by a duplicitous PR person working at a large Google-type firm? Is it a PDF appearing on a “genuine” government’s Web site?
A programmer thinking about blue check marks. The obvious conclusion is to provide a free blue check mark. Then later one can charge for that sign of goodness. Thanks, Microsoft. Good enough. Just like that big Windows update. Good enough.
The write up reports:
Blue checkmarks have appeared next to certain websites on Google Search for some users. According to a report from The Verge, this is because Google is experimenting with a verification feature to let users know that sites aren’t fraudulent or scams.
Okay, what’s “fraudulent” and what’s a “scam”?
What does Google say? According to the write up:
A Google spokesperson confirmed the experiment, telling Mashable, “We regularly experiment with features that help shoppers identify trustworthy businesses online, and we are currently running a small experiment showing checkmarks next to certain businesses on Google.”
A couple of observations:
- Why not allow the user to NOT out these sites? Better yet, give the user a choice of seeing de-junked or fully junked sites? Wow, that’s too hard. Imagine. A Boolean operator.
- Why does Google bother to index these sites? Why not change the block list for the crawl? Wow, that’s too much work. Imagine a Googler editing a “do not crawl” list manually.
- Is Google admitting that it can identify problematic sites like those which push fake medications or the stolen software videos on YouTube? That’s pretty useful information for an attorney taking legal action against Google, isn’t it?
Net net: Google is unregulated and spouts baloney. Google needs to jack up its revenue. It has fines to pay and AI wizards to pay. Tough work.
Stephen E Arnold, October 7, 2024
A Modern Employee Wants Love, Support, and Compassion
October 5, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Beyond Search is a “Wordpress” blog. I have followed with (to be honest) not much interest the dispute between a founder and a couple of organizations. WordPress has some widgets that one of the Beyond Search team “subscribes” to each year. These, based on my experience, are so-so. We have moved the blog to WordPress-friendly hosting services because [a] the service was not stable, [b] not speedy, and [c] not connected to any known communication service except Visa.
I read “I Stayed,” a blog post. The write up expresses a number of sentiments about WordPress, its employees, and its mission. (Who knew? A content management system with a “mission.” ) I noted this statement:
Listen, I’m struggling with medical debts and financial obligations incurred by the closing of my conference and publishing businesses.
I don’t know much about modern work practices, but this sentence suggests to me that a full-time employee was running two side gigs. Both of these failed, and the author of the post is in debt. I am a dinobaby, and I assumed that when a company hired me as a full time employee like Halliburton or Booz, Allen & Hamilton, my superiors expected me to focus on the tasks given to me by Halliburton and Booz, Allen & Hamilton. “Go to a uranium mine. Learn. Ask questions. Take photographs or ore processing,” so I went. No side gigs, no questions about breathing mine dust. Just do the work. Not now. The answer to a superior’s request apparently means, “Hey, you have spare time to pay attention to that conference and publishing business. No problemo.” Times have changed.
The write up includes this statement about not quitting or taking a buy out:
I stayed because I believe in the work we do. I believe in the open web and owning your own content. I’ve devoted nearly three decades of work to this cause, and when I chose to move in-house, I knew there was only one house that would suit me. In nearly six years at Automattic, I’ve been able to do work that mattered to me and helped others, and I know that the best is yet to come.
I think I am supposed to interpret this decision as noble or allegedly noble. My view is that WordPress professionals who remain on the job includes these elements:
- If you have a full-time job at a commercial or quasi-commercial enterprise, focus on the job. It would be great if WordPress fixed the wonky cursor movement in its editor. You know it really doesn’t work. In fact, it sucks on my machines both Mac and Windows.
- Think about the interface. Hiding frequently used functions is not helpful.
- Use words to make clear certain completely weird icons. Yep, actual words.
- Display explicate which are not confusing. I don’t find multiple uses of the word “Publish” particularly helpful.
To sum up: Suck it up, buttercup.
Stephen E Arnold, October 7, 2024
The Future of Copyright: AI + Bots = Surprise. Disappeared Mario Content.
October 4, 2024
This essay is the work of a dumb dinobaby. No smart software required.
Did famously litigious Nintendo hire “brand protection” firm Tracer to find and eliminate AI-made Mario mimics? According to The Verge, “An AI-Powered Copyright Tool Is Taking Down AI-Generated Mario Pictures.” We learn the tool went on a rampage through X, filing takedown notices for dozens of images featuring the beloved Nintendo character. Many of the images were generated by xAI’s Grok AI tool, which is remarkably cavalier about infringing (or offensive) content. But some seem to have been old-school fan art. (Whether noncommercial fan art is fair use or copyright violation continues to be debated.) Verge writer and editor Wes Davis reports:
“The company apparently used AI to identify the images and serve takedown notices on behalf of Nintendo, hitting AI-generated images as well as some fan art. The Verge’s Tom Warren received an X notice that some content from his account was removed following a Digital Millennium Copyright Act (DMCA) complaint issued by a ‘customer success manager’ at Tracer. Tracer offers AI-powered services to companies, purporting to identify trademark and copyright violations online. The image in question, shown above, was a Grok-generated picture of Mario smoking a cigarette and drinking an oddly steaming beer.”
Navigate to the post to see the referenced image, where the beer does indeed smoke but the ash-laden cigarette does not. Davis notes the rest of the posts are, of course, no longer available to analyze. However, some users have complained their original fan art was caught in the sweep. We learn:
“One of the accounts that was listed in the DMCA request, OtakuRockU, posted that they were warned their account could be terminated over ‘a drawing of Mario,’ while another, PoyoSilly, posted an edited version of a drawing they said was identified in a notice. (The new one had a picture of a vaguely Mario-resembling doll inserted over a part of the image, obscuring the original part containing Mario.)”
Since neither Nintendo nor Tracer responded to Davis’ request for comment, he could not confirm Tracer was acting at the game company’s request. He is not, however, ready to let the matter go: The post closes with a request for readers to contact him if they had a Mario image taken down, whether AI-generated or not. See the post for that contact information, if applicable.
Cynthia Murrell, October 4, 2024