China: Pointing a Way to Technology Solution That Sort of Works?

August 3, 2021

China is reasonably good in technology. China is also okay with facial recognition, facial recognition, and exploiting security vulnerabilities despite the best efforts of US cyber threat defense vendors.

China also may have figured out a way to jerk on the halter of the fast-moving technology stallions. How is this possible that a country many people think of as a producer of the inflatable unicorns favored by some Twitch influencers.

China may have a test underway to determine the efficacy of keeping digital services from altering the course of the good old ship of state in the Middle Kingdom.

China Cracks Down on Its Tech Giants. Sound Familiar?” reports as only a “real news” outfit can just note that the url available to me could go dead. Not much I can do, gentle reader. Because Microsoft… :

China’s Ministry of Industry and Information Technology announced a six-month campaign on Monday to regulate internet companies, particularly practices that “disrupt market order, damage consumer rights, or threaten data security.” That followed repeated fines against tech giants including Alibaba, Baidu, and Tencent for violating antitrust laws, and a new plan to restrict overseas listings by Chinese companies.

It certainly appears from my vantage point in rural Kentucky that China wants to prevent the social complexities visible to anyone with a TikTok account. Heavy handed? Many may find Chinese regulators’ actions at odds with US methods.

That may be the point. If the crackdown works, China is making clear that the “Pacific century” is indeed the path forward. The interesting behavior of some people in the US, France, and other Western nation states suggests that a fresh or different approach should be tested.

This crackdown is, in my opinion, pretty significant. Will Russia hop on board the repression maglev? Oh, right, Russia boarded at an earlier stop.

Times and policies are changing and in real time.

Stephen E Arnold, August 3, 2021

Truth and Justice the Amazon Apple Way

August 3, 2021

At the request of its good friend Amazon, Apple has come down on the side of preserving flawed and biased guidance. Mashable tells us that “Apple Boots App that Called BS on Fake Amazon Reviews from App Store.” Reporter Jack Morse writes:

“Publicly calling out frauds has always been a risky proposition. That reality came crashing down hard Friday for an app designed to spot fake Amazon reviews, after Apple kicked it out of its App Store. Apple confirmed in a statement that it removed the app after Amazon reached out. The news of Fakespot’s outing was first reported by The Verge. We reached out to Apple, Amazon, and Fakespot to confirm the Verge’s reporting. An Apple spokesperson provided a statement, attributed to the company, which says Amazon kicked off the inter-company beef early in June. It also insists that Apple attempted to give both parties time to work things out.”

Apple frames the issue as a matter of intellectual property rights, and insists it tried to work with Fakespot before removing the app. Saoud Khalifah, Fakespot’s founder and CEO, disagrees. He stated in a phone interview:

“Apple are claiming that they gave us a notice that they are going to take us down, but these are all template emails that seem to be from a robot. Anyone would be disappointed with this whole process, especially when your livelihood depends on it.”

Amazon claims Fakespot spreads misleading information, harms its sellers’ businesses, and even makes for security risks. Sure. The app attracted attention in 2019 when it reported a surge in fake reviews around the much-hyped Amazon Prime Day. The existence of fake reviews is a known problem, one the FTC has taken action against. We are also reminded of all the counterfeit products that plague the commerce site and the fake reviews that keep them moving. Nevertheless, Apple has decided it is Fakespot who is in the wrong here. Ah, capitalism at its finest.

Cynthia Murrell, August 2, 2021

NSO Group: Now the Women Allegedly Harmed Gain Media Traction. Wowza!

August 2, 2021

I read “I Will Not Be Silenced: Women Targeted in Hack and Leak Attacks Speak Out about Spyware.” My first reaction to the story was, “How many college sociology and poli-sci classes will make NSO Group, its product Pegasus, and the implications of “targeting” a subject for a case study, discussion groups, and papers? My second thought was, “NSO Group has been able to watch the ripples of intelware crashing against the awareness of the naïve, the clueless, and the mobile phone addicts.”

I don’t know if the peacock’s news report is accurate or just one of those weird bird noises made by the species. That probably doesn’t matter because the write up pulls in women and hooks intelware to a quite magnetic topic: The treatment of women.

The peacock squawked:

Female journalists and activists say they had their private photos shared on social media by governments seeking to intimidate and silence them.

Now that’s a heck of an assertion. True or not, the idea of “personal” pix nestling in distributed and local storage devices is not something that most people want to have happen.

Here’s a quote from the write up, and it will be interesting to watch how the crisis management advisors to NSO Group tap dance across this allegedly true statement:

“I am used to being harassed online. But this was different,” she added. “It was as if someone had entered my home, my bedroom, my bathroom. I felt so unsafe and traumatized.”

That’s a whiz bang statement which drags in nuances of privacy invasion and personal safety. Let’s call a meeting and maybe issue another feel good, make streets safer story. Yeah, how’s that working out?

The write up has another quote that glues NSO Group to the notion of freedom. Hello, Israel?

“Pegasus is a spyware tool and a weapon used against freedom of the press, freedom of expression, human rights activism and journalism,” said Rasha Abdul Rahim, director of Amnesty Tech, a division of Amnesty International focused on technology and surveillance tools. “Women’s freedom of expression is abused and targeted in a very specific way both online and offline. “The focus is on silencing them, putting the attention on their bodies or what they should be wearing or saying,” she added.

I have noticed that more people are aware of intelware as a result of this NSO Group toe stubbing.

What about those intelligence conference organizers? How about those experts pitching intel-related conferences on LinkedIn? What about those nifty white papers on intelware vendors’ Web sites?

My thought is that as more content is downloaded and more of the journalists chasing NSO Group info punch their searches into the Google, the more those ripples will be agitated.

Yikes. No easy fix it seems. Chasing revenues and making intelware into a household word are problematic. Many entities are likely to be suffering the slings and arrows of outrageous fortune. PR is good until it is not.

Stephen E Arnold, August 2, 2021

China Squeezes Tech Companies for Love, Not Money

July 29, 2021

China has always kept its tech companies on a short leash, but it has recently been especially vigorous about keeping them under control. The Conversation reports, “Facial Recognition for Gamers, App Store Bans for Didi: What’s Behind China’s Recent Crackdown on Big Tech?” We learn companies that had been getting away with certain infractions for years are suddenly facing regulators’ ire. There is also the recent rebuke of social-media platform Xiaohongshu for enabling “wealth-flaunting” when, apparently, such online immodesty is nothing new. And fresh regulations were swiftly implemented last year that just happened to frustrate Ant Group’s plans to go public after that company’s founder criticized regulators. Oops.

The article takes a special look at DiDi, an Uber clone that achieved its goal of debuting on the New York Stock Exchange. It raised enough to position it as the second-largest US IPO by a Chinese company. (Alibaba ranks first.) Normally that would be a point of pride for China, but regulators responded to the news by pulling it and 25 related apps from China’s app stores. DiDi’s value took a nosedive, and now the company faces a lawsuit by investors. Officials claim the company violated security regulations, but it is suspected China was (understandably) concerned that data on riders might end up in US government hands.

Writer Barney Tan puts these developments in perspective:

“To understand the rationale behind the Chinese government’s recent moves, we must first understand the parallel universe that is China’s technological landscape. In China, technology must never be harnessed solely for an individual or organization’s gain. Social good is always emphasized, as defined and enforced by the Chinese government. DiDi’s listing on the New York Stock Exchange would have undoubtedly fueled the company’s global expansion. But in the eyes of the Chinese government, it could have also hurt the nation’s collective interests. It remains to be seen whether this apparent contradiction can be resolved. China’s collectivist approach to technology consumption is also evident in its regulation of mobile games. … In 2019, the Chinese government imposed a video game curfew on minors, banning them from playing between 10pm and 8am — allegedly to curb gaming addiction. South Korea is the only other country with such a curfew.”

This is where facial recognition comes in. Gaming giant Tencent has been rolling out “Midnight Patrol,” a feature that will use that technology to catch underaged gamers logged in after hours on an adult’s account. The company reports the tool is now part of 60 games with more on the way. Tan continues:

“From a Western point of view, such measures may seem a draconian violation of privacy and freedom. In China, however, they are generally lauded and welcomed. The prevailing view is tech firms may profit commercially from the exploitation of technology, but not at the expense of social good.”

Yes, that is a difficult mindset for many of us to wrap our heads around. Chinese companies understand this, often using different versions of their products for foreign customers. That is why we have TikTok and Chinese citizens have the more restrictive Douyin, for example. To each their own, I suppose, but investors may want to reconsider before plonking down a lot of money on the next big Chinese tech firm’s IPO.

Cynthia Murrell, July 29, 2021

NSO Group: A PR Consequence and Expected If Not Anticipated

July 28, 2021

The intelware outfit NSO Group has moved from a narrow, somewhat wonky specialized services niche to a different arena. The development was discussed my the DarkCyber research team when the news of the NSO Group ice cream spill floated to the top of the info river. (Why are we using the code phrase ice cream meltdown? Maybe a Ben and Jerry’s reference to certain interests not aligned with those of Israel’s specialized services industry? Metaphors are the stuff of poetry, so you will have to reach your own conclusions.)

image

So the ice cream meltdown is getting messy. DarkCyber was not surprised to read “Snowden Skewers Big Tech, Amoral Capital Firms for Enabling Insecurity Industry & Calls for Urgent Action.” The write up appears in an interesting publication which runs advertising to supplement its other sources of income. Snowden, as you may recall, is a former security sector worker bee who dumped documents, many of which are marked as secret or classified. Then Mr. Snowden found himself within the fashionable confines of Sheremetyevo International Airport. He then repaired to a more permanent location in Moscow and crafted a bit of work thinking, writing blog posts, doing lectures, and giving interviews. The topics are mostly about security, which is a shorthand way of rippling the fabric of some countries’ intelligence gathering nets.

The write up states:

In a searing post on his blog, ‘Continuing Ed’, the NSA whistleblower pointed to the Pegasus scandal as a “turning point” that exposed the “fatal consequences” of private-sector companies like the NSO Group that are part of this “out-of-control” industry – whose “sole purpose is the production of vulnerability.” “The phone in your hand exists in a state of perpetual insecurity, open to infection by anyone willing to put money in the hand of this new Insecurity Industry,” Snowden noted, adding that its clients range from countries to “sex-criminal Hollywood producers who can dig a few million out of their couch cushions.”

The write up, not content to link to Mr. Snowden’s intriguing blog, includes one of his tweets which is in italics below:

If you want to see Microsoft have a heart attack, talk about defining legal liability for bad code in a commercial product. To give Facebook nightmares, talk about making it legally liable for leaks of their unnecessarily collected personal records.

Several observations I want to capture before I forget them are:

  1. The NSO Group ice cream melting has become a sticky mess. The PR problem spilled into the political arena in Israel, and now it has captured other entities and their methods as well. I think it is crisis management time, not SEO content management time.
  2. Mr. Snowden’s comments indicate that he is not a fan of some of the business practices associated with the US and its allies. This raises the question, “To what is Mr. Snowden allied?”
  3. The language of the Russia Today write up makes it clear that NSO Group has jumped from specialized software to the foil for state-sponsored cyber activities. The NSO Group’s actions, one might conclude, make the actions of a few young hackers look like very small potatoes like those grown near the border of Estonia.

The NSO Group ice cream melt may spread farther, attract flies, and damage some very expensive kitchen furnishings, maybe a careless person’s jumper, and require replacement of some placemats.

Yep, melting ice cream. A mess with consequences for the specialized services sector.

Stephen E Arnold, July 28, 2021

Google: API Promise, Circa 2021

July 27, 2021

If you are not familiar with “Google Data APIs Client Library (1.41.1),” it is worth a look. You will notice that there is a table of contents to:

An industrious online search wizard can locate other APIs consigned to the Google bit bin; for example, Transformics’ contributions and the much-loved Orkut (loved at least by some innovating individuals in Brazil and a handful of lawyers).

Fresh from this walk down API Memory Lane, navigate to “How Google Cloud Plans to Kill Its ‘Killed By Google’ Reputation.” The write up reports:

Under the new Google Enterprise APIs policy, the company is making a promise that its services will remain available and stable far into the future….The announcement is clear recognition of widespread feedback from Google Cloud customers and outright derision in several corners of the internet regarding Google’s historic reputation for ending support for its APIs without sufficient notice or foresight. The canonical example was probably the company’s decision to shutter Google Reader in 2013 with just a couple of months’ notice, which led to a torrent of criticism that persists today.

Google doesn’t want to leave any customer behind. How did that type of assertion work out for “No Child Left Behind”?

The “new” Google wants to be the “real” Google. That’s going to be a hill to climb with the Bezos bulldozer reworking the cloud landscape and Microsoft (the all time champion of great security) leveraging the brilliant individuals trying to use Excel and Word.

Yasmine El Rashidi allegedly said:

When you have a dream and someone makes promises they keep breaking, it is hard to recover. You lose hope.

What’s this mean for the ad supported Google? Will you promise to give a honest answer and provide factual back up? Yikes, your proof was in disappeared photos on a deprecated Google service. Thus, whatever you wish to say is meaningless at this time. Maybe there is a copy on Google’s never forget subsystem?

Stephen E Arnold, July 27, 2021

China: Making Technology into a Friend Magnet in Africa

July 27, 2021

I don’t know much about Africa. I remember studying about Belgium’s wonderful and humane approach, but China has found technology more agreeable than Léopold II’s tactics. “Chinese Tech, Ignored by the West, Is Taking over Africa’s Cyberspace” reports:

While China’s telecom giant Huawei has come under increasing attack in the US and the European Union, it is thriving in Africa…

The drive to lure people comes as Huawei faces mounting attacks from the West. But in Africa, the company has a solid base. Currently, Huawei is active in most African countries. According to an Atlantic Council study – “The Digital Infrastructure Imperative in African Markets,” – around 50 percent of Africa’s 3G networks and 70 percent of its 4G networks are built by Huawei.

What’s Huawei’s secret sauce? The article quotes an expert who asserts:

“Huawei has a big competitive advantage because it’s got access to state capital,” says Eric Olander, managing editor of The China Africa Project, a portal that monitors Chinese business ventures across the continent.

What’s that “state capital” enable? Check out this map. The white line is cable which surrounds the African continent. Sixteen major nodes are planned. The 5G system will connect hundreds of millions of people.

image

Maybe the Google Loon balloons will be given another shot at the Internet connectivity the online ad company deployed in Puerto Rico. Facebook had model airplane-type devices. And Elon Musk has nifty satellite things. But for now, Huawei is having its way with 5G, the Internet connectivity, and capturing a growing market for devices and services.

Stephen E Arnold, July 27, 2021

Can Big Clouds Squeeze Tiny Clouds?

July 27, 2021

I think that big clouds absorb or push smaller clouds out of the way. More accurately, the forces allowing clouds to grow are money, customers, and a desire to be the biggest, most capable cloud in the sky. Agree or not, the decimation of Rackspace suggests that being a mid tier cloud providers is a difficult slot to make work. To get the details on the outfit which once hired the surprising Robert Scoble as an evangelist, navigate to “Rackspace Cuts 10% Of Workforce In One Of Largest Employee Shake-Ups.” The write up states:

The company announced one of the largest layoff rounds in company history today, as it will terminate about 10% of its workforce over the next 12 months, according to a filing with the U.S. Securities and Exchange Commission Thursday (July 22, 2021). The company says it will “backfill” or absorb about 85% of the roles to its offshore service centers, likely a cost-cutting measure. It doesn’t list where those roles will go specifically. The company did partner with Tech Mahindra — an India-based firm — in 2019.

From my vantage point in Harrod’s Creek, this appears to be an IBM-type play. The expensive US workforce can go away after some of the soon-to-be-RIFfed train their lower cost replacement. Yep, MBA and bean counter infused efficiency.

What the story does not address is why. There may be a very small clue in Cloudflare’s blog post “AWS’s Egregious Egress.” The idea is that Amazon AWS makes it easy to enter the nifty AWS Hotel and its walled garden. In fact, getting a room doesn’t cost much at all. However, once in the walled garden, one finds small bladderworts, pitcher plants, sundews, and the venus flytrap. There are some critters basking in the warmth of the AWS servers too. I thought I spotted the technical equivalent of the inland taipan, a couple of king cobras (you know, the ones with the cool cowls), and a family of banded kraits. To get out of the walled garden, there is a modest fee charged. This is similar to the exit visa sold to some departing travelers to the wonderful and exotic Zimbabwe.

This pay-to-leave is described in the Egregious Egress write up. I continue to believe everything I read on the Internet, so let’s assume that the information is spot on. I learned:

image

To sum up, it costs a lot to leave AWS. The write up points out:

During the last ten years, industry wholesale transit prices have fallen an average of 23% annually. Compounded over that time, wholesale bandwidth is 93% less expensive than 10 years ago. However, AWS’s egress fees over that same period have fallen by only 25%. And, since 2018, the egress fees AWS charges in North America and Europe have not dropped a penny even as wholesale prices in those markets over the same time period have fallen by more than half.

The article suggests that the approach is like a Hotel California. (I was disappointed that the author did not seize upon what is called a roach trap.) The insect cannot get out at least easily and may leave a leg behind as a memento:

image

The article ends with an appeal to Amazon AWS:

We remain hopeful that AWS will do the right thing, lower their egress fees, join the Bandwidth Alliance — following the lead of the majority of the rest of the hosting industry — and pass along savings from peering with Cloudflare and other networks to all their customers.

To sum up, Amazon’s market presence and its pricing power may be sparking the Rackspace terminations. Will other cloud providers, like those in the Bandwidth Alliance, be thinking about similar actions or hoping that the US government will view Amazon as a 2021 manifestation of the pre Judge Green AT&T? My suggestion is to ask a retired Bell head about those similarities.

Stephen E Arnold, July 28, 2021

NSO Group: Investigative Reporters Are Investigating

July 27, 2021

What happens when one puts a family of beavers (the furry animals once prized for hats) in what remains of the Chrysler Building in Midtown? Well, those beavers will try to build a dam. What do investigative reporters do from more than a dozen newspapers enthralled by the NSO Group intelware story? The answer, gentle reader, is investigate.

What’s been made public in the last few days?

There were a handful of data nuggets I found mildly interesting; for example:

  • The very wonderful UK Daily Mail reported that NSO Group “spent millions of dollars on Washington lobbyists, consultants, and lawyers, as it tried to sell its Pegasus spyware to the US government.” One name disclosed in the article was Tom Ridge, the first secretary of homeland security. The estimable Daily Mail notes that the Washington Post knew this factoid too. The Daily Mail added, that NSO Group retained “The Who’s Who of government figures runs through at least three administrations.” The money flowed from OSY Technologies and Francisco Partners, which once owned NSO Group.
  • Mashable published “QAnon Believers Don’t Know How to Handle Michael Flynn’s Ties to Spyware Firm Behind Pegasus.” In addition to the QAnon trigger word, the Mashable story noted, “Edward Snowden is call it [Pegasus] the story of the year.” Mashable reported: “Many QAnon followers still don’t exactly know what to make of the news. Some seemed to accept the idea that this “doesn’t look good” for Flynn.”
  • Axios (via Yahoo News) reported that Francisco Partners “…The firm finally exited NSO in early 2019, selling it back to the [NSO Group] company’s founders and London-based private equity firm Novalpina, which pledged “a new model for public transparency. Since then, NSO has become the pulsing heart of a dispute between the partners of Novalpina. And, in an ironic twist, it involves leaked WhatsApp messages and a lawsuit against one of the newspapers that later became part of the Pegasus consortium.”

My hunch is that the investigative reporters will continue just like the hypothetical beavers. Beavers were skinned by intrepid traders. Will the investigative reporters find themselves in a similar business process? Flipping stones with the NSO Group logo stenciled on them may reveal some surprises.

Stephen E Arnold, July 27, 2021

Putin Has Kill Switch

July 26, 2021

“Russia Disconnected Itself from the Global Internet in Tests” shares an intriguing factoid. Mr. Putin can disconnected the country from the potato fields near Estonia to the fecund lands where gulags once bloomed. The write up reports:

State communications regulator Roskomnadzor said the tests were aimed at improving the integrity, stability and security of Russia’s Internet infrastructure…

If a pesky cyber gang shuts down the Moscow subway from Lichtenstein, it’s pull the plug time. The idea is that Russia will not have to look outside of its territory to locate the malefactors. If outfits like Twitter refuse to conform to Russian law, the socially responsible company may lose some of its Russian content creators.

What other countries will be interested in emulating Russia’s action or licensing the technology? I can think of a few. The Splinter Net is starting to gain momentum. Those ideals about information wanting to be free and the value of distributed systems seem out of step with Mr. Putin’s kill switch.

Stephen E Arnold, July 26, 2021

Next Page »

  • Archives

  • Recent Posts

  • Meta