DarkCyber for January 26, 2021, Now Available
January 26, 2021
DarkCyber is a twice-a-month video news program. The stories cover cyber crime, lesser known Internet services, and online. The feature in the January 26, 2021, program is a conversation between Ric Manning, a former Gannett technology columnist and author, and Stephen E Arnold, author of CyberOSINT: Next Generation Information Access. Arnold and Manning talk about the online implications of deplatforming users. Manning points out that protections extended to online platforms free the managers from the constraints in which other media are enmeshed. Arnold points out that government involvement is likely to take place and have significant unforeseen consequences.
Others stories in this program are the deanonymization of digital currency users, a book of algorithms selected for their usefulness in intelligence analysis, and our mini-feature about drones. This week, learn about the flying ginsu knife.
You can view the video at www.arnoldit.com/wordpress or at this url on YouTube.
Kenny Toth, January 26, 2021
DarkCyber for January 12, 2021, Now Available
January 12, 2021
DarkCyber is a twice-a-month video news program about online, the Dark Web, and cyber crime. You can view the video on Beyond Search or at this YouTube link.
The program for January 12, 2021, includes a featured interview with Mark Massop, DataWalk’s vice president. DataWalk develops investigative software which leapfrogs such solutions as IBM’s i2 Analyst Notebook and Palantir Gotham. In the interview, Mr. Massop explains how DataWalk delivers analytic reports with two or three mouse clicks, federates or brings together information from multiple sources, and slashes training time from months to several days.
Other stories include DarkCyber’s report about the trickles of information about the SolarWinds’ “misstep.” US Federal agencies, large companies, and a wide range of other entities were compromised. DarkCyber points out that Microsoft’s revelation that bad actors were able to view the company’s source code underscores the ineffectiveness of existing cyber security solutions.
DarkCyber highlights remarkable advances in smart software’s ability to create highly accurate images from poor imagery. The focus of DarkCyber’s report is not on what AI can do to create faked images. DarkCyber provides information about how and where to determine if a fake image is indeed “real.”
The final story makes clear that flying drones can be an expensive hobby. One audacious drone pilot flew in restricted air zones in Philadelphia and posted the exploits on a social media platform. And the cost of this illegal activity. Not too much. Just $182,000. The good news is that the individual appears to have avoided one of the comfortable prisons available to authorities.
One quick point: DarkCyber accepts zero advertising and no sponsored content. Some have tried, but begging for dollars and getting involved in the questionable business of sponsored content is not for the DarkCyber team.
Finally, this program begins our third series of shows. We have removed DarkCyber from Vimeo because that company insisted that DarkCyber was a commercial enterprise. Stephen E Arnold retired in 2017, and he is now 77 years old and not too keen to rejoin the GenX and Millennials in endless Zoom meetings and what he calls “blatant MBA craziness.” (At least that’s what he told me.)
Kenny Toth, January 12, 2021
DarkCyber for December 29, 2020, Is Now Available
December 29, 2020
DarkCyber for December 29, 2020, is now available on YouTube at this link or on the Beyond Search blog at this link. This week’s program includes seven stories. These are:
A Chinese consulting firm publishes a report about the low profile companies indexing the Dark Web. The report is about 114 pages long and does not include Chinese companies engaged in this business.
A Dark Web site easily accessible with a standard Internet browser promises something that DarkCyber finds difficult to believe. The Web site contains what are called “always” links to Dark Web sites; that is, those with Dot Onion addresses.
Some pundits have criticized the FBI and Interpol for their alleged failure to take down Jokerstash. This Dark Web site sells access to “live” credit cards and other financial data. Among those suggesting that the two law enforcement organizations are falling short of the mark are four cyber security firms. DarkCyber explains one reason for this alleged failure.
NSO Group, a specialized services company, has been identified as the company providing technology to “operators” surveilling dozens of Al Jazeera journalists. DarkCyber points out that a commercial firm is not in a position to approve or disapprove the use of its technology by the countries which license the Pegasus platform.
Facebook has escalated its dispute with Apple regarding tracking. Now the social media company has alleged that contractors to the French military are using Facebook in Africa via false accounts. What’s interesting is that Russia is allegedly engaged in a disinformation campaign in Africa as well.
The drone news this week contaisn two DJI items. DJI is one of the world’s largest vendors of consumer and commercial drones. The US government has told DJI that it may no longer sell its drones in the US. DJI products remain available in the US. DJI drones have been equipped with flame throwers to destroy wasp nests. The flame throwing drones appear formidable.
DarkCyber is a twice a month video news program reporting on the Dark Web, lesser known Internet services, and cyber crime. The program is produced by Stephen E Arnold and does not accept advertising or sponsorships.
Kenny Toth, December 29, 2020
DarkCyber Video News Link Fixed for 12-15-20 Video
December 22, 2020
Maybe it was I? Maybe it was AMP? Google knows, of course. If you were trying to locate the December 15, 2020, DarkCyber video news program, the malformed url has been fixed. No more “Video not found” messages, at least for now. Since I was fully responsible and those AMP messages are ever so helpful, I was able to reform myself, obtain another copy of the video url from the ever reliable Google, and make this change. I’m off to don a hair shirt and a barbed wire undergarment to remind myself to improve. Oh, both garments have a Google logo. Inspiration at hand.
Stephen E Arnold, December 22, 2020
DarkCyber for December 15, 2020, Now Available
December 15, 2020
The DarkCyber video news program for December 15, 2020, is now available at this link. This week’s program includes:
- Fact or fiction: Work around iCloud security for an iPad
- Germany opens backdoor to one encrypted email system
- The Dark Web and Covid is a thing
- Smart weapons and surgical strikes: The future of war
- NSO Group in the spotlight again
- Current information about beam weapons.
You may also view the program via the embedded player on the Beyond Search Web site at this link. Plus, no begging for dollars and no advertising.
Kenny Toth, December 15, 2020
Alleged CCP Database: 1.9 Million Entries
December 14, 2020
DarkCyber noted the availability of 1.9 million members of the Chinese Communist Party in 2016. We think we can here “The data are old,” “The data are a scam,” and “That was then, this is now” statements from those listed in the file. The information, which you will have to figure out for yourself, may be on the money or a bit of a spoof. Elaborate spoof, yes. It will help if you can read Chinese or have access to a system which can translate the ideographs into ASCII characters and normalized. Spellings can be variable depending on the translator or the machine translation system one uses. For now, the file is available on Go File at this link.\
Here’s a tiny snippet:
Are there uses of the data? Sure, how about:
- Filtering the list for those individuals in Canada, the UK, and the US and mapping the names against university faculty
- Filtering the list for graduate students in such countries as Australia, Canada, and France. While you are at it, why not do the same for graduate students in the US
- Filtering the list for individuals who are or have been part of a cultural or scientific exchange, particularly within driving or drone distance of a US national research laboratory; e.g., University of New Mexico or the University of Tennessee?
The data appear to be at least four years old and may turn out to be little more than a listing of individuals who purchased a SIM from a Chinese vendor in the last 48 months. On the other hand, some of the information may be a cyber confection. DarkCyber finds the circumstances of the data’s “availability,” its possible accuracy, and its available as open source information interesting.
Stephen E Arnold, December 14, 2020
DarkCyber for December 1, 2020, Now Available
December 1, 2020
DarkCyber reports about Maltrail, an open source cyber tool for detecting malicious traffic. Crime as a Service matures. Now anyone can point-and-click through a ransomware attack. Bad actors helpfully make cyber crime less of a hassle. Insider threats — what DarkCyber calls “the Snowden play” — are becoming more prevalent. Why? A need for money, revenge, or a dose of that old Silicon Valley attitude.
The feature in this episode is a summary of the next-generation in entity recognition from videos and still images. Face recognition is not the most reliable technology in the world; however, researchers from China and Japan have figured out how to match a person’s gait to an individual. Ergo gait recognition. A link to the technical details appears in the program.
The program features a brief extract from a conversation between Robert David Steele, a former CIA professional, and Stephen E Arnold (owner of Dark Cyber). Arnold describes some of the less appreciated reasons why digital information creates new challenges for law enforcement and intelligence professionals. Good news? Not really.
The final story in the program addresses the urgent need for counter unmanned aerial systems by local, county, and statement law enforcement agencies. Individuals are ramming drones into police helicopters. The DarkCyber discussion of this problem includes a link to a series of recommendations promulgated by the British government to address this kinetic use of drones.
DarkCyber is produced by Beyond Search. The video program appears every two weeks. The third season of DarkCyber begins in January 2021. The program is non-commercial, does not accept advertising, and does not beg for dollars. How is this possible? DarkCyber is not sure.
You can view the program at this link.
Kenny Toth, December 1, 2020
DarkCyber for November 17, 2020, Now Available
November 17, 2020
The DarkCyber video news program for November 17, 2020, is now available at this link. This week’s program includes stories and links to information about the legal risks hacking and cracking pose to researchers. The October US Congressional report about the intelligence community’s need for innovation describes the challenges technology presents to more than a dozen agencies. You will also learn about how the former CEO of Google has “diversified his citizenship.” Allegedly a passport granting access to the European Union has been acquired by a member of the US Defense Innovation Board. Fourth, reports of security breaches decreased in 2020. Yet the number of personal data records has surged. Why the mismatch. DarkCyber explains that keeping quiet can present better optics for the organization which remains silent. Also, DarkCyber highlights a dated US electronic warfare diagram which is now circulating via Twitter and other online services as “new.” It presents a view of EW two or more years old. Finally, DarkCyber reports about a consumer drone which can perform surveillance and other actions underwater. With six thrusters, the drone can maneuver like its aerial cousins and deploy a robotic arm available on Amazon’s eCommerce site. More information related to cyber technologies is available in the blog at www.arnoldit.com/wordpress.
Kenny Toth, November 17, 2020
DarkCyber for November 3, 2020, Now Available
November 3, 2020
The November 3, 2020, DarkCyber video news program contains five stories. You are able to view the program at this YouTube location. The first is a report about the FinFisher raids conducted by German and other European enforcement officials. FinFisher allegedly produces and sells policeware to government agencies. An alleged failure in following German government procedures contributed to the multi-country action. The second story describes the free services of Social Search. This online service allows a user to obtain information gleaned from a number of social media sites like Facebook and Twitter. Test queries run by the DarkCyber research team revealed that interesting information can be obtained from this free service. Also referenced is a consumer mobile phone surveillance tool. Used together, the type of insights available from specialized services developers becomes evident. The third story points to a new book by a Harvard professor. The book reveals the origin of the concept of investigative software, what DarkCyber calls policeware. The fourth story provides additional information about the diffusion of digital currencies into the “regular” Web. What was just two years ago a specialized payment mechanism has moved into the mainstream. No Tor or other obfuscation software required. The final story mentions a Chinese innovation. The truck-mounted tube launcher can release a swarm of drones simultaneously. How does one deal with a swarm of drones? DarkCyber answers this question with information about the Drone Bullet. DarkCyber is produced by Stephen E Arnold, publisher of Beyond Search, a free Web log, and the author of Dark Web Notebook and CyberOSINT.
Kenny Toth, November 3, 2020
Organizational Security: Many Vendors, Many Breaches
October 30, 2020
I noted a write up with a fraught title: “Breaches Down 51%, Exposed Records Set New Record with 36 Billion So Far.” I interpreted this to mean “fewer security breaches but more data compromised.”
The write up explains the idea this way:
The number of records exposed has increased to a staggering 36 billion. There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the “worst year on record,” Risk Based Security reveals.
Okay. How is this possible? The answer:
The report explores numerous factors such as how media coverage may be a factor contributing to the decline in publicly reported breaches. In addition, the increase of ransomware attacks may also have a part to play.
I interpreted this to mean, “Let’s not tell anyone.”
If you want a copy of this RiskBased Security report, navigate to this link. You will have to cough up an email and a name.
Net net: More data breaches and fewer organizations willing to talk about their security lapses. What about vendors of smart cyber security systems? Vendors are willing to talk about the value and performance of their products.
Talk, however, may be less difficult than dealing with security breaches.
Stephen E Arnold, October 30, 2020