Browse > Home / Archive by category 'Legal matters'

Why Is the Telegram Übermensch Rolling Over Like a Good Dog?

September 10, 2024

green-dino_thumb_thumb_thumb_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

I have been following the story of Pavel Durov’s detainment in France, his hiring of a lawyer with an office on St Germaine de Pres, and his sudden cooperativeness. I want to offer come observations on this about face. To begin, let me quote from his public statement at t.me/durov/342:

… we [Pavel and Nikolai] hear voices saying that it’s not enough. Telegram’s abrupt increase in user count to 950M caused growing pains that made it easier for criminals to abuse our platform. That’s why I made it my personal goal to ensure we significantly improve things in this regard. We’ve already started that process internally, and I will share more details on our progress with you very soon.

image

The Telegram French bulldog flexes his muscles at a meeting with French government officials. Thanks, Microsoft. Good enough like Recall I think.

First, the key item of information is the statement “user count to 950M” [million] users. Telegram’s architecture makes it possible for the company to offer a range of advertising services to those with the Telegram “super app” installed. With the financial success of advertising revenue evidenced by the financial reports from Amazon, Facebook, and Google, the brothers Durov, some long-time collages, and a handful of alternative currency professionals do not want to leave money on the table. Ideals are one thing; huge piles of cash are quite another.

Second, Telegram’s leadership demonstrated Cirque de Soleil-grade flexibility when doing a flip flop on censorship. Regardless of the reason, Mr. Durov chatted up a US news personality. In an interview with a former Murdoch luminary, Mr. Durov complained about the US and sang the praises of free speech. Less than two weeks, Telegram blocked Ukrainian Telegram messages to Russians in Russia about Mr. Putin’s historical “special operation.” After 11 years of pumping free speech, Telegram changed direction. Why? One can speculate but the free speech era at least for Ukraine-to-Russia Messenger traffic ended.

Third, Mr. Durov’s digital empire extends far beyond messaging (whether basic or the incredibly misunderstood “secret” function). As I write this, Mr. Durov’s colleagues who work at arm’s length from Telegram, have rolled out a 2024 version of VKontakte or VK called TONsocial. The idea is to extend the ecosystem of The One Network and its TON alternative currency. (Some might use the word crypto, but I will stick with “alternative”.) Even though these entities and their staff operate at arm’s length, TON is integrated into the Telegram super app. Furthermore, clever alternative currency games are attracting millions of users. The TON alternative currency is complemented with Telegram STAR, another alternative currency available within the super app. In the last month, one of these “games”—technically a dApp or distributed application — has amassed over 35 million users and generates revenue with videos on YouTube. The TON Foundation — operating at arm’s length from Telegram — has set up a marketing program, a developer outreach program with hard currency incentives for certain types of work, and videos on YouTube which promote Telegram-based distributed applications, the alternative currency, and the benefits of the TON ecosystem.

So what’s causing Mr. Durov to shift from the snarling Sulimov to goofy French bulldog? Telegram wants to pull off at IPO or an initial public offering. In order to do that after the US Securities & Exchange Commission shut down his first TON alternative currency play, the brothers Durov and their colleagues cooked up a much less problematic approach to monetize the Telegram ecosystem. An IPO would produce money and fame. An IPO could legitimize a system which some have hypothesized retains strong technical and financial ties to some Russian interests.

The conversion from free speech protector with fangs and money to scratch-my-ears French bulldog may be little more than a desire for wealth and fame… maybe power or an IPO. Mr. Durov has an alleged 100 or more children. That’s a lot of college tuition to pay I imagine. Therefore, I am not surprised: Mr. Durov will:

  • Cooperate with the French
  • Be more careful with his travel operational security in the future
  • Be the individual who can, should he choose, access the metadata and the messages or everyone of the 950 million Telegram users (with so darned few in the EU to boot)
  • Sell advertising
  • Cook up a new version of VKontakte
  • Be a popular person among influential certain other countries’ government professionals.

But as long as he is rich, he will be okay. He watches what he eats, he exercises, and he has allegedly good cosmetic surgeons at his disposal. He is flexible obviously. I can hear the French bulldog emitting dulcet sounds now as it sticks out its chest and perks its ears.

Stephen E Arnold, September 10, 2024

Written by Stephen E. Arnold · Filed Under Censorship, Government, Legal matters, News | Leave a Comment 

Google and Search: A Fix or a Pipe Dream?

September 6, 2024

green-dino_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

I read “Dawn of a New Era in Search: Balancing Innovation, Competition, and Public Good.”

Don’t get me wrong. I think multiple search systems are a good thing. The problem is that search (both enterprise and Web) are difficult problems, and these problems are expensive to solve. After working more than 50 years in electronic information, I have seen search systems come and go. I have watched systems morph from search into weird products that hide the search plumbing beneath fancy words like business intelligence and OSINT tools, among others. In 2006 or 2007, one of my financial clients published some of our research. The bank received an email from an “expert” (formerly and Verity) that his firm had better technology than Google. In that conversation, that “expert” said, “I can duplicate Google search for $300 million.” The person who said these incredibly uninformed words is now head of search at Google. Ed Zitron has characterized the individual as the person who killed Google search. Well, that fellow and Google search are still around. This suggests that baloney and high school reunions provide a career path for some people. But search is not understood particularly well at Google at this time. It is, therefore, that awareness of the problems of search is still unknown to judges, search engine marketing experts, developers of metasearch systems which recycle Bing results, and most of the poohbahs writing about search in blogs like Beyond Search.

image

The poor search kids see the rich guy with lots of money. The kids want it. The situation is not fair to those with little or nothing. Will the rich guy share the money? Thanks, Microsoft Copilot. Good enough. Aren’t you one of the poor Web search vendors?

After five decades of arm wrestling with finding on point information for myself, my clients, and for the search-related start ups with whom I have worked, I have an awareness of how much complexity the word “search” obfuscates. There is a general perception that Google indexes the Web. It doesn’t. No one indexes the Web. What’s indexed are publicly exposed Web pages which a crawler can access. If the response is slow (like many government and underfunded personal / commercial sites), spiders time out. The pages are not indexed. The crawlers have to deal in a successful way with the changes on how Web pages are presented. Upon encountering something for which the crawler is not configured, the Web page is skipped. Certain Web sites are dynamic. The crawler has to cope with these. Then there are Web pages which are not composed of text. The problems are compounded by the vagaries of intermediaries’ actions; for example, what’s being blocked or filtered today? The answer is the crawler skips them.

Without revealing information I am not permitted to share, I want to point out that crawlers have a list which contains bluebirds, canaries, and dead ducks. The bluebirds are indexed by crawlers on an aggressive schedule, maybe multiple times every hour. The canaries are the index-on-a-normal-cycle, maybe once every day or two. The dead ducks are crawled when time permits. Some US government Web sites may not be updated in six or nine months. The crawler visits the site once every six months or even less frequently. Then there are forbidden sites which the crawler won’t touch. These are on the open Web but urls are passed around via private messages. In terms of a Web search, these sites don’t exist.

How much does this cost? The answer is, “At scale, a lot. Indexing a small number of sites is really cheap.” The problem is that in order to pull lots of clicks, one has to have the money to scale or a niche no one else is occupying. Those are hard to find, and when one does, it makes sense to slap a subscription fee on them; for example, POISINDEX.

Why am I running though what strikes me as basic information about searching the Web? “Dawn of a New Era in Search: Balancing Innovation, Competition, and Public Good” is interesting and does a good job of expressing a specific view of Web search and Google’s content and information assets. I want to highlight the section of the write up titled “The Essential Facilities Doctrine.” The idea is that Google’s search index should be made available to everyone. The idea is interesting, and it might work after legal processes in the US were exhausted. The gating factor will be money and the political climate.

From a competitor’s point of view, the index blended with new ideas about how to answer a user’s query would level the playing field. From Google’s point of view it would loss of intellectual property.

Several observations:

  1. The hunger to punish Big Tech seems to demand being satisfied. Something will come from the judicial decision that Google is a monopoly. It took a couple of decades to arrive at what was obvious to some after the Yahoo ad technology settlement prior to the IPO, but most people didn’t and still don’t get “it.” So something will happen. What is not yet known.
  2. Wide access to the complete Google index could threaten the national security of the US. Please, think about this statement. I can’t provide any color, but it is a consideration among some professionals.
  3. An appeal could neutralize some of the “harms,” yet allow the indexing business to continue. Specific provisions might be applied to the decision of Judge Mehta. A modified landscape for search could be created, but online services tend to coalesce into efficient structures. Like the break up of AT&T, the seven Baby Bells and Bell Labs have become AT&T and Verizon. This could happen if “ads” were severed from Web search. But after a period of time, the break up is fighting one of the Arnold Laws of Online: A single monopoly is more efficient and emergent.

To sum up, the time for action came and like a train in Switzerland, left on time. Undoing Google is going to be more difficult than fiddling with Standard Oil or the railroad magnates.

Stephen E Arnold, September 6, 2024

Written by Stephen E. Arnold · Filed Under Financial, Indexing, Legal matters, News, Search | Leave a Comment 

Uber Leadership May Have to Spend Money to Protect Drivers. Wow.

September 5, 2024

green-dino_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

Senior managers — now called “leadership” — care about their employees. I added a wonderful example about corporate employee well being and co-worker sensitivity when I read “Wells Fargo Employee Found Dead in Her Cubicle 4 Days After She Clocked in for Work.” One of my team asked me, “Will leadership at that firm check her hours of work so she is not overpaid for the day she died?” I replied, “You will make a wonderful corporate leader one day.” Another analyst asked, “Didn’t the cleaning crew notice?” I replied, “Not when they come once every two weeks.”

image

Thanks, MSFT Copilot. Good enough given your filters.

A similar approach to employee care popped up this morning. My newsreader displayed this headline: “Ninth Circuit Rules Uber Had Duty to Protect Washington Driver Murdered by Passengers.” The write up reported:

The estate of Uber driver Cherno Ceesay sued the rideshare company for negligence and wrongful death in 2021, arguing that Uber knew drivers were at risk of violent assault from passengers but neglected to install any basic safety measures, such as barriers between the front and back seats of Uber vehicles or dash cameras. They also claimed Uber failed to employ basic identity-verification technology to screen out the two customers who murdered Ceesay — Olivia Breanna-Lennon Bebic and Devin Kekoa Wade — even though they opened the Uber account using a fake name and unverified form of payment just minutes before calling for the ride.

Hold it right there. The reason behind the alleged “failure” may be the cost of barriers, dash cams, and identity verification technology. Uber is a Big Dog high technology company. Its software manages rides, maps, payments, and the outstanding Uber app. If you want to know where your driver is, text the professional. Want to know the percentage of requests matched to drivers from a specific geographic point, forget that, gentle reader. Request a ride and wait for a confirmation. Oh, what if a pick up is cancelled after a confirmation? Fire up Lyft, right?

The cost of providing “basic” safety for riders is what helps make old fashioned taxi rides slightly more “safe.” At one time, Uber was cheaper than a weirdly painted taxi with a snappy phone number like 666 6666 or 777 7777 painted on the side. Now that taxis have been stressed by Uber, the Uber rides have become more expensive. Thanks to surge pricing, Uber in some areas is more expensive than taxis and some black car services if one can find one.

Uber wants cash and profits. “Basic” safety may add the friction of additional costs for staff, software licenses, and tangibles like plastic barriers and dash cams. The write up explains by quoting the legalese of the court decision; to wit:

“Uber alone controlled the verification methods of drivers and riders, what information to make available to each respective party, and consistently represented to drivers that it took their safety into consideration Ceesay relied entirely on Uber to match him with riders, and he was not given any meaningful information about the rider other than their location,” the majority wrote.

Now what? I am no legal eagle. I think Uber “leadership” will have meetings. Appropriate consultants will be retained to provide action plan options. Then staff (possibly AI assisted) will figure out how to reduce the probability of a murder in or near an Uber contractor’s vehicle.

My hunch is that the process will take time. In the meantime, I wonder if the Uber app autofills the “tip” section and then intelligently closes out that specific ride? I am confident that universities offering business classes will incorporate one or both of these examples in a class about corporate “leadership” principles. Tip: The money matters. Period.

Stephen E Arnold, September 5, 2024

Written by Stephen E. Arnold · Filed Under Financial, Legal matters, Management, News | Leave a Comment 

Indifference or Carelessness: The Security Wrecks from Georgia Tech

September 4, 2024

DOJ Sues Georgia Tech for DOD-Related Cybersecurity Violations

The Justice Department takes cybersecurity standards for our military very seriously. Just ask Georgia Tech University. Nextgov/FCW reports, “DOJ Suit Claims Georgia Tech ‘Knowingly Failed’ to Meet Cyber Standards for DOD Contracts.” The suit began in 2022 with a whistleblower lawsuit filed by two members of the university’s cybersecurity compliance team. They did so under the DOJ’s Civil Cyber-Fraud Initiative. Now the DOJ has joined the fray. Reporter Edward Graham tells us:

“In a press release, DOJ alleged that the institutions committed numerous violations of the Department of Defense’s cybersecurity policy in the years prior to the whistleblower complaint. Among the most serious allegations was the claim that ‘Georgia Tech and [Georgia Tech Research Corporation] submitted a false cybersecurity assessment score to DOD for the Georgia Tech campus’ in December 2020. … The lawsuit also asserted that the Astrolavos Lab at Georgia Tech previously ‘failed to develop and implement a system security plan, which is required by DOD cybersecurity regulations.’ Once the security document was finally implemented in February 2020, the complaint said the university ‘failed to properly scope that plan to include all covered laptops, desktops and servers.’ Additionally, DOJ alleged that the Astrolavos Lab did not use any antivirus or antimalware programs on its devices until December 2021. The university reportedly allowed the lab to refuse the installation of the software ‘in violation of both federal cybersecurity requirements and Georgia Tech’s own policies’ at the request of its director.”

Georgia Tech disputes the charges. It claims there was no data breach or data leak, the information involved was not confidential anyway, and the government had stated this research did not require cybersecurity restrictions. Really? Then why the (allegedly) falsified cybersecurity score? The suit claims the glowing self-reported score for the Georgia Tech campus:

“… was for a ‘fictitious’ or ‘virtual’ environment and did not apply to any covered contracting system at Georgia Tech that could or would ever process, store or transmit covered defense information.”

That one will be hard to explain away. Other entities with DOD contractor will want to pay attention—Graham states the DOJ is cracking down on contractors that lie about their cyber protections.

Cynthia Murrell, September 4, 2024

Written by Stephen E. Arnold · Filed Under cybersecurity, Legal matters, News | Leave a Comment 

Pavel Durov: Durable Appeal Despite Crypto, French Allegations, and a Travel Restriction

August 30, 2024

green-dino_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

Telegram, a Web3 crypto facilitator, is in the news because its Big Dog is a French dog house. He can roam free, but he cannot leave the country. I mention Pavel Durov, the brother of Nikolai who has two PhDs in his brain, because he has appeal. Allegedly he also has more than 100 children. I find Mr. Durov’s fecundity an anomaly if the information in “Men in Crypto Less Attractive to Women Than Cosplayers, Anime Buffs: Survey.” That story suggests that men in crypto will not be at the front of the line when it comes to fathering five score bambinos.

image

Thanks, Microsoft Copilot. Nice cosplay. Who is the fellow in the bunny suit?

The write up reports:

Crypto was seen as the ninth-most unattractive hobby for males, the Aug. 24 survey by the Date Psychology blog found, which was a convenience sample of 814 people, 48% of which were female. The authors noted that based on past surveys, their sample population disproportionately includes women of “high social status,” with a high level of education and who are predominately white.

I will not point out that the sample size seems a few cans short of a six pack nor that lack of an unbiased sample is usually a good idea. But the idea is interesting.

The article continues with what I think are unduly harsh words:

Female respondents were asked if they found a list of 74 hobbies either “attractive” or “unattractive.” Only 23.1% said crypto was an attractive hobby, while around a third found comic books and cosplaying attractive. It left crypto as the second-most unattractive so-called “nerd” hobby to women — behind collecting products from Funko, which makes pop culture and media-based bobblehead figures.

The article includes some interesting data:

The results show that females thought reading was the most attractive hobby for a man (98.2%), followed by knowing or learning a foreign language (95.6%) and playing an instrument (95.4%).

I heard that Pavel Durov, not the brother with the two PhD brain, has a knack for languages. He allegedly speaks Russian (seems logical. His parents are Russian.), French (seems logical. He has French citizenship.), “Persian” (seems logical he has UAE citizenship and lives in quite spartan quarters in Dubai.), and Saint Kitts and Nevis (seems logical that he would speak English and some Creole). Now that he is in France with only a travel restriction he can attend some anime and cosplay events. It is possible that Parisian crypto enthusiasts will have a “Crypto Night” at a bistro like Le Procope. In order to have more appeal, he may wear a git-up.

I would suggest that his billionaire status and “babes near me” function in Telegram might enhance his appeal. If he has more than 100 Durov bambinos, why not shoot for 200 or more? He is living proof that surveys are not 100 percent reliable.

Stephen E Arnold, August 30, 2024

Written by Stephen E. Arnold · Filed Under Bitcoin, Legal matters, News | Comments Off on Pavel Durov: Durable Appeal Despite Crypto, French Allegations, and a Travel Restriction 

Yelp Google Legal Matter: A Glimpse of What Is to Come

August 29, 2024

green-dino_thumb_thumb_thumb_thumb_thumb_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

Yelp.com is one of the surviving re-inventions of the Yellow Pages. The online guide includes snapshots of a business, user reviews, and conveniences like classifications of business types. The company has asserted that Google has made the finding services’ life difficult. “Yelp Sues Google in Wake of Landmark Antitrust Ruling on Search” reports:

Yelp has spoken out about what it considers to be Google’s anticompetitive conduct for well over a decade. But the timing of Yelp’s lawsuit, filed just weeks after a Washington federal judge ruled that Google illegally monopolized the search market through exclusive deals, suggests that more companies may be emboldened to take action against the search leader in the coming months.

image

Thanks, MSFT Copilot. Good enough.

Yelp, like other efforts to build a business in the shadow of Google’s monolith has pointed out that the online advertising giant has acted in a way that inhibited Yelp’s business. In the years prior to Judge Mehta’s ruling that Google was — hang on now, gentle reader — a monopoly, Yelp’s objections went nowhere. However, since Google learned that Judge Mehta decided against Google’s arguments that it was a mom and pop business too, Yelp is making another run at Googzilla.

The write up points out:

In its complaint, Yelp recounts how Google at first sought to move users off its search page and out onto the web as quickly as possible, giving rise to a thriving ecosystem of sites like Yelp that sought to provide the information consumers were seeking. But when Google saw just how lucrative it could be to help users find which plumber to hire or which pizza to order, it decided to enter the market itself, Yelp alleges.

What’s an example of Google’s behavior toward Yelp and presumably other competitors? The write up says:

In its complaint, Yelp recounts how Google at first sought to move users off its search page and out onto the web as quickly as possible, giving rise to a thriving ecosystem of sites like Yelp that sought to provide the information consumers were seeking. But when Google saw just how lucrative it could be to help users find which plumber to hire or which pizza to order, it decided to enter the market itself, Yelp alleges.

The Google has, it appears, used a relatively simple method of surfing on queries for Yelp content. The technique is “self preferencing”; that is, Google just lists its own results above Yelp hits.

Several observations:

  1. Yelp has acted quickly, using the information in Judge Mehta’s decision as a surfboard
  2. Other companies will monitor this Yelp Google matter. If Yelp prevails, other companies which perceive themselves as victims of Google’s business tactics may head to court as well
  3. Google finds itself in a number of similar legal dust ups which add operating friction to the online advertising vendor’s business processes.

Google, like Gulliver, may be pinned down, tied up, and neutralized the way Gulliver was in Lilliput. That was satirical fiction; Yelp is operating in actual life.

Stephen E Arnold, August 29, 2024

Written by Stephen E. Arnold · Filed Under Google, Legal matters, News | Comments Off on Yelp Google Legal Matter: A Glimpse of What Is to Come 

Anthropic AI: New Allegations of Frisky Behavior

August 27, 2024

green-dino_thumb_thumb_thumb_thumb_t[1]_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

Who knew high school science club members would mature into such frisky people. But rules are made to be broken. Apologies make the problem go away. Perhaps in high school with some indulgent faculty advisors? In the real world where lawyers are more plentiful than cardinals in Kentucky, apologies may not mean anything. I learned that the highly-regarded AI outfit Anthropic will be spending some time with the firm’s lawyers.

Anthropic Faces New Class-Action Lawsuit from Book Authors” reported:

AI company Anthropic is still battling a lyrics-focused lawsuit from music publishers, but now it has a separate legal fight on its hands. Authors Andrea Bartz, Charles Graeber and Kirk Wallace Johnson are suing the company in a class-action lawsuit in California. As with the music publishers, their focus is on the training of Anthropic’s Claude chatbot.

I anticipate a few of the really smart and oh-so-busy wizards will be sitting in a conference room doing the deposition thing. That involves lawyers who are not particularly as scientifically oriented as AI wizards trying to make sense of Anthropic’s use of OPW (other people’s work) without permission. If you are a fan of legal filings, you can read the 20-page document at this link.

Those AI wizards are clever, aren’t they?

Stephen E Arnold, August 27, 2024

Written by Stephen E. Arnold · Filed Under AI, Legal matters, News | Comments Off on Anthropic AI: New Allegations of Frisky Behavior 

Meta Shovels Assurances. Will Australia Like the Output?

August 14, 2024

dinosaur30a_thumb_thumb_thumb_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I came across a news story which I found quite interesting. Even though I am a dinobaby, I am a father and a grandfather. I used to take pictures when my son and daughter were young. I used Kodak film, printed the pictures my wife wanted, and tossed the rest. Pretty dull. Some parents have sportier ideas. I want to point out that some ideas do not appeal to me. Others make me uncomfortable.

image

How do you think I reacted to the information in “Parents Still Selling Revealing Content of Their Kids on Instagram, Despite Meta’s Promises to Ban the Practice.” The main idea in the write up seems to be:

The ABC [Australian Broadcasting Council] has found almost 50 Instagram accounts that allow subscribers to pay for exclusive content of children or teenagers, some of which is sexualized. Meta had vowed to clamp down on the practice but said it was taking time to "fully roll out" its new policy. Advocates say the accounts represent an "extreme" form of child exploitation.

If I understand the title of the article and this series of statements, I take away these messages:

  1. Instagram contains “revealing content” of young people
  2. Meta — the Zuck’s new name for the old-timey Facebook, WhatsApp, and Instagram services — said it would take steps to curtail posting of this type of content. A statement which, the ABC seems to apply, was similar to other Silicon Valley-inspired assertions: A combination of self-serving assurances and then generating as much revenue as possible because some companies face zero consequences.
  3. Meta seems to create a greenhouse for what the ABC calls “child exploitation.”

I hope I captured the intent of the news story’s main idea.

I noted this passage:

Sarah Adams, an online child safety advocate who goes by the name Mom.Uncharted, said it was clear Meta had lost control of child accounts.

How did Meta respond to the ABC inquiry. Check this:

"The new policy is in effect as of early April and we are taking action on adult-run accounts that primarily post content focused on children whenever we become aware of them," a Meta spokesperson said in a statement. "As with any new policy, enforcement can take time to fully roll out."

That seems plausible. How long has Meta hosted questionable content? I remember 20 years ago. “We are taking action” is a wonderfully proactive statement. Plus, combatting child exploitation is one of those tasks where “enforcement can take time.”

Got it.

Stephen E Arnold, August 14, 2024

Written by Stephen E. Arnold · Filed Under Business strategy, Legal matters, News, Social Media | Comments Off on Meta Shovels Assurances. Will Australia Like the Output? 

The Customer Is Not Right. The Customer Is the Problem!

August 7, 2024

dinosaur30a_thumb_thumb_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

The CrowdStrike misstep (more like a trivial event such as losing the cap to a Bic pen or misplacing an eraser) seems to be morphing into insights about customer problems. I pointed out that CrowdStrike in 2022 suggested it wanted to become a big enterprise player. The company has moved toward that goal, and it has succeeded in capturing considerable free marketing as well.

image

Two happy high-technology customers learn that they broke their system. The good news is that the savvy vendor will sell them a new one. Thanks, MSFT Copilot. Good enough.

The interesting failure of an estimated 8.5 million customers’ systems made CrowdStrike a household name. Among some airline passengers, creative people added more colorful language. Delta Airlines has retained a big time law firm. The idea is to sue CrowdStrike for a misstep that caused concession sales at many airports to go up. Even Panda Chinese looks quite tasty after hours spent in an airport choked with excited people, screaming babies, and stressed out over achieving business professionals.

Microsoft Claims Delta Airlines Declined Help in Upgrading Technology After Outage” reports that like CrowdStrike, Microsoft’s attorneys want to make quite clear that Delta Airlines is the problem. Like CrowdStrike, Microsoft tried repeatedly to offer a helping hand to the airline. The airline ignored that meritorious, timely action.

Like CrowdStrike, Delta is the problem, not CrowdStrike or Microsoft whose systems were blindsided by that trivial update issue. The write up reports:

Mark Cheffo, a Dechert partner [another big-time lawfirm] representing Microsoft, told Delta’s attorney in a letter that it was still trying to figure out how other airlines recovered faster than Delta, and accused the company of not updating its systems. “Our preliminary review suggests that Delta, unlike its competitors, apparently has not modernized its IT infrastructure, either for the benefit of its customers or for its pilots and flight attendants,” Cheffo wrote in the letter, NBC News reported. “It is rapidly becoming apparent that Delta likely refused Microsoft’s help because the IT system it was most having trouble restoring — its crew-tracking and scheduling system — was being serviced by other technology providers, such as IBM … and not Microsoft Windows," he added.

The language in the quoted passage, if accurate, is interesting. For instance, there is the comparison of Delta to other airlines which “recovered faster.” Delta was not able to recover faster. One can conclude that Delta’s slowness is the reason the airline was dead on the hot tarmac longer than more technically adept outfits. Among customers grounded by the CrowdStrike misstep, Delta was the problem. Microsoft systems, as outstanding as they are, wants to make darned sure that Delta’s allegations of corporate malfeasance goes nowhere fast oozes from this characterization and comparison.

Also, Microsoft’s big-time attorney has conducted a “preliminary review.” No in-depth study of fouling up the inner workings of Microsoft’s software is needed. The big-time lawyers have determined that “Delta … has not modernized its IT infrastructure.” Okay, that’s good. Attorneys are skillful evaluators of another firm’s technological infrastructure. I did not know big-time attorneys had this capability, but as a dinobaby, I try to learn something new every day.

Plus the quoted passed makes clear that Delta did not want help from either CrowdStrike or Microsoft. But the reason is clear: Delta Airlines relied on other firms like IBM. Imagine. IBM, the mainframe people, the former love buddy of Microsoft in the OS/2 days, and the creator of the TV game show phenomenon Watson.

As interesting as this assertion that Delta is not to blame for making some airports absolute delights during the misstep, it seems to me that CrowdStrike and Microsoft do not want to be in court and having to explain the global impact of misplacing that ballpoint pen cap.

The other interesting facet of the approach is the idea that the best defense is a good offense. I find the approach somewhat amusing. The customer, not the people licensing software, is responsible for its problems. These vendors made an effort to help. The customer who screwed up their own Rube Goldberg machine, did not accept these generous offers for help. Therefore, the customer caused the financial downturn, relying on outfits like the laughable IBM.

Several observations:

  1. The “customer is at fault” is not surprising. End user licensing agreements protect the software developer, not the outfit who pays to use the software.
  2. For CrowdStrike and Microsoft, a loss in court to Delta Airlines will stimulate other inept customers to seek redress from these outstanding commercial enterprises. Delta’s litigation must be stopped and quickly using money and legal methods.
  3. None of the yip-yap about “fault” pays much attention to the people who were directly affected by the trivial misstep. Customers, regardless of the position in the food chain of revenue, are the problem. The vendors are innocent, and they have rights too just like a person.

For anyone looking for a new legal matter to follow, the CrowdStrike Microsoft versus Delta Airlines may be a replacement for assorted murders, sniping among politicians, and disputes about “get out of jail free cards.” The vloggers and the poohbahs have years of interactions to observe and analyze. Great stuff. I like the customer is the problem twist too.

Oh, I must keep in mind that I am at fault when a high-technology outfit delivers low-technology.

Stephen E Arnold, August 7, 2024

Written by Stephen E. Arnold · Filed Under cybersecurity, Legal matters, News, Technology | Comments Off on The Customer Is Not Right. The Customer Is the Problem! 

One Legal Stab at CrowdStrike Liability

July 30, 2024

dinosaur30a_thumb_thumb_thumb_thumb_This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read “CrowdStrike Will Be Liable for Damages in France, Based on the OVH Precedent.” OVH is a provider of hosting and what I call “enabling services” to organizations in France, Europe, and other countries. The write up focuses on a modest problem OVH experienced in 2021. A fire consumed four of OVH’s data centers. Needless to say the customers of one of the largest online services providers in Europe were not too happy for two reasons: Backups were not available and the affected organizations were knocked offline.

image

Two astronauts look down at earth from the soon to be decommissioned space station. The lights and power on earth just flicked off. Thanks, Microsoft Copilot. No security meetings today?

The article focuses on the French courts’ decision that OVH was liable for damages. A number of details about the legal logic appear in the write up. For those of you who still watch Perry Mason reruns on Sling, please, navigate to the cited article for the details. I boiled the OVH tale down to a single dot point from the excellent article:

The court ruled the OVH backup service was not operated to a reasonable standard and failed at its purpose.

This means that in France and probably the European Union those technology savvy CrowdStrike wizards will be writing checks. The firm’s lawyers will get big checks for a number of years. Then the falconers of cyber threats will be scratching out checks to the customers and probably some of the well-heeled downstream airport lounge sleepers, the patients’ families died because surgeries could not be performed, and a kettle of seething government agencies whose emergency call services were dead.

The write concludes with this statement:

Customers operating in regulated industries like healthcare, finance, aerospace, transportation, are actually required to test and stage and track changes. CrowdStrike claims to have a dozen certifications and standards which require them to follow particular development practices and carry out various level of testing, but they clearly did not. The simple fact that CrowdStrike does not do any of that and actively refuses to, puts them in breach of compliance, which puts customers themselves in breach of compliance by using CrowdStrike. All together, there may be sufficient grounds to unilaterally terminate any CrowdStrike contracts for any customer who wishes to.

The key phrase is “in breach of compliance”. That’s going to be an interesting bit of lingo for lawyers involved in the dead Falcon affair to sort out.

Several observations:

  1. Will someone in the post-Falcon mess raise the question, “Could this be a recipe for a bad actor to emulate?” Could friends of one of the founder who has some ties to Russia be asked questions?
  2. What about that outstanding security of the Microsoft servers? How will the smart software outfit fixated on putting ads for a browser in an operating system respond? Those blue screens are not what I associate with my Apple Mini servers. I think our Linux boxes display a somewhat ominous black screen. Blue is who?
  3. Will this incident be shoved around until absolutely no one knows who signed off on the code modules which contributed to this somewhat interesting global event? My hunch it could be a person working as a contractor from a yurt somewhere northeast of Armenia. What’s your best guess?

Net net: It is definite that a cyber attack aimed at the heart of Microsoft’s software can create global outages. How many computer science students in Bulgaria are thinking about this issue? Will bad actors’ technology wizards rethink what can be done with a simple pushed update?

Stephen E Arnold, July 30, 2024

Written by Stephen E. Arnold · Filed Under Business strategy, cybersecurity, Legal matters, News | Comments Off on One Legal Stab at CrowdStrike Liability 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta