A Gentle Ripple in the Datasphere: Soft Fraud

May 18, 2022

Compared with some of the cyber behavior, soft fraud is a small fish, possibly a candiru. My definition of “soft fraud” is a behavior which does not violate the letter of the law. The spirit of the law? That’s a matter for discussion.

Soft fraud sits squarely between the Bernie Madoff-type play and a clueless Web designed happily leading a user into a rat’s nest of captchas.

I have been nagging my research team to look for examples of behavior which though technically legal in the country from which the actor operates, trigger a visceral reaction in some people.

What’s an example of soft fraud?

Apple and the Subscription Trick

Recently Apple announced that an authorized vendor with the Johnny Appleseed seal of approval can sell an Apple customer a subscription at a cut rate price. When the trial or initial order expires, the vendor can just raise the price. The customer does not have to be reminded that billing excitement ensues. What’s a customer to do? Call Apple customer support? Ho ho ho. That works like the feedback forms for podcasts. Perhaps call the outfit selling the subscription? Ha ha ha. No one works, and if they do, these valiant souls operate from office space in a beautiful suburb of Mumbai.  That’s an example of what I call soft fraud. Apple may disagree, but that — so far — is my personal opinion. See “Apple will allow some apps to Automatically Charge You Higher Subscription Prices.”

Say One Thing, Do Whatever One Wants

Examples of this abound. I recall executives from Amazon, Facebook, and Google explaining how their businesses operate. In addition to the popular, “senator, thank you for the question,” the core response was “I will check and send you the information.” In the meantime what happens, absolutely no substantive change in the business processes under discussion. Hiring and firing issues. I will check and send you the information. Monopolistic and predatory behaviors. I will check and send you the information. Content manipulation via oh, so opaque smart software. I will check and send you the information. Yep, I nudge these methods into the soft fraud category. See “Facebook, Twitter and Google CEOs Grilled by Congress on Misinformation.”

The Copyright Violation Play

This is a cute money making maneuver involving some big names. The idea is that an agent representing some “big names” uses ageing image recognition software. The software bot prowls the Web looking for images whose hash code matches that of the rights holder. When a match is identified, an outfit with permission to move forward with legal action against the copyright violators springs into action. You can get a sense of what’s happening in this sector by check out some of these online articles and comments. Note: These may be distorted, crazy, or dead center. I leave it to you:

https://superezsystems.com/2020/01/10/why-are-cartoon-characters-scamming-for-copyright-violations/

https://www.torontomike.com/2020/10/the-picrights-international-inc-shakedown/

https://shannonrawlins2000.medium.com/picrights-ltd-the-shady-company-hounding-journalists-over-historic-cases-of-copyright-infringement-a169685eede6

https://www.trustpilot.com/review/picrights.com

https://www.moreaboutadvertising.com/2020/11/picrights-is-persecuting-websites-and-bloggers-over-alleged-rights-issues-who-are-they-and-their-agents-acting-for/

https://extortionletterinfo.com/forum/getty-images-letter-forum/picrights-com/15/

https://www.quora.com/I-reposted-a-news-photo-on-my-website’s-blog-A-company-picrights-com-is-demanding-money-instead-of-simply-issuing-a-cease-and-desist-order-is-this-extortion-and-or-even-legal

https://randeedawn.com/10-12-20-how-two-spam-emails-cost-me-650-or-when-picrights-enters-your-life/

https://culture-fx.com/picrights-higbee-and-associates-extortion-scam-reviews/

https://sportsweek.org/en/ice-hockey/news/262837698/

https://ziad.ezzat.com/fuckpicrights/

https://site-stats.org/details/picrights-international-inc/

https://www.canadacorporation.info/companies/10058661/

https://opencorporates.com/companies/ca/9682155

https://www.companiesofcanada.com/person/1244351/syed-ahmer-hussain

https://opengovca.com/corporation?director=Syed+Hussain

https://www.redfin.ca/on/aurora/237-Borealis-Ave-L4G-7T6/home/152256940

https://opengovca.com/corporation/12183536

New Opportunity?

My hunch is that soft fraud is likely to get a boost. I noted “DeviantArt Can Now Notify Anyone Whose Art’s Been Used in NFTs without Permission.” The write up explains:

DeviantArt, an online art and design community founded in 2000, is now opening up its NFT protection tool to everyone… You can pay $9.95 per month to get protection for 1,000 pieces of art with a size limit of 50GB.

Is this an opportunity for an individual or entity to use the service to request payment for the NFT. The NFT holder might be grateful for getting control of the bitmap or other digital object. Would the helpful intermediary charge whatever the market will bear and then take a professional services fee?

This strikes me as perfectly legal. The existing copyright laws have a Disneyland feel about them from my perspective.

Net net: Soft fraud may benefit from the advent of NFT and services like that offered by DeviantArt, which is an interesting name in my opinion. Will regulators seize the day and create a category to handle soft fraud, mishandling of NFTs, and other innovations? Sure. Job One after re-election, fund raising, and getting media attention.

Stephen E Arnold, May 18, 2022

Systems and Software: Make Them Really Easy to Use

May 18, 2022

Isn’t software supposed to make work easier and more efficient? Even as reliance on technology in the workplace has increased, it appears to have become just the opposite. TechRadar Pro reports, “Software Frustration Is Costing Workers Millions of Hours Every Week.” Writer Will McCurdy cites a recent survey from Userlane, a company that makes and sells a digital adoption platform. He tells us:

“The company found a third – 35% – of UK employees waste at least one hour per week tackling software-related issues, while 61% spend at least 30 minutes per week on these challenges. The majority – 70% – of employers state that their overall use of technology at work has increased over the past two years according to Userlane’s data, as the demand for online collaboration in particular has skyrocketed with the move to hybrid working. What’s frustrating workers? The fact that software can be time-consuming to use was the most common complaint among those surveyed and was cited by 44% of the survey’s respondents. The IT department not responding to queries or issues quickly enough was another common complaint, cited by 39% of respondents. Software that involves too many complex processes was another common issue, cited by 23% of users. Userlane’s survey also suggests that software challenges are impacting how users approach their jobs.”

For example, nearly half the respondents have put off important tasks because of this frustration, almost 20% have dropped back to manual methods, and 8% have considered quitting over software woes. Apparently, the most common way for companies to battle complaints is to explain the technology’s benefits to workers—an approach we expect some may find patronizing. Other, perhaps wiser, methods include expanding IT support capacity and supplying workers with classroom and/or written training. Userlane also found nearly a third of companies are using a digital adoption platform, like the one it happens to sell. Whether such a guidance platform helps, though, will vary greatly by employee. It is, after all, another layer of software.

Cynthia Murrell, May 18, 2022

Choices: A Good Thing, Right?

May 18, 2022

Senior citizens are befuddled by modern times and one of the things that leave them flummoxed is the number of choices they face. It is not just senior citizens, however, who are overwhelmed with the options. Readwrite explains that IT professionals are baffled when it comes to selecting business software, “Why Choosing Software Is Such a Tough Decision In The Modern Era.” Business software selection is time-consuming and challenging due to many reasons.

One is the proliferation of niche software. Developing niche solutions is a piece of cake compared to the past and there is a lot of competition for niche software. Before selecting software, IT professionals should consider if they need specialized or a comprehensive software solution. It is also wise to compare the different options, but oftentimes it is like comparing apples and oranges. The options are all fruit, but which one is the best fit? Factors like the price should not be the only determining factor, because things like user interface, enterprise compatibility, tech support, and are also decisive factors.

Another factor is bureaucracy. Did you ever hear the phrase, “Too many cooks in the kitchen?” That statement applies to choosing a business software. The more people who are responsible for the decision and add their opinions muddle the process. It is important to listen to end-users and managers, but everyone cannot be pleased. Remember that someone needs to decide to move forward.

Many business owners fail to realize digital security threats:

“Businesses need to consider the security risks involved with acquiring new software and the potential security vulnerabilities they need to address when acquiring it. This piece of the software buying puzzle is especially complicated and risky, and businesses can’t afford to gloss over it. Many businesses now have dedicated risk assessment teams whose sole job is to evaluate the potential security risks associated with software.”

It is also important to read the fine print in the software contract, especially if an organization is using a SaaS model or using proprietary software. The contract could include stipulations that are more harmful than beneficial.

To make a decision, start by drafting a needs assessment of what an organization needs, then narrow down the scope to the core necessitates. The needs assessment is not set in stone, though, so if new ideas or software options emerge keep the plan flexible. Always compare similar software, especially prices and features. Lastly, be sure to find the software you can trust and make work for your organization. Remember if the solution does not work, it could mean termination.

Whitney Grace, May 18, 2022

Data: Better Fresh

May 18, 2022

Decisions based on data are only as good as the data on which they are based. That seems obvious, but according to BetaNews, “Over 80 Percent of Companies Are Relying on Stale Data to Make Decisions.” Writer Ian Barker summarizes a recent study:

“The research, conducted by Dimensional Research for data integration specialist Fivetran, finds that 82 percent of companies are making decisions based on stale information. This is leading to wrong decisions and lost revenue according to 85 percent. In addition 86 percent of respondents say their business needs access to real-time ERP [Enterprise Resource Planning] data to make smart business decisions, yet only 23 percent have systems in place to make that possible. And almost all (99 percent) say they are struggling to gain consistent access to information stored in their ERP systems. Overall 65 percent of respondents say access to ERP data is difficult and 78 percent think software vendors intentionally make it so. Those surveyed say poor access to ERP data directly impacts their business with slowed operations, bad decision-making and lost revenue.”

The write-up includes a few info-graphics for the curious to peruse. Why most of those surveyed think vendors purposely make it difficult to access good data is not explained. Fivetran does emphasize the importance of “looking at the freshest, most complete dataset possible.” Yep, old info is not very helpful. The company asserts the answer lies in change data capture, a service it happens to offer (as do several other companies).

Cynthia Murrell, May 17, 2022

More Facebook Documents

May 17, 2022

Facebook apparently generates quite a few documents. In a time of abundance, some of the excess finds its way into places unexpected. “We’re Publishing the Facebook Papers. Here’s How Facebook Killed News Feed Fixes Over Fear of Conservative Backlash” provides those who want to study the Way of the Zuck with some “new” information. The write up has a reason to report a Silicon Valley-type news organization’s interest in chewing on the ankles of Mr. Zuckerberg. The article states:

Facebook said it did not “build and withhold any News Feed changes based on potential impact on any one political party.” Internal documents say otherwise.

You can read allegedly original, once confidential documents from the cited article with additional information at  this link.

The main idea seems to be that Facebook mostly does what it wants and says what is necessary to continue on its business trajectory.

What’s the main point?

From my redoubt in rural Kentucky, I have perceived the Zuck operation as an interesting example of information weaponization. I assume that a few other people share my view of the company. The once-confidential documents are interesting, particularly to those rushing to understand how information flows have an impact in the real world and in real time.

Is it possible that Gizmodo is walking a path which may lead to legal questions? Of course not! Freedom of speech and the stuff taught in high school civics. (Ooops. Research is surfacing that suggests online learning is not as zippy as some assumed.) Disclosing content which an enterprise developed for use by authorized individuals strikes me as a variation on the “move fast and break things” approach to some activities.

Gizmodo, it seems to me, is putting the pedal to the metal. Will the buggy break down as it speeds down the information highway trying to catch up with an outfit with a head start?

Stephen E Arnold, May 17, 2022

Google, Smart Software, and Prime Mover for Hyperbole

May 17, 2022

In my experience, the cost of training smart software is very big problem. The bigness does not become evident until the licensee of a smart system realizes that training the smart software must take place on a regular schedule. Why is this a big problem? The reason is the effort required to assemble valid training sets is significant. Language, data types, and info peculiarities change over time; for example, new content is fed into a smart system, and the system cannot cope with the differences between the training set that was used and the info flowing into the system now. A gap grows, and the fix is to assemble new training data, reindex the content, and get ready to do it again. A failure to keep the smart software in sync with what is processed is a tiny bit of knowledge not explained in sales pitches.

Accountants figure out that money must be spent on a cost not in the original price data. Search systems return increasingly lousy results. Intelligence software outputs data which make zero sense to a person working out a surveillance plan. An art history major working on a PowerPoint presentation cannot locate the version used by the president of the company for last week’s pitch to potential investors.

The accountant wants to understand overruns associated with smart software, looks into the invoices and time sheets, and discovers something new: Smart software subject matter experts, indexing professionals, interns buying third-party content from an online vendor called Elsevier. These are not what CPAs confront unless there are smart software systems chugging along.

The big problem is handled in this way: Those selling the system don’t talk too much about how training is a recurring cost which increases over time. Yep, reindexing is a greedy pig and those training sets have to be tested to see if the smart software gets smarter.

The fix? Do PR about super duper even smarter methods of training. Think Snorkel. Think synthetic data. Think PowerPoint decks filled with jargon that causes clueless MBAs do high fives because the approach is a slam dunk. Yes! Winner!

I read “DeepMind’s Astounding New ‘Gato’ AI Makes Me Fear Humans Will Never Achieve AGI” and realized that the cloud of unknowing has not yet yield to blue skies. The article states:

Just like it took some time between the discovery of fire and the invention of the internal combustion engine, figuring out how to go from deep learning to AGI won’t happen overnight.

No kidding. There are gotchas beyond training, however. I have a presentation in hand which I delivered in 1997 at an online conference. Training cost is one dot point; there are five others. Can you name them? Here’s a hint for another big issue: An output that kills a patient. The accountant understands the costs of litigation when that smart AI makes a close enough for horseshoes output for a harried medical professional. Yeah, go catscan, go.

Stephen E Arnold, May 17, 2022

Differences Between Data Science And Business Intelligence

May 17, 2022

Data science is an encompassing term that is hard to define. Data science is an umbrella field that splinters in many directions. The Smart Data Collective explains the difference between two types of data science in, “The Difference Between Business Intelligence And Real Data Science.” According to the article, real data science is combining old and new data, analyzing it, and applying it to current business practices. Business intelligence (BI) focuses more on applications, such as creating charts, graphs, and reports.

Companies are interested in employing real data science and business intelligence, but it is confusing to distinguish the two. Data scientists and BI analysts are different jobs with specialized expertise. Data scientists are experts in predicting future outcomes by styling various models and discovering correlations. BI analysts know how to generate dashboards for historic data based on a set of key performance metrics.

Data scientists’ role is not based on guesswork. They are required to be experts in predictive and prescriptive analyses. Their outcomes need to be reasonably accurate for businesses’ success. BI needs advanced planning to combine data sources into useful content, data science, meanwhile, can be done instantly.

There are downsides to both:

“As you cannot get the data transformation done instantly with BI, it is a slow manual process involving plenty of pre-planning and comparisons. It needs to be repeated monthly, quarterly or annually and it is thus not reusable. Yet, the real data science process involves creating instant data transformations via predictive apps that trigger future predictions based on certain data combinations. This is clearly a fast process, involving a lot of experimentation.”

Business intelligence and real data science are handy for any business. Understanding the difference is key to utilizing them.

Whitney Grace, May 17, 2022

Big Tech, Big Winners: Good or Bad

May 17, 2022

Science-fiction and many different types of smart people have informed us that technology and related information is dangerous if unregulated and left in the hands of a few individuals. Engadget focuses on the current reasons why big tech companies are dangerous in the article, “Hitting the Books: US Regulators Are Losing The Fight Against Big Tech.” Meta (formerly Zuckbook), Amazon, Google, and Apple control the technology space and consume…er…purchase startups before they can become a competitor. The government used to regulate the technology marketplace and, according to some written laws, they still do. The current advancement in technology has overwhelmed the government’s capacity to govern it.

Oxford professor Viktor Mayer-Schönberger and author Thomas Range wrote Access Rules: Freeing Data From Big Tech For a Better Future agree that Big Tech companies are hoarding information and there needs to be a more equitable way of accessing it. Biden’s administration has attempted to address Big Tech’s monopolies, but their efforts aren’t effective.

Biden appointed Tim to the National Economic Council as a special assistant to the president for technology and competition policy. Wu favors breaking up Big Tech companies and it was a sign that Biden leaned this way. Another signal of Biden’s leanings was Lina Khan as the Federal Trade Commission chair. Khan favors regulating Big Tech like utilities similar to electricity and AT&T before telecom deregulation. The Big Tech monopolies are not good, because it is preventing future innovation, but politicians are arguing over how to solve a convoluted issue. There are antitrust laws but are they enforceable? The complicated issue is:

“And yet it’s questionable that well-intentioned activist regulators bolstered by broad public support will succeed. The challenge is a combination of the structural and the political. As Lina Khan herself argued, existing antitrust laws are less than useful. Big Tech may not have violated them sufficiently to warrant breaking them up. And other powerful measures, such as declaring them utilities, require legislative action. Given the delicate power balance in Congress and hyper-partisan politics, it’s likely that such bold legislative proposals would not get enough votes to become enacted. The political factions may agree on the problem, but they are far apart on the solution. The left wants an effective remedy, while the right insists on the importance of market forces and worries about antitrust action micromanaging economic activity. That leaves a fairly narrow corridor of acceptable incremental legislative steps, such as “post-acquisition lockups.” This may be politically palatable, but insufficient to achieve real and sustained success.”

The Big Tech people, politicians, and other involved parties are concerned with short-term gains. The long game is being ignored in favor of the present benefits, while the future is left to deteriorate. Europe has better antitrust laws in actions against Big Tech companies. To plan for a better future, the US should copy Europe.

Whitney Grace, May 17, 2022

Does Google Have Search Fear?

May 16, 2022

I can hear the Googlers at an search engine optimization conference saying this:

Our recent investments in search are designed to provide a better experience for our users. Our engineers are always seeking interesting, new, and useful ways to make the world’s information more accessible.

What these code words mean to me is:

Yep, the ancient Larry and Sergey thing. Not working. Oh, my goodness. What are we going to do? Buy Neeva, Kagi, Seekr, and Wecript? Let’s let Alphabet invest and we can learn and maybe earn before more people figure out our results are not as good as Bing and DuckDuckGo’s.

Even Slashdot is running items which make clear that Google and search do not warrant the title of “search giant.”

image

Source: Slashdot at https://bit.ly/3PkBOGt

I crafted this imaginary dialog when I read “This Germany-based AI Startup is Developing the Next Enterprise Search Engine Fueled by NLP and Open-Source.” That write up said:

Deepset, a German startup, is working to add to Natural Language Processing by integrating a language awareness layer into the business tech stack, allowing users to access and interact with data using language. Its flagship product, Haystack, is an open-source NLP framework that enables developers to create pipelines for a variety of search use-cases.

But here’s the snappy part of the article:

The Haystack-based NLP is typically implemented over a text database like Elasticsearch or Amazon’s OpenSearch branch and then connects directly with the end-user application through a REST API. It already has thousands of users and over 100 contributors. It uses transformer models to let developers create a variety of applications, such as production-ready question answering (QA), semantic document search, and summarization. The company has also introduced Deepset Cloud, an end-to-end platform for integrating customized and high-performing NLP-powered search systems into your application.

In theory, this is an open source, cloud centric super app, a meta play, a roll up of what’s needed to make finding information sort of work.

The kicker in the story is this statement:

The Berlin-based company has raised $14M in Series A funding led by GV, Alphabet’s venture capital arm.

Yep, the Google is investing. Why? Check that which applies:

(  ) Its own innovation engines are the equivalent of a Ford Pinto racing a Tesla Model S Plaid? Google search is no longer the world’s largest Web site?

(  ) Amazon gets more product searches than Google does?

( ) Users are starting to complain about how Google ignores what users key in the search box?

( ) Large sites are not being spidered in a comprehensive or timely manner?

( ) All of the above.

Stephen E Arnold, May 16, 2022

On Mitigating Open-Source Vulnerabilities

May 16, 2022

Open-source software has saved countless developers from reinventing the proverbial wheel so they can instead spend their time creating new ways to use existing code. That’s great! Except for one thing: Now that open-source components make up about 90% of most applications, they pose tempting opportunities for hackers. Perhaps the juiciest targets lie in the military and intelligence communities. US counter-terrorism ops rely heavily on the likes of Palantir Technologies, a heavy user of and contributor to open-source software. Another example is the F-35 stealth fighter, which operates using millions of lines of code. A team of writers at War on the Rocks explores “Dependency Issues: Solving the World’s Open-Source Software Security Problem.” Solve it? Completely? Right, and there really is a tooth fairy. The article relates:

“The problem is that the open-source software supply chain can introduce unknown, possibly intentional, security weaknesses. One previous analysis of all publicly reported software supply chain compromises revealed that the majority of malicious attacks targeted open-source software. In other words, headline-grabbing software supply-chain attacks on proprietary software, like SolarWinds, actually constitute the minority of cases. As a result, stopping attacks is now difficult because of the immense complexity of the modern software dependency tree: components that depend on other components that depend on other components ad infinitum. Knowing what vulnerabilities are in your software is a full-time and nearly impossible job for software developers.”

So true. Still, writers John Speed Meyers, Zack Newman, Tom Pike, and Jacqueline Kazil sound optimistic as they continue:

“Fortunately, there is hope. We recommend three steps that software producers and government regulators can take to make open-source software more secure. First, producers and consumers should embrace software transparency, creating an auditable ecosystem where software is not simply mysterious blobs passed over a network connection. Second, software builders and consumers ought to adopt software integrity and analysis tools to enable informed supply chain risk management. Third, government reforms can help reduce the number and impact of open-source software compromises.”

The article describes each part of this plan in detail. It also does a good job explaining how we got so dependent on open-source software and describes ways hackers are able to leverage it. The writers submits that, by following these suggestions, entities both public and private can safely continue to benefit from open-source collaboration. If the ecosystem is made even a bit safer, we suppose that is better than nothing. After all, ditching open-source altogether seems nigh impossible at this point.

Cynthia Murrell, May 16, 2022

Next Page »

  • Archives

  • Recent Posts

  • Meta