Grousing Employees Can Be Fun. Credible? You Decide
September 4, 2025
No AI. Just a dinobaby working the old-fashioned way.
I read “Former Employee Accuses Meta of Inflating Ad Metrics and Sidestepping Rules.” Now former employees saying things that cast aspersions on a former employer are best processed with care. I did that, and I want to share the snippets snagging my attention. I try not to think about Meta. I am finishing my monograph about Telegram, and I have to stick to my lane. But I found this write up a hoot.
The first passage I circled says:
Questions are mounting about the reliability of Meta’s advertising metrics and data practices after new claims surfaced at a London employment tribunal this week. A former Meta product manager alleged that the social media giant inflated key metrics and sidestepped strict privacy controls set by Apple, raising concerns among advertisers and regulators about transparency in the industry.
Imagine. Meta coming up at a tribunal. Does that remind anyone of the Cambridge Analytica excitement? Do you recall the rumors that fiddling with Facebook pushed Brexit over the finish line? Whatever happened to those oh-so-clever CA people?
I found this tribunal claim interesting:
… Meta bypassed Apple’s App Tracking Transparency (ATT) rules, which require user consent before tracking their activity across iPhone apps. After Apple introduced ATT in 2021, most users opted out of tracking, leading to a significant reduction in Meta’s ability to gather information for targeted advertising. Company investors were told this would trim revenues by about $10 billion in 2022.
I thought Apple had their system buttoned up. Who knew?
Did Meta have a response? Absolutely. The write up reports:
“We are actively defending these proceedings …” a Meta spokesperson told The Financial Times. “Allegations related to the integrity of our advertising practices are without merit and we have full confidence in our performance review processes.”
True or false? Well….
Stephen E Arnold, September 4, 2025
Spotify Does Messaging: Is That Good or Bad?
September 4, 2025
No AI. Just a dinobaby working the old-fashioned way.
My team and I have difficulty keeping up with the messaging apps that seem to be like mating gerbils. I noted that Spotify, the semi-controversial music app, is going to add messaging. “Spotify Adds In-App Messaging Feature to Let Users Share Music and Podcasts Directly” says:
According to the company, the update is designed “to give users what they want and make those moments of connection more seamless and streamlined in the Spotify app.” Users will be able to message people they have interacted with on Spotify before, such as through Jams, Blends and Collaborative Playlists, or those who share a Family or Duo plan.
The messaging app is no Telegram. The interesting question for me is, “Will Spotify emulate Telegram’s features as Meta’s WhatsApp has?”
Telegram, despite its somewhat negative press, has found a way to monetize user clicks, supplement subscription revenue with crypto service charges, and alleged special arrangement now being adjudicated by the French judiciary.
New messaging platforms get a look from bad actors. How will Spotify police the content? Avid music people often find ways to circumvent different rules and regulations to follow their passion.
Will Spotify cooperate with regulators or will it emulate some of the Dark Web messaging outfits or Telegram, a firm with a template for making money appear when necessary?
Stephen E Arnold, September 4, 2025
So Much AI and Now More Doom and Gloom
August 22, 2025
No AI. Just a dinobaby and a steam-powered computer in rural Kentucky.
Amidst the hype about OpenAI’s ChatGPT 5, I have found it difficult to identify some quiet but to me meaningful signals. One, in my opinion, appears in “Sam Altman Sounds Alarm on AI Crisis That Even He Finds Terrifying.” I was hoping that the article would provide some color on the present negotiations between Sam and Microsoft. For a moment, I envisioned Sam in a meeting with the principals of the five biggest backers of OpenAI. The agenda had one item on the agenda, “When do we get our money back with a payoff, Mr. Altman?”
But no. The signal is that smart software will enable fast-moving, bureaucracy-free bad actors to apply smart software to online fraud. The write up says:
[Mr.] Altman fears that the current AI-fraud crisis will expand beyond voice cloning attacks, deepfake video call scams and phishing emails. He warns that in the future, FaceTime or video fakes may become indistinguishable from reality. The alarming abilities of current AI-technology in the hands of bad faith actors is already terrifying. Scammers can now use AI to create fake identification documents, explicit photos, and headshots for social media profiles.
Okay, he is on the money, but he overlooks one use case for smart software. A bad actor can use different smart software systems and equip existing malware with more interesting features. At some point, a clever bad actor will use AI to build a sophisticated money laundering mechanism that uses the numerous new crypto currencies and their attendant blockchain systems to make the wizards at Huione Guarantee look pretty pathetic.
Can this threat be neutralized. I don’t think it can be in the short term. The reason is that AI is here and has been available for more than a year. Code generation is getting easier. A skilled bad actor can, just like a Google-type engineer, become more productive. In the mid-term, the cyber security companies will roll out AI tools that, according to one outfit whose sales pitch I listened to last wee, will “predict the future.” Yeah, sure. News flash: Once a breach has been discovered, then the cyber security firms kick into action. If the predictive stuff were reliable, these outfits would be betting on horse races and investing in promising start ups, not trying to create such a company.
Mr. Altman captures significant media attention. His cyber fraud message is a faint signal amidst the cacophony of the AI marketing blasts. By the way, cyber fraud is booming, and our research into outfits like Telegram suggest that AI is a contributing factor.
With three new Telegram-type services in development at this time, the future for bad actors looks as bright and the future for cyber security firms looks increasingly reactive. For investors and those with retirement funds, the forecast is less cheery.
Stephen E Arnold, August 22, 2025
News Flash from the Past: Bad Actors Use New Technology and Adapt Quickly
August 18, 2025
No AI. Just a dinobaby working the old-fashioned way.
NBC News is on top of cyber security trends. I think someone spotted Axios report that bad actors were using smart software to outfox cyber security professionals. I am not sure this is news, but what do I know?
“Criminals, Good Guys and Foreign Spies: Hackers Everywhere Are Using AI Now” reports this “hot off the press” information. I quote:
The hackers included an attachment containing an artificial intelligence program. If installed, it would automatically search the victims’ computers for sensitive files to send back to Moscow.
My goodness. Who knew that stealers have been zipping around for many years? Even more startling old information is:
LLMs, like ChatGPT, are still error-prone. But they have become remarkably adept at processing language instructions and at translating plain language into computer code, or identifying and summarizing documents. The technology has so far not revolutionized hacking by turning complete novices into experts, nor has it allowed would-be cyberterrorists to shut down the electric grid. But it’s making skilled hackers better and faster.
Stunning. A free chunk of smart software, unemployed or intra-gig programmers, and juicy targets pushed out with a fairy land of vulnerabilities. Isn’t it insightful that bad actors would apply these tools to clueless employees, inherently vulnerable operating systems, and companies too busy outputting marketing collateral to do routine security updates.
The cat-and-mouse game works this way. Bad actors with access to useful scripting languages, programming expertise, and smart software want to generate revenue or wreck havoc. One individual or perhaps a couple of people in a coffee shop hit upon a better way to access a corporate network or obtain personally identifiable information from a hapless online user.
Then, after the problem has been noticed and reported, cyber security professionals will take a closer look. If these outfits have smart software running, a human will look more closely at logs and say, “I think I saw something.”
Okay, mice are in and swarming. Now the cats jump into action. The cats will find [a] a way to block the exploit, [b] rush to push the fix to paying customers, and [c] share the information in a blog post or a conference.
What happens? The bad actors notice their mice aren’t working or they are being killed instantly. The bad actors go back to work. In most cases, the bad actors are not unencumbered by bureaucracy or tough thought problems about whether something is legal or illegal. The bad actors launch more attacks. If one works, its gravy.
Now the cats jump back into the fray.
In the current cyber crime world, cyber security firms, investigators, and lawyers are in reactive mode. The bad actors play offense.
One quick example: Telegram has been enabling a range of questionable online activities since 2013. In 2024 after a decade of inaction, France said, “Enough.” Authorities in France arrested Pavel Durov. The problem from my point of view is that it took 12 years to man up to the icon Pavel Durov.
What happens when a better Telegram comes along built with AI as part of its plumbing?
The answer is, “You can buy licenses to many cyber security systems. Will they work?”
There are some large, capable mice out there in cyber space.
Stephen E Arnold, August 18, 2025
Party Time for Telegram?
August 14, 2025
No AI. Just a dinobaby and a steam-powered computer in rural Kentucky.
Let’s assume that the information is “The SEC Quietly Surrendered in Its Biggest Crypto Battle.” Now look at this decision from the point of view of Pavel Durov. The Messenger service has about 1.35 billion users. Allegedly there are 50 million or so in the US. Mr. Durov was one of the early losers in the crypto wars in the United States. He has hired a couple of people to assist him in his effort to do the crypto version of “Coming to America.” Will Manny Stoltz and Max Crown are probably going to make their presence felt.
The cited article states:
This is a huge deal. It creates a crucial distinction that other crypto projects can now use in their own legal battles, potentially shielding them from the SEC’s claim of blanket authority over the market. By choosing to settle rather than risk having this ruling upheld by a higher court, the SEC has shown the limits of its “regulation by enforcement” playbook: its strategy of creating rules through individual lawsuits instead of issuing clear guidelines for the industry.
What will Telegram’s clever Mr. Durov do with its 13 year old platform, hundreds of features, crypto plumbing, and hundreds of developers eager to generate “money”? It is possible it won’t be Pavel making trips to America. He may be under the watchful eye of the French judiciary.
But Manny, Max, and the developers?
Stephen E Arnold, August 14, 2025
Guess Who Coded the Official Messaging App of Russia
July 30, 2025
This blog post is the work of an authentic dinobaby. Sorry. No smart software can help this reptilian thinker.
The Bloomberg story title “Russia Builds a New Web Around Kremlin’s Handpicked Super App” caused me to poke around in the information my team and I have collected about “super apps,” encrypted messaging services, and ways the Kremlin wants to get access to any communication by Russian citizens and those living in the country and across the Russian Federation. The Bloomberg story is interesting, but I want to add some color to what seems to be a recent development.
If you answered the question “Guess who coded the official messaging app of Russia?” by saying, “Pavel and Nikolai Durov,” you are mostly correct. The official messaging act is a revamped version of VKontakte, the the Facebook knock off coded by Pavel and Nikolai Durov. By 2011, Kremlin authorities figured out that access to the content on a real time social media service like VK was a great way to stamp out dissent.
The Durovs did not immediately roll over, but by 2013, Pavel Durov folded. He took some cash, left Nikolai at home with mom, and set off to find a place for hospitable to his views of freedom, privacy, security, and living a life not involving a Siberian prison. Pavel Durov, however, has a way of attracting attention from government officials outside of Russia at this time. He is awaiting trial in France for a number of alleged online crimes, including CSAM. (CSAM is in the news in the US recently as well.)
Ongoing discussions with VK and an “integrator” have been underway for years. The Kremlin contracted with Sber and today’s VK to create a mandatory digital service for Russian citizens and anyone in the country buying a mobile phone in Russia. The idea is that with a mandatory messaging app, the Kremlin could access the data that Pavel Durov refused to produce.
The official roll out of the “new”, government-controlled VK service began in June 2025. On September 1, 2025, the new VK app must be pre-installed on any smartphone or tablet sold in the country. Early reports suggested that about one million users had jumped on the “new” messaging app MAX. Max is the post-Durov version of VKontakte without the Pavel Durov obstinacy and yapping about privacy.
The Russian online service https://PCNews.ru published “Ministry of Digital: Reports That the MAX Messenger Will Be Mandatory for Signing Electronic Documents Are Not True.” The write up reports that the “official” messaging service “MAX” will not be required for Russian is not true.
Earlier this week (July 28, 2025):
… the [Russian] government of the Kemerovo region is officially switching to using the Russian MAX messenger for all work communications. Before this, the national messenger began to be implemented in St. Petersburg, as we have already reported, Novosibirsk and Tatarstan. Depending on the region, the platform is used both in government structures and in the field of education. In Russia they want to ensure free and secure transfer of user data from WhatsApp and Telegram instant messengers to the Russian MAX platform. From September 1, 2025, the Max messenger will have to be pre-installed on all smartphones and tablets sold in Russia. In late June 2025, the developers announced that over one million users had registered with Max.
This means that not everything the Kremlin requires will reside on the super app MAX. From a government security vantage point, the decision is a good one. The Kremlin, like other governments, has information it tries hard to keep secret. The approach works until something like Microsoft SharePoint is installed or an outstanding person like Edward Snowden hauls off some sensitive information.
The Russians appear to be quite enthusiastic about the new government responsive super app. Here’s some data to illustrate the level of the survey sample’s enthusiasm.
“The Attitude of Russians Towards the National Messenger Has Become Known” reports:
- 55% of respondents admitted that they would like their data to be stored on Russian servers
- 85% communicate with loved ones using messaging apps
- 49% watch the news
- 47% of respondents use instant messengers for work or study
- 38% of respondents supported the idea of creating a Russian national messenger
- 26% answered that they rather support it
- 19% of respondents admitted that they were indifferent to this topic.
Other findings included:
- 36% of Russians named independence from the departure of foreign services among the advantages of creating a domestic messenger
- 33% appreciate popularization of Russian developments
- 32% see a positive from increasing data security
- 53% of respondents liked the idea when in one service you can not only communicate, but also use government services and order goods.
Will Russians be able to circumvent the mandatory use of MAX? Almost anything set up to cage online users can be circumvented. The Great Firewall of China after years of chatter does not seem to impede the actions of some people living in China from accessing certain online services. At this time, I can see some bright young people poking around online for tips and tricks related to modern proxy services, commodity virtual private networks, and possibly some fancy dancing with specialized hardware.
What about Telegram Messenger, allegedly the most popular encrypted messaging super app in Russia, the Russian Federation, and a chunk of Southeast Asia? My perception is that certain online habits, particularly if they facilitate adult content, contraband transactions, and money laundering are likely to persist. I don’t think it will take long for the “new” MAX super app to be viewed as inappropriate for certain types of online behavior. How long? Maybe five seconds?
Stephen E Arnold, July 30, 2025
Indiscriminate Scanning: Hello, Telegram, This Is for You
July 29, 2025
This blog post is the work of an authentic dinobaby. Sorry. No smart software can help this reptilian thinker.
I read a version of the message the European Union is sending to Pavel Durov. This super special human is awaiting trial in France for a couple of minor infractions. Yep, minor as in CSAM. Oh, the French judiciary tossed in a few other crimes.
The EU, following France’s long overdue action, is mustering some oomph, according to “The EU Could Be Scanning Your Chats by October 2025 – Here’s Everything We Know”:
Denmark kicked off its EU Presidency on July 1, 2025, and, among its first actions, lawmakers swiftly reintroduced the controversial child sexual abuse (CSAM) scanning bill to the top of the agenda. Having been deemed by critics as Chat Control, the bill aims to introduce new obligations for all messaging services operating in Europe to scan users’ chats, even if they’re encrypted.
After a three year hiatus, the EU is in “could” and “try” mode. The write up says:
As per its first version, all messaging software providers would be required to perform indiscriminate scanning of private messages to look for CSAM – so-called ‘client-side scanning’. The proposal was met with a strong backlash, and the European Court of Human Rights ended up banning all legal efforts to weaken encryption of secure communications in Europe.
Where does Telegram fit into this “could” initiative?
Telegram semi-encrypts. The idea is that the user’s Messenger mini app encrypts a message, adds routing, and whisks the contents to the user… sort of. Telegram has a command-and-control node which receives the encrypted message, the header, assorted metadata, and then decrypts the message in the Telegram command-and-control center. Why? Good question.
Telegram does support complete end-to-end encryption. The command-and-control center just hands off the encrypted message. There is no slam dunk information available about Telegram’s sucking up the metadata for these EE2E messages which may contain text, rich media, or other content objects.
How will Telegram interpret this “could” move? My view is that the French judiciary may have some ways to realign Mr. Durov’s thinking. I understand that France has some lovely prison facilities like the facilities at the French Foreign Legion headquarters and the salubrious quarters in Africa. I would not suggest these are five star hotel type detainment structures, but Mr. Durov’s attorneys may convince him to reconsider his position as a French citizen under the watchful eye of the French legal system.
Stephen E Arnold, August 29, 2025
Telegram: Is Now in the USA and Armed with Crypto Services
July 28, 2025
This blog post is the work of an authentic dinobaby. Sorry. No smart software can help this reptilian thinker.
Telegram in the US is so yesterday. The company is 13 years old. The founder is awaiting trial in France for some charges related to a dozen or more French laws and regulations. The TONcoin has been in the lower tier of the crypto currencies for more than a year. The firm released yet another programming language in the hopes of luring more developers to its platform.
But two allegedly accurate facts about this firm founded by Pavel Durov, the fellow who created the “Russian version of Facebook.” I spotted these in an online publication called TechCrunch. “Telegram’s Crypto Wallet Launches in the US” reports:
Telegram is expanding access to its crypto wallet for its 87 million users in the U.S.
The article includes an assertion that 100 million Telegram Messenger users have activated their crypto wallets. Furthermore, these 100 million people execute 334,000 transactions on the Nikolai Durov-Level1 blockchain every 24 hours. That works out to about 13,900 per hour or 231 per second. No benchmark data from other blockchain services are included in the write up.
My team and I estimated that the Telegram Messenger eGame “Hamster Kombat” attracted about 300 million Telegram users. The “points” in that game were HAMSTR crypto tokens. STAR tokens, a Telegram invented device, were also involved. In order to “cash in” these points for other crypto, the Messenger wallets may have been required for some of these “moves.”
The numbers, like most Telegram user data, are soft and difficult to verify.
Several observations:
- The TON Foundation indicated at the Gateway Conference in 2024 that there were about five million users of Telegram in the US in 2023. The jump to 87 million users is notable and either [a] an indication that Telegram Messenger is a bigger player in the US than believed or [b] Telegram and the TON Foundation are exaggerating their data
- If Telegram does have more than one billion users, the active use of the Telegram crypto wallet is a rather dismal 10 percent of the user base. With Telegram working to build out its crypto services, the “success” of the firm is either [a] disappointing or [b] another bogus number.
- The eGame Hamster Kombat drew three times the number of Telegram users than the Messenger crypto wallet. This means that either [a] the crypto “play” mounted by Telegram after the US SEC investigation in 2020 and 2021 is moving at a snail’s pace or [b] the reported figures are incorrect.
Net net: Verifiable data about Telegram, its proxies, and its business activities are fuzzy. One fact is verifiable: Pavel Durov, the “owner” of Telegram Company, is awaiting trial in France for a number of serious charges.
Stephen E Arnold, July 29, 2025
Thanks, Google: Scam Link via Your Alert Service
July 20, 2025
This blog post is the work of an authentic dinobaby. Sorry. No smart software can help this reptilian thinker.
July 20, 2025 at 926 am US Eastern time: The idea of receiving a list of relevant links on a specific topic is a good one. Several services provide me with a stream of sometimes-useful information. My current favorite service is Talkwalker, but I have several others activated. People assume that each service is comprehensive. Nothing is farther from the truth.
Let’s review a suggested article from my Google Alert received at 907 am US Eastern time.
Imagine the surprise of a person watching via Google Alerts the bound phrase “enterprise search.” Here’s the landing page for this alert. I received this message:
The snippet says “enterprise search platform Shenzhen OCT Happy Valley Tourism Co. Ltd is PRMW a good long term investment [investor sentiment]. What happens when one clicks on Google’s AI-infused message:
My browser displayed this:
If you are not familiar with Telegram Messenger-style scams and malware distribution methods, you may not see these red flags:
- The link points to an article behind the WhatsApp wall
- To view the content, one must install WhatsApp
- The information in Google’s Alert is not relevant to “Nova Wealth Training Camp 20”
This is an example a cross service financial trickery.
Several observations:
- Google’s ability to detect and block scams is evident
- The relevance mechanism which identified a financial scam is based on key word matching; that is, brute force and zero smart anything
- These Google Alerts have been or are now being used to promote either questionable, illegal, or misleading services.
Should an example such as this cause you any concern? Probably not. In my experience, the Google Alerts have become less and less useful. Compared to Talkwalker, Google’s service is in the D to D minus range. Talkwalker is a B plus. Feedly is an A minus. The specialized services for law enforcement and intelligence applications are in the A minus to C range.
No service is perfect. But Google? This is another example of a company with too many services, too few informed and mature managers, and a consulting leadership team disconnected from actual product and service delivery.
Will this change? No, in my opinion.
Stephen E Arnold, July 20, 2025
Scattered Spider: Operating Freely Despite OSINT and Specialized Investigative Tools. Why?
July 7, 2025
No smart software to write this essay. This dinobaby is somewhat old fashioned.
I don’t want to create a dust up in the specialized software sector. I noted the July 2, 2025, article “A Group of Young Cybercriminals Poses the Most Imminent Threat of Cyberattacks Right Now.” That story surprised me. First, the Scattered Spider group was documented (more or less) by Trellix, a specialized software and services firm. You can read the article “Scattered Spider: The Modus Operandi” and get a sense of what Trellix reported. The outfit even has a Wikipedia article about their activities.
Last week I was asked a direct question, “Which of the specialized services firms can provide me with specific information about Telegram Groups and Channels, both public and private?” My answer, “None yet.”
Scattered Spider uses Telegram for some messaging functions, and if you want to get a sense of what the outfit does, just fire up your OSINT tools or better yet use one of the very expensive specialized services available to government agencies. The young cybercriminals appear to use the alias @ScatteredSpiderERC.” There is a Wikipedia article about this group’s activities.
So what? Let’s go back to the question addressed directly to me about firms that have content about Telegram. If we assume the Wikipedia write up is sort of correct, the Scattered Spider entity popped up in 2022 and its activities caught the attention of Trellix. The time between the Trellix post and the Wired story is about two years.
Why has a specialized services firm providing actionable data to the US government, the Europol investigators, and the dozens of others law enforcement operations around the world? Isn’t it a responsible act to use that access to Telegram data to take down outfits that endanger casinos and other organizations?
Apparently the answer is, “No.”
My hunch is that these specialized software firms talk about having tools to access Telegram. That talk is a heck of a lot easier than finding a reliable way to access private Groups and Channels, trace a handle back to a real live human being possibly operating in the EU or the US. I would suggest that France tried to use OSINT and the often nine figure systems to crack Telegram. Will other law enforcement groups realize that the specialized software vendors’ tools fall short of the mark and think about a France-type of response?
France seems to have made a dent in Telegram. I would hypothesize that the failure of OSINT and the specialized software tool vendors contributed to France’s decision to just arrest Pavel Durov. Mr. Durov is now ensnared in France’s judicial bureaucracy. To make the arrest more complex for Mr. Durov, he is a citizen of France and a handful of other countries, including Russia and the United Arab Emirates.
I mention this lack of Telegram cracking capability for three reasons:
- Telegram is in decline and the company is showing some signs of strain
- The changing attitude toward crypto in the US means that Telegram absolutely has to play in that market or face either erosion or decimation of its seven year push to create alternative financial services based on TONcoin and Pavel Durov’s partners’ systems
- Telegram is facing a new generation of messaging competitors. Like Apple, Telegram is late to the AI party.
One would think that at a critical point like this, the Shadow Server account would be a slam dunk for any licensee of specialized software advertising, “Telegram content.”
Where are those vendors who webinars, email blasts, and trade show demonstrations? Where are the testimonials that Company Nuco’s specialized software really did work. “Here’s what we used in court because the specialized vendor’s software generated this data for us” is what I want to hear. I would suggest that Telegram remains a bit of a challenge to specialized software vendors. Will I identify these “big hat, no cattle outfits”? Nope.
Just thought that a reminder that marketing and saying what government professionals want to hear are easier than just talking.
Stephen E Arnold, July 2025