Facebook Scams: A Warning or a Tutorial?
May 27, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
This headline caught my attention: “Facebook Marketplace’s Dirty Dozen: The 15 Most Common Scams and How to Avoid Them.” I had hopes of learning about new, clever, wonderfully devious ways to commit fraud and other larcenous acts. Was I surprised? Here’s a list of the “15 most common scams.” I want to point out that there is scant (a nice way of saying “No back up data”) for the assertions. (I have a hunch that this “helpful” write up was assisted with some sort of software, possibly dumb software.) Let’s look at the list of the dozen’s 15 scams:
- Defective or counterfeit gadgets. Fix: Inspection required
- Bait-and-switch. Fix: Don’t engage in interaction
- Fake payment receipts. Fix: What? I don’t understand
- Mouth-watering giveaways. Fix: Ignore
- Overpayment by a buyer. Fix: What? I don’t understand
- Moving conversations out of Facebook. Fix: Don’t have them.
- Fake rental posting. Fix: Ignore
- Advance payment requests. Fix: Ignore
- Asking for confirmation codes. Fix: Ignore
- Asking for car deposits. Fix: Say, “No”
- Requesting unnecessary charges. Fix: Ignore
- Mailing items. Fix: Say, “No”
- Fake claims of lost packages. Fix: What?
- Counterfeit money. Fix: What?
- Clicking a link to fill out more information. Fix: Don’t
My concern with this list is that it does not protect the buyer. If anything, it provides a checklist of tactics for a would-be bad actor. The social engineering aspect of fraud is often more important than the tactic. In the “emotional” moment, a would-be buyer can fall for the most obvious scam; for example, trusting the seller because the request for a deposit seems reasonable or buying something else from the seller.
Trying to help? The customer or the scammer? You decide. Thanks, MSFT Copilot. Good cartoon. In your wheelhouse, is it?
What does one do to avoid Facebook scams? Here’s the answer:
Fraudsters can exploit you on online marketplaces if you’re not careful; it is easy not to be aware of a scam if you’re not as familiar. You can learn to spot common Facebook Marketplace scams to ensure you have a safe shopping experience. Remember that scams can happen between buyers and sellers, so always be wary of the transaction practices before committing. Otherwise, consider other methods like ordering from Amazon or becoming a third-party vendor on a trusted platform.
Yep, Amazon. On the other hand you can avoid scams by becoming a “third-party vendor on a trusted platform.” Really?
The problem with this write up is that the information mixes up what sellers do with what buyers do. Stepping back, why is Facebook singled out for this mish mash of scams and tactics. After all, in a face-to-face deal who pays with counterfeit cash? It is the buyer. Who is the victim? It is the seller. Who rents an apartment without looking at it? Answer: Someone in Manhattan. In other cities, alternatives to Facebook exist, and they are not available via Amazon as far as I know.
Facebook and other online vendors have to step up their game. The idea that the platform does not have responsibility to vet buyers and sellers is not something I find acceptable. Facebook seems pleased with its current operation. Perhaps it is time for more directed action to [a] address Facebook’s policies and [b] bring more rigor to write ups which seem to provide ideas for scammers in my opinion.
Stephen E Arnold, May 27, 2024
Legal Eagles Get Some Tail Feathers Plucked about BitTorrent
May 27, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
One Finnish law firm thinks it should be able to cut one party in out of the copyright enforcement process—the rightsholders themselves. The court disagrees. TorrentFreak reports, “Court Rejects Law Firm’s Bid to Directly Obtain BitTorrent Users’ Identities.” Writer Andy Maxwell explains:
“Requirements vary from region to region but when certain conditions are met, few courts deny genuine copyright holders the ability to enforce their rights under relevant law. One of the most fundamental requirements is that the entity making the claim has the necessary rights to do so. … In an application submitted to Finland’s Market Court on March 15, 2024, the law firm Hedman Partners Oy sought a court order to compel an unnamed internet service provider to provide the personal details of an unspecified number of subscribers. According to Hedman’s application, all are suspected of sharing copyrighted movies via BitTorrent, without first obtaining permission from two Danish rightsholders; Mis. Label ApS and Scanbox Entertainment A/S. Hedman Partners are well known for their work in the piracy settlement business in Scandinavia. The company fully understands the standards required before courts will issue a disclosure order. However, for reasons that aren’t made clear, the law firm would prefer to deal with these cases from a position of greater authority. This application appears to have served as the testing ground to determine whether that’s possible under Finland’s Copyright Act.”
The short answer: It is not possible. For the long, legalese-laced answer, see the article. Why did Hedman Partners try the move? Maxwell points out settlement efforts spearheaded by aggressive third-party legal teams tend to bring in more cash. Ah, there it is. A decision in favor of the firm would certainly not have benefitted the BitTorrent users, he notes. We may yet see whether that is correct—Hedman Partners has until June 18 to appeal the decision to the Supreme Court.
Will law enforcement step in?
Cynthia Murrell, May 27, 2024
Wanna Be Happy? Use the Internet
May 13, 2024
This essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.
The glory days of the Internet have faded. Social media, AI-generated baloney, and brain numbing TikTok-esque short videos — Outstanding ways to be happy. What about endless online scams, phishing, and smishing, deep fake voices to grandma from grandchildren needing money — Yes, guaranteed uplifts to sagging spirits.
The idea of a payoff in a coffee shop is silly. Who would compromise academic standards for a latte and a pile of cash. Absolutely no one involved in academic pursuits. Good enough, MSFT Copilot. Good enough.
When I read two of the “real” news stories about how the Internet manufactures happiness, I asked myself, “Exactly what’s with this study?” The PR push to say happy things about online reminded me of the OII or Oxford Internet Institute and some of its other cheerleading. And what is the OII? It is an outfit which receives some university support, funds from private industry, and foundation cash; for example, the Shirley Institute.
In my opinion, it is often difficult to figure out if the “research” is wonky due to its methodology, the desire to keep some sources of funding writing checks, or a nifty way to influence policies in the UK and elsewhere. The magic of the “Oxford” brand gives the outfit some cachet for those who want to collect conference name tags to bedeck their office coat hangers.
The OII is back in the content marketing game. I read the BBC’s “Internet Access Linked to Higher Wellbeing, Study Finds” and the Guardian’s “Internet Use Is Associated with Greater Wellbeing, Global Study Finds.” Both articles are generated from the same PR-type verbiage. But the weirdness of the assertion is undermined by this statement from the BBC’s rewrite of the OII’s PR:
The study was not able to prove cause and effect, but the team found measures of life satisfaction were 8.5% higher for those who had internet access. Nor did the study look at the length of time people spent using the internet or what they used it for, while some factors that could explain associations may not have be considered.
The Oxford brand and the big numbers about a massive sample size cannot hide one awkward fact: There is little evidence that happiness drips from Internet use. Convenience? Yep. Entertainment? Yep. Crime? Yep. Self-harm, drug use or experimentation, meme amplification. Yep, yep, yep.
Several questions arise:
- Why is the message “online is good” suddenly big news? If anything, the idea runs counter to the significant efforts to contain access to potentially harmful online content in the UK and elsewhere. Gee, I wonder if the companies facing some type of sanctions are helping out the good old OII?
- What’s up with Oxford University itself? Doesn’t it have more substantive research to publicize? Perhaps Oxford should emulate the “Naked Scientist” podcast or lobby to get Melvin Bragg to report about more factual matters? Does Oxford have an identity crisis?
- And the BBC and the Guardian! Have the editors lost the plot? Don’t these professionals have first hand knowledge about the impact of online on children and young adults? Don’t they try to talk to their kids or grandkids at the dinner table when the youthful progeny of “real” news people are using their mobile phones?
I like facts which push back against received assumptions. But online is helping out those who use it needs a bit more precision, clearer thinking, and less tenuous cause-and-effect hoo-hah in my opinion.
Stephen E Arnold, May 13, 2024
A Look at Several Cyber Busts of 2023
May 8, 2024
Curious about cybercrime and punishment? Darknet data firm DarkOwl gives us a good run down of selective take downs in its blog post, “Cybercriminal Arrests and Disruptions: 2023 Look Back.” The post asserts law enforcement is getting more proactive about finding and disrupting hackers. (Whether that improvement is keeping pace with the growth of hacking is another matter.) We are given seven high-profile examples.
First was the FBI’s takedown of New York State’s Conor Fitzpatrick, admin of the dark web trading post BreachForums. Unfortunately, the site was back up and running in no time under Fitzpatrick’s partner. The FBI seems to have had more success disrupting the Hive Ransomware group, seizing assets and delivering decryption keys to victims. Europol similarly disrupted the Ragnar Locker Ransomware group and even arrested two key individuals. Then there were a couple of kids from the Lapsus$ Gang. Literally, these hackers were UK teenagers responsible for millions of dollars worth of damage and leaked data. See the write-up for more details on these and three other 2023 cases. The post concludes:
“Only some of the law enforcement action that took place in 2023 are described in this blog. Law enforcement are becoming more and more successful in their operations against cybercriminals both in terms of arrests and seizure of infrastructure – including on the dark web. However, events this year (2024) have already shown that some law enforcement action is not enough to take down groups, particularly ransomware groups. Notable activity against BlackCat/ALPHV and LockBit have shown to only take the groups out for a matter of days, when no arrests take place. BlackCat are reported to have recently conducted an exit scam after a high-profile ransomware was paid, and Lockbit seem intent on revenge after their recent skirmish with the law. It is unlikely that law enforcement will be able to eradicate cybercrime and the game whack-a-mole will continue. However, the events of 2023 show that the law enforcement bodies globally are taking action and standing up to the criminals creating dire consequences for some, which will hopefully deter future threat actors.”
One can hope.
Cynthia Murrell, May 8, 2024
Not Only Those Chasing Tenure Hallucinate, But Some Citations Are Wonky Too
April 26, 2024
This essay is the work of a dumb dinobaby. No smart software required.
I read “ChatGPT Hallucinates Fake But Plausible Scientific Citations at a Staggering Rate, Study Finds.” Wow. “Staggering.” The write up asserts:
A recent study has found that scientific citations generated by ChatGPT often do not correspond to real academic work
In addition to creating non-reproducible research projects, now those “inventing the future” and “training tomorrow’s research leaders” appear to find smart software helpful in cooking up “proof” and “evidence” to help substantiate “original” research. Note: The quotes are for emphasis and added by the Beyond Search editor.
Good enough, ChatGPT. Is the researcher from Harvard health?
Research conducted by a Canadian outfit sparked this statement in the article:
…these fabricated citations feature elements such as legitimate researchers’ names and properly formatted digital object identifiers (DOIs), which could easily mislead both students and researchers.
The student who did the research told PsyPost:
“Hallucinated citations are easy to spot because they often contain real authors, journals, proper issue/volume numbers that match up with the date of publication, and DOIs that appear legitimate. However, when you examine hallucinated citations more closely, you will find that they are referring to work that does not exist.”
The researcher added:
“The degree of hallucination surprised me,” MacDonald told PsyPost. “Almost every single citation had hallucinated elements or were just entirely fake, but ChatGPT would offer summaries of this fake research that was convincing and well worded.”
My thought is that more work is needed to determine the frequency with which AI made up citations appear in papers destined for peer review or personal aggrandizement on services like ArXiv.
Coupled with the excitement of a president departing Stanford University and the hoo hah at Harvard related to “ethics” raises questions about the moral compass used by universities to guide their educational battleships. Now we learn that the professors are using AI and including made up or fake data in their work?
What’s the conclusion?
[a] On the beam and making ethical behavior part of the woodwork
[b] Supporting and rewarding crappy work
[c] Ignoring the reality that the institutions have degraded over time
[d] Scrolling TikTok looking for grant tips.
If you don’t know, ask You.com or a similar free smart service.
Stephen E Arnold, April 26, 2024
Is This Incident the Price of Marketing: A Lesson for Specialized Software Companies
April 12, 2024
This essay is the work of a dumb dinobaby. No smart software required.
A comparatively small number of firms develop software an provide specialized services to analysts, law enforcement, and intelligence entities. When I started work at a nuclear consulting company, these firms were low profile. In fact, if one tried to locate the names of the companies in one of those almost-forgotten reference books (remember telephone books), the job was a tough one. First, the firms would have names which meant zero; for example, Rice Labs or Gray & Associates. Next, if one were to call, a human (often a person with a British accent) would politely inquire, “To whom did you wish to speak?” The answer had to conform to a list of acceptable responses. Third, if you were to hunt up the address, you might find yourself in Washington, DC, staring at the second floor of a non-descript building once used to bake pretzels.
Decisions, decisions. Thanks, MSFT Copilot. Good enough. Does that phrase apply to one’s own security methods?
Today, the world is different. Specialized firms in a country now engaged in a controversial dust up in the Eastern Mediterranean has companies which have Web sites, publicize their capabilities as mechanisms to know your customer, or make sense of big data. The outfits have trade show presences. One outfit, despite between the poster child from going off the rails, gives lectures and provides previews of its technologies at public events. How times have changed since I have been working in commercial and government work since the early 1970s.
Every company, including those engaged in the development and deployment of specialized policeware and intelware are into marketing. The reason is cultural. Madison Avenue is the whoo-whoo part of doing something quite interesting and wanting to talk about the activity. The other reason is financial. Cracking tough technical problems costs money, and those who have the requisite skills are in demand. The fix, from my point of view, is to try to operate with a public presence while doing the less visible, often secret work required of these companies. The evolution of the specialized software business has been similar to figuring out how to walk a high wire over a circus crowd. Stay on the wire and the outfit is visible and applauded. Fall off the wire and fail big time. But more and more specialized software vendors make the decision to try to become visible and get recognition for their balancing act. I think the optimal approach is to stay out of the big tent avoid the temptations of fame, bright lights, and falling to one’s death.
“Why CISA Is Warning CISOs about a Breach at Sisense” provides a good example of public visibility and falling off the high wire. The write up says:
New York City based Sisense has more than a thousand customers across a range of industry verticals, including financial services, telecommunications, healthcare and higher education. On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that “certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)”
Let me highlight one other statement in the write up:
The incident raises questions about whether Sisense was doing enough to protect sensitive data entrusted to it by customers, such as whether the massive volume of stolen customer data was ever encrypted while at rest in these Amazon cloud servers. It is clear, however, that unknown attackers now have all of the credentials that Sisense customers used in their dashboards.
This firm enjoys some visibility because it markets itself using the hot button “analytics.” The function of some of the Sisense technology is to integrate “analytics” into other products and services. Thus it is an infrastructure company, but one that may have more capabilities than other types of firms. The company has non commercial companies as well. If one wants to get “inside” data, Sisense has done a good job of marketing. The visibility makes it easy to watch. Someone with skills and a motive can put grease on the high wire. The article explains what happens when the actor slips up: “More than a thousand customers.”
How can a specialized software company avoid a breach? One step is to avoid visibility. Another is to curtail dreams of big money. Redefine success because those in your peer group won’t care much about you with or without big bucks. I don’t think that is just not part of the game plan of many specialized software companies today. Each time I visit a trade show featuring specialized software firms as speakers and exhibitors I marvel at the razz-ma-tazz the firms bring to the show. Yes, there is competition. But when specialized software companies, particularly those in the policeware and intelware business, market to both commercial and non-commercial firms, that visibility increases their visibility. The visibility attracts bad actors the way Costco roasted chicken makes my French bulldog shiver with anticipation. Tibby wants that chicken. But he is not a bad actor and will not get out of bounds. Others do get out of bounds. The fix is to move the chicken, then put it in the fridge. Tibby will turn his attention elsewhere. He is a dog.
Net net: Less blurring of commercial and specialized customer services might be useful. Fewer blogs, podcasts, crazy marketing programs, and oddly detailed marketing write ups to government agencies. (Yes, these documents can be FOIAed by the Brennan folks, for instance. Yes, those brochures and PowerPoints can find their way to public repositories.) Less marketing. More judgment. Increased security attention, please.
Stephen E Arnold, April 12, 2024
Information: Cheap, Available, and Easy to Obtain
April 9, 2024
This essay is the work of a dumb dinobaby. No smart software required.
I worked in Sillycon Valley and learned a few factoids I found somewhat new. Let me highlight three. First, a person with whom my firm had a business relationship told me, “Chinese people are Chinese for their entire life.” I interpreted this to mean that a person from China might live in Mountain View, but that individual had ties to his native land. That makes sense but, if true, the statement has interesting implications. Second, another person told me that there was a young person who could look at a circuit board and then reproduce it in sufficient detail to draw a schematic. This sounded crazy to me, but the individual took this person to meetings, discussed his company’s interest in upcoming products, and asked for briefings. With the delightful copying machine in tow, this person would have information about forthcoming hardware, specifically video and telecommunications devices. And, finally, via a colleague I learned of an individual who was a naturalized citizen and worked at a US national laboratory. That individual swapped hard drives in photocopy machines and provided them to a family member in his home town in Wuhan. Were these anecdotes true or false? I assumed each held a grain of truth because technology adepts from China and other countries comprised a significant percentage of the professionals I encountered.
Information flows freely in US companies and other organizational entities. Some people bring buckets and collect fresh, pure data. Thanks, MSFT Copilot. If anyone knows about security, you do. Good enough.
I thought of these anecdotes when I read an allegedly accurate “real” news story called “Linwei Ding Was a Google Software Engineer. He Was Also a Prolific Thief of Trade Secrets, Say Prosecutors.” The subtitle is a bit more spicy:
U.S. officials say some of America’s most prominent tech firms have had their virtual pockets picked by Chinese corporate spies and intelligence agencies.
The write up, which may be shaped by art history majors on a mission, states:
Court records say he had others badge him into Google buildings, making it appear as if he were coming to work. In fact, prosecutors say, he was marketing himself to Chinese companies as an expert in artificial intelligence — while stealing 500 files containing some of Google’s most important AI secrets…. His case illustrates what American officials say is an ongoing nightmare for U.S. economic and national security: Some of America’s most prominent tech firms have had their virtual pockets picked by Chinese corporate spies and intelligence agencies.
Several observations about these allegedly true statements are warranted this fine spring day in rural Kentucky:
- Some managers assume that when an employee or contractor signs a confidentiality agreement, the employee will abide by that document. The problem arises when the person shares information with a family member, a friend from school, or with a company paying for information. That assumption underscores what might be called “uninformed” or “naive” behavior.
- The language barrier and certain cultural norms lock out many people who assume idle chatter and obsequious behavior signals respect and conformity with what some might call “US business norms.” Cultural “blindness” is not uncommon.
- Individuals may possess technical expertise unknown to colleagues and contracting firms offering body shop services. Armed with knowledge of photocopiers in certain US government entities, swapping out a hard drive is no big deal. A failure to appreciate an ability to draw a circuit leads to similar ineptness when discussing confidential information.
America operates in a relatively open manner. I have lived and worked in other countries, and that openness often allows information to flow. Assumptions about behavior are not based on an understanding of the cultural norms of other countries.
Net net: The vulnerability is baked in. Therefore, information is often easy to get, difficult to keep privileged, and often aided by companies and government agencies. Is there a fix? No, not without a bit more managerial rigor in the US. Money talks, moving fast and breaking things makes sense to many, and information seeps, maybe floods, from the resulting cracks. Whom does one trust? My approach: Not too many people regardless of background, what people tell me, or what I believe as an often clueless American.
Stephen E Arnold, April 9, 2024
AI Hermeneutics: The Fire Fights of Interpretation Flame
March 12, 2024
This essay is the work of a dumb dinobaby. No smart software required.
My hunch is that not too many of the thumb-typing, TikTok generation know what hermeneutics means. Furthermore, like most of their parents, these future masters of the phone-iverse don’t care. “Let software think for me” would make a nifty T shirt slogan at a technology conference.
This morning (March 12, 2024) I read three quite different write ups. Let me highlight each and then link the content of those documents to the the problem of interpretation of religious texts.
Thanks, MSFT Copilot. I am confident your security team is up to this task.
The first write up is a news story called “Elon Musk’s AI to Open Source Grok This Week.” The main point for me is that Mr. Musk will put the label “open source” on his Grok artificial intelligence software. The write up includes an interesting quote; to wit:
Musk further adds that the whole idea of him founding OpenAI was about open sourcing AI. He highlighted his discussion with Larry Page, the former CEO of Google, who was Musk’s friend then. “I sat in his house and talked about AI safety, and Larry did not care about AI safety at all.”
The implication is that Mr. Musk does care about safety. Okay, let’s accept that.
The second story is an ArXiv paper called “Stealing Part of a Production Language Model.” The authors are nine Googlers, two ETH wizards, one University of Washington professor, one OpenAI researcher, and one McGill University smart software luminary. In short, the big outfits are making clear that closed or open, software is rising to the task of revealing some of the inner workings of these “next big things.” The paper states:
We introduce the first model-stealing attack that extracts precise, nontrivial information from black-box production language models like OpenAI’s ChatGPT or Google’s PaLM-2…. For under $20 USD, our attack extracts the entire projection matrix of OpenAI’s ada and babbage language models.
The third item is “How Do Neural Networks Learn? A Mathematical Formula Explains How They Detect Relevant Patterns.” The main idea of this write up is that software can perform an X-ray type analysis of a black box and present some useful data about the inner workings of numerical recipes about which many AI “experts” feign total ignorance.
Several observations:
- Open source software is available to download largely without encumbrances. Good actors and bad actors can use this software and its components to let users put on a happy face or bedevil the world’s cyber security experts. Either way, smart software is out of the bag.
- In the event that someone or some organization has secrets buried in its software, those secrets can be exposed. One the secret is known, the good actors and the bad actors can surf on that information.
- The notion of an attack surface for smart software now includes the numerical recipes and the model itself. Toss in the notion of data poisoning, and the notion of vulnerability must be recast from a specific attack to a much larger type of exploitation.
Net net: I assume the many committees, NGOs, and government entities discussing AI have considered these points and incorporated these articles into informed policies. In the meantime, the AI parade continues to attract participants. Who has time to fool around with the hermeneutics of smart software?
Stephen E Arnold, March 12, 2024
Internet Governance and Enforcement Needed: Not Just One-Off Legal Spats
February 5, 2024
This essay is the work of a dumb dinobaby. No smart software required.
“Web Publisher Seeks Injunctive Relief to Address Web Scraper’s Domain Name Maneuvers Intended to Avoid Court Order” at first glance is another tale of woe about a content or information publisher getting its content sucked down and into another service. This happens frequently, and the limp robots.txt file does not thwart the savvy content vacuum cleaner which is digitally Hoovering its way to a minimally viable product.
An outfit called Chegg creates or recycles information to create answers to homework problems. Students, who want to have more time for swiping left and right, subscribe and use Chegg to achieve academic certification. The outfit running the digital Hoover uses different domains; for example, Homeworkify.EU and then to Homeworkify.st. This change made it possible for Homeworkify to continue sucking down Chegg’s content.
One must know where to look, have the expertise to pull away the surface, and exert effort to eliminate the problem. Thanks, MSFT Copilot Bing thing. How’s the email security today? Oh, too bad.
The write up explains that the matter is in court, the parties are seeking a decision which validates their position, and the matter bumbles onward.
My take on this is different, and I am reasonably confident that it may make pro-Chegg and pro-Homeworkify advocates uncomfortable. Here are my observations:
- Neither outfit strikes me as particularly savvy when it comes to protecting or accessing online content. There are numerous Clear Web and Dark Web sites which engage in interesting actions, and investigators often have difficulty figuring out who is who, and what what is a who doing. One example from our own recent research has been our effort to determine “who” or “what” is behind the domain altenen.is. There are some hurdles to get over before the question can be answered. The operators of certain sites like the credit card outfit move around from domain to domain. This is accomplished automatically.
- The domain name registrars are an interesting group of companies. Upon examination, an ISP can be a domain reseller, operate an auction service buyers and sellers of “registered” domains, or operate as an ISP, a provider of virtual hosting, a domain name seller, and a domain name marketplace with connections to other domain name businesses. Getting lost in this mostly unregulated niche is quite easy. The sophisticated operators can appear to be a legitimate company with alleged locations in France or Russia. One outfit engaged in some interesting “reseller” activities appears to be in jail is Israel. But his online operation continues to hum along.
- The obfuscation of domains is facilitated by outfits based in salubrious locations like the Seychelles. Drop in and check out the businesses sometime when you are in Somalia or cruising the Indian Ocean off the west coast of Africa. The “specialists” located in remote regions provide “air cover” for individuals engaged in interesting business activities like running encrypted email services for allegedly bad actors and strong supporters of specialist “groups.”
Now back to the problem of Chegg and Homeworkify. My take on this dust up is:
- Neither outfit is sufficiently advanced to [a] prevent content access or [b] getting caught.
- Dumping the matter into a legal process means [a] spending lots of money on lawyers and [b] learning that no one understands what is taking place and why these actions are different from what’s being Hoovered by some of the most respected techno feudalists in the world. The cloud of unknowing will be thick as these issues are discussed.
- The focus should include attention and then action toward what I call “the enablers.” Who or what is an enabler? That’s easy. The basic services of the Internet governance entities and the failure to license certain firms who provide technology to facilitate problematic online activity.
Net net: Until regulation and consequences are imposed on the enablers, there will be more dust ups like the one between Chegg and Homeworkify.
PS. I am not too keen on selling short cuts to learning.
Stephen E Arnold, February 5, 2024
Fujitsu: Good Enough Software, Pretty Good Swizzling
January 25, 2024
This essay is the work of a dumb dinobaby. No smart software required.
The USPS is often interesting. But the UK’s postal system, however, is much worse. I think we can thank the public private US postal construct for not screwing over those who manage branch offices. Computer Weekly details how the UK postal system’s leaders knowingly had an IT problem and blamed employees: “Fujitsu Bosses Knew About Post Office Horizon IT Flaws, Says Insider.”
The UK postal system used the Post Office Horizon IT system supplied by Fujitsu. The Fujitsu bosses allowed it to be knowingly installed despite massive problems. Hundreds of UK subpostmasters were accused of fraud and false accounting. They were held liable. Many were imprisoned, had their finances ruined, and lost jobs. Many of the UK subpostmasters fought the accusations. It wasn’t until 2019 that the UK High Court proved it was Horizon IT’s fault.
The Fujitsu that “designed” the postal IT system didn’t have the correct education and experience for the project. It was built on a project that didn’t properly record and process payments. A developer on the project shared with Computer Weekly:
“‘To my knowledge, no one on the team had a computer science degree or any degree-level qualifications in the right field. They might have had lower-level qualifications or certifications, but none of them had any experience in big development projects, or knew how to do any of this stuff properly. They didn’t know how to do it.’”
The Post Office Horizon It system was the largest commercial system in Europe and it didn’t work. The software was bloated, transcribed gibberish, and was held together with the digital equivalent of Scotch tape. This case is the largest miscarriage of justice in current UK history. Thankfully the truth has come out and the subpostmasters will be compensated. The compensation doesn’t return stolen time but it will ease their current burdens.
Fujitsu is getting some scrutiny. Does the company manufacture grocery self check out stations? If so, more outstanding work.
Whitney Grace, January 25, 2024
-
- Subscribe to Beyond Search
Feature archive
News archive
-
