• Home
• About
• Writers
• Landscape
• Wizards Index
• Fraud
• Wanna Be Like Larry?

Secrets Patterns Database

One of my researchers called my attention to “Secrets Patterns Database.” For those interested in finding “secrets”, you may want to take a look. The data and scripts are available on GitHub… for now. Among its features are:

• “Over 1600 regular expressions for detecting secrets, passwords, API keys, tokens, and more.
• Format agnostic. A Single format that supports secret detection tools, including Trufflehog and Gitleaks.
• Tested and reviewed Regular expressions.
• Categorized by confidence levels of each pattern.
• All regular expressions are tested against ReDos attacks.”

Links to the author’s Web site and LinkedIn profile appear in the GitHub notes.

Stephen E Arnold, February 20, 2023

Another OSINT Blind Spot: Fake Reviews

Fraud comes in many flavors. Soft fraud is a mostly ignored branch of online underhandedness. Examples range from online merchants selling products which don’t work or are never shipped to phishing scams designed to obtain online credentials. One tributary to the Mississippi River of online misbehavior is the category “Fake Reviews.” These appear on many services; for example, Amazon. Some authors and publishers crank out suspicious reviews as a standard business practice. Those with some cash and a low level of energy just hire ghost promoters on Fiverr-like services.

I noted “Up to 30% of Online Reviews Are Fake and Most Consumers Can’t Tell the Difference.” The write up says:

The latest survey from Brand Rated shows nine out of ten consumers use reviews to help decide what to buy, where to eat and which doctor or dentist to see. Experts say that’s a problem because up to 30% of online reviews are fake. “My research shows that the review platforms are just saturated with fake reviews. Far more so than most people are aware of,” said [Kay] Dean [Founder of Fake Review Watch.]

Several questions, assuming the data are accurate:

1. What incentives exist for bad actors to surf on this cloud of unknowing?
2. How will smart software identify “fake content” and deal with it in a constructive way?
3. How many of the individuals in this magical 30 percent will have difficulty making sense of conflicting technical or medical information?

Net net: Cyber crime (hard and soft) are entering a golden age. OSINT analysts, are you able to identify real and fake in a reliable way? Think carefully about your answer.

Stephen E Arnold, November 9, 2022

A Flashing Yellow Light for GitHub: Will Indifferent Drivers Notice?

I read “We’ve Filed a Law­suit Chal­leng­ing GitHub Copi­lot, an AI Prod­uct That Relies on Unprece­dented Open-Source Soft­ware Piracy. Because AI Needs to Be Bair & Eth­i­cal for Every­one.” The write up reports:

… we’ve filed a class-action law­suit in US fed­eral court in San Fran­cisco, CA on behalf of a pro­posed class of pos­si­bly mil­lions of GitHub users. We are chal­leng­ing the legal­ity of GitHub Copi­lot (and a related prod­uct, OpenAI Codex, which pow­ers Copi­lot). The suit has been filed against a set of defen­dants that includes GitHub, Microsoft (owner of GitHub), and OpenAI.

My view of GitHub is that it presents a number of challenges. On one hand, Microsoft is a pedal-to-the-metal commercial outfit and GitHub is an outfit with some roots in the open source “community” world. Many intelware solutions depend on open source software. In my experience, it is difficult to determine whether cyber security vendors or intelware vendors offer software free of open source code. I am not sure the top dogs in these firms know. Big commercial companies love open source software because these firms see a way to avoid the handcuffs proprietary code vendors use for lock in and lock down without a permission slip. These permissions can be purchased. This fee irritates many of the largest companies which are avid users of open source software.

A second challenge of GitHub is that it serves bad actors in two interesting ways. Those eager to compromise networks, automate phishing attacks, and probe the soft underbelly of companies “protected” by somewhat Swiss Cheese like digital moats rely on open source tools. Second, the libraries for some code on GitHub is fiddled so that those who use libraries but never check too closely about their plumbing are super duper attack and compromise levering vectors. When I was in Romania, “Hooray for GitHub” was, in my opinion, one of the more popular youth hang out disco hits.

The write up adds a new twist: Allegedly inappropriate use of the intellectual property of open source software on GitHub. The write up states:

As far as we know, this is the first class-action case in the US chal­leng­ing the train­ing and out­put of AI sys­tems. It will not be the last. AI sys­tems are not exempt from the law. Those who cre­ate and oper­ate these sys­tems must remain account­able. If com­pa­nies like Microsoft, GitHub, and OpenAI choose to dis­re­gard the law, they should not expect that we the pub­lic will sit still. AI needs to be fair & eth­i­cal for every­one.

This issue is an important one. The friction for this matter is that the US government is dependent on open source to some degree. Microsoft is a major US government contractor. A number of Federal agencies are providing money to companies engaged in strategically significant research and development of artificial intelligence.

The different parties to this issue may exert or apply influence.

Worth watching because Amazon- and Google-type companies want to be the Big Dog in smart software. Once the basic technology has been appropriated, will these types of companies pull the plug on open source support and god cloud commercial? Will attorneys benefit while the open source community suffers? Will this legal matter mark the start of a sharp decline in open source software?

Stephen E Arnold, November 9, 2022

OSINT Is Popular. Just Exercise Caution

Many have embraced open source intelligence as the solution to competitive intelligence, law enforcement investigations, and “real” journalists’ data gathering tasks.

For many situations, OSINT as open source intelligence is called, most of those disciplines can benefit. However, as we work on my follow up to monograph to CyberOSINT and the Dark Web Notebook, we have identified some potential blind spots for OSINT enthusiasts.

I want to mention one example of what happens when clever technologists mesh hungry OSINT investigators with some online trickery.

Navigate to privtik.com  (78.142.29.185). At this site you will find:

But there is a catch, and a not too subtle one:

The site includes mandatory choices in order to access the “secret” TikTok profile.

How many OSINT investigators use this service? Not too many at this time. However, we have identified other, similar services. Many of these reside on what we call “ghost ISPs.” If you are not aware of these services, that’s not surprising. As the frenzy about the “value” of open source investigations increases, geotag spoofing, fake data, and scams will escalate. What happens if those doing research do not verify what’s provided and the behind the scenes data gathering?

That’s a good question and one that gets little attention in much OSINT training. If you want to see useful OSINT resources, check www.osintfix.com. Each click displays one of the OSINT resources we find interesting.

Stephen E Arnold, November 2, 2022

Open Source Is the Answer. Maybe Not?

In my last three lectures, I have amplified and explained what I call the open source frenzy and the concomitant blind spots. One senior law enforcement professional told me after a talk in September 2022, “We’re pushing forward with open source.” To be fair, that’s been the position of many government professionals with whom I have spoken in this year. Open source delivers high value software. Open source provides useful information with metatags. These data can be cross correlated to provide useful insight for investigators. Open source has even made it easier for those following Mr. Putin’s special action to get better information than those in war fighting hot spots.

Open source is the answer.

If you want a reminder about the slippery parts of open source information, navigate to “Thousands of GitHub Repositories Deliver Fake PoC Exploits with Malware.” The write up reports:

According to the technical paper from the researchers at Leiden Institute of Advanced Computer Science, the possibility of getting infected with malware instead of obtaining a PoC could be as high as 10.3%, excluding proven fakes and prankware.

Not a big deal, right?

Wrong. These data, even if the percentage is adrift, point to a vulnerability caused by the open source cheerleaders.

The write up does a good job of providing examples, which will be incomprehensible to most people. However, the main point of the write up is that open source repositories for software can be swizzled. The software, libraries, executables, and other bits and bobs can put some additional functions in the objects. If that takes place, the vulnerabilities rides along until called upon to perform an unexpected and possibly difficult to identify action.

Cyber security is primarily reactive. Embedded malware can be proactive, particularly if it uses a previously unknown code flaw.

The interesting part of the write up is this passage in my opinion:

The researchers have reported all the malicious repositories they discovered to GitHub, but it will take some time until all of them are reviewed and removed, so many still remain available to the public. As Soufian [a Dark Trace expert] explained, their study aims not just to serve as a one-time cleaning action on GitHub but to act as a trigger to develop an automated solution that could be used to flag malicious instructions in the uploaded code.

The idea of unknown or zero day flaws is apparently not on the radar. What’s this mean in practical terms? A “good enough” set of actions to deal with known issues is not going to be good enough.

This seems to set the stage for a remedial action that does not address the workflows and verification for open source. More significantly, should the focus be on code only?

The answer is, “No.” Think about injecting Fibonacci sequences into certain quantum computer operations. Can injection of crafted numerical strings into automated content processing systems throw a wrench into the works?

The answer to this question is, “Yes.”

Stephen E Arnold, October 24, 2022

Open Source Intelligence: Tool Browsing One at a Time

The research team for my forthcoming monograph about the invisible Web uses a number of open source intelligence tools. The problem we are solving is reducing the difficulty associated with learning a new OSINT tool. Whenever you have a moment, click on the OSINTFix button, and take a look at what we consider a useful resource. When you spot a tool you like, just bookmark it.

I want to point out that one of the popular sections in our lectures is profiles of OSINT tools. One click displays a tool. What do these tools do? Some make it easy to find where an email address been used Others provide domain information. Some make it easy to automate certain queries or making it easier to search Google. There are more than 3,000 tools in our database.

Click on the button, and the service will open a new tab in your browser showing the OSINT tool, software, resource, or service. Note that some tools are not free. Please, notice that there are no ads, no embarrassing Guardian- and Vox-like pleas for for money, and no dark patterns.

Stephen E Arnold, October 10, 2022

Amazon and Open Source: A Me Too Spin on Microsoft and Its Extinguish Tactic?

I heard that Amazon — the lovable online bookstore — is thinking about open source software in general and open source search specifically. This is just a hunch, based on comments bandied about in the vendors’ area at a recent law enforcement conference. The attendees may not think much about Amazon as an ecosystem for bad actors but the vendors with whom I talk are:

Aware

Eager to use the AWS platform

Expressing varying degrees of concern.

Were these vendors representative of the cyber security community? Are you kidding? Were the conference attendees a cross section of the more than 100 US enforcement agencies? Nope.

So why do I mention this impression? Three reasons:

1. Amazon, like Microsoft, provides plumbing for a number of government entities and for some darned interesting cyber security vendors in the US and elsewhere (Hello, Israel?)
2. The US government is not a cohesive entity. One of the regulatory agencies, which I shall not name, is thinking hard thoughts about the friendly online bookstore. I have heard that third party seller activity (Amazon’s and some seller), Amazon’s human centric management approach, and some of Amazon’s surfing on data generated by resellers, vendors, and possibly home shoppers are topics of interest.
3. Years ago, Amazon hired some Lucid Imagination open source search professionals and plopped the wizards in the Bezos Bulldozer’s Burlingame office. Evolving from that “lucid” input, the venerable online bookstore engaged in a game of fork you with Elastic, a company associated with the open source Elasticsearch, for fee services, and a digital animal dubbed ELK.

These reasons cause me to recall one of the principal conclusions my team and I formulated when we wrote “Open Source Search Report” for a mid tier consulting firm. (Unsurprisingly the company changed hands and the study was split apart with individual chapters going for $3,000 each on — guess what online bookstore? Give up? It was Amazon.

I reflected on the conclusion in our monograph: Open source is the domain of large corporate entities. Why? Open source was pretty much free and could be changed. Plus, unpaid open source enthusiasts would find and fix software problems.

One of the reasons enterprise search in general and content processing in particular has been a company killer is that search is not an “application.” Search is weirdly personal, and each enterprise search client wanted a system that would work for the many silos within an organizational structure.

The information super highway is littered with search road kill. Many of the names are long forgotten. When was the last time you longer for the francophone centric Delphis or the enterprise powerhouse Entopia?

Why am I thinking about Amazon and open source search?

I read “Open Source Bait and Switch” with the fetching and click magnet subtitle “When OSS advocacy goes too far & corporate greed takes over, free software is used as a tool to destroy competition and hurt the developer community.”

I noted these statements in the article, which is in step with our 2011 research. (Yep, more than a decade ago, which I find interesting.)

let me highlight a couple of statements from the article which arrested my attention this morning (Monday, September 26, 2022).

Take Elastic search. They were open source and killing it. But AWS was forking and not really helping their bottom line. So Elastic changed their license to block AWS. AWS started their own fork. Some people vilify Elastic in this story but those people probably never had to fight Amazon for the survival of their business. In this case, both sides weaponised open source in a business fight.

Also:

I love open source and think it’s remarkably important. That’s why we shouldn’t let corporations weaponize it.

And:

Major corporations use open source as a weapon to fight each other, we seem to benefit in the short term. But as they win the corporate mindset takes over and they double down on control.

What’s shaking at Amazon? Based on my vantage point and my limited viewshed, I will hazard several observations:

1. Amazon wants to dominate via search and retrieval because it is a utility that is essential for next generate search based applications.
2. Amazon wants to strike at its competitors, which are estimable organizations obviously, and deprive them of any advantage these firms may be perceived to have when it comes to findability. Could these be great outfits like Google and Microsoft as well as annoying start ups like Algolia and the almost laughable Gulliver of search in Canada as well as an interesting entity morphing as I write this essay? (Want names? Sorry, not in a free blog, you silly goose.)
3. Amazon lacks imagination, and it is — in my opinion — manifesting the old Microsoft method of embrace, extend, and extinguish. Yep, extinguish. In my view, Amazon is showing other outstanding for profit entities how to attack competitors, community minded open source developers, and users of Amazon AWS simultaneously. None of the “special operation” thinking that has been in the news lately. Amazon is operating strategically and tactically with a single minded purpose. Split up the bookstore and each part will grow bigger than it is today.

Should I worry that my eBook won’t arrive or the French bulldog’s winter coat fail to show up tomorrow? Nah. What about open source, the community thing, the free thing. Yep, worry is good.

Stephen E Arnold, September 26, 2022

Microsoft and Linux: All Your Base Belong to Us

Microsoft has traditionally been concerned about Linux and has never hidden its indigestion — until the original top dogs went to the kennel. Microsoft actually hates all open source software and CEO Steve Ballmer said, ““Linux is a cancer that attaches itself in an intellectual property sense to everything it touches.” Wow! It sounds like someone wants to enforce a monopoly on technology, prevent innovation, and rake in dollars for personal gain. In other words, Ballmer is power and greed at its worst. Open source, on the other hand, inspires innovation and sharing technology. The Lunduke Journal of Technology, run by Bryan Lunduke, details his experience with controlling Microsoft heads and how Bill Gates’s company has slowly decimated Linux: “Microsoft’s Growing Control Of Linux.”

Lunduke recounted he heard Ballmer’s hatred for Linux and even had the CEO’s spittle on his face from an open source rage. Microsoft has slowly gained control over important parts of Linux and open source as whole. This includes: GitHub-the largest host of source code in the world, Linux conferences, Linux organizations-Microsoft is a “Premium Sponsor” of the Open Source Initiative and “Platinum Membership on the Linux Foundation, and hired prominent Linux developers.

Here is what Lunduke heard during a past Linux conference:

“During that keynote, the Microsoft executive (John Gossman) made a few statements worth noting:

‘You do not generally want your developers to understand how the licenses all work. If you’re a larger company, you’re very likely to have a problem of controlling all of the open source activity that’s going on … it can be bad for the company, it can be bad for the community, it can be bad lots of different ways.’

You don’t want developers to understand licenses? Not having corporate control of open source is bad? Not exactly pro-open source statements, eh?”

Microsoft does use Linux for Azure and Ubuntu, two products that make the company’s offerings stronger. This Linux thing will be an interesting challenge. MSFT “owns” GitHub. MSFT wants to sell subscriptions and maybe to what does not matter? Open source may be antithetical to MSFT subscriptions. Open source Linux? How about a subscription to MSFT Linux centric solutions?

Now that’s an idea.

Whitney Grace, August 9, 2022

Open Source Software: Is the Golden Age Unwinding?

I spotted a modest, probably inconsequential, article called “Tech War: China Doubles Down on Domestic Operating Systems to Cut Reliance on Windows, MacOS from the US.” Two thoughts struck me: First, is “Kylinsoft” pronounced “kill them softly”? Second, with Chinese contributions to open source creeping upwards, will the Kylinsoft thrust gut some useful open source software projects. (I suppose I could ask myself, “Gee, perhaps the clean code goes to the Kylinsoft thrust and the poisoned stuff flows into non-China approved repositories?” I am not going to ask that question. Why would a nation state take such a nefarious approach to the free and open community minded approach to code?)

The write up takes the approach that China wants to be free of non-China software. The future is digital; therefore, a free future requires free software Chinese entities can trust. Also, the article uses the word “war” several times. That’s interesting. A software war fought on free and open source software governed by crystal clear rules of the information superhighway.

What entity is nudging Kylinsoft forward? The write up answers the question this way:

Kylinsoft, a subsidiary of state-owned China Electronics Corp, last week joined forces with more than 10 Chinese entities, including the National Industrial Information Security Development Research Centre, to set up an open-source code community.

Probably no big deal, right? Killin’ ‘em softly with love. A swan song?

Stephen E Arnold, July 1, 2022

ACM Opens Computing Literature Archive

The history of computers is fascinating. It starts thousands of years ago with some of history’s brilliant intellects, staggers, and then quickly advances in the twentieth century. We now have humanity’s collected knowledge in the palm of our hands…if the data or Wi-Fi connections work. The Association for Computing Machinery documented the invention of modern computing since 1947 and the organization opened an archive: ACM Digital Library. Associations Now explain why ACM opened its archives in, “‘The Way Things Were’: How The Association For Computing Machinery Is Opening The Doors To Its Archives.”

ACM wants people to realize how far the computing industry has gone and for its seventy-fifth anniversary is opening up its archives to the public. In the past, these records were locked behind a paywall and now they are free to the public. More than 117,500 articles from 1951-2000 are readable to the public. The archive is part of a greater ACM initiative:

“Vicki L. Hanson, the group’s CEO, noted that the ACM Digital Library initiative is part of a broader effort to make its archives available via open access by 2025. ‘Our goal is to have it open in a few years, but there’s very real costs associated with [the open-access work],’ Hanson said. ‘We have models so that we can pay for it. While the organization is still working through its open-access effort, it saw an opportunity to make its “backfile” of materials available, timed to the organization’s 75th anniversary.”

Hanson continued that opening the archive was not a big challenge, because ACM already had a system designed for public consumption. ACM wanted a creative way to announce the archive, so they used its seventy-fifth anniversary.

Organizations need to make money to support their research, but too much scientific information is kept behind paywalls. ACM’s move to share its research is a step more organizations should make.

Whitney Grace, May 30, 2022

« Previous Page — Next Page »

• 

• Search the site

•  

  Subscribe to Beyond Search

  • 
  • 
   
  • 
   
  
  Feature archive
  News archive
   
  
  
  Stephen E. Arnold monitors search, content processing, text mining and related topics from his high-tech nerve center in rural Kentucky. He tries to winnow the goose feathers from the giblets. He works with colleagues worldwide to make this Web log useful to those who want to go "beyond search". Contact him at sa [at] arnoldit.com. His Web site with additional information about search is arnoldit.com.

• Categories

  • 3D-Printing
  • Acquisition
  • Advertising
  • Aggregation
  • AI
  • Alexa
  • algorithms
  • Amazon
  • Amazonia
  • Analytics
  • Appliance
  • Applications
  • Audio
  • Augmented Reality
  • Big data
  • Bing
  • Bitcoin
  • Bitext
  • Book review
  • Business intelligence
  • Business process
  • Business strategy
  • Censorship
  • Cloud computing
  • Company Profile
  • Conferences
  • Connectors
  • Consulting
  • Consumer
  • Content processing
  • Copyright
  • Corporate Concerns
  • Cost
  • Crawl
  • Crowdfunding
  • cryptocurrency
  • Customer support
  • Cyber OSINT
  • cybercrime
  • cybersecurity
  • Dark Web
  • DarkCyber
  • Data
  • Data mining
  • Database
  • Deepfakes
  • Digital Assistant
  • Digital Library
  • E2EE
  • ECommerce
  • EDiscovery
  • Editorial opinion
  • Education
  • Emoticons
  • Enterprise
  • Enterprise search
  • Entity extraction
  • Ethics
  • Facebook
  • Faceted search
  • Factualities
  • Feature
  • Federated search
  • Financial
  • Fogint
  • Google
  • Governance
  • Government
  • Hackers
  • healthcare
  • IBM Watson
  • Image search
  • Indexing
  • Infrastructure
  • Innovation
  • Integration
  • intelware
  • Interface
  • Internet
  • Interview
  • Investment
  • law enforcement
  • Legal matters
  • Library automation
  • Management
  • Marketing
  • Mathematics
  • Metadata
  • Microsoft
  • Mobile
  • Natural language processing
  • News
  • NGIA
  • Online (general)
  • Open Access
  • Open source
  • OSINT
  • Osint Radar
  • Overflight
  • Palantir
  • Patents
  • Personnel
  • Podcast
  • Policeware
  • Portals
  • Predictive coding
  • Privacy
  • Profile
  • Publishing
  • Quotation
  • Real time search
  • Reference tool
  • Rich media
  • Robot Writer
  • Search
  • Search enabled applications
  • search engine
  • Search quality
  • Security
  • Semantic
  • Sentiment analysis
  • SEO
  • SharePoint
  • Short Honks
  • Smart Technology
  • Social
  • Social Media
  • software
  • Statistics
  • Taxonomy
  • Technology
  • Text analytics
  • Text processing
  • Tools
  • Tor
  • Training
  • Translation
  • Twitter
  • Uncategorized
  • Unstructured Data
  • User experience
  • User Interface
  • Vertical search
  • Video
  • visualization
  • Voice search
  • Voice technology
  • Web 3
  • Web Services
  • Webinar
  • Windows
  • Work flow
  • XML
  • Yahoo

• Archives

  Archives Select Month June 2025 May 2025 April 2025 March 2025 February 2025 January 2025 December 2024 November 2024 October 2024 September 2024 August 2024 July 2024 June 2024 May 2024 April 2024 March 2024 February 2024 January 2024 December 2023 November 2023 October 2023 September 2023 August 2023 July 2023 June 2023 May 2023 April 2023 March 2023 February 2023 January 2023 December 2022 November 2022 October 2022 September 2022 August 2022 July 2022 June 2022 May 2022 April 2022 March 2022 February 2022 January 2022 December 2021 November 2021 October 2021 September 2021 August 2021 July 2021 June 2021 May 2021 April 2021 March 2021 February 2021 January 2021 December 2020 November 2020 October 2020 September 2020 August 2020 July 2020 June 2020 May 2020 April 2020 March 2020 February 2020 January 2020 December 2019 November 2019 October 2019 September 2019 August 2019 July 2019 June 2019 May 2019 April 2019 March 2019 February 2019 January 2019 December 2018 November 2018 October 2018 September 2018 August 2018 July 2018 June 2018 May 2018 April 2018 March 2018 February 2018 January 2018 December 2017 November 2017 October 2017 September 2017 August 2017 July 2017 June 2017 May 2017 April 2017 March 2017 February 2017 January 2017 December 2016 November 2016 October 2016 September 2016 August 2016 July 2016 June 2016 May 2016 April 2016 March 2016 February 2016 January 2016 December 2015 November 2015 October 2015 September 2015 August 2015 July 2015 June 2015 May 2015 April 2015 March 2015 February 2015 January 2015 December 2014 November 2014 October 2014 September 2014 August 2014 July 2014 June 2014 May 2014 April 2014 March 2014 February 2014 January 2014 December 2013 November 2013 October 2013 September 2013 August 2013 July 2013 June 2013 May 2013 April 2013 March 2013 February 2013 January 2013 December 2012 November 2012 October 2012 September 2012 August 2012 July 2012 June 2012 May 2012 April 2012 March 2012 February 2012 January 2012 December 2011 November 2011 October 2011 September 2011 August 2011 July 2011 June 2011 May 2011 April 2011 March 2011 February 2011 January 2011 December 2010 November 2010 October 2010 September 2010 August 2010 July 2010 June 2010 May 2010 April 2010 March 2010 February 2010 January 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 January 2008 November 5

• Recent Posts

  • Add On AI: Sounds Easy, But Maybe Just a Signal You Missed the Train
  • Palantir Rattles the Windows in the Nuclear Industry
  • Do Not Be Evil. Dolphins, Polar Bears, and Snail Darters? Tough Luck
  • Publishers Will Love Off the Wall by Google
  • Teams Today, Cloud Data Leakage Tomorrow Allegations Tomorrow?

• Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org