Snowden Makes Rare Comment on Putin’s Politics
August 15, 2016
I off hand heard a comment from someone living in Russia that President Vladimir Putin was returning the country to a time resembling the Soviet days. To my western ears, that does not sound good. Things are about to get worse for Russian citizens due to a new law the government signed into law. Yahoo Tech reports in the article that “Putin Signs Controversial Anti-Terror Measures Into Law” that these new laws are meant to be anti-terror laws, but are better referred to as “Big Brother” laws.
The new laws give the government greater surveillance powers of its citizens. This means that under the guise of providing extra security communications-based companies will be forced to store people’s calls, messages, photos, videos, and metadata for three years. The companies must also allow security services full access to all the data and any encryption tools necessary. It gets even worse:
“They also criminalise several offences, lower the age of criminal responsibility to 14 for some crimes and extend prison sentences for online crimes like abetting terrorism. The passage of the bills through Russia’s lower and upper houses of parliament sent shockwaves through the internet and telecoms industries.”
Communications-based companies are worried that the new laws will cut into their profit margins. It is predicted that the new infrastructure necessary to store the massive amount of data will cost four times the industry’s annual profit. It is recommended that a tax on the entire industry, then use that money to build the infrastructure would be a better option.
The US whistleblower Edward Snowden, currently in Russia for asylum, made a rare comment on Russia’s politics via Twitter about the new laws:
“ ‘Signing the #BigBrother law must be condemned,’ he said, adding that he would criticise the law despite fearing retaliation from Russian authorities.”
Snowden wrote what is already written on the wall when it comes to Russia: Putin is changing the country for the worse and it is scary to imagine where it will go next.
Whitney Grace, August 15, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
These Are the False Records of the Starship Google
August 12, 2016
Star Trek technology was/is designed by prop masters and special effects artists based on preconceived notations of the time. The original Trek series ran on analog, while the franchise reboot has holograms and streamlined ships free of the 1960s “groovy” design. Google wants to make Star Trek technology a reality and in manner ways they have with a search engine and a digital assistant that responds to vocal commands. Is Google getting too big for its britches, however? STAT asked the question in its story, “’Silicon Valley Arrogance’? Google Misfires As It Strives To Turn Star Trek Fiction Into Reality.”
Google wanted to create the Star Trek tricorder, a handheld computer that records, scans, and processes any type of data from soil samples to medical information. Google created a biotech venture, Verily Life Sciences, to invent a cancer scanning tricorder, but the project is not doing so well. The cancer tricorder is only one example of Google’s misfire in medical technology. Verily appears to be working on projects that are more in the realm of science fantasy and are used as marketing devices to promote Google as the “technology company of the future.”
Google wants to maker new scientific inroads in medical technology, pulling on their expertise with big data and their initiative:
“’Part of the Silicon Valley ethos is about changing the world, about disruptive technology, about ignoring existing business models,’ and ‘taking on grand challenges,’ …
‘That’s admirable,’…but in Verily’s case, ‘it also feels pretty quixotic.’”
Fantasy drives innovation, which is why science fiction series like Star Trek are inspiration. Much of the technology from the original Trek series and later installations are available now, but we are still far from making everything from the show a reality. We should not halt experimentation on new technology, but big claims like Google’s are probably best kept silent until there is a working prototype.
Whitney Grace, August 12, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
No Dark Web Necessary
August 11, 2016
Do increased Facebook restrictions on hate speech and illegal activity send those users straight to the Dark Web? From The Atlantic comes and article entitled, American Neo-Nazis Are on Russia’s Facebook, which hints that is not always the case. This piece explains that location of an online group called “United Aryan Front” moved from Facebook to a Russia’s version of Facebook: VKontakte. The article describes a shift to cyber racism,
The move to VK is part of the growing tendency of white supremacists to interact in online forums, rather than through real-life groups like the KKK, according to Heidi Beirich, director of the Southern Poverty Law Center’s anti-terror Intelligence Project. Through the early 2000s, skinheads and other groups would host dozens of events per year with hundreds of attendees, she says, but now there are only a handful of those rallies each year. “People online are talking about the same kinds of things that used to happen at the rallies, but now they’re doing it completely through the web,” she said.
It is interesting to consider the spaces people choose, or are forced into, for conducting ill-intentioned activities. Even when Facebook cracks down on it, hate speech amongst other activities is not relegated solely to the Dark Web. While organized online hate speech analogous to rallies may be experiencing a surge in the online world, rallies are not the only avenue for real-world racism. At the core of this article, like many we cover on the Dark Web, is a question about the relationship between place and malicious activity.
Megan Feil, August 11, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
The Reach of Cyber Threat Intelligence Companies
August 10, 2016
The social media monitoring complex appears to be gaining a follower. LittleSis News shared an article highlighting their investigative findings, You are being followed: The business of social media surveillance. This post not only reveals the technology companies engaged in surveillance and developing tools for surveillance, those at LittleSis News also filed freedom of information requests to twenty police departments about their social media monitoring. The article concludes with,
“Because social media incites within us a compulsion to share our thoughts, even potentially illegal ones, law enforcement sees it as a tool to preempt behavior that appears threatening to the status quo. We caught a glimpse of where this road could take us in Michigan, where the local news recently reported that a man calling for civil unrest on Facebook because of the Flint water crisis was nearly the target of a criminal investigation. At its worst, social media monitoring could create classes of “pre-criminals” apprehended before they commit crimes if police and prosecutors are able to argue that social media postings forecast intent. This is the predictive business model to which Geofeedia CEO Phil Harris aspires.”
In addition to Geofeedia, the other cyber threat intelligence companies listed are: BrightPlanet, ZeroFOX, Intrado, LifeRaft, Magnet Forensics, Media Sonar Technologies, Signal Corporation Limited. These companies specialize in everything from analyzing deep web content to digital forensics software. Ultimately data is their specialty, not people. These technologies and their applications will undoubtedly stir up questions about the relationship between people, the data they produce on social media, and state actors.
Megan Feil, August 10, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden/Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Dark Web Purchases Potentially More Challenging Than Media Portrays
August 8, 2016
German TV journalists recently discovered acquiring weapons on the Dark Web may be more challenging than media coverage suggests. Vice’s Motherboard published an article on this called TV Journalists Try Buying AK-47 on Dark Web, Fail. Producers for German channel ARD, working for a show “Fear of terror—how vulnerable is Germany” lost about $800 in bitcoin during the attempted transaction through a middleman. We learned,
“It’s not totally clear if this was because the seller wasn’t legitimate, or whether the package had been intercepted. Regardless, this shouldn’t be much of a surprise: The dark web gun trade is rife with scammers. One con-artist previously told Motherboard he would ask legal sellers to send him photos of weapons next to a piece of paper with his username. From here, he would “just send a bag of sugar,” when an order came in. And undercover law enforcement agents also sell weapons in order to identify potential customers.”
Motherboard is careful to reference cases of successful Dark Web gun sales. Not that readers would be so quick to assume guns cannot be easily purchased on the Dark Web after seeing numerous media coverage that is the case. For the average reader, is the knowledge of the Dark Web from media or personal experience? We see a lot of articles reporting number of web sites that exist, perhaps because of the inability to accurately report a number of users on the Dark Web. While that may not be retrievable, perhaps the number of Tor downloads may be.
Megan Feil, August 8, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Legal Drugs Turned Illegal Primed for Dark Web Marketplaces
August 3, 2016
A few drugs that were once able to be legally sold will be outlawed in Britain. Express released an article, Legal high dealers to be forced onto DARK WEB by blanket ban, top police officer warns, that shares the story. Several deaths were linked to substances called “spice” and “hippy crack” which led to a ban on the sales of these items. The article’s source, a police chief Commander Simon Bray, says because of the future unavailability in brick-and-mortar stores, he suspects users will turn to the Dark Web to purchase these drugs. The article tells us,
“Commander Bray of the National Police Chiefs Council added: “Clearly, there will be some movement onto the dark net. “People find it lucrative to sell substances and where people are going to buy them. But of course, it is not going to be so easy for the average person to get hold of them.” Other experts have warned the ban will just drive use and sale of the drugs into the hands of criminal gangs. Tejinder Reehal, who manages Scorpion, a shop that has sold legal highs, said: “We have seen it before with mushrooms and mcat.”
At a bigger-picture level, this story is interesting in that it is one more artifact that lends toward the perspective that illegal activity will take place on the Dark Web when it cannot take place elsewhere. This may in fact happen, but what about the illegal activity that takes place in real life outside of brick-and-mortar stores?
Megan Feil, August 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden /Dark Web meet up on August 23, 2016.
Information is at this link: https://www.meetup.com/Louisville-Hidden-Dark-Web-Meetup/events/233019199/
Is Resting Data Safe Data?
August 2, 2016
Have you ever wondered if the data resting on your hard drive is safe while you are away from your computer? Have you ever worried that a hacker could sneak into your system and steal everything even when the data is resting (not actively being used)? It is a worry that most computer users experience as the traverse the Internet and possibly leaving themselves exposed. Network World describes how a potential upgrade could protect data in databases, “ A New Update To The NoSQL Database Adds Cryptsoft Technology.”
MarkLogic’s NoSQL database version nine will be released later in 2016 with an added security update that includes Cryptsoft’s KMIP (Key Management Interoperability Protocol). MarkLogic’s upgrade will use the flexibility, scalability, and agility of NoSQL with enterprise features, government-grade security, and high availability. Along with the basic upgrades, there will also be stronger augmentations to security, manageability, and data integration. MarkLogic is betting that companies will be integrating more data into their systems from dispersed silos. Data integration has its own series of security problems, but there are more solutions to protect data in transition than at rest, which is where the Cryptsoft KMIP enters:
“Data is frequently protected while in transit between consumers and businesses, MarkLogic notes, but the same isn’t always true when data is at rest within the business because of a variety of challenges associated with that task. That’s where Cryptsoft’s technology could make a difference. Rather than grappling with multiple key management tools, MarkLogic 9 users will be able to tap Cryptsoft’s embedded Key Management SDKs to manage data security from across the enterprise using a comprehensive, standards-compliant KMIP toolkit.”
Protecting data at rest is just as important as securing transitioning data. This reminds me of Oracle’s secure enterprise search angle that came out a few years ago. Is it a coincidence?
Whitney Grace, August 2, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Environmental Big Data Applied to Sustainable Health Purchasing
July 29, 2016
The US healthcare system has some of the best medical procedures and practices in the world, but the governing system is a violent mess. One aspect tangled in the nightmare is purchasing. Wharton University explains how big data can improve sustainability in everything in purchasing in everything from drugs to cleaning supplies: “The Four A’s: Turning Big Data Into Useful Information.”
The health care system is one of the biggest participants in group purchasing organizations (GPOs). One significant downplayed feature that all GPOs share is its green product usage. GPOs rely on using green products to cut back on waste and cost (in some cases), however, they could do more if they had access to environmental big data. It helps the immediate bottom line, but it does more for the future:
“Longer term, it makes good business sense for hospitals and clinics, which spend so much battling environmentally caused illnesses, to reduce, and where possible eliminate, the chemicals and other pollutants that are damaging their patients’ health. That is precisely why Premier’s GreenHealthy program is eager to move beyond price alone and take EPP into consideration. ‘Price doesn’t give us the whole story,’ said [Kevin Lewis, national program coordinator for the GreenHealthy division of Premier Inc]. ‘Our prime concern is making our patients safer.’”
Individual health service providers, however, do not have access to certain healthcare metrics and data, unless they ask for it from manufacturers/supplies. Even worse is that the health metrics data is often outdated.
The GPOs and the health providers could work together to exchange information to keep all data along the supply chain updated. It would create a sustainability chain that would benefit the environment and the bottom line.
Whitney Grace, July 29, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Meet the Company Selling Our Medical Data
July 22, 2016
A company with a long history is getting fresh scrutiny. An article at Fortune reports, “This Little-Known Firm Is Getting Rich Off Your Medical Data.” Writer Adam Tanner informs us:
“A global company based in Danbury, Connecticut, IMS buys bulk data from pharmacy chains such as CVS , doctor’s electronic record systems such as Allscripts, claims from insurers such as Blue Cross Blue Shield and from others who handle your health information. The data is anonymized—stripped from the identifiers that identify individuals. In turn, IMS sells insights from its more than half a billion patient dossiers mainly to drug companies.
“So-called health care data mining is a growing market—and one largely dominated by IMS. Last week, the company reported 2015 net income of $417 million on revenue of $2.9 billion, compared with a loss of $189 million in 2014 (an acquisition also boosted revenue over the year). ‘The outlook for this business remains strong,’ CEO Ari Bousbib said in announcing the earnings.”
IMS Health dates back to the 1950s, when a medical ad man sought to make a buck on drug-sales marketing reports. In the 1980s and ‘90s, the company thrived selling profiles of specific doctors’ proscribing patterns to pharmaceutical marketing folks. Later, they moved into aggregating information on individual patients—anonymized, of course, in accordance with HIPAA rules.
Despite those rules, some are concerned about patient privacy. IMS does not disclose how it compiles their patient dossiers, and it may be possible that records could, somehow someday, become identifiable. One solution would be to allow patients to opt out of contributing their records to the collection, anonymized or not, as marketing data firm Acxiom began doing in 2013.
Of course, it isn’t quite so simple for the consumer. Each health record system makes its own decisions about data sharing, so opting out could require changing doctors. On the other hand, many of us have little choice in our insurance provider, and a lot of those firms also share patient information. Will IMS move toward transparency, or continue to keep patients in the dark about the paths of their own medical data?
Cynthia Murrell, July 22, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link: http://bit.ly/29tVKpx.
Interview with an Ethical Hacker
July 20, 2016
We’ve checked out a write-up on one of the white-hats working for IBM at Business Insider— “Here’s What It’s Really Like to Be a Hacker at One of the World’s Biggest Tech Companies.” We wonder, does this wizard use Watson? The article profiles Charles Henderson. After summarizing the “ethical hacker’s” background, the article describes some of his process:
“The first thing I do every morning is catch up on what happened when I was sleeping. The cool thing is, since I run a global team, when I’m sleeping there are teams conducting research and working engagements with customers. So in the morning I start by asking, ‘Did we find any critical flaws?’ ‘Do I need to tell a client we found a vulnerability and begin working to fix it?’ From there, I am working with my team to plan penetration tests and make sure we have the resources we need to address the issues we have found. There isn’t an hour that goes by that I don’t find a cool, new way of doing something, which means my days are both unpredictable and exciting.
“I also do a lot of research myself. I like to look at consumer electronic devices, anything from planes to trains to automobiles to mobile devices. I try to find ways to break into or break apart these devices, to find new flaws and vulnerabilities.”
Henderson also mentions meeting with clients around the world to consult on security issues, and lists some projects his team has tackled. For example, a “physical penetration test” which involved stealing a corporate vehicle, and sending “tiger teams” to burgle client buildings. His favorite moments, though, are those when he is able to fix a vulnerability before it is exploited. Henderson closes with this bit of advice for aspiring hackers: “Always be curious. Never take anything at face value.”
Cynthia Murrell, July 20, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
There is a Louisville, Kentucky Hidden Web/Dark
Web meet up on July 26, 2016.
Information is at this link: http://bit.ly/29tVKpx.
-
- Subscribe to Beyond Search
Feature archive
News archive
-
