Content Matching Helps Police Bust Dark Web Sex Trafficking Ring
September 4, 2015
The Dark Web is not only used to buy and sell illegal drugs, but it is also used to perpetuate sex trafficking, especially of children. The work of law enforcement agencies working to prevent the abuse of sex trafficking victims is detailed in a report by the Australia Broadcasting Corporation called “Secret ‘Dark Net’ Operation Saves Scores Of Children From Abuse; Ringleader Shannon McCoole Behind Bars After Police Take Over Child Porn Site.” For ten months, Argos, the Queensland, police anti-pedophile taskforce tracked usage on an Internet bulletin board with 45,000 members that viewed and uploaded child pornography.
The Dark Web is notorious for encrypting user information and that is one of the main draws, because users can conduct business or other illegal activities, such as view child pornography, without fear of retribution. Even the Dark Web, however, leaves a digital trail and Argos was able to track down the Web site’s administrator. It turned out the administrator was an Australian childcare worker who had been sentenced to 35 years in jail for sexually abusing seven children in his care and sharing child pornography.
Argos was able to catch the perpetrator by noticing patterns in his language usage in posts he made to the bulletin board (he used the greeting “hiya”). Using advanced search techniques, the police sifted through results and narrowed them down to a Facebook page and a photograph. From the Facebook page, they got the administrator’s name and made an arrest.
After arresting the ringleader, Argos took over the community and started to track down the rest of the users.
” ‘Phase two was to take over the network, assume control of the network, try to identify as many of the key administrators as we could and remove them,’ Detective Inspector Jon Rouse said. ‘Ultimately, you had a child sex offender network that was being administered by police.’ ”
When they took over the network, the police were required to work in real-time to interact with the users and gather information to make arrests.
Even though the Queensland police were able to end one Dark Web child pornography ring and save many children from abuse, there are still many Dark Web sites centered on child sex trafficking.
Whitney Grace, September 4, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Shades of CrossZ: Compress Data to Speed Search
September 3, 2015
I have mentioned in my lectures a start up called CrossZ. Before whipping out your smartphone and running a predictive query on the Alphabet GOOG thing, sit tight.
CrossZ hit my radar in 1997. The concept behind the company was to compress extracted chunks of data. The method, as I recall, made use of fractal compression, which was the rage at that time. The queries were converted to fractal tokens. The system then quickly pulled out the needed data and displayed them in human readable form. The approach was called as I recall “QueryObject.” By 2002, the outfit dropped off my radar. The downside of the CrossZ approach was that the compression was asymmetric; that is, slow preparing the fractal chunk but really fast when running a query and extracting the needed data.
Flash forward to Terbium Labs, which has a patent on a method of converting data to tokens or what the firm calls “digital fingerprints.” The system matches patterns and displays high probability matches. Terbium is a high potential outfit. The firm’s methods may be a short cut for some of the Big Data matching tasks some folks in the biology lab have.
For me, the concept of reducing the size of a content chunk and then querying it to achieve faster response time is a good idea.
What do you think I thought when I read “Searching Big Data Faster”? Three notions flitter through my aged mind:
First, the idea is neither new nor revolutionary. Perhaps the MIT implementation is novel? Maybe not?
Second, the main point that “evolution is stingy with good designs” strikes me as a wild and crazy generalization. What about the genome of the octopus, gentle reader?
Third, MIT is darned eager to polish the MIT apple. This is okay as long as the whiz kids take a look at companies which used this method a couple of decades ago.
That is probably not important to anyone but me and to those who came up with the original idea, maybe before CrossZ popped out of Eastern Europe and closed a deal with a large financial services firm years ago.
Stephen E Arnold, September 3, 2015
Does This Autonomous Nerf Gun Herald the Age of Killer Robots?
September 3, 2015
Well here’s something interesting that has arisen from HP’s “disastrous” $11 billion acquisition of Autonomy: check out this three-minute YouTube video: “See What You Can Create with HP IDOL OnDemand.” The fascinating footage reveals the product of developer Martin Zerbib’s “little project,” made possible with IDOL OnDemand and a Nerf gun. Watch as the system targets a specific individual, a greedy pizza grabber, a napping worker, and a thief. It seems like harmless fun, until you realize how gruesome this footage would be if this were a real gun.
It is my opinion that it is the wielders of weapons who should be held directly responsible for their misuse, not the inventors. Still, commenter “Dazed Confused” has a point when he rhetorically asks “What could possibly go wrong?” and links to an article in Bulletin of the Atomic Scientists, “Stopping Killer Robots and Other Future Threats.” That piece describes an agreement being hammered out that proposes to ban the development of fully autonomous weapons. Writer Seth Baum explains there is precedent for such an agreement: The Saint Petersburg Declaration of 1868 banned exploding bullets, and 105 countries have now ratified the 1995 Protocol on Blinding Laser Weapons. (Such laser weapons could inflict permanent blindness on soldiers, it is reasoned.) After conceding that auto-weaponry would have certain advantages, the article points out:
“But the potential downsides are significant. Militaries might kill more if no individual has to bear the emotional burden of strike decisions. Governments might wage more wars if the cost to their soldiers were lower. Oppressive tyrants could turn fully autonomous weapons on their own people when human soldiers refused to obey. And the machines could malfunction—as all machines sometimes do—killing friend and foe alike.
“Robots, moreover, could struggle to recognize unacceptable targets such as civilians and wounded combatants. The sort of advanced pattern recognition required to distinguish one person from another is relatively easy for humans, but difficult to program in a machine. Computers have outperformed humans in things like multiplication for a very long time, but despite great effort, their capacity for face and voice recognition remains crude. Technology would have to overcome this problem in order for robots to avoid killing the wrong people.”
Baum goes on to note that organizers base their call for a ban on existing international humanitarian law, which prohibits weapons that would strike civilians. Such reasoning has already been employed to achieve bans against landmines and cluster munitions, and is being leveraged in an attempt to ban nuclear weapons.
Will killer robots be banned before they’re a reality? It seems the agreement would have to move much faster than bureaucracy usually does; given the public example of Zerbib’s “little project,” I suspect it is already way too late for that.
Cynthia Murrell, September 3, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Oracle Suggests a PeopleSoft Upgrade
September 2, 2015
PeopleSoft is a popular human resources management software and like all software it occasionally needs to be upgraded. TriCore Solutions suggests that instead of using Verity, your next upgrade to PeopleSoft should be the Oracle Secure Enterprise Search (SES). TriCore Solutions brags about helping clients upgrade to SES in the article, “Oracle Secure Enterprise Search (SES) And PeopleSoft 9.2.”
Oracle SES offers a secure, high-quality search across all enterprise platforms as well as analytics, intuitive search interface, secure crawling, indexing, and searching. When SES is deployed into an enterprise system it also offers several key capabilities:
- “Connectivity to Legacy Repositories. SES allows companies to access their most valuable assets – information about its specific business, its processes, products, customers, and documents that previously resided in proprietary repositories. Connectors include interfaces for EMC Documentum, Microsoft SharePoint, IBM Lotus Notes, Oracle‘s E-Business Suite and Oracle Siebel among others.
- Security: The ability to search password protected sources securely. Oracle‘s search technology provides single-sign-on (SSO) based security where available, and can also employ application-specific security where SSO is not available.
- High quality search results: Brings for the Intranet a high level of relevance that users associate with Internet searches.
- Going beyond keywords. As the volume of information grows, users need advanced search techniques like the ability to categorize and cluster search results for iterative navigation.”
It is evident that Oracle SES offers a comprehensive search feature to PeopleSoft and maybe a better product, but what does Verity have to offer?
Whitney Grace, September 2, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Forbes Bitten by Sci-Fi Bug
September 1, 2015
The article titled Semantic Technology: Building the HAL 9000 Computer on Forbes runs with the gossip from the Smart Data Conference this year. Namely, that semantic technology has finally landed. The article examines several leaders of the field including Maana, Loop AI Labs and Blazegraph. The article mentions,
“Computers still can’t truly understand human language, but they can make sense out of certain aspects of textual content. For example, Lexalytics (www.lexalytics.com) is able to perform sentiment analysis, entity extraction, and ambiguity resolution. Sentiment analysis can determine whether some text – a tweet, say, expresses a positive or negative opinion, and how strong that opinion is. Entity extraction identifies what a paragraph is actually talking about, while ambiguity resolution solves problems like the Paris Hilton one above.”
(The “Paris Hilton problem” referred to is distinguishing between the hotel and the person in semantic search.) In spite of the excitable tone of the article’s title, its conclusion is much more measured. HAL, the sentient computer from 2001: A Space Odyssey, remains in our imaginations. In spite of the exciting work being done, the article reminds us that even Watson, IBM’s supercomputer, is still without the “curiosity or reasoning skills of any two-year-old human.” For the more paranoid among us, this might be good news.
Chelsea Kerwin, September 1, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Maverick Search and Match Platform from Exorbyte
August 31, 2015
The article titled Input Management: Exorbyte Automates the Determination of Identities on Business On (a primarily German language website) promotes the Full Page Entity Detect from Exorbyte. Exorbyte is a world leader in search and match for large volumes of data. They boast clients in government, insurance, input management and ICT firms, really any business with identity resolution needs. The article stresses the importance of pulling information from masses of data in the modern office. They explain,
“With Full Page Entity Detect provides exorbyte a solution to the inbox of several million incoming documents.This identity data of the digitized correspondence (can be used for correspondence definition ) extract with little effort from full-text documents such as letters and emails and efficiently compare them with reference databases. The input management tool combines a high fault tolerance with accuracy, speed and flexibility.Gartner, the software company from Konstanz was recently included in the Magic Quadrant for Enterprise Search.”
The company promises that their Matchmaker technology is unrivaled in searching text without restrictions, even without language, allowing for more accurate search. Full Page Entity Detect is said to be particularly useful when it comes to missing information or overlooked errors, since the search is so thorough.
Chelsea Kerwin, August 31 , 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Monopoly On Scientific Papers
August 31, 2015
If you work in the academic community this headline from Your News Wire shouldn’t come as a surprise: “Nearly All Scientific Papers Controlled By Same Six Corporations.” A group of researchers studied scientific papers published between 1973-2013 and discovered that six major publishers ruled the industry: Wiley-Blackwell, Springer, Taylor & Francis, Sage, Reed Elsevier, and ACS. During the specified time period, it was found that the larger ones absorbed smaller publishers. Another, more startling, fact came to light as well: academic research groups must rely more and more on the main six publishers’ interests if they want to get their research published.
“Much of the independence that was once cherished within the scientific community, in other words, has gone by the wayside as these major publishers have taken control and now dictate what types of content get published. The result is a publishing oligopoly in which scientists are muzzled by and overarching trend toward politically correct, and industry-favoring, ‘science.’”
The six publishers publish subjects that benefit their profit margin and as a direct result they influence major scientific fields. Fields concerning chemistry, social sciences, and psychology are the most influenced by the publishers. This leads to corruption in the above disciplines and researchers are limited by studies that will deliver the most profits to the publishers. The main six publishers can also publish the papers digitally for a 40% profit margin.
There is good news. The study did find that publishing a paper via a smaller venue does not affect its reach. It also has the added benefit of the smaller venue not pushing a special interest agenda. The real question is are big publishers even needed in a digital age anymore?
Whitney Grace, August 31, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Yammer Improvements and Changes on the Horizon
August 27, 2015
A few years ago, Yammer was an integral part of SharePoint’s marketing campaign as they sought to persuade users that they were moving toward a focus on social. With the upcoming release of SharePoint 2016, social is still important, although it feels less forced and more natural this time around. There will be changes to Yammer and Redmond Magazine covers it in their article, “Microsoft Announces Yammer Improvements To Come While Deprecating Some Yammer SharePoint Apps.”
The article says:
“Microsoft announced this week that it is working on a more team-oriented Yammer, and it will be bringing along some mobile app improvements, too. Yammer is Microsoft’s enterprise-grade social networking application that’s part of some Office 365 subscription plans. Yammer can be used as a standalone service, but it’s also used with SharePoint Server products and SharePoint Online implementations.”
To stay current on what else may change with the release of SharePoint Server 2016, stay tuned to ArnoldIT.com. Stephen E. Arnold is an expert on search and the enterprise. His dedicated SharePoint feed is a great way to stay up to date on the latest new surrounding SharePoint.
Emily Rae Aldridge, August 27, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Insights into the Cut and Paste Coding Crowd
August 26, 2015
I read “How Developers Search for Code.” Interesting. The write up points out what I have observed. Programmers search for existing — wait for it — code.
Why write something when there are wonderful snippets to recycle. Here’s the paragraph I highlighted:
We also learn that a search session is generally just one to two minutes in length and involves just one to two queries and one to two file clicks.
Yep, very researchy. Very detailed. Very shallow. Little wonder that most software rolls out in endless waves of fixes. Good enough is the sort of sigma way.
Encouraging. Now why did that air traffic control crash happen? Where are the back ups to the data in Google’s Belgium server center? Why does that wonderful Windows 10 suck down data to mobile devices with little regard for data caps? Why does malware surface in Android apps?
Good enough: the new approach to software QA/QC.
Stephen E Arnold, August 26, 2015
How to Search the Ashley-Madison Data and Discover If You Had an Affair Too
August 26, 2015
If you haven’t heard about the affair-promoting website Ashley Madison’s data breach, you might want to crawl out from under that rock and learn about the millions of email addresses exposed by hackers to be linked to the infidelity site. In spite of claims by parent company Avid Life Media that users’ discretion was secure, and that the servers were “kind of untouchable,” as many as 37 million customers have been exposed. Perhaps unsurprisingly, a huge number of government and military personnel have been found on the list. The article on Reuters titled Hacker’s Ashley Madison Data Dump Threatens Marriages, Reputations also mentions that the dump has divorce lawyers clicking their heels with glee at their good luck. As for the motivation of the hackers? The article explains,
“The hackers’ move to identify members of the marital cheating website appeared aimed at maximum damage to the company, which also runs websites such as Cougarlife.com andEstablishedMen.com, causing public embarrassment to its members, rather than financial gain. “Find yourself in here?,” said the group, which calls itself the Impact Team, in a statement alongside the data dump. “It was [Avid Life Media] that failed you and lied to you. Prosecute them and claim damages. Then move on with your life. Learn your lesson and make amends. Embarrassing now, but you’ll get over it.”
If you would like to “find yourself” or at least check to see if any of your email addresses are part of the data dump, you are able to do so. The original data was put on the dark web, which is not easily accessible for most people. But the website Trustify lets people search for themselves and their partners to see if they were part of the scandal. The website states,
“Many people will face embarrassment, professional problems, and even divorce when their private details were exposed. Enter your email address (or the email address of your spouse) to see if your sexual preferences and other information was exposed on Ashley Madison or Adult Friend Finder. Please note that an email will be sent to this address.”
It’s also important to keep in mind that many of the email accounts registered to Ashley Madison seem to be stolen. However, the ability to search the data has already yielded some embarrassment for public officials and, of course, “family values” activist Josh Duggar. The article on the Daily Mail titled Names of 37 Million Cheating Spouses Are Leaked Online: Hackers Dump Huge Data File Revealing Clients of Adultery Website Ashley Madison- Including Bankers, UN and Vatican Staff goes into great detail about the company, the owners (married couple Noel and Amanda Biderman) and how hackers took it upon themselves to be the moral police of the internet. But the article also mentions,
“Ashley Madison’s sign-up process does not require verification of an email address to set up an account. This means addresses might have been used by others, and doesn’t prove that person used the site themselves.”
Some people are already claiming that they had never heard of Ashley Madison in spite of their emails being included in the data dump. Meanwhile, the Errata Security Blog entry titled Notes on the Ashley-Madison Dump defends the cybersecurity of Ashley Madison. The article says,
“They tokenized credit card transactions and didn’t store full credit card numbers. They hashed passwords correctly with bcrypt. They stored email addresses and passwords in separate tables, to make grabbing them (slightly) harder. Thus, this hasn’t become a massive breach of passwords and credit-card numbers that other large breaches have lead to. They deserve praise for this.”
Praise for this, if for nothing else. The impact of this data breach is still only beginning, with millions of marriages and reputations in the most immediate trouble, and the public perception of the cloud and cybersecurity close behind.
Chelsea Kerwin, August 26, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
