CloudFlare Claims Most Activity from Tor Is Malicious
June 28, 2016
Different sources suggest varying levels of malicious activity on Tor. Tech Insider shared an article responding to recent claims about Tor made by CloudFlare. The article, entitled, Google Search has a secret feature that shouts animal noises at you, offers information about CloudFlare’s perspective and that of the Tor Project. CloudFlare reports most requests from Tor, 94 percent, are “malicious” and the Tor Project has responded by requesting evidence to justify the claim. Those involved in the Tor Project have a hunch the 94 percent figure stems from CloudFlare attributing the label of “malicious” to any IP address that has ever sent spam. The article continues,
“We’re interested in hearing CloudFlare’s explanation of how they arrived at the 94% figure and why they choose to block so much legitimate Tor traffic. While we wait to hear from CloudFlare, here’s what we know: 1) CloudFlare uses an IP reputation system to assign scores to IP addresses that generate malicious traffic. In their blog post, they mentioned obtaining data from Project Honey Pot, in addition to their own systems. Project Honey Pot has an IP reputation system that causes IP addresses to be labeled as “malicious” if they ever send spam to a select set of diagnostic machines that are not normally in use. CloudFlare has not described the nature of the IP reputation systems they use in any detail.”
This article raises some interesting points, but also alludes to more universal problems with making sense of any information published online. An epistemology about technology, and many areas of study, is like chasing a moving target. Knowledge about technology is complicated by the relationship between technology and information dissemination. The important questions are what does one know about Tor and how does one know about it?
Megan Feil, June 28, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Luciad Data Visualization and Situational Awareness Is Like an Over Stimulated Google Maps
June 21, 2016
The promotional article on Luciad titled Luciad V2016 Puts Users at the Center of Technical Innovation discusses the data fusion product from the global software company emphasizing situational awareness systems for Aviation, Defense and Security markets. 50,000+ people have viewed the 3D browser technology via the web app launched in 2015 that shows the breathtaking capacity to track and visualize moving data in the form of 35,000 international flights. The article states,
“Luciad’s software components are designed for the creation of applications that tackle a range of tasks, from top-level strategy to tactical detail and mission planning to operations debriefing. By connecting directly to data sources, Luciad’s software not only analyzes and visualizes what is happening now, but also helps predict what will happen next – allowing users to act quickly and safely. “Connect, visualize, analyze, act” is both our method and our motto.”
The LuciadFusion technology product features include the ability to fuse and serve multi-dimensional and multi-layered formats as well as multi-dimensional raster data, which applies to weather data. If you thought Google Maps was cool, this technology will blow you away. The developers were very interested in the aesthetic quality of the technology, and richness of the imaging makes that focus crystal clear.
Chelsea Kerwin, June 21, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
More Data to Fuel Debate About Malice on Tor
June 9, 2016
The debate about malicious content on Tor continues. Ars Technica published an article continuing the conversation about Tor and the claims made by a web security company that says 94 percent of the requests coming through the network are at least loosely malicious. The article CloudFlare: 94 percent of the Tor traffic we see is “per se malicious” reveals how CloudFlare is currently handling Tor traffic. The article states,
“Starting last month, CloudFlare began treating Tor users as their own “country” and now gives its customers four options of how to handle traffic coming from Tor. They can whitelist them, test Tor users using CAPTCHA or a JavaScript challenge, or blacklist Tor traffic. The blacklist option is only available for enterprise customers. As more websites react to the massive amount of harmful Web traffic coming through Tor, the challenge of balancing security with the needs of legitimate anonymous users will grow. The same network being used so effectively by those seeking to avoid censorship or repression has become a favorite of fraudsters and spammers.”
Even though the jury may still be out in regards to the statistics reported about the volume of malicious traffic, several companies appear to want action sooner rather than later. Amazon Web Services, Best Buy and Macy’s are among several sites blocking a majority of Tor exit nodes. While a lot seems unclear, we can’t expect organizations to delay action.
Megan Feil, June 9, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
A Possible Goodbye to the Dark Web
June 7, 2016
Should the Dark Web be eradicated? An article from Mic weighs in with an editorial entitled, Shutting Down the Dark Web Is a Plainly Absurd Idea From Start to Finish. Where is this idea coming from? Apparently 71 percent of internet users believe the Dark Web “should be shut down”. This statistic is according to a survey of over 24,000 people from Canadian think tank Centre for International Governance Innovation. The Mic article takes issue with the concept that the Dark Web could be “shut down”,
“The Dark Net, or Deep Web or a dozen other names, isn’t a single set of sites so much as a network of sites that you need special protocols or software in order to find. Shutting down the network would mean shutting down every site and relay. In the case of the private web browser Tor, this means simultaneously shutting down over 7,000 secret nodes worldwide. The combined governments of various countries have enough trouble keeping the Pirate Bay from operating right on the open web, never mind trying to shut down an entire network of sites with encrypted communications and hidden IP addresses hosted worldwide.”
The feasibility of shutting down the Dark Web is also complicated by the fact that there are multiple networks, such as Tor, Freenet or I2P, that allow Dark Web access. Of course, there is also the issue, as the article acknowledges, that many uses of the Dark Web are benign or even to further human rights causes. We appreciated a similar article from Softpedia, which pointed to the negative public perception stemming from media coverage of the takedown child pornography and drug sales site takedowns. It’s hard to know what isn’t reported in mainstream media.
Megan Feil, June 7, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Emerging Technology May Have Application for Security
June 6, 2016
New technologies for use in security are increasingly receiving attention. An article, Lip-reading technology ‘could capture what people on CCTV say’ claim researchers from Mirror discusses one example. The University of East Anglia in Norwich developed what is called a visual speech recognition technology. The purpose is to identify what people are saying in situations where audio is not good enough to hear. One application mentioned is for videos recorded from security cameras. The post describes more,
“Helen Bear, from the university’s school of computing science, said the technology could be applied to a wide range of situations from criminal investigations to entertainment. She added: “Lip-reading has been used to pinpoint words footballers have shouted in heated moments on the pitch, but is likely to be of most practical use in situations where there are high levels of noise, such as in cars or aircraft cockpits. “Crucially, whilst there are still improvements to be made, such a system could be adapted for use for a range of purposes – for example, for people with hearing or speech impairments.” Some sounds like “P” and “B” look similar on the lips and have traditionally been hard to decipher, the researchers said.”
Whether in real life or online, security and cybersecurity efforts and technologies are making headlines, keeping pace with security threats and breaches. It is interesting that applications for emerging technologies like this have such a range, but this particular technology seems to be rooted in brick-and-mortar security. We think there is a need for more focus on security as it relates to the Dark Web.
Megan Feil, June 6, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
monograph
Google Has Much at Stake in Intel Tax Case
June 3, 2016
In the exciting department of tax activities, 9to5Google reports, “Google Could Effectively Recoup All the Tax it Paid Last Year if Intel Wins Test Case.” Why is Google so invested in a dispute between Intel and the IRS? Writer Ben Lovejoy explains:
“In essence, the case hinges on share compensation packages paid by overseas subsidiaries. The IRS says that the cost of these should be offset against the expenses of the overseas companies; Intel says no, the cost should be deducted by the U.S. parent company – reducing its tax liabilities in its home country. The IRS introduced the rule in 2003. Companies like Google have abided by the rule but reserved the right to reallocate costs if a court ruling went against the IRS, giving them a huge potential windfall.”
This windfall could amount to $3.5 billion for Alphabet, now technically Google’s “parent” company (but really just a reorganized Google). Apparently, according to the Wall Street Journal, at least 20 tech companies, including Microsoft and eBay, are watching this case very closely.
Google is known for paying the fewest taxes it thinks it can get away with, a practice very unpopular with some. We’re reminded:
“Google has recently come under fire for its tax arrangements in Europe, a $185M back-tax deal in the UK being described as ‘disproportionately small’ and possibly illegal. France is currently seeking to claim $1.76B from the company in back taxes.”
So, how much will the world’s tax collectors be able to carve out of the Google revenue pie? I suspect it will vary from year to year, and will keep courts and lawyers around the world very busy.
Cynthia Murrell, June 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
European Companies Help Egypt Spy on Citizens
June 2, 2016
It seems that, as Egypt was brutally repressing citizens during the massive protests of 2010 and 2011, European companies were selling citizen-surveillance tech to that country’s secret spy agency. Hammerhead Combat Systems shares the article, “Espionage Files: European Companies Sold Spy Tech to a Secret Egyptian Intelligence Unit Amid Brutal Repression.” The article cites a report from Privacy International; writer Namir Shabibi tells us:
“The investigation, entitled ‘The President’s Men? Inside the Technical Research Department, the secret player in Egypt’s intelligence infrastructure,’ is the first to shed light on the growth of the TRD intelligence unit, its pivotal role in Egyptian intelligence apparatus and its links to European companies.
“The TRD’s growth is consistent with claims by human rights defenders that the Egyptian security service was in reality untouched by the revolution. Instead, it quietly went about strengthening itself under the cover of political turmoil.
“The report implicates two European companies in the sale of surveillance technology to TRD. At the time of mass protests in Egypt between 2010-11, it claims Nokia Siemens Networks provided the TRD mass surveillance capabilities including an interception management system and a monitoring center.
“Moreover, according to Privacy International, leaked emails from Italian surveillance equipment seller Hacking Team dated from last year show that it expected to earn a million euros from the sale of intrusive surveillance technologies to the unit. The technology would allow TRD complete access to the computers and smartphones of targeted individuals.”
Note that Nokia Siemens owns Trovicor, which does real-time surveillance and intercepts. The article states that former President Hosni Mubarak used the TRD to fight his political opponents and that the system may date back as far as Anwar Sadat’s rule. Seemingly unabashed, Hacking Team asserts they are in compliance with Italian regulations. On the other hand, European Member of Parliament Marietje Schaake suspects these two companies have violated existing EU rules and, if not, insists new rules must be created immediately. See the piece (originally published at Vice News), or navigate to the Privacy International report itself, for more details.
Cynthia Murrell, June 3, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Next-Generation Business Intelligence Already Used by Risk Analysis Teams
June 1, 2016
Ideas about business intelligence have certainly evolved with emerging technologies. Addressing this, an article, Why machine learning is the new BI from CIO, speaks to this transformation of the concept. The author describes how reactive analytics based on historical data do not optimally assist business decisions. Questions about customer satisfaction are best oriented toward proactive future-proofing, according to the article. The author writes,
“Advanced, predictive analytics are about calculating trends and future possibilities, predicting potential outcomes and making recommendations. That goes beyond the queries and reports in familiar BI tools like SQL Server Reporting Services, Business Objects and Tableau, to more sophisticated methods like statistics, descriptive and predictive data mining, machine learning, simulation and optimization that look for trends and patterns in the data, which is often a mix of structured and unstructured. They’re the kind of tools that are currently used by marketing or risk analysis teams for understanding churn, customer lifetimes, cross-selling opportunities, likelihood of buying, credit scoring and fraud detection.”
Does this mean that traditional business intelligence after much hype and millions in funding is a flop? Or will predictive analytics be a case of polishing up existing technology and presenting it in new packaging? After time — and for some after much money has been spent — we should have a better idea of the true value.
Megan Feil, June 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Financial Institutes Finally Realize Big Data Is Important
May 30, 2016
One of the fears of automation is that human workers will be replaced and there will no longer be any more jobs for humanity. Blue-collar jobs are believed to be the first jobs that will be automated, but bankers, financial advisors, and other workers in the financial industry have cause to worry. Algorithms might replace them, because apparently people are getting faster and better responses from automated bank “workers”.
Perhaps one of the reasons why bankers and financial advisors are being replaced is due to their sudden understanding that “Big Data And Predictive Analytics: A Big Deal, Indeed” says ABA Banking Journal. One would think that the financial sector would be the first to embrace big data and analytics in order to keep an upper hand on their competition, earn more money, and maintain their relevancy in an ever-changing world. They, however, have been slow to adapt, slower than retail, search, and insurance.
One of the main reasons the financial district has been holding back is:
“There’s a host of reasons why banks have held back spending on analytics, including privacy concerns and the cost for systems and past merger integrations. Analytics also competes with other areas in tech spending; banks rank digital banking channel development and omnichannel delivery as greater technology priorities, according to Celent.”
After the above quote, the article makes a statement about how customers are moving more to online banking over visiting branches, but it is a very insipid observation. Big data and analytics offer the banks the opportunity to invest in developing better relationships with their customers and even offering more individualized services as a way to one up Silicon Valley competition. Big data also helps financial institutions comply with banking laws and standards to avoid violations.
Banks do need to play catch up, but this is probably a lot of moan and groan for nothing. The financial industry will adapt, especially when they are at risk of losing more money. This will be the same for all industries, adapt or get left behind. The further we move from the twentieth century and generations that are not used to digital environments, the more we will see technology integration.
Whitney Grace, May 30, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
Erdogan Government Cracks down on Turkish Media
May 26, 2016
The Turkish government has been forcibly seizing and intimidating the nation’s media, we learn from “Erdogan’s Latest Media Takeover is About More than Just One Newspaper” at Mashable. Is this the future of publishing?
Turkish police fought protesters and manhandled journalists as the government wrested control of Zaman, Turkey’s most popular newspaper and, as journalist Suna Vidinli puts it, the country’s “last remaining effective voice of criticism in the press.” She continues:
“President Erdogan had long planned to take over Zaman as the paper was affiliated with Gulen Group, his main remaining adversary in his quest for absolute power. Earlier in the week, the Turkish Supreme Court — in a surprising and rare move — had released two top editors of Cumhuriyet, Can Dundar and Erdem Gul, from prison. They were imprisoned for writing about the illegal trafficking of weapons to radicals in Syria.
“Erdogan saw their release as a direct move against his authority and wowed to show who was boss. He signaled that the two journalists would be put back in prison soon and declared ‘things can get shaky in the following days.’ Hence, the takeover of Zaman was carefully planned as the most brutal confiscation of media to date in Turkish history.
“The confiscation of Zaman media group highlights some critical developments in Turkey. The government immediately took the media group offline, and a special tech team was brought in to completely wipe out the news archive and web content of the newspaper.”
The Chihan News Agency was also included in the seizure, a group we learn was the only non-governmental organization to monitor Turkish exit polls to ensure fair elections. The article notes that the remaining independent media in Turkey seem to have been effectively cowed, since none of them reported on the violent takeover. Governments, media groups, and human rights organizations around the world condemned the seizure; the U.S. State Department called Turkey’s pattern of media suppression “troubling.” We couldn’t agree more.
Cynthia Murrell, May 26, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph
-
- Subscribe to Beyond Search
Feature archive
News archive
-
