Tag Archives: Technology

Worst cyber-crime is in US, Russia

Posted on by

As I blogged yesterday, the IP addresses attacking me trace back to a Netherland hosting company called Ecatel Network.

ECATEL NETWORK

Ecatel has become notorious for hosting bad actors, from the Russian spammers to pedophile networks.  It also has a reputation for brushing off requests for help from the victims.

Trying to figure out what was going on, I did a bit of research into the world of cyber-crime.

AKAMAI REPORT – CHINA LEADS CYBER-CRIME?

The mainstream media likes to portray cyber-crime as essentially a foreign threat. China, especially, is fingered as the bad guy.

For instance, in January,  US-based Akamai Technologies issued a report  placing China at the head of global hacking, responsible for 35% of cyber-attacks world-wide.

More recently,  the US government pressed cyber-warfare charges against five of China’s army officers.

Nigerians scamsters are rumored to run a close second.

There are two things wrong with this picture. The first is the source of the information.

Akamai Technologies is a “content-delivery network” head-quartered in Cambridge, Massachussetts.

It was founded by an MIT applied math professor, Tom Leighton, and a graduate student at MIT, Daniel Lewin, later killed on AA flight 11, which crashed during the September 11, 2001 attack.

According to his MIT bio, Leighton is a specialist in cryptography,  digital rights, and algorithms for network applications. He also chaired a Presidential committee on Cyber-Security.

Akamai’s co-founder,  COO, and President was the founder of the Road-Runner cable service. Its CEO was a senior VP from IBM.

Akamai’s privacy policy states that it collects IP addresses and effectively tracks clients.

Its partners include Microsoft and Apple and its clients include the BBC, the White House,  Facebook, Twitter, Adobe Systems, Netflix, Yahoo, ESPN Star (India),  China Central Television and Al Jazeera, among many others.

How likely is it that reports from Akamai on cyber-crime are untouched by political pressure?

WORLD HOSTS REPORT –  US, RUSSIA LEAD CYBER-CRIME

Point two. The statistics don’t support Akamai’s pious propaganda.

The Chinese do indeed have a very high number of IP addresses attached to their malicious activity. If sheer volume were the only criterion, China would dominate.

However,  as far as the number of malicious sites and the level of threat involved, the world’s leading cyber-criminals aren’t Chinese.  Not even close.

They are in the US and in Russia, closely followed by smaller countries like the Netherlands, the Ukraine, and Romania.

In Host Exploit’s authoritative World Hosts Report of March 2013, five of the top twenty  malware hosts were based in the US; four were in Russia, two each in the Netherlands, Germany, and the Ukraine.

Chinanet Backbone was the only host from China that made the top twenty.

What was especially interesting to me was to find the originator of the attacks on my computer, Ecatel network, at the top of the list of the world’s leading hosts for malware.

Host Exploit also breaks down cyber-crime by country, with Russia leading the pack.

This is its list of the world’ top ten cyber-crime havens in 2013:

1. The Russian Federation (RU)

2. Belarus (BY)

3. Ukraine (UA)

4. The British Virgin Islands (VG)

5. The United States (US)

6. Romania (RO)

7. Netherlands (NL)

8. Poland (PL)

9. Turkey (TR)

10. Bulgaria  (BG)

 

The Guardian Stages Surveillance Theater

Posted on by

Image Credit: Saving the republic

The Guardian is running a piece by Trevor Timm, of the Greenwald-Poitras-Snowden- associated Freedom of the Press foundation. (H/T to Scott Lazarowitz, LRC)

It’s about Stingray, a technology that lets the government locate and track you via cell-phone tower signals.

Timm  is correct to point out the privacy implications of the NSA’s meta-data collection, which has filtered down to local police departments.

Meta-data is data about communications that doesn’t include the actual content.

It’s the date, the address (from and to), the length of time, the location.

Very rich, if collected continuously.

All very well, but, as even Timm does admit in the Guardian, this technology has been around for a couple of years.

Yet, last year, in a piece at the Electronic Frontier Foundation, Timm wrote:

A few months ago, EFF warned of a secretive new surveillance tool, commonly referred to as a “Stingray,” being used by the FBI in cases around the country.”

Secretive and new? Really?

The Louisville Law Review says the Feds used the Stingray from 2006 on.

[The Stingray is really a brand that refers to a family of technologies, says the Review.]

Local police departments were using the Stingray as early as 2007 (seven years ago).

“Oakland’s Targeted Enforcement Task Force made 21 ”Electronic Surveillance [StingRay] arrests” in 2007, 19 in 2008, and 19 in 2009 for charges including robbery, kidnapping, attempted murder and homicide. Further records show employees receiving up to 40 hours in training on the technology.”

This was discussed in the major media, at least as far back as 2011.

At the cyber- security blog, Schneier on Security, a commenter in January 2013, called the Stingray “very old technology.”

And the Stingray is now old and very expensive technology, I’d actually be more woried by the likes of pocket picocells that hackers cobble together from COTS equipment for less than 200USD. “

A spy technology for under 200 bucks?

I’d be more worried by picocells too.

So, why isn’t the Guardian?

Or the EFF?

Or the Freedom of the Press Foundation?

Google’s “Hummingbird”: IP Theft & Mind-Control

Posted on by

Google’s new search algorithm Hummingbird adds to the company’s sinister reputation among privacy advocates.

Google’s creepy Google Glass didn’t help it either.

Now comes Hummingbird, the biggest algorithm change in the search engine in twelve years.

“Hummingbird should better focus on the meaning behind the words,” Sullivan reports. “It may better understand the actual location of your home, if you’ve shared that with Google. It might understand that ‘place’ means you want a brick-and-mortar store. It might get that ‘iPhone 5s’ is a particular type of electronic device carried by certain stores. Knowing all these meanings may help Google go beyond just finding pages with matching words.”

(Hummingbird is Google’s biggest algorithm change in 12 years,” WebProNews,  Sept. 28, 2013)

Simply put, Hummingbird is about Google trying to find the holistic meaning behind the individual words of a search-string (the query or series of words you input into the search function),  or, in the case of websites, the overall intent behind the key-words most used.

Bottom-line: Google is trying to figure out what’s going on in your mind when you type out certain words.

That is terribly similar to an area of research dear to the defense and spy agencies – predictive software and technology.

For instance,  DARPA (Defense Advanced Research Projects Agency) is very interested in developing the cognitive footprints of users for identification purposes.

The goal is to bypass the need for passwords, which tend to be cumbersome for users and vulnerable to password-cracking, phishing, social-engineering, memory failures, and hardware theft.

Software biometric modalities” are to be used to develop what it terms Active Authentication.

Anyone can see how useful the new Hummingbird algorithm would be to DARPA.

Indeed, given Google’s prior collaboration with the CIA in the monitoring of social media, it wouldn’t be surprising if Hummingbird has also come out of a joint project with the government.

The defense agencies come up with the technology to figure out what random “bad guys” are up to. Google monetizes it and returns the favor by data-sharing with the government.

The consumer might have his every need…indeed wish…met, but web-users are now going to find that Google’s “free lunch:” is not only not free, it’s not remotely cheap.

And web users are the ones footing the bill.

Here’s how.

“Google Hummingbird: Where no search has gone before,” Jeremy Hull, iProspect, Wired, October 15, 2013

Google has updated its search algorithm many times over the past few years, but previous updates were focused on making Google better at gathering information — for example, indexing websites more often and identifying spammy content. Hummingbird is focused on the user. It’s about Google getting better at understanding what searchers really want and providing them with better answers.”

That’s Google’s stated objective, of course. But how about websites?

When you search Google for answers to questions, what website owners want is for you to go to their site to get the information.

This is not only because they might hope to sell you something and thereby earn a living.

It’s also because they hope that by giving you good information not available in the mainstream media,  they might attract you to their site and persuade you on other issues.

By offering free information, web writers hope you will find them reliable, credible, or interesting and become committed readers. That’s why millions of writers and websites, spend inordinate amounts of energy and time finding answers and giving them away to others for free.

Of course, ethics and decency demand that readers who benefit from that information cite the place they found it and give the author credit.

Not Hummingbird.

It harvests information from the net and puts it on Information cards that pop up in answer to searches.

Now, if the information is immediately given to the reader by Google, why will they visit the websites from which Google might have culled the answer?

They won’t.  That means that Google is not only stealing the private data of its users through Gmail, Google Earth, and a bunch of other programs, it’s also stealing from the websites it’s supposed to be helping.

But “Hummingbird” is not just unfriendly to websites offering information to the public, it acts to control what information is presented to you and how.

Hummingbird’s graphic is an easy way for Google to give you what Google (and very likely, the government) want you to know, rather than what you might learn if you delved into your search results yourself.

The new graphic could even give you downright misleading or inaccurate information. Just think about Snopes, the ostensibly myth-busting site that somehow manages to bust myths only in left-liberal ways.

So, Hummingbird is not only using your personal information for Google’s own commercial (and the government’s surveillance) purposes, it’s using information from blogs/websites, without their permission, for its own operations.

That’s two counts of IP theft.

Then, the whole business of trying to determine exactly what you’re thinking when you type certain things into the search function sounds awfully like mind-reading to me. In order to do that kind of mind-reading, all sorts of personal information from your web usage (even more than Google has been collecting so far) has to be collated and compared. Mapped, if you will.

That’s two counts of privacy invasion.

Finally, by manipulating access to the knowledge available on the Internet, under the guise of consumer satisfaction, by giving you pre-packaged answers before it gives you your search results, Google is actually  trying to control your thinking.

That’s one count of mind-control.

Is it any surprise that the new algorithm shares its name with DARPA’s nano flying robot/drone Hummingbird, which beats its wings like a bird?.

DARPA’s Hummingbird is a spy drone:

“The drone, built by AeroVironment with funding from DARPA, is able to fly forwards, backwards, and sideways, as well as rotate clockwise and counterclockwise. Not only does the ‘bot resemble its avian inspiration in size (it’s only slightly larger than a hummingbird, with a 6.5-inch wingspan and a weight of 19 grams), it also looks impressively like a hummingbird in flight.

But that’s not vanity — it’s key to the drone’s use as a spy device, as it can perch near its subject without alerting it.”

Google’s Hummingbird seems no less innocuous and no less insidious.

It’s more evil-doing from the Franken-SearchEngine that routinely spies for the NSA and CIA and systematically  commits Intellectual Property theft.

Read more at Entrepreneur .com

The End Of Chinese Manufacturing?

Posted on by

Vivek Wadhwa at Forbes:

The End of Chinese manufacturing?

“There is great concern about China’s real-estate and infrastructure bubbles.  But these are just short-term challenges that China may be able to spend its way out of. The real threat to China’s economy is bigger and longer term: its manufacturing bubble.

By offering subsidies, cheap labor, and lax regulations and rigging its currency, China was able to seduce American companies to relocate their manufacturing operations there. Millions of American jobs moved to China, and manufacturing became the underpinning of China’s growth and prosperity. But rising labor costs, concerns over government-sponsored I.P. theft, and production time lags are already causing companies such as Dow Chemicals, Caterpillar, GE, and Ford to start moving some manufacturing back to the U.S. from China. Google recently announced that its Nexus Q streaming media player would be made in the U.S., and this put pressure on Apple to start following suit.

But rising costs and political pressure aren’t what’s going to rapidly change the equation. The disruption will come from a set of technologies that are advancing at exponential rates and converging.

These technologies include robotics, artificial intelligence (AI), 3D printing, and nanotechnology. These have been moving slowly so far, but are now beginning to advance exponentially just as computing does.  Witness how computing has advanced to the point at which the smart phones we carry in our pockets have more processing power than the super computers of the ’60s—and how the Internet, which also has its origins in the ’60s, went on an exponential growth path about 15 years ago and rapidly changed the way we work, shop, and communicate.  That’s what lies ahead for these new technologies.

The robots of today aren’t the Androids or Cylons that we used to see in science-fiction movies, but specialized electro-mechanical devices that are controlled by software and remote controls. As computers become more powerful, so do the abilities of these devices. Robots are now capable of performing surgery, milking cows, doing military reconnaissance and combat, and flying fighter jets. And DIY’ers are lending a helping hand. There are dozens of startups, such as Willow Garage, iRobot, and 9th Sense, selling robot-development kits for university students and open-source communities. They are creating ever more-sophisticated robots and new applications for these. Watch this video of the autonomous flying robots that University of Pennsylvania professor Vijay Kumar created with his students, for example.

The factory assembly that the Chinese are performing is child’s play for the next generation of robots—which will soon become cheaper than human labor. Indeed, one of China’s largest manufacturers, Taiwan-based Foxconn Technology Group, announced last August that it plans to install one million robots within three years to do the work that its workers in China presently do. It found Chinese labor to be too expensive and demanding. The world’s most advanced car, the Tesla Model S, is also being manufactured in Silicon Valley, which is one of the most expensive places in the country. Tesla can afford this because it is using robots to do the assembly.

Then there is artificial intelligence (AI)—software that makes computers do things that, if humans did them, we would call intelligent. We left AI for dead after the hype it created in the ‘80s, but it is alive and kicking—and advancing rapidly. It is powering all sorts of technologies. This is the technology that IBM’s Deep Blue computer used in beating chess grandmaster Garry Kasparov in 1997and that enabled IBM’s Watson to beat TV-show Jeopardy champions in 2011. AI is making it possible to develop self-driving cars, voice-recognition systems such as Apple’s Siri, and the face-recognition software Facebook recently acquired. AI technologies are also finding their way into manufacturing and will allow us to design our own products at home with the aid of AI-powered design assistants.

How will we turn these designs into products? By “printing” them at home or at modern-day Kinko’s: shared public manufacturing facilities such as TechShop, a membership-based manufacturing workshop, using new manufacturing technologies that are now on the horizon.

A type of manufacturing called “additive manufacturing” is making it possible to cost-effectively “print” products.  In conventional manufacturing, parts are produced by humans using power-driven machine tools, such as saws, lathes, milling machines, and drill presses, to physically remove material to obtain the shape desired. This is a cumbersome process that becomes more difficult and time-consuming with increasing complexity. In other words, the more complex the product you want to create, the more labor is required and the greater the effort.

In additive manufacturing, parts are produced by melting successive layers of materials based on 3D models—adding materials rather than subtracting them. The “3D printers” that produce these use powered metal, droplets of plastic, and other materials—much like the toner cartridges that go into laser printers.  This allows the creation of objects without any sort of tools or fixtures. The process doesn’t produce any waste material, and there is no additional cost for complexity. Just as, in using laser printers, a page filled with graphics doesn’t cost much more than one with text, in using a 3D printer, we can print sophisticated 3D structures for about the cost of a brick.

3D printers can already create physical mechanical devices, medical implants, jewelry, and even clothing. The cheapest 3D printers, which print rudimentary objects, currently sell for between $500 and $1000. Soon, we will have printers for this price that can print toys and household goods. By the end of this decade, we will see 3D printers doing the small-scale production of previously labor-intensive crafts and goods. It is entirely conceivable that in the next decade we start 3D-printing buildings and electronics.”

Ten Ways To Fight The Police State

Posted on by

Image: technologyjones.com

There are ways to fight the police-state, on your own, without joining any group or party and giving up your independence.  Protecting your privacy on the Internet is one of them.

Just don’t forget that a lot of privacy sites are really government projects. The idea is to steer you to privacy software put out by the government’s buddies. It’s the oldest trick in the book.

But given that, there are a few things you can do to protect yourself. Here are ten of them.

1. Get your name and address off of mailing lists, subscriber lists, forms, directories, and data centers. You may need to keep doing that every year, as long as you have a credit card with your home address on it.

2.  Use Google only if you need to. Otherwise, use private/anonymous search engines. There are a few. I won’t name them, because when people start selecting one or other engine, then the powers-that-be start paying more attention and screw things up for them.

3. Use a virtual private network, but use it with caution. There’s a Catch-22 here. The free ones probably make money by selling your information… or worse. The ones that aren’t free need you to sign up on the net with an account and a credit card. Which means another vulnerability.  Passwords can be hacked and licenses can be stolen. Plus, VPN’s with servers and HQ’s in America, Britain, Europe and many other places, cannot protect your privacy if you get caught up with the police or lawyers, even tangentially.  Your ISP and VPN provider will be forced to comply with subpoenas and laws that demand data-sharing.

Completely anonymous off-shore VPN’s on the other hand can arouse government suspicion, even if you’re as innocent as a baa lamb.

Also, what if someone hijacks your VPN to commit crimes? How would you prove it wasn’t you, if someone wanted  to incriminate you?

I  asked the  FBI this recently, and they tell me that they can figure it out. But do you really want to be in a position where only the FBI can clear your name? And what if it’s the FBI that wants to get you in trouble? I mean, it’s not unheard of.

4. Limit what you do on the Internet. If you can’t stop using the net altogether (which is really the best option), try to curtail what you do. Limit what you buy on the net. Stop sending sensitive emails, even encrypted ones, over the net.  If you have to sell on the Internet to make a living, stay on top of computer crime by following a good security forum. Wilders is one.

5. Share computers or use public computers.  Lots of times, the easiest way to be private is to use a  computer used by other people you can trust, so long as you don’t input sensitive information. That way what you do is mixed up with what lots of other people are doing and it’s harder to track.

6. Don’t tell anyone your privacy tricks. I used to suggest things on this blog before, like using Scroogle or Ixquick. I don’t any more. The more people start using one trick, the more the government…or the criminals on the net…starts focusing on that trick. I’m not about to research things so people can track and harass me using my own research against me.

Who would do such a scummy thing?  Short answer – scum.

On the net, the scum rises to the top.

7. Don’t put your ideas out on the net, unless you’re prepared for everyone to take them without credit. While many people try to be ethical, a substantial number think that the ease of digital crime is a justification for it.

Keep your thoughts to yourself for other reasons, as well.  Any opinion you voice publicly is going to be held against you.

Write what your conscience demands. Just be sure you can live with how people will use it, misuse it, and abuse it.

8.  Avoid social media, unless you have to connect with someone for a reason. I deleted my Facebook account, my Digg account, Technorati, and a bunch of other things I don’t want to mention. I keep my blog up for several reasons, but from the viewpoint of privacy, it’s a terrible thing. I sometimes wish I had never begun it.

9. Keep a low profile. Even if you do have to write/blog, try to keep it under the radar. Blogging about politics is always going to get attention. You can’t avoid that. But you can always avoid  confrontations. You can always make an effort to give both sides their due,  You can filter comments, avoid posting on forums/sites you don’t know personally, and side-step flame-wars with all the cretins and sociopaths out there.

The net is a highway.  You’re driving next to strangers. Honking your horn or waving a hand at them is OK. Getting into their cars and driving off to dinner with them is another.

10. Watch your IP (Internet Protocol). Your IP address is being harvested by someone all the time. Cookies collect it, forums and boards record it, email providers and search engines track it.  You can disguise it or change it, but determined people can always get hold of  an IP.

That means they can figure out where you are, physically. Which is pretty unnerving. I’ve had a few nasty experiences when enemies got hold of my IP.

So change your IP as much as you need to; change your computer and  ISP provider every year, or even every six months. It’s not so hard to change a computer if you buy it refurbished or second-hand. A good Dell laptop can be had for about $120.  You can always sell the old one and get back some of your money.

On the other hand, you might want to arrange for a few traps for any would-be spies. In that case, your approach might be a bit different…..Be creative.

As for ISP’s, there are always deals, if you look for them.  Quote a price and ask your ISP if they will match it.  In this economy, companies are willing to lower their rates to attract customers.