Archive for the ‘Telecommunications’ Category

Audio/Video Conferencing – Apache OpenMeetings

Wednesday, September 7th, 2016

Apache OpenMeetings

Ignorance of Apache OpenMeetings is the only explanation I can offer for non-Apache Openmeetings webinars with one presenter, listeners and a chat channel.

Proprietary solutions limit your audience’s choice of platforms, while offering no, repeat no advantages over Apache OpenMeetings.

It may be that your IT department is too busy creating SQLi weaknesses to install and configure Apache OpenMeetings, but even so that’s a fairly poor excuse for not using it.

If you just have to spend money to “trust” software, there are commercial services that offer hosting and other services for Apache OpenMeetings.

Apologies, sort of, for the Wednesday rant, but I tire of limited but “popular logo” commercial services used in place of robust open source solutions.

Telephone Metadata Can Reveal Surprisingly Sensitive Personal Information

Wednesday, August 3rd, 2016

Stanford computer scientists show telephone metadata can reveal surprisingly sensitive personal information by Bjorn Carey.

The intelligence community assertion that telephone metadata only enables “connecting the dots,” has been confirmed to be a lie.

From the post:

Most people might not give telephone metadata – the numbers you dial, the length of your calls – a second thought. Some government officials probably view it as similarly trivial, which is why this information can be obtained without a warrant.

But a new analysis by Stanford computer scientists shows that it is possible to identify a person’s private information – such as health details – from metadata alone. Additionally, following metadata “hops” from one person’s communications can involve thousands of other people.

The researchers set out to fill knowledge gaps within the National Security Agency’s current phone metadata program, which has drawn conflicting assertions about its privacy impacts. The law currently treats call content and metadata separately and makes it easier for government agencies to obtain metadata, in part because it assumes that it shouldn’t be possible to infer specific sensitive details about people based on metadata alone.

The findings, reported today in the Proceedings of the National Academy of Sciences, provide the first empirical data on the privacy properties of telephone metadata. Preliminary versions of the work, previously made available online, have already played a role in federal surveillance policy and have been cited in litigation filings and letters to legislators in both the United States and abroad. The final work could be used to help make more informed policy decisions about government surveillance and consumer data privacy.

The computer scientists built a smartphone application that retrieved the previous call and text message metadata – the numbers, times and lengths of communications – from more than 800 volunteers’ smartphone logs. In total, participants provided records of more than 250,000 calls and 1.2 million texts. The researchers then used a combination of inexpensive automated and manual processes to illustrate both the extent of the reach – how many people would be involved in a scan of a single person – and the level of sensitive information that can be gleaned about each user.

From a small selection of the users, the Stanford researchers were able to infer, for instance, that a person who placed several calls to a cardiologist, a local drugstore and a cardiac arrhythmia monitoring device hotline likely suffers from cardiac arrhythmia. Another study participant likely owns an AR semiautomatic rifle, based on frequent calls to a local firearms dealer that prominently advertises AR semiautomatic rifles and to the customer support hotline of a major firearm manufacturer that produces these rifles.

One of the government’s justifications for allowing law enforcement and national security agencies to access metadata without warrants is the underlying belief that it’s not sensitive information. This work shows that assumption is not true.

See Carey’s post for the laypersons explanation of the Stanford findings or dive into Evaluating the privacy properties of telephone metadata by Jonathan Mayera, Patrick Mutchler, and John C. Mitchell, for more detailed analysis. (Thankfully open access.)

Would law enforcement and national security agencies think telephone metadata is not sensitive if hackers were obtaining it from telecommunication companies and/or from the electromagnetic field where communication signals are found?

If you were interested only in law enforcement, national security agencies and governments, a much smaller set of data for tracking and processing.

Sounds like a business opportunity, depending on what country, their degree of technology, market conditions for pro/anti government data.

U.S. government satellites collect such data but it is shared (or not) for odd and obscure reasons.

I’m thinking more along the lines of commercial transactions between willing sellers and buyers.

Think of it as a Rent-An-NSA type venture. Customers don’t want or need 24×7 rivals for power. Properly organized, they could buy as much or as little intelligence as they need. Exclusive access to some intelligence would be a premium product.

Leon Panetta Plays Chicken Little

Friday, October 12th, 2012

If you haven’t seen DOD: Hackers Breached U.S. Critical Infrastructure Control Systems, or similar coverage of Leon Panetta’s portrayal of Chicken Little (aka “Henny Penny”), you may find this interesting.

The InformationWeek Government article says:

Warning of more destructive attacks that could cause loss of life if successful, Panetta urged Congress to pass comprehensive legislation in the vein of the Cybersecurity Act of 2012, a bill co-sponsored by Sens. Joe Lieberman, I-Conn., Susan Collins, R-Maine, Jay Rockefeller, D-W.Va., and Dianne Feinstein, D-Calif., that failed to pass in its first attempt earlier this year by losing a cloture vote in the Senate.

“Congress must act and it must act now,” he said. “This bill is victim to legislative and political gridlock like so much else in Washington. That frankly is unacceptable and it should be unacceptable not just to me, but to you and to anyone concerned with safeguarding our national security.”

Specifically, Panetta called for legislation that would make it easier for companies to share “specific threat information without the prospect of lawsuits” but while still respecting civil liberties. He also said that there must be “baseline standards” co-developed by the public and private sector to ensure the cybersecurity of critical infrastructure IT systems. The Cybersecurity Act of 2012 contained provisions that would arguably fit the bill on both of those accounts.

While Panetta said that “there is no substitute” for legislation, he noted that the Obama administration has been working on an executive order on cybersecurity as an end-around on Congress. “We need to move as far as we can” even in the face of Congressional inaction, he said. “We have no choice because the threat that we face is already here.”

I particularly liked the lines:

“…That frankly is unacceptable and it should be unacceptable not just to me, but to you and to anyone concerned with safeguarding our national security.”

“We have no choice because the threat that we face is already here.”

Leon is old enough to remember (too old perhaps?) the Cold War when we had the Russians, the Chinese and others to defend ourselves against. Without the Cybersecurity Act of 2012.

Oh, you don’t know what the Cybersecurity Act of 2012 says do you?

The part Leon is lusting after to make private entities exempt from:

[Sec 701]….chapter 119, 121, or 206 of title 18, United States Code, the Foreign Intelligence Surveillance Act of 1978 (50 U.S.C. 1801 et seq.), and the Communications Act of 1934 (47 U.S.C. 151 et seq.), ..

I’m sorry, that still doesn’t help does it?

Try this:

[Title 18, United States Code] CHAPTER 119—WIRE AND ELECTRONIC COMMUNICATIONS INTERCEPTION AND INTERCEPTION OF ORAL COMMUNICATIONS (§§ 2510–2522)

[Title 18, United States Code] CHAPTER 121—STORED WIRE AND ELECTRONIC COMMUNICATIONS AND TRANSACTIONAL RECORDS ACCESS (§§ 2701–2712)

[Title 18, United States Code] CHAPTER 206—PEN REGISTERS AND TRAP AND TRACE DEVICES (§§ 3121–3127)

[Title 47, United States Code, start here and following]CHAPTER 5—WIRE OR RADIO COMMUNICATION (§§ 151–621)

[Title 50, United States Code, start here and following]CHAPTER 36—FOREIGN INTELLIGENCE SURVEILLANCE (§§ 1801–1885c)

Just reading the section titles should give you the idea:

The Cybersecurity Act of 2012 exempts all private entities from criminal and civil penalties for monitoring, capturing and reporting any communication by anyone. Well, except for whatever the government is doing, that stays secret.

During the Cold War, facing nuclear armageddon, we had the FBI, CIA and others, subject to the laws you read above, to protect us from our enemies. And we did just fine.

Now we are facing a group of raggamuffins and Leon wants to re-invent the Stasi. Put us all to spying and reporting on each other. Free of civil and criminal liability.

A topic map could connect half-truths, lies and the bed wetters who support this sort of legislation together. (They aren’t going to go away.)

Interested?

PS: A personal note for Leon Panetta:

Leon, before you repeat any more idle latrine gossip, talk to some of the more competent career security people at the Pentagon. They will tell you about things like separation of secure from unsecure networks. Not allowing recordable magnetic media (including Lady Gaga CDs) access to secure networks, and a host of other routine security measures already in place.

Computer security didn’t just become an issue since 9/11. Every sane installation has been aware of computer security issues for decades.

Two kinds of people are frantic about computer security now:

  1. Decision makers who don’t understand computer security.
  2. People who want to sell the government computer security services.

Our military computer experts can fashion plans within the constitution and legal system to deal with what is a routine security issue.

You just have to ask them.

Text Analytics for Telecommunications – Part 2

Wednesday, March 21st, 2012

Text Analytics for Telecommunications – Part 2 by Themos Kalafatis.

From the post:

In the previous post we have seen the problems that a highly inflected language creates and also a very basic example of Competitive Intelligence. The Case Study that i will present in the forthcoming European Text Analytics Summit is about the analysis of Telco Subscriber conversations on FaceBook and Twitter that involve Telenor, MT:S and VIP Mobile located in Serbia.

It is time to see what Topics are found in subscriber conversations. Each Telco has its own FaceBook page which contains posts and comments generated by page curators and subscribers. Each post and comment also generates “Likes” and “Shares”. Several types of analysis can be performed to find out :

  1. What kind of Topics are discussed in posts and comments of each Telco FaceBook page?
  2. What is the sentiment?
  3. Which posts (and comments) tend to be liked and shared (=generate Interest and reactions)?

Themos continues his series on text analytics for Telcos.

Here he moves into Facebook comments and analysis of the same.

Text Analytics for Telecommunications – Part 1

Tuesday, March 20th, 2012

Text Analytics for Telecommunications – Part 1 by Themos Kalafatis.

From the post:

As discussed in the previous post, performing Text Analytics for a language for which no tools exist is not an easy task. The Case Study which i will present in the European Text Analytics Summit is about analyzing and understanding thousands of Non-English FaceBook posts and Tweets for Telco Brands and their Topics, leading to what is known as Competitive Intelligence.

The Telcos used for the Case Study are Telenor, MT:S and VIP Mobile which are located in Serbia. The analysis aims to identify the perception of Customers for each of the three Companies mentioned and understand the Positive and Negative elements of each Telco as this is captured from the Voice of the Customers – Subscribers.

The start of a very useful series on non-English text analysis. The sort that is in demand by agencies of various governments.

Come to think of it, text analysis of English/non-English government information is probably in demand by non-government groups. 😉