## Archive for May, 2017

### Gotta Minute To Help @WikiCommons?

Sunday, May 21st, 2017

Wikimedia NYC tweeted and Michael Peter Edison retweeted:

I know. Moving images from one silo to another.

But, it does increase the odds of @WikiCommons users finding the additional images. That’s a good thing.

Take a minute to visit, https://metmuseum.org/art/collection, select the public domain facet and grab an image to upload to WikiMedia Commons.

The process is quite painless, I uploaded The Pit of Acheron, or the Birth of of the Plagues of England today.

With practice it should take less than a minute but I got diverted looking for more background on the image.

Rowlandson the Caricaturist: A Selection from His Works, with Anecdotal Descriptions of His Famous Caricatures and a Sketch of His Life, Times, and Contemporaries, Volume 1 by Joseph Greco, J. W. Bouton, New York, 1880, page 112:

January 1. 1784. The Pit of Acheron, or the Birth of of the Plagues of England. —

The Pit of Acheron, if we may trust the satirist, is not situated at any considerable distance from Westminister; the precincts of that city appear through the smoke of the incantations which are carried on in the Pit. Three weird sisters, like the Witches in ‘Macbeth,’ are working the famous charm; a monstrous cauldron is supported by death’s-heads and harpies; the ingredients of the broth are various; a crucifix, a rosary, Deceit, Loans, Lotteries, and Pride, together with a fox’s head, cards, dice, daggers, and an executioner’s axe, &c., form portions of the accessories employed in these uncanny rites. Three heads are rising from the flames—the good-natured face of Lord North, the spectacled and incisive outline of Burke, and Fox’s ‘gunpowder jowl,’ which is drifting Westminster-wards. One hag, who is dropping Rebellion into the brew, is demanding, ‘Well, sister, what hast thou got for the ingredients of our charm’d pot?’ To this her fellow-witch, who is turning out certain mischievous ingredients which she has collected in her bag, is responding, ‘A best from Scotland called an Erskine, famous for duplicity, low art, and cunning; the other a monster who’d spurn even at Charter’s Rights.’ Erskine is shot out of the bag, crying, ‘I am like a Proteus, can turn any shape, from a sailor to a lawyer, and always lean to the strongest side!’ The other member, whose tail is that of a serpent, is singing, ‘Over the water and over the lee, thro’ hell I would follow my Charlie.’

I remain uncertain about the facts and circumstances surrounding the Westminster election of 1784 that would further explain this satire. Perhaps another day.

If you can’t wait, consider reading History of the Westminster Election, containing Every Material Occurrence, from its commencement On the First of April to the Close of the Poll, on the 17th of May, to which is prefixed A Summary Account of the Proceedings of the Late Parliament by James Hartley. (562 pages)

Rowlandson was also noted for his erotica: collection of erotica by Rowlandson.

### Global Investigative Journalism Network: Russian Feed

Sunday, May 21st, 2017

Global Investigative Journalism Network has added a Twitter feed in Russian: @gijnRu!

Great way for journalists to learn/reinforce their skills with Russian.

You can rely on The New York Times or the Washington Post as primary sources for the next 1339 days (as of today, Trump presidency) or you can strike out on your own.

As an editor, I would tire pretty quickly of “…as reported in NYT/WaPo….”

You?

### Why Terrorism Sells

Saturday, May 20th, 2017

Daniel Gilbert, Edgar Pierce Professor of Psychology at Harvard University, explains the lack of a focused response on global warming, and incidentally explains the popularity of terrorism in one presentation.

When I say “popularity of terorism,” I don’t mean terrorism is widespread, but fear of terrorism is and funding to combat terrorism defies accounting.

Terrorism has four characteristics, all of which global warming lack:

• Intentional: We are hard-wired to judge the intent of others.
• Immoral: Food/sex rules. Killing us falls under “immoral.”
• Imminent: Clear and present danger. (As in maybe today.)
• Instantaneous: Bombs, bullets, fast enough to be dangers.

Gilbert’s focus was on climate change but his presentation has helped me understand why terrorism sells.

Here is an image of the human brain Gilbert uses in his presentation:

The part of most brains that is fighting terrorism?

That would be the big dark blue part.

The part capable of recognizing death by terrorist and asteroid are about the same?

That would be the small red part.

Assuming the small red part, which does planning, etc., isn’t overwhelmed by plotting routes to banks for the money you have earned fighting terrorism.

Why my sales pitch on terrorism fails: I’m pushing against decisions made by the big dark blue part that benefit the small red part (career, success, profit).

Two lessons from Gilbert’s presentation:

First, look for issues/needs with these characteristics:

• Intentional: We are hard-wired to judge the intent of others.
• Immoral: Food/sex rules. Killing us falls under “immoral.”
• Imminent: Clear and present danger. (As in maybe today.)
• Instantaneous: Bombs, bullets, fast enough to be dangers.

Second, craft sales pitch to big dark blue part of the brain that benefit the small red part of the brain (career, success, profit).

If you or a company you know has a pitch man/woman who can handle the fear angle, I’m looking for work.

Just keep me away from your fearful clients. 😉

### SketchRNN model released in Magenta [Hieroglyphs/Cuneiform Anyone?]

Friday, May 19th, 2017

From the post:

Sketch-RNN, a generative model for vector drawings, is now available in Magenta. For an overview of the model, see the Google Research blog from April 2017, Teaching Machines to Draw (David Ha). For the technical machine learning details, see the arXiv paper A Neural Representation of Sketch Drawings (David Ha and Douglas Eck).

To try out Sketch-RNN, visit the Magenta GitHub for instructions. We’ve provided trained models, code for you to train your own models in TensorFlow and a Jupyter notebook tutorial (check it out!)

The code release is timed to coincide with a Google Creative Lab data release. Visit Quick, Draw! The Data for more information. For versions of the data pre-processed to work with Sketch-RNN, please refer to the GitHub repo for more information.

We’ll leave you with a look at yoga poses generated by moving through the learned representation (latent space) of the model trained on yoga drawings. Notice how it gets confused at around 10 seconds when it moves from poses standing towards poses done on a yoga mat. In our arXiv paper A Neural Representation of Sketch Drawings we discuss reasons for this behavior.

The paper, A Neural Representation of Sketch Drawings mentions:

ShadowDraw [17] is an interactive system that predicts what a finished drawing looks like based on a set of incomplete brush strokes from the user while the sketch is being drawn. ShadowDraw used a dataset of 30K raster images combined with extracted vectorized features. In this work, we use a much larger dataset of vector sketches that is made publicly available.

My first thought was the use of such techniques to assist in copying hieroglyphs or cuneiform as such or perhaps to assist in the practice of such glyphs.

OK, that may not have been your first thought but you have to admit it would make a rocking demonstration!

### Python for Data Journalists: Analyzing Money in Politics

Friday, May 19th, 2017

From the webpage:

Data journalists are the newest rock stars of the newsroom. Using computer programming and data journalism techniques, they have the power to cull through big data to find original and important stories.

Learn these techniques and some savvy computer programming to produce your own bombshell investigations in the latest massive open online course (MOOC) from the Knight Center, “Python for Data Journalists: Analyzing Money in Politics.”

Instructor Ben Welsh, editor of the Los Angeles Times Data Desk and co-founder of the California Civic Data Coalition, will show students how to turn big data into great journalism with speed and veracity. The course takes place from June 12 to July 9, 2017, so register now.

A high priority for your summer because:

1. You will learn techniques for data analysis
2. Learning #1 enables you to perform data analysis
3. Learning #1 enables you to better question data analysis

I skimmed the post and did not see any coverage of obtaining concealed information.

Perhaps that will be the subject of a wholly anonymous MOOC. 😉

Do register! This looks like useful and fun!

PS: Developing a relationship with a credit bureau or bank staffer should be an early career goal. No one is capable of obtaining “extra” money and just sitting on it forever.

### Media Manipulation and Disinformation Online – Overview

Thursday, May 18th, 2017

The quick summary from the webpage:

“the spread of false or misleading information is having real and negative effects on the public consumption of news.”

• Internet subcultures take advantage of the current media ecosystem to manipulate news frames, set agendas, and propagate ideas.
• Far-right groups develop techniques of “attention hacking” to increase the visibility of their ideas through the strategic use of social media, memes, and bots—as well as by targeting journalists, bloggers, and influencers to help spread content.
• The media’s dependence on social media, analytics and metrics, sensationalism, novelty over newsworthiness, and clickbait makes them vulnerable to such media manipulation.
• While trolls, white nationalists, Men’s Rights Activists, gamergaters, the “alt-right,” and conspiracy theorists may diverge deeply in their beliefs, they share tactics and converge on common issues.
• The far-right exploits young men’s rebellion and dislike of “political correctness” to spread white supremacist thought, Islamophobia, and misogyny through irony and knowledge of internet culture.
• Media manipulation may contribute to decreased trust of mainstream media, increased misinformation, and further radicalization.

The full report, Media Manipulation and Disinformation Online by Alice Marwick and Rebecca Lewis.

A useful report but know up front that its concern is very much agenda driven. The following terms occur in the text, alt-right (89), racists (44), white supremacists (30), without treatment of similar groups but of different agendas.

I think the aforementioned groups are loathsome but when treating media manipulation/disinformation, a broader sampling would be more instructive.

There are extensive footnotes and a great bibliography if you are interested in reading further.

As an overview of the issues of media manipulation/disinformation, I don’t think I have seen a better one.

Suggestions of more detailed case study collections?

### How To Legally Dick With The NSA – PostgreSQL 10 Beta 1

Thursday, May 18th, 2017

The release of PostgreSQL 10 Beta 1 gives everyone an opportunity to legally dick with the NSA.

In Stop Blaming NSA For The Ransomware Attack, Patrick Tucker repeats claims by the NSA that about 80% of vulnerabilities are revealed and 20% are concealed by the NSA.

Which means if there are 10 security vulnerabilities in PostgreSQL 10 Beta 1, the NSA will keep two for themselves.

Let’s disappoint them on that score. With widespread community testing, fuzzing, etc., the NSA score on PostgreSQL 10 Beta 1 could be zero.

That won’t help vendors with 70 million lines of closed source databases (look for Mary Ann Davidson). Such databases may have true accidental vulnerabilities or ones introduced by NSA ringers.

If NSA ringers working for closed source companies sounds like tin-hat conspiracy theory, recall the NSA is barred from spying on American citizens at all. In fact, they have vehemently denied it. At least until they admitted they were lying and in fact spying on all American citizens.

Also bear in mind that the NSA was a participant in many of the covert/overt attempts by the United States to influence elections in other countries. (Dov H. Levin, as of May 18, 2017, the datasets are forthcoming. See also: Database Tracks History Of U.S. Meddling In Foreign Elections, an NPR interview that counts 80 US-backed efforts to interfere in elections.)

On the technical front, the NSA is known to have intentionally damaged a U.S. cryptography standard. NSA Efforts to Evade Encryption Technology Damaged U.S. Cryptography Standard. That report isn’t from a blog that is a continuation of a photocopied version of a mimeographed conspiracy report found in low-end coffee shops.

No, the damage to U.S. cryptography report appears in Scientific American.

I can’t honestly name one illegal, immoral, unethical, act that the NSA is not capable of.

You?

Beyond “sticking to the NSA,” database researchers and users have these PostgreSQL 10 Beta 1 features to enjoy:

The PostgreSQL Global Development Group announces today that the first beta release of PostgreSQL 10 is available for download. This release contains previews of all of the features which will be available in the final release of version 10, although some details will change before then. Users are encouraged to begin testing their applications against this latest release.

#### Major Features of 10

The new version contains multiple features that will allow users to both scale out and scale up their PostgreSQL infrastructure:

• Logical Replication: built-in option for replicating specific tables or using replication to upgrade
• Native Table Partitioning: range and list partitioning as native database objects
• Additional Query Parallelism: including index scans, bitmap scans, and merge joins
• Quorum Commit for Synchronous Replication: ensure against loss of multiple nodes

We have also made three improvements to PostgreSQL connections, which we are calling on driver authors to support, and users to test:

• SCRAM Authentication, for more secure password-based access
• Multi-host “failover”, connecting to the first available in a list of hosts
• target_session_attrs parameter, so a client can request a read/write host

Many other new features and improvements have been added to PostgreSQL 10, some of which may be as important, or more important, to specific users than the above. Certainly all of them require testing. Among them are:

• Crash-safe and replicable Hash Indexes
• Multi-column Correlation Statistics
• New “monitoring” roles for permission grants
• Latch Wait times in pg_stat_activity
• XMLTABLE query expression
• Restrictive Policies for Row Level Security
• Full Text Search support for JSON and JSONB
• Compression support for pg_receivewal
• ICU collation support
• Push Down Aggregates to foreign servers
• Transition Tables in trigger execution

Further, developers have contributed performance improvements in the SUM() function, character encoding conversion, expression evaluation, grouping sets, and joins against unique columns. Analytics queries against large numbers of rows should be up to 40% faster. Please test if these are faster for you and report back.

See the Release Notes for a complete list of new and changed features.

Make the lives of PostgreSQL users everywhere better and the lives of government intelligence services around the world worse!

I call that a win-win situation.

### Open Source Data Jeopardizing Cleared Personnel:… (School Yearbooks?)

Wednesday, May 17th, 2017

Open Source Data Jeopardizing Cleared Personnel: Intelligence Operations Outsmarted by Technology by Alexander H. Georgiades.

Abstract:

The availability and accessibility of Open Source Intelligence (OSINT) combined with the information from data breaches has affected cleared personnel in the United States Intelligence Community (IC) and Department of Defense (DoD) who conduct and support intelligence operations. This information when used in conjunction with biometric detection technology at border crossings has greatly improved the likelihood of cleared personnel from the United States Government (USG) of being identified and targeted by adversaries. The shift from traditional Tactics, Techniques, and Procedures (TTPs) used by cleared personnel (either operating in an overt or covert status) during the Cold War when biometric technology was not an obstacle, has caught the United States government intelligence services off-guard when conducting sensitive missions Outside of the Continental United States (OCONUS).

The consequences of not maintaining updated software and hardware standards have already affected U.S. intelligence operations and exposed cleared personnel. The computer breach at the Office of Personnel and Management (OPM), where millions of sensitive records from cleared personnel in the private and public sectors is the most recent example. This unprecedented loss of Personally Identifiable Information (PII) has been the unfortunate wakeup call needed for decision makers in the United States government to reevaluate how they handle, collect, store, and protect the information of cleared personnel in this digital age.

The analysis of competing hypothesis and other predictive analytical methods will be used to evaluate the data available to adversaries who target cleared personnel and the intelligence operations they support. Case studies, news articles, books, government, and industry reports will be used as supporting evidence to illustrate how the growth in biometric detection technology use in conjunction with the availability of OSINT and material from data breaches adversely affect intelligence operations.

The amount of information available to adversaries is at an unprecedented level. Open source forums provide detailed information about cleared personnel and government TTPs that can be used by adversaries to unravel intelligence operations, target cleared personnel, and jeopardize USG equities (such as sources and methods) in the field. The cleared workforce must learn from mistakes of complacency and poor tradecraft in the past to develop new methodologies to neutralize the effectiveness of adversaries who use OSINT and biometric technology to their advantage.

Social media use by cleared employees who reveal too much operational information about themselves or the projects they work on is one of the gateways that can be easily closed to adversaries. Cleared personnel must be mandated to limit the amount of information they publish online. By closing the door to social media and preventing the personal and professional lives of the cleared workforce from being used to target them, adversaries would not be as effective in jeopardizing or exposing intelligence operations overseas. Increased Operational Security (OPSEC) procedures must also be mandated to protect the programs and operations these cleared personnel work on, with an emphasis on covert officers who use false personas when operating overseas.

The information bridges that were created after September 11, 2001 to increase collaboration must be reevaluated to determine if the relaxation of classified information safeguards and storage of sensitive information is now becoming detrimental to USG intelligence operations and cleared personnel.

As you know, I have little sympathy for the Intelligence Community (IC), creators of the fishbowl in which we commonly reside. Members of the IC sharing that fate, has a ring of justice to it.

This thesis offers a general overview of the problem and should be good to spark ideas of open source intelligence that can be used to corroborate or contradict other sources of intelligence.

By way of example, educational records are easy enough to edit and convincing to anyone not aware they have been edited.

On the other hand, original and digitized year books or similar contemporary resources, are not so easily manipulated.

As I say that, tracking every child from first grade through the end of their academic career, is eminently doable, with the main obstacle being acquisition of the original yearbooks.

Cross-referencing other large collections of photos and the project starts to sound useful to any number of governments, especially those worried about operatives from Western countries.

Are you worried about Western operatives?

### Balisage: The Markup Conference 2017 Program Now Available

Wednesday, May 17th, 2017

Balisage: The Markup Conference 2017 Program Now Available

An email from Tommie Usdin, Chair, Chief Organizer and herder of markup cats for Balisage advises:

Balisage: where serious markup practitioners and theoreticians meet every August.

The 2017 program includes papers discussing XML vocabularies, cutting-edge digital humanities, lossless JSON/XML roundtripping, reflections on concrete syntax and abstract syntax, parsing and generation, web app development using the XML stack, managing test cases, pipelining and micropipelinging, electronic health records, rethinking imperative algorithms for XSLT and XQuery, markup and intellectual property, why YOU should use (my favorite XML vocabulary), developing a system to aid in studying manuscripts in the tradition of the Ethiopian and Eritrean Highlands, exploring “shapes” in RDF and their relationship to schema validation, exposing XML data to users of varying technical skill, test-suite management, and use case studies about large conversion applications, DITA, and SaxonJS.

Up-Translation and Up-Transformation: A one-day Symposium on the goals, challenges, solutions, and workflows for significant XML enhancements, including approaches, tools, and techniques that may potentially be used for a variety of other tasks. The symposium will be of value not only to those facing up-translation and transformation but also to general XML practitioners seeking to get the most out of their data.

Are you interested in open information, reusable documents, and vendor and application independence? Then you need descriptive markup, and Balisage is your conference. Balisage brings together document architects, librarians, archivists, computer scientists, XML practitioners, XSLT and XQuery programmers, implementers of XSLT and XQuery engines and other markup-related software, semantic-Web evangelists, standards developers, academics, industrial researchers, government and NGO staff, industrial developers, practitioners, consultants, and the world’s greatest concentration of markup theorists. Some participants are busy designing replacements for XML while other still use SGML (and know why they do).

Discussion is open, candid, and unashamedly technical.

Balisage 2017 Program:
http://www.balisage.net/2017/Program.html

Symposium Program:
https://www.balisage.net/UpTransform

NOTE: Members of the TEI and their employees are eligible for discount Balisage registration.

You need to see the program for yourself but the highlights (for me) include: Ethiopic manuscripts (ok, so I have odd tastes), Earley parsers (of particular interest), English Majors (my wife was an English major), and a number of other high points.

Mark your calendar for July 31 – August 4, 2017 – It’s Balisage!

### Memo To File (Maybe Bad OpSec)

Wednesday, May 17th, 2017

From the post:

The existence of memos that former FBI Director James Comey reportedly prepared detailing his conversations with President Donald Trump about the bureau’s Russia investigation is far from shocking to FBI veterans, who say documenting such contacts in highly sensitive investigations is par for the course.

“A conversation with a subject of an investigation is evidentiary, no matter what is discussed,” said former FBI official Tom Fuentes, who stressed that he doesn’t know what the president’s status is with respect to the ongoing probe of Russia’s alleged meddling in the 2016 election. “Any conversation with Trump is going to be noteworthy….If you drop dead of a heart attack, your successor is going to want to know what was going on, so you would record that whether it’s to aid your future memory or for a successor two or three years down the line.”

Comey documented Trump’s request to curtail the FBI investigation into Russian meddling in the 2016 election the day after former national security adviser Michael Flynn resigned, according to a New York Times report subsequently confirmed by a source to POLITICO. The White House has denied the president made any such request.

A “memo to file” isn’t complicated and especially if done on a routine basis, has high value as evidence. Gerstein includes a link to an actual “memo to file.” (see his post)

I mention this because a practice of “memo to file,” much like Nixon’s Watergate tapes, can prove to be a two-edged sword.

Like calendars, travel logs, expense records, etc., a series of “memo(s) to file” may not agree with your current memory of events. The “record” will be presumed to be more reliable than your present memory.

Just a warning to make sure the record you preserve is the one you want quoted back to yourself in the future.

### Don’t Blame NSA For Ransomware Attack!

Wednesday, May 17th, 2017

Most days I think the NSA should be blamed for everything from global warming to biscuits that fail to rise.

But for leaked cyber weapons? No blame whatsoever.

Why? The answer lies in the NSA processing of vulnerabilities.

From the post:

“You’ve heard my deputy director say that in excess of 80-something percent of the vulnerabilities are actually disclosed—responsibly disclosed —to the vendors so that they can then actually patch and remediate for that,” Curtis Dukes, NSA’s former deputy national manager for national security systems, said at an American Enterprise Institute event in October. “So I do believe it’s a thoughtful process that we have here in the U.S.”

Dukes said the impetus to conceal an exploit vanishes when it is used by a criminal gang, adversarial nation, or some other malefactor.

We may choose to restrict a vulnerability for offensive purposes, like breaking into an adversary’s network, he said. But that doesn’t mean we’re not also constantly looking for signs whether another nation-state or criminal network has actually found that same vulnerability and now are using it. As soon as we see any indications of that, then that decision immediately flips, and we move to disseminate and remediate.

You may think that is a “thoughtful process” but that’s not why I suggest the NSA should be held blameless.

Look at the numbers on vulnerabilities:

80% disclosed by the NSA for remediation.

20% concealed by the NSA.

Complete NSA disclosure means the 20% now concealed, vanishes for everyone.

That damages everyone seeking government transparency.

Don’t wave your arms in the air crying “ransomware! ransomeware! Help me! Help me!,” or “Blame the NSA! “Blame the NSA.”

Use FOIA requests, leaks and cyber vulnerabilities to peel governments of their secrecy, like lettuce, one leaf at a time.

### Correction to Financial Times on EsteemAudit

Tuesday, May 16th, 2017

Hackers prime second classified US cyber weapon by Sam Jones and Max Seddon.

From the post:

Criminal hacking groups have repurposed a second classified cyber weapon stolen from US spies and have made it available on the so-called dark web after the success of the WannaCry attack that swept across the globe on Friday.

The hacking tool, developed by the US National Security Agency and called EsteemAudit, has been adapted and is now available for criminal use, according to security analysts.

Correction:

“…is now available for criminal use…” should read:

“…is now available for widespread criminal use….”

NSA cyber weapons have always in use by criminals. The debate now is over more criminals using the same weapons.

If those weapons are used against the NSA and its co-conspirators, I don’t see a problem.

### DeepSketch2Face

Tuesday, May 16th, 2017

DeepSketch2Face: A Deep Learning Based Sketching System for 3D Face and Caricature Modeling by Xiaguang Han, Chang Gao, and Yizhou Yu.

Abstract:

Face modeling has been paid much attention in the field of visual computing. There exist many scenarios, including cartoon characters, avatars for social media, 3D face caricatures as well as face-related art and design, where low-cost interactive face modeling is a popular approach especially among amateur users. In this paper, we propose a deep learning based sketching system for 3D face and caricature modeling. This system has a labor-efficient sketching interface, that allows the user to draw freehand imprecise yet expressive 2D lines representing the contours of facial features. A novel CNN based deep regression network is designed for inferring 3D face models from 2D sketches. Our network fuses both CNN and shape based features of the input sketch, and has two independent branches of fully connected layers generating independent subsets of coefficients for a bilinear face representation. Our system also supports gesture based interactions for users to further manipulate initial face models. Both user studies and numerical results indicate that our sketching system can help users create face models quickly and effectively. A significantly expanded face database with diverse identities, expressions and levels of exaggeration is constructed to promote further research and evaluation of face modeling techniques.

Deep learning assisted drawing, here with faces or drawing more generally, is rife with possibilities for humor.

Realistic caricature/avatars are nearly within the reach of even art-challenged users.

Tuesday, May 16th, 2017

I read your post OH LORDY! Comey Wanna Cry Edition outlining your plans for:

In June, TheShadowBrokers is announcing “TheShadowBrokers Data Dump of the Month” service. TheShadowBrokers is launching new monthly subscription model. Is being like wine of month club. Each month peoples can be paying membership fee, then getting members only data dump each month. What members doing with data after is up to members.

TheShadowBrokers Monthly Data Dump could be being:

• web browser, router, handset exploits and tools
• select items from newer Ops Disks, including newer exploits for Windows 10
• compromised network data from more SWIFT providers and Central banks
• compromised network data from Russian, Chinese, Iranian, or North Korean nukes and missile programs

More details in June.

OR IF RESPONSIBLE PARTY IS BUYING ALL LOST DATA BEFORE IT IS BEING SOLD TO THEPEOPLES THEN THESHADOWBROKERS WILL HAVE NO MORE FINANCIAL INCENTIVES TO BE TAKING CONTINUED RISKS OF OPERATIONS AND WILL GO DARK PERMANENTLY YOU HAVING OUR PUBLIC BITCOIN ADDRESS
… (emphasis in original)

I don’t know your background in subscription marketing but I don’t see Shadow Brokers as meeting the criteria for a successful subscription business. 9 Keys to Building a Successful Subscription Business.

Unless you want to get into a vulnerability as commodity business, with its attendant needs for a large subscriber base, advertising, tech support, etc., with every service layer adding more exposure, I just don’t see it. The risk of exposure is too great and the investment before profit too large.

I don’t feel much better about a bulk purchase from a major government or spy agency. The likely buyers already have the same or similar data so don’t have an acquisition motive.

Moreover, likely buyers don’t trust the Shadow Brokers. As a one time seller, Shadow Brokers could collect for the “lost data” and then release it for free in the wild.

You say that isn’t the plan of Shadow Brokers, but likely buyers are untrustworthy and expect the worst of others.

If I’m right and traditional subscription and/or direct sales models aren’t likely to work, that doesn’t mean that a sale of the “lost data” is impossible.

Consider the Wikileak strategy with the the Podesta emails.

The Podesta emails were replete with office chatter, backbiting remarks, and other trivia.

Despite the lack of intrinsic value, their importance was magnified by the release of small chunks of texts, each of which might include something important.

With each release, main stream media outlets such as the New York Times, the Washington Post, and others went into a frenzy of coverage.

That was non-technical data so a similar strategy with “lost data” will require supplemental, explanatory materials for the press.

Dumping one or two tasty morsels every Friday, for example, will extend media coverage, not to mention building public outrage that could, no guarantees, force one or more governments to pony up for the “lost data.”

Hard to say unless you try.

PS: For anyone who thinks this post runs afoul of “aiding hackers” prohibitions, you have failed to consider the most likely alternate identity of Shadow Brokers, that of the NSA itself.

Who wants real time surveillance of all networks? (NSA)

What will drive acceptance of real time surveillance of all networks? (Hint, ongoing and widespread data breaches.)

Who wants to drive adoption of Windows 10? (Assuming NSA agents wrote backdoors into the 50 to 60 million lines of code in Windows 10.)

Would a government that routinely assassinates people and overthrows other governments hesitate to put ringers to work at Microsoft? Or other companies?

Is suborning software verboten? (Your naiveté is shocking.)

### Network analysis of Game of Thrones family ties [A Timeless Network?]

Monday, May 15th, 2017

From the post:

In this post, I am exploring network analysis techniques in a family network of major characters from Game of Thrones.

Not surprisingly, we learn that House Stark (specifically Ned and Sansa) and House Lannister (especially Tyrion) are the most important family connections in Game of Thrones; they also connect many of the storylines and are central parts of the narrative.

The basis for this network is Kaggle’s Game of Throne dataset (character-deaths.csv). Because most family relationships were missing in that dataset, I added the missing information in part by hand (based on A Wiki of Ice and Fire) and by scraping information from the Game of Thrones wiki. You can find the full code for how I generated the network on my Github page.

Glander improves network data for the Game of Thrones and walks you through the use of R to analyze that network.

It’s useful work and will repay close study.

Network analysis can used with all social groups, activists, bankers, hackers, members of Congress (U.S.), terrorists, etc.

But just as Ned Stark has no relationship with dire wolves when the story begins, networks of social groups develop, change, evolve if you will, over time.

Moreover, events, interactions, involving one or more members of the network, occur in time sequence. A social network that fails to capture those events and their sequencing, from one or more points of view, is a highly constrained network.

A useful network as Glander demonstrates but one cannot answer simple questions about the order in which characters gained knowledge that a particular character hurled another character from a very high window.

If I were investigating say a leak of NSA cybertools, time sequencing like that would be one of my top priorities.

Thoughts?

### The Hitchhiker’s Guide to d3.js [+ a question]

Sunday, May 14th, 2017

The Hitchhiker’s Guide to d3.js by Ian Johnson.

From the post:

[graphic omitted: see post]

The landscape for learning d3 is rich, vast and sometimes perilous. You may be intimidated by the long list of functions in d3’s API documentation or paralyzed by choice reviewing the dozens of tutorials on the home page. There are over 20,000+ d3 examples you could learn from, but you never know how approachable any given one will be.

[graphic omitted: see post]

If all you need is a quick bar or line chart, maybe this article isn’t for you, there are plenty of charting libraries out there for that. If you’re into books, check out Interactive Data Visualization for the Web by Scott Murray as a great place to start. D3.js in Action by Elijah Meeks is a comprehensive way to go much deeper into some regions of the API.

This guide is meant to prepare you mentally as well as give you some fruitful directions to pursue. There is a lot to learn besides the d3.js API, both technical knowledge around web standards like HTML, SVG, CSS and JavaScript as well as communication concepts and data visualization principles. Chances are you know something about some of those things, so this guide will attempt to give you good starting points for the things you want to learn more about.

Depending on your needs and learning style, The Hitchhiker’s Guide to d3.js (Guide), may be just what you need.

The Guide focuses on how to use d3.js and not on: What visualization should I create?

Suggestions on what should be considered when moving from raw data to a visualization? Resources?

Thanks!

### WCry/WanaCry Analysis – Reading For Monday, May 15, 2017.

Sunday, May 14th, 2017

The chief of Europol warns the WCry/WanaCry crisis to grow Monday, May 15, 2017. That exhausted Europol’s reservoir of the useful comments for this “crisis.”

“Crisis” with parentheses because only unpatched but supported Windows systems and no longer supported Windows systems are vulnerable to WCry/Wanacry.

Exception for non-supported systems: Microsoft issued a patch for Windows XP, unfortunately, to protect against WCry/WanaCry.

Translation: If you are running Windows XP without the WCry/WanaCry patch, you can still be a victim.

For the more technically minded, Amanda Rousseau writes in: WCry/WanaCry Ransomware Technical Analysis:

As we discussed when this outbreak began, the WCry or WanaCrypt0r ransomware spread quickly across Europe and Asia, impacting almost 100 countries and disrupting or closing 45 hospitals in the UK. As the ransomware continued to propagate, I got my hands on a sample and quickly began analyzing the malware. This post will walk through my findings and provide a technical overview of the strain of WCry ransomware which caused the massive impact on Friday. Many have done great work analyzing this malware in action and helping contain its spread, and I hope my comprehensive static analysis will provide a good overall picture of this particular ransomware variant on top of that.

I assume you are:

1. Not running Windows
2. Are running supported and patched Windows
3. Are running patched Windows XP (please don’t tell anyone)

If any of those are true, then Rousseau’s post makes great reading material for Monday, May 15, 2017.

If you are exposed, you should take steps to end your exposure now. Rousseau’s post can wait until you are safe.

### Bigoted Use of Stingray Technology vs. Other Ills

Saturday, May 13th, 2017

From the post:

Louise Goldsberry, a Florida nurse, was washing dishes when she looked outside her window and saw a man pointing a gun at her face. Goldsberry screamed, dropped to the floor, and crawled to her bedroom to get her revolver. A standoff ensued with the gunman—who turned out to be an agent with the U.S. Marshals’ fugitive division.

Goldsberry, who had no connection to a suspect that police were looking for, eventually surrendered and was later released. Police claimed that they raided her apartment because they had a “tip” about the apartment complex. But, according to Slate, the reason the “tip” was so broad was because the police had obtained only the approximate location of the suspect’s phone—using a “Stingray” phone tracker, a little-understood surveillance device that has quietly spread from the world of national security into that of domestic law enforcement.

Goldsberry’s story illustrates a potential harm of Stingrays not often considered: increased police contact for people who get caught in the wide dragnets of these interceptions. To get a sense of the scope of this surveillance, CityLab mapped police data from three major cities across the U.S., and found that this burden is not shared equally.

How not equally?

Baltimore, Maryland.

The map at Joseph’s post is interactive, along with maps for Tallahassee, Florida and Milwaukee, Minnesota.

I oppose government surveillance overall but am curious, is Stingray usage a concern of technology/privacy advocates or is there a broader base for opposing it?

Consider the following facts gathered by Bill Quigley:

Were you shocked at the disruption in Baltimore? What is more shocking is daily life in Baltimore, a city of 622,000 which is 63 percent African American. Here are ten numbers that tell some of the story.

One. Blacks in Baltimore are more than 5.6 times more likely to be arrested for possession of marijuana than whites even though marijuana use among the races is similar. In fact, Baltimore county has the fifth highest arrest rate for marijuana possessions in the USA.

### Cloudera Introduces Topic Maps Extra-Lite

Wednesday, May 10th, 2017

From the post:

Have you ever struggled to remember table names related to your project? Does it take much too long to find those columns or views? Hue now lets you easily search for any table, view, or column across all databases in the cluster. With the ability to search across tens of thousands of tables, you’re able to quickly find the tables that are relevant for your needs for faster data discovery.

In addition, you can also now tag objects with names to better categorize them and group them to different projects. These tags are searchable, expediting the exploration process through easier, more intuitive discovery.

Through an integration with Cloudera Navigator, existing tags and indexed objects show up automatically in Hue, any additional tags you add appear back in Cloudera Navigator, and the familiar Cloudera Navigator search syntax is supported.
… (emphasis in original)

Seventeen (17) years ago, ISO/IEC 13250:2000 offered users the ability to have additional names for tables, columns and/or any other subject of interest.

Additional names that could have scope (think range of application, such as a language), that could exist in relationships to their creators/users, exposing as much or as little information to a particular user as desired.

For commonplace needs, perhaps tagging objects with names, displayed as simple string is sufficient.

But if viewed from a topic maps perspective, that string display to one user could in fact represent that string, along with who created it, what names it is used with, who uses similar names, just to name a few of the possibilities.

All of which makes me think topic maps should ask users:

• What subjects do you need to talk about?
• How do you want to identify those subjects?
• What do you want to say about those subjects?
• Do you need to talk about associations/relationships?

It could be, that for day to day users, a string tag/name is sufficient. That doesn’t mean that greater semantics don’t lurk just below the surface. Perhaps even on demand.

### Laptops Banned To Drive Alcohol Consumption

Wednesday, May 10th, 2017

The Department of Homeland Security will ban laptops in the cabins of all flights from Europe to the United States, European security officials told The Daily Beast. The announcement is expected Thursday.

Irving does a good job of illustrating the increased risk from the laptop ban, but misses the real motivation behind the ban. Yes, yes, DHS says it:

…continues to evaluate the threat environment and will make changes when necessary to keep air travelers safe.

“Threat environment” my ass!

Remember the UK has been reduced to claiming people with knives are terrorists.

Armed police carrying out a counterterrorism operation Thursday swooped in on a man they said was carrying knives in a bag near Britain’s Parliament and arrested him on suspicion of planning terrorist acts.

A European security official familiar with the individual said the suspect was known to British security agencies and was thought to have been inspired by the Islamic State group.

The official, who spoke on condition of anonymity to discuss sensitive intelligence matters, said the discovery of knives suggested an attack might have been close to fruition. Authorities haven’t released the man’s name.

London’s Metropolitan Police said the 27-year-old suspect was stopped and detained “as part of an ongoing operation” by the force’s counterterrorism unit.

“…swooped in on a man they said was carrying knives in a bag…”

That sounds more like a Saturday Night Live skit than a terrorist attack or potential one.

Shake the Department of Homeland Security (DHS) tree really hard, by leakers or FOIA requests and I’m betting the following will fall out:

Alcoholic Drink Consumption On Europe to US Flights

• Underage and kill-joys: 0
• Parent with one child: 3
• Parent with two children: 5
• Business flyer with no laptop: 1 per hour of flight time

Once this data began to circulate among airline companies, the fate of laptops was sealed.

Increase alcohol sales are the primary goal of the laptop ban.

PS: If you think I am being cavalier about the risk from terrorism, consider that 963 people were killed by police officers in 2016. Versus 54 people in “terrorist” attacks, all by US citizens.

### Did You Miss The Macron Leak? @ErrataBob To The Rescue!

Wednesday, May 10th, 2017

If you missed the Macron leak, or leaks deleted before you can copy them, don’t despair!

Robert Graham, @ErrataBob, rides to the rescue with: Hacker dumps, magnet links, and you.

From the post:

Along with downloading files, BitTorrent software on your computer also participates in a “distributed hash” network. When using a torrent file to download, your BitTorrent software still tell other random BitTorrent clients about the hash. Knowledge of this hash thus spreads throughout the BitTorrent world. It’s only 16 bytes in size, so the average BitTorrent client can keep track of millions of such hashes while consuming very little memory or bandwidth.

If somebody decides they want to download the BitTorrent with that hash, they broadcast that request throughout this “distributed hash” network until they find one or more people with the full torrent. They then get the torrent description file from them, and also a list of peers in the “swarm” who are downloading the file.

Thus, when the original torrent description file, the tracker, and original copy goes away, you can still locate the swarm of downloaders through this hash. As long as all the individual pieces exist in the swarm, you can still successfully download the original file.

Graham provides the magnet link for “langannerch.rar” and as of this AM, I can attest the link is working as described.

Consider a “distributed hash” network as a public service. Even if you aren’t especially interested in a leak, like Macron’s, consider grabbing a copy to assist others who are.

### Patched != Applied / Patches As Vulnerability Patterns

Tuesday, May 9th, 2017

Microsoft’s Microsoft Security Advisory 4022344 in response to MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more by taviso@google.com, was so timely as to deprive the “responsible disclosure” crowd of a chance to bitch about the notice given to Microsoft.

Two aspects of this vulnerability merit your attention.

#### Patched != Applied

Under Suggested Actions, the Microsoft bulletin reads:

• Verify that the update is installed

Customers should verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded and installed for their Microsoft antimalware products.

For more information on how to verify the version number for the Microsoft Malware Protection Engine that your software is currently using, see the section, “Verifying Update Installation”, in Microsoft Knowledge Base Article 2510781.

For affected software, verify that the Microsoft Malware Protection Engine version is 1.1.13704.0 or later.

• If necessary, install the update

Administrators of enterprise antimalware deployments should ensure that their update management software is configured to automatically approve and distribute engine updates and new malware definitions. Enterprise administrators should also verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded, approved and deployed in their environment.

For end-users, the affected software provides built-in mechanisms for the automatic detection and deployment of this update. For these customers, the update will be applied within 48 hours of its availability. The exact time frame depends on the software used, Internet connection, and infrastructure configuration. End users that do not wish to wait can manually update their antimalware software.

For more information on how to manually update the Microsoft Malware Protection Engine and malware definitions, refer to Microsoft Knowledge Base Article 2510781.

Microsoft knows its customers far better than I do and that suggests unpatched systems can be discovered in the wild. No doubt in diminishing numbers but you won’t know unless you check.

#### Patches As Vulnerability Patterns

You have to visit CVE-2017-0290 to find links to the details of “MsMpEng: Remotely Exploitable Type Confusion….”

Which raises an interesting use case for the Microsoft/MSRC-Microsoft-Security-Updates-API, which I encountered by by way of a PowerShell script for accessing the MSRC Portal API.

Polling the Microsoft/MSRC-Microsoft-Security-Updates-API provides you with notice of vulnerabilities to look for based on unapplied patches.

You can use the CVE links to find deeper descriptions of underlying vulnerabilities. Those descriptions, assuming you mine the sips (statistically improbable phrases), can result in a powerful search tool to find closely related postings.

Untested but searching by patterns for particular programmers (whether named or not), may be more efficient than an abstract search for coding errors.

Reasoning that programmers tend to commit the same errors, reviewers tend to miss the same errors, and so any discovered error, properly patterned, may be the key to a grab bag of other errors.

That’s an issue where tunable subject identity would be very useful.

### Network datasets (@Ognyanova)

Tuesday, May 9th, 2017

Network datasets by Katherine Ognyanova.

From the post:

Since I started posting network tutorials on this site, people will occasionally write to ask me about the included example datasets. I also get e-mails from people asking where they might find network data to use for a project or in teaching. Seems like a good idea to post a quick reply here.

The datasets included in my tutorials are mostly synthetic (or trimmed and heavily manipulated) in order to illustrate various visualization aspects in a manageable way. Feel free to use those datasets (citing or linking to the source is appreciated), but keep in mind that they are artificially generated and not the result of actual data collection. When I do use empirical data, the download files include documentation (if the data is collected by me) or clearly point to the source (if the data was collected by someone else).

If you are looking for network data, large or small, there are a number of excellent open online repositories that you can take a look at. Below is a short list (feel free to e-mail me if you have other good links, and I will add them here).

Links to ten (10) collections of network datasets, plus suggestions on software for collecting and analyzing social network data.

Considering following her: @Ognyanova. See her website, http://kateto.net/ for additional resources.

### FOIA Data Models for Everyone [If You Are Going To Ask]

Monday, May 8th, 2017

From the post:

Listen to two FOIA practitioners describe their request strategies and you’ll probably get two very different answers. I know because I’ve done it. As someone with not much of a personal FOIA strategy—besides “wait and hope”—I was surprised that journalists skilled at prying obscure records from the government have wildly different approaches.

These differences in how to engage with the FOIA process can cover questions that are flashy—to us nerds—like whether to ask for “any and all” documents or to call the officer every week or so. But the idiosyncrasies in journalists’ mental models trickle down even into the little details, like how they keep track of agencies’ contact info.

When I began an internal FOIA tracker app for the New York Times, I knew I’d have to understand different mental models of the FOIA process in order to represent that process in a database. So, I put out a call to the friendly community of news nerds on Twitter and in the NewsNerdery Slack:

Tracking your FOIAs with a spreadsheet (or an app) is a best practice. But everyone’s chart is a little different and probably encodes different nuggets of hard-earned wisdom. Care to share the column headers from your spreadsheet?

Computers don’t know anything about FOIAs. Bless their hearts, but they’re dumb; data modeling is how we imbue computers with little morsels of our human wisdom hidden in row 1 of a spreadsheet. I collated the results—from eight individuals’ spreadsheets and two open-source FOIA tracker apps plus my own, so hopefully a lot of little morsels of wisdom—and analyzed them to see what I might have missed. I want to share the results back to the community.

A gold mine of curated advice and practices on FOIA data models.

Old pros and newbies at FOIA requests are going to benefit from Merrill’s post.

Be sure to ping him @jeremybmerrill to show your appreciation for this summary.