SiliconANGLE: How companies are scrambling to keep control of their private data from AI models

This week I got to write a very long piece on the state of current data leak protection specifically designed to protect enterprise AI usage.

Ever since artificial intelligence and large language models became popular earlier this year, organizations have struggled to keep control over accidentally or deliberately exposing their data used as model inputs. They aren’t always succeeding.

Two notable cases have splashed into the news this year that illustrate each of those types of exposure: A huge cache of 38 terabytes’ worth of customer data was accidentally made public by Microsoft via an open GitHub repository, and several Samsung engineers purposely put proprietary code into their ChatGPT queries.

I covered the waterfront of numerous vendors who have added this feature across their security products (or in some cases, startups focusing in this area).

What differentiates DLP between the before AI times and now is a fundamental focus in how this protection works. The DLP of yore involved checking network packets for patterns that matched high-risk elements, such as Social Security numbers, once they were about to leave a secure part of your data infrastructure. But in the new world order of AI, you have to feed the beast up front, and if that diet includes all sorts of private information, you need to be more proactive in your DLP.

I mentioned this to one of my readers, who had this to say about how our infrastructures have evolved over the years since we both began working in IT:

“In the late 90’s we had mostly dedicated business networks and systems, a fairly simple infrastructure setup. Then we went through web hosting and the needs to build DMZ networks. Then came shared web hosting facilities and shared cloud service offerings. Over the years cloud services have built massive API service offerings. Each step introduced an order of magnitude of complexity. Now with AI we’re dealing with massive amounts of data.”

If you are interested in how security vendors are approaching this issue, I would love to hear your comments after reading my post in SA. You can post them here.

This week in SiliconANGLE

One of the stories that I wrote this week for SiliconANGLE is chronicling the start of the Israeli/Hamas war. As many of you know, my daughter has been living there for several years, finding her husband and now has two small boys. The horrors of this catastrophe are too much for me to describe. My story is about the cyber dimension of the war, and what we know so far in terms of hacking attempts on various institutions. For those of you interested, I have begun writing my thoughts about what is happening to my family there and sending them out via email, LMK if you would like to see these remarks.

Today’s story is about the hopeful demise of Microsoft’s NTLM protocol. Well, sort of. Microsoft has been trying — not too hard — to rid itself of this protocol for decades. Many IT managers probably weren’t born when it was invented back in the 1980s, and few of them even remember when it ran on their networks.

I have written several times about the hackers behind the Magecart malware, which is used to compromise ecommerce servers, such as from Woo Commerce and Magento. This week’s story is about how the latest versions conceal the code inside a web 404 status page. Talk about hiding in plain sight. Most of us — probably all of us — haven’t given a 404 page much second thought, but maybe now you will.

This week also saw a new uptick in DDoS threats that have been observed by several of the major online operators. What is particularly troubling is that this botnet isn’t all that big — maybe 20,000 endpoints — yet is amplifying and generating enormous traffic loads, in some case more than a fifth of a normal’s day in web traffic. I write about how they happen with a new type of threat called rapid reset, based on the HTTP/2 protocol.

Finally, one more chilling story about a new type of spyware called Predator. It is another multinational journalistic endeavor that has simillarities to the Pegasus files from 2021. What makes this spyware lethal is that you don’t have to click on it to activate it, and how pervasive it has been seen across the planet.

Thanks for reading my work, and stay safe out there.

SiliconANGLE: The Hamas-Israeli war is also being fought in cyberspace

The war between Hamas and Israel is also raging across the cybersecurity realm, with various malware exploits, disinformation campaigns and recruitment of citizen hackers seen on both sides of the conflict. Security researchers are seeing an increase in cyberattacks targeting Israeli businesses and government agencies.

In my story for SiliconANGLE, I document some of the hacker groups involved.

How to protect yourself from Predator and other spywares

I wrote about the insidious operations of the spyware known as Predator for SiliconANGLE today. This nasty piece of work infects your phone and can capture everything going on around you, and what you type, and where you go, among other things. If this sounds familiar, it is. Remember the Pegasus spyware that was sold by the Israeli NSO Group?

A consortium of international researchers and reporters have published a coordinated expose about the spyware, just like what happened a few years ago with Pegasus. What I want to talk about in conjunction with this effort are things that you can do to protect yourself. While you may not be a target, if you are sufficiently paranoid, you might want to implement at least one of the suggestions from the main Amnesty International report to protect your privacy.

I have annotated their recommendations with my own experience.

  • Update your web browser and mobile operating system software as soon as any security updates are made available for your devices. Many of the latest updates have been triggered by these spyware revelations.
  • Enable Lockdown Mode (Settings/Privacy and Security) if you use an Apple device. This can make a successful compromise of your device more challenging for an attacker. I have implemented this and so far it doesn’t seem to mess things up with normal phone operations. It does produce a regular series of warning messages saying that it is still on.
  • Be wary of clicking links from anyone, but especially strangers or people you haven’t heard from recently. Do not rely only on the preview of the URL displayed on messaging apps or social media platforms as that might be deceptive.
  • Pay attention to any changes in your devices’ functioning (i.e., shortened battery life or overheated phones). However, this by itself is not a strong indicator of suspicious activity.
  • Disable the ‘Direct Messages from Anyone’ option on Twitter. Better yet, don’t reply to anyone there.
  • On your personal Facebook accounts, manage privacy settings to limit your profile’s visibility to existing friends.
  • Speaking of Facebook, I would also carefully evaluate any new friend or Messenger requests before accepting. Also, review your post comments for any entreaties from unknown contacts and delete them quickly. I almost always get several of these each time I post. And I have deleted the Messenger app from my phone, and just wait until I am back at my desktop and use the web version. The app collects all sorts of information about your contacts.

SiliconANGLE: How the International Red Cross aims to make civilian wartime hacking more humanitarian

The role of civilian hackers during warfare continues to expand, and now at least one group is trying to set up some rules of engagement. But whether the proposal from the International Committee of the Red Cross announced Wednesday will gain any traction and make these attempts more humane is anyone’s guess. In this story for SiliconANGLE, I review the roles that civilian hackers have played in previous conflicts, how the Russian/Ukrainian war has escalated civilian participation, and what this new proposal means for future conduct.

 

Review: The Roaring Days of Zora Lily

A book cover of a person

Description automatically generatedAs a man with absolutely no fashion sense I was surprised that I was drawn into this novel and how much I absolutely loved its characters, plot lines, and settings. At its heart is a love story that spans the past century. It centers on the life and career of the title character, who becomes an expert dressmaker and designer. She has the ability to feel her fabrics, sense the style and shape of her work which spans everyday wear to movie costumes. The story is told from two perspectives: besides Zora’s narrative which mostly takes place in the 1920s (hence the title), there is a no-so-small matter of a Smithsonian curator who is putting together a show of period costumes who finds out about Zora’s past. This book is just a sheer delight, and even though I couldn’t tell you whether some hem was dropped, set, or whatever, it was still a great read with fascinating descriptions not just of the clothes but the whole design ethos surrounding their art, creation and craft. Very highly recommended. Buy it on Amazon.

Book Review: Your Face Belongs to Us by Kashmir Hill

Author Logo“Instantaneous photographs and newspaper enterprise have invaded the sacred precincts of private and domestic life.” You might be surprised to find out that this quote is more than 130 years old, from a law review article co-authored by Louis Brandeis, and inspired by the invention of Kodak film. It appears in a new book “Your Face Belongs to Us,” by Kashmir Hill, a tech reporter for the NY Times. She chronicles the journey of digital facial recognition software, focusing on Clearview AI Inc. from scrappy startup to a powerful player in the field, and exposes their many missteps, failures, and successful inroads into becoming a potent law enforcement tool.

Clearview wasn’t the only tech firm to develop facial recognition software: Google, Facebook, Microsoft, IBM, Apple and Amazon all had various projects that they either developed internally or purchased (Google with Pittsburgh Pattern Recognition and Apple with Polar Rose for example). In either case, these projects were eventually stopped because they were afraid to deploy them, as Hill writes. Facebook, for example, had face recognition projects as early as 2010 “but could afford to bide its time until some other company broke through.” But Facebook didn’t delete the code but merely turned it off, leaving the door open for some future time when perhaps the technology would be more accepted.

She documents one of the biggest challenges: being able to identify people in various candid poses, with dim lighting, with poor resolution street surveillance cameras, and looking away from the ever-seeing lens. Another challenge is legal, with lawsuits coming at Clearview from literally all corners of the globe. Leading the charge is ACLU lawyer James Ferg-Cadima and the state of Illinois, which was an early adopter of biometric privacy.

Clearview has also brought many activists to protest and lobby for restrictions. One shared his opinion that “face recognition should be thought about in the same way we do about nuclear or biological weapons.” Clearview soon “became a punching bag for global privacy regulators,” she writes, and describes several efforts in Europe during the early 2020’s that resulted in various fines and restrictions placed on the company.

Police departments were early adopters of Clearview, thanks to today’s smartphone users that post everything about their lives. That has led to one series of legal challenges which was self-inflicted. Hill documents many cases where the wrong person was identified and then arrested, such as Robert Williams. “It wasn’t a simple matter of an algorithm making a mistake,” she writes. “It was a series of human beings making bad decisions, aided by fallible technology.” She wrote that one for a NY Times article entitled, “Wrongly Accused by an Algorithm.” In many of these wrongful arrest cases, the accused were black men, which could be tracked back to inadequate training data of non-white images. (Facebook had this problem for many years with its image recognition algorithm.)

Some of Clearview’s story is inextricably bound to Hill’s own investigations, where early on she tipped off the company about her interests and was initially blocked from learning more about their technology. Eventually, she would interview Clearview’s CEO Hoan Ton-That numerous times to connect the dots. “It was astonishing that Ton-That had gone from building banal Facebook apps to creating world-changing software,” she sums up his career.

The company was determined to “scrape” the web for personal photos, and today various sources claim they have accumulated more than 30 billion images. All of these images, as she points out, were collected without anyone’s explicit permission. This collection would become infamous and exemplify a world “in which people are prejudged based on choices they’ve made in the past, not their behavior in the present,” she wrote. You could say that on the internet, everyone knows you once were a dog.

She finds that Clearview created a “red list” which would remove certain VIPs from being tracked by its software by government edict. “Being unseen is a privilege.” Unfortunately, it is getting harder and harder to be unseen, because even if you petition Clearview to remote your images from their searches and from public web sources, they still have a copy buried deep within their database. Her book is an essential document about how this technology has evolved, and what we as citizens have to do to protect ourselves.

SiliconANGLE: After 10 years of crypto scammers, there is still a rocky road ahead

Running a criminal cryptocurrency enterprise has certainly gotten more complicated.

It was 10 years ago this week when Ross Ulbricht walked into a branch of the San Francisco public library to spend another day running the Silk Road, his marketplace for buying and selling illegal and questionable goods. He walked out in handcuffs after an elaborate sting operation carried out by the FBI. This week, the scene shifts to a downtown New York City courtroom, where former FTX Trading Ltd. founder and former Chief Executive Sam Bankman-Fried faces 12 counts that he attempted to defraud investors for his various alleged crypto-related schemes.

Although the two events deal with vastly different parts of the criminal justice system, they are notable bookends in the past decade for the rise and fall of cryptocurrencies, along with associated technologies regarding blockchains, smart contracts and other elements of this universe.

You can read my analysis of this historic moment in SiliconANGLE here.

Using Fortnite for actual warfare

What do B-52s and a Chinese soccer stadium have in common? Both are using Epic Games’ Unreal Engine to create digital twins to help with their designs. Now, you might think having a software gaming engine would be a stretch to retrofit the real engines on a 60-plus year old bomber, but that is exactly what Boeing is doing. The 3D visualization environment makes it easier to design and provide faster feedback to meet the next generation of military pilots.

This being the military, the notion of “faster” is a matter of degree. The goal is for Boeing to replace the eight Pratt and Whitney engines on each of 60-some planes, as well as update cockpit controls, displays and other avionics. And the target date? Sometime in 2037. So check back with me then.

Speaking of schedules, let’s look at what is happening with that Xi’an stadium. I wrote about the soccer stadium back in July 2022 and how the architects were able to create a digital twin of the stadium to visualize seating sight lines and how various building elements would be constructed. It is still under construction, but you can see a fantastic building taking shape in this video. However slowly the thing is being built, it will probably be finished before 2037, or even before 2027.

Usually, when we talk about building digital twins, we mean taking a company’s data and making it accessible to all sorts of analytical tools. Think of companies like Snowflake, for example, and what they do. But the gaming engines offer another way to duplicate all the various systems digitally, and then test different configurations by literally putting a real bomber pilot in a virtual cockpit to see if the controls are in the right place, or the new fancy hardware and software systems can provide the right information to a pilot. If you look at the cockpit of another Boeing plane — the iconic 747, now mostly retired, you see a lot of analog gauges and physical levers and switches.

Now look at the 777 cockpit — see the difference? Everything is on a screen.

product image

It is ironic in a way: we are using video gaming software to reproduce the real world by placing more screens in front of the people that are depicted in the games. A true Ender’s Game scenario, if you will.