Schneier on Security

Clive Robinson • July 13, 2019 4:35 PM

@ AL, VinnyG,

While I agree with your sentiments, as it applies to the President and AOC, the misgivings I have with this case deals with the court’s ruling, as it applies to Twitter

This should have little or no impact on twitter as a comercial entity.

Look at it this way,

Firstly the US Government is not supposed to indulge in propaganda against US citizens.

Secondly if any US official makes statments as a “public official” they have to be mindfull of “Malfeasance in Public Office”.

So if a US official made comment on twitter they only have two options,

1, Alow no comment.
2, Alow all comment.

Because only alowing favourable comment is a form of lying which contravenes both the propaganda and malfeasance rules.

The only comments they could reasonably get away with blocking are those that “Offend the Public Morals” or “are likely to result in a breach of the peace” or other criminal act. I know this can be stretched a bit, but not enough such you can get away with propaganda, thus malfeasance.

The court realy does not have much choice and as I said it has little or nothing to do with twitter. Who could now quite legitimately close the accounts / access the current US administration officials the court has found against have.

Put simply the court should have regarded Twitter as a “common carrier service provider” as it reduces complications. Thus regarding Twitter as not being a “publisher” who would be held accountable for “published content” others chose to publish over their network. Just as telephone services are not held responsible for bad language etc that goes across their telephone networks.

The fact that Twitter provided a “mechanism by which a user” could block comments is not at issue. After all users can “hang up” on or “divert to VM” an unpleasant “phone call” is most definately a “user issue” not a “servive provider issue”.

Clive Robinson • July 14, 2019 1:16 AM

@ 65535, sil, gordo,

I you notice Palantir gets data not only from Law Enforcement, it gets data from…

The list is also missing other sources of information.

I’ve been warning about Peter Theil and Palantir off and on for a while. Information is hard to find out, but what there is does not bode well for society.

If you want creepy data sources heading that way you could start with education establishments world wide switching over to Google for handing out and getting back assignments and teachers comments etc. Worse is the so called “anti-cheat” software that looks for supposed plagiarism / copying / collaboration etc. The results end up getting churned into Palantir as well and become part of your Western “Social Credit Score”.

The problem is that cheating software is notorious for false positives in oh so many ways… Say you make a direct quote in a piece of work which is something that is an absolute requirment when making argument etc. Back when I was a student you would use quote marks around the text and a refrence indicator such as square brackets with a number or similar in it to a refrence at either the end of the document or if a larger work at the end of each chapter. Or you would just italicize the text and place a couple of dashes then the persons name.

But apparently this is nolonger sufficient, you have to do things the softwares way, which can be very convoluted and error prone.

Oh and watch out for reusing your own work some education establishment put students work into the system thus making the same statment twice or including previous work as an appendix etc gets you marked as a plagiarist or cheat…

Apparently it’s got to the point where some are “lawyering up” and thus a new specialism has oppened up…

But Palantir has no obligation of “honest reporting” so false accusations of any kind stay in your cradle-grave docket, forming part of your Western “Social Credit Score”

And as the UK Met-Police found those that can get access can be very creepy as well, such as Cambridge Analytica, which had access to Palantir data in a similar way to Facebook user data.

Oh and then there is the medical and related insurance company data that can be bought or obtained for “research” deanonymising that is lucrative business. Oh and don’t forget the data from those “Test your DNA” and “Find your Family History” firms. That’s all destined to head into your Western “Social Credit Score”.

The point behind Peter Thiel’s Palantir is to be a bigger and better “social database” than any other in the world, thus the get to database for any IC or LE or other interested entity world wide. And as long as Peter and friends data is kept out he is happy to sell to anyone at a price.

As our host has mentioned in the past there are issues with such aggregating data bases. Not the least of which is they become the “single history” of an individual that the individual has no control over.

Thus innocent lives can be blighted and fake individuals can be created. Control the data of the worlds individuals and you in effect control the world.

A few years ago in the UK “construction workers” were having their ability to work constrained. It turned out that somebody had a private data base of union, health and safety and other records. The big construction firms would also put data into this DB thus you do anything an employer did not like and you had a black mark for life, thus little or no work. We know other such prejudicial databases exist and in the EU they are illegal, but in other parts of the world they are not.

Palantir’s DB is set to be worse than any of those databases, because they want to bring in AI to find people who are different in various ways and “red flag” them. Because they can make money a lot of money as various organisations get their budgets cut Palantir will step in to “fill the gap” and as with drug dealers once they have you on the hook the price will go up and those saving from budget cuts will become haemorrhages to Palantir…

As they say,

“Welcome to the brave new world”

Clive Robinson • July 14, 2019 1:10 PM

@ VinnyG,

Couldn’t the promiscuous and unvetted data collection of such tools be their true vulnerability?

Most would like to think that… But we kbow it does not work that way.

Take the “No Fly List” we know that much of it is substantially wrong, and it critically effects your abiliry to travel, thus earn a living and live as “A free individual without prejudicial constraint”.

But if you are on the list you try challenging it… If I remember correctly only the politician.Ted Kennedy managed to make headway. Others who have tried are told they can not “show standing” thus have no legal basis to bring action…

Do you realy think that when Palantir has wormed it’s way into US agencies and entities, you would get “standing” of course not. Whilst a synopsis of your docket would be available to some “Comercial Confidence” would stop you or in fact anyone else seeing the actual data the synopsis is made on by the A.I. Thus the algorithms will be not just proprietary but unexplainable and you will not get any head way because of it.

Mean while as @Ergo Sum notes new markets based not on the raw data vut the A.I. Proceced output will become available to any one who thinks they have an interest and will sign up to Palantir’s rates and conditions.

In order to protect their market Palabtir will almost certainly “watermark” or put a “Canary Trap” in every single piece of data they hand out so they can track back leaks of their propriatary processed data and take swinging civil action, not just against the person who leaked a data synopsis to a data subject but to the entire organisation. Once Palantir have their hooks into an entity/agency and they are dependent Palantir will just pull the plug on them untill Palantir is happy not only have they been punished but their funders and any orher related entity/agency.

The power Palantir will get is such that they won’t care if much of their raw data is contaminated neirher you nor any other entity/agency will get to see it. At best you will be told it’s your fault that you had some quirk that the A.I. software associated with high risk individuals. In essence it’s your fault for not being a “norm” but we can not tell you why you are not a “norm” so your problem not theirs. Because their algorithms not them have associated you with “TerroMakers” therefor you must be guilty of something…

In essence you won’t have the money, the power, or the influance to get things changed. And if you are stupid enough to try then Palantir will find some excuse to use civil law to drive you into bankruptcy as loudly as possible so everyone knows what their fate will be if they try to challenge Palantir…

It’s the new way of doing business, justice is irrelevant when there is more profit to be made by locking people up without reason.

Think of it as the modern “water trial” where if you sink and drown you are either innocent or cheating, if you float you are guilty thus should become public example/entertainment at the gallows or stake. Being hung, drawn and quatered or burnt alive. Or more creatively boiled alive or some other delight like death by a thousand cuts etc. The fact you are innocent of the charges is irrelevant, you’ve been named by the new god[1] and that is sufficient to become both a “new-age” lesson and grizzly entertainment…

[1] Listen to Zager and Evens “In the year 2525” to see how long that’s been envisaged… Rick Even’s wrote the song in 64, befor most people even knew what a computer was, and shortly after our host @Bruce was born. There could be a new “Bruce Fact” in there 😉

Clive Robinson • July 14, 2019 4:23 PM

@ gordo, 65535, Ergo Sum, sil, VinnyG,

For marketing purposes, call it “SAFE” because, of course, it’s not.

Yup, that’s the nub of it.

Clive Robinson • July 17, 2019 6:45 PM

@ Dirk Praet,

We haven’t spoken in a while.

Yes, you disappeared off to the land of Sun and Sangria, on a new job that sounded quite hectic. I can’t remember if it was a fixed term contract or something more traditional, So I guess I should at the very least ask how it’s going?

As for me, life is fairly quiet for the same old reasons… Oh and the medical proffession has decided I can be improved with implanted “bugging” devices… Apparently having your heart stop for 5-10secs when it feels like it is not conducive to much, other than ending up resting on the ground. So as normall with me they fix one problem only to create another with the heart screaming up to 180-200BPM when it feels like it… After twenty years of this unless you like meeting doctors and nurses oh and hospital food then it tends to get quite dull.

Not sure if you’ve been lurking or not, but it’s a little quieter on this site compared to a few years back. @Nick P has moved over to the –invitation only– lobste.rs site, @Wael is still reading along as is @Thoth others are still poping up from time to time but not as much as in the past.

The big trouble / “Elephant in the room” is tech has been noticed by politicos, their minions and wannabes. Who like the proverbial camel and it’s nose are pushing in under the tent flap and leaving unwanted piles of output all over the place. Thus technology news is likewise polluted by the piles of political stuff you would not want on the sole of your shoe or worse trod in the carpet. Thus trying to find tech news that is politically agnostic is difficult. Likewise with the wider security field, so topics for discussion are not as meaty as they once were.

But back to you, are you back to your old haunts etc?

Clive Robinson • July 19, 2019 9:11 PM

@ MarkH,

Harry St John Philby, didn’t go so far as spying for an enemy state, he did work strenuously to undermine and oppose British interests in the Middle East.

Be carefull when treading in this area, much of the anti-zionist / anti-semitism comments made are based on supposed research by “John Loftus and Mark Aarons” who try and fail to launch a conspiracy theory in their book “The Secret War Against the Jews”. They formed an odd couple of an ex US State Dept “anti-Nazi” lawyer and an Australian communist journalist.

Whilst a number of things they report in the book are based in some measure of fact the interpretation is at best well off of the mark and the conclusions pure conspiracy theory. In some cases having gone straight through consipracy theory and out the other side bordering on what might be called “comically insane” to anyone who actually does some independent research on primary sources.

So before you shell out money for the book you might want to first read a couple of reviews from shortly after the books publication (not the current nonsense that proliferates on the Internet due to echo chamber issues),

https://www.kirkusreviews.com/book-reviews/john-loftus/the-secret-war-against-the-jews/

http://www.ussliberty.org/secret.htm

Unfortunatley the likes of Wikipedia have fallen into the trap of believing the book to be a “reliable secondary source” which it is most certainly not. As a result it has poisoned a number of Wikipedia’s articles. Worse because of Wikipedia being the goto “lazy research” tool the nonsense gets endlessly repeated on the Internet, often as just “cut-n-paste” faux journalism.

Checking with a primary source like the UK National Archive in Kew South West London throws much of “Loftus and Aarons” work into significant doubt. No doubt similar searches in other national archives that cover the same time period will throw up other things.

However you are wrong when you say that St John “Jack” Philby “didn’t go so far as spying for an enemy state” he did for both India and the USA and most likely for Russia as well. Just one result being Russia threatening both Great Britain and France with “nuclear missiles”.

The question that gets asked in Jack Philby’s case when he was working for the British Secret Inteligence Service is “Was Jack a double or triple agent?”. It’s of intetest to note that Jack was the person who was not just responsible for recruiting his son “Kim” (Harold) by his first wife into SiS but actually had sufficient influence to aid his career there for quite some time. There is still a lot yet to come out about both the Philby’s, that I suspect that some of those from around that time would not have liked revealed to their grand or great grand children.

https://www.independent.co.uk/news/spies-philbys-widow-tells-of-an-englishmans-life-in-exile-1289572.html

Both Philby’s were at the very least “Old School Socialists” and there is debate about who converted Kim to Communism. Usually it’s put down to being others in the “Cambridge Ring” or Kim’s first wife of Hungarian-Jewish ancestry. What is actually more likely is that it was the elder Philby’s old school socialist sentiments that were in all but name allied with the socialist thinking of both Karl Marx and later George Orwell. Back when Philby senior was first recruited into SiS during WWI Russia was where “The Great Game” of espionage was being played at it’s most intense and the notion of “Communism” as a threat to the then “British way of life” was first seriously pushed. Thus Philby senior would have been well “indoctrinated” about communism and it’s supposed “Jewish” origins and violent progrom anti-semitism (that has been claimed arose from anti-semitism in France a century or more befor, that was pushed out of France and spread across Europe to the east with the rise of Napoleon and his civic codes). However violent attacks against Jews happend scant years befor in Ireland (1904 Limerick) and against Jewish shops in Wales (1911 Tredegar) thus would have been in the general public mind still, especially with the increasing numbers of refugees from eastern Europe and Russia.

Clive Robinson • July 25, 2019 3:21 AM

@ gordo,

The most important paragraph was the last,

Cambridge Analytica filed for bankruptcy in May 2018 and has not settled the FTC’s allegations.

It’s known in some circles as a “walk away”. Effectively what happens is the board takes out what financial assets it can[1], then resigns or sells the company to a cut out, thus have no further interest in the company[2][3]. What is left then becomes the property of the “receivers” not of the now ceased trading company or it’s former directors. The receivers sole duty is to raise the best value possible on the remaining assets to meet the creditors claims. The receivers take first dip to cover their fees then the various preferential credirors in a defined order.

This means two things. Firstly anyone who has purchased the assets from the receivers does so “free of lien” just as you do via any normal auction.

Secondly the company as was has no control of it’s remaining assets, so any legal judgment after the receivers are appointed has no meaning, it’s like sending a corpse to do jail time.

Which effectively means the FTC action is just a paper pushing excercise. Unless the old company officers are daft enough to go on holiday to the US or any place it has sufficient swing to get some kind of extradition going.

It’s one of the reasons holiday homes in Panama, Turks and Cacos islands etc used to be so attractive.

[1] One way of doing this is not to have assets held in the operating company in the first place, but rent them via a Limited Liability Partnership etc. Another is through an “Offshore back to back” loan arangment where profit goes into one account, which then provides fully tax deductable loans from the other account. The company is thus apparently heavily in debt to one or more banks who are preferential lenders, as well as legaly not paying tax. Thus the directors could take loans on the assets they can not quickly sell to “keep the company viable” and make that money disapear in golden handshakes and the like. Plus a hundred more tricks which are just on the right side of the line.

[2] If they are sensible they leave enough assets to avoid criminal charges or disbarment as a director. As long as things are kept out of criminal enquiries there is little that can be done.

[3] You might want to look up who was the original founder / owner of the company it might raise an eyebrow or two. Oh and likewise look at some of their activities through criminal enterprises in what was eastern europe but is nolonger and then follow the connections back to certain organisations that have been buying up online adds a few years back.