Tag Archives: Virginia

Using LinkedIn to Research Spies Like Us

image

Several of the 11 alleged Russian spies leave interesting imprints on LinkedIn, suggesting rewarding pickings for journalists.

Donald Heathfield, for example, had 74 connections.

His specialities sound like they could equally applied to espionage:

Comprehensive management of Risks and Uncertainties, Anticipatory Leadership, Building of Future Scenarios, Development and Execution of Future Strategies, Capture of Strategic Opportunities, Global Account Management

Amusing to hear the recommendations:

“Refreshing to work with him as he puts complexe initiatives together that always fits with the end goal that was laid out as our objective.” November 3, 2008

Gerard Bridi, President, Accor Services WiredCommute
was with another company when working with Don at Future Map

“Working with Don is very enjoyable. He has a pleasant style, whilst always acting professionally. Very results and solutions focused. He does not get flustered when problems occur, patiently facilitating teams to craft a way through to their end goal.” November 2, 2008

Top qualities: Great Results, Personable, Expert

image

Tracey Foley (Ann Foley), Heathfield’s wife, doesn’t have so many connections (20) but she’s a member of many groups—including four French related one and a Singapore group one. We know that Heathfield had connections in Singapore and Jakarta. Something to explore there?

Michael Zottoli appears to have a LinkedIn account, but only 10 connections and hasn’t updated it since his move from Seattle to Virginia. Patricia Mills, his wife, doesn’t seem to have a LinkedIn account.

Mikhail Semenko had 124 connections, a twitter account (10 followers, 3 tweets) and a blog about China (one post talks about the need for greater Russia China cooperation).

Richard/Cynthia Murphy NJ. Cynthia has 98 connections on LinkedIn and is a member of three groups. Christopher Metsos has no LinkedIn page that I could find.

Anna Chapman’s public profile seems to have been removed. But her main profile is still active, (you can also find it here.) and indeed, her company, PropertyFinder Ltd, has a similar name to Ann Foley’s public LinkedIn profile page: homefinder. A link there, maybe?

Her twitter feed stops abruptly on June 26 at 4.46 am (and yet wasn’t arrested until June 28. I guess she took the weekend off.) She was following a lot more people than were following her (687 vs 277, but she was really only just getting going: After tweeting first on March 13, she didn’t do much until June 16, after which she was tweeting every few hours. Could something have prompted her into more frequent updates?)

She also has a number of recommendations, from Said Abdullaev, a VP of Moscow-based Fortis Investments, who offered this:

“Anna’s entrepreneurial flair does not cease to amaze me, she sees opportunities in places were most would not think to look, and she makes them work.” November 24, 2009

Who Needs Enemies When You Have Facebook Friends?

It might be time to remove a) all your data and b) all third party apps from your Facebook profile. Here’s why.

Add a Facebook app — SuperPoke, all that kind of stuff — and you’re required to agree to “allow this application to…know who I am and access my information.” Disagree and you can’t install it.

Now this may be fine for you. But what the application doesn’t say is that the application is also now able to access the private data of your friends. To be clear about this, I’m not talking about friends who also agree to install the app; I’m talking about all your friends, period.

And most applications do access this data, without really needing to, according to research by the University of Virginia. In other words, by accepting someone’s friendship on Facebook, you’re agreeing to allow all the third party apps they install to access your private data.

What is private data? Well, think your name, your profile picture, your gender, your birthday, your hometown location…your current location…your political view, your activities, your interests…your relationship status, your dating interests, your relationship interests, your summer plans, your Facebook user network affiliations, your education history, your work history,…copies of photos in your Facebook Site photo albums…a list of user IDs mapped to your Facebook friends. (from Facebook’s Application Terms of Service, via Webware.)

This is not good. Especially when you consider that this data is stored, not on Facebook’s computers where you and they might be able to keep an eye on it, but on the computers of the third party apps. And this is where it gets tricky.

Facebook’s response to these revelations, detailed and explored by Chris Soghoian over at Webware, is that it’s basically up to us users to gauge whether a Facebook app is kosher and going to be careful with our data. But who are these third party developers?

I explored this a bit last November, when I tried to find out who was behind one app called ATTACK! I eventually was able to, but it wasn’t easy, and it definitely wasn’t just a question of visiting their homepage (they didn’t have one, although the developers have since posted a comment there saying they hadn’t had time to set one up, and have changed certain features. It still doesn’t have a link to any webpage that might give a user any insight about who is behind the app, though the developers do provide links to their Facebook pages.)

The points are twofold:

  • Our data is vulnerable to the weakest link in the chain, which will be a friend we’ve given full access to who installs every third party app there is. Do you know who all your friends are, and can you trust them not to install every app they come across?
  • We’re endangering our friends’ security by installing third party apps.

For me the bigger issue is this. Facebook is already facing investigation in the UK for making it too hard to delete one’s personal data. So, if these third party apps are storing our data without our knowledge on their own computers, what happens to that data if we decide to delete our private data from our Facebook account, or our Facebook account entirely? How do we know what is deleted and what isn’t?

Exclusive: The next Facebook privacy scandal | Webware : Cool Web apps for everyone

News: Demise by Increment?

Is the problem with journalism that it always focuses on the increment?

Was reading Jeff Jarvis’ piece on the revolutionary impact of the iPhone — not, I hasten to add, about the iPhone as an item (the fetishism surrounding it may mark a lowpoint in our materialistic age) but about the citizen journalism coverage of the absurd lines forming outside shops by those eager to be an early buyer (yes, this, too, may mark a low-point in our cravenly submissive consumer culture, but let’s not go there. At least for now.)

No, Jarvis was more interested in this real-time coverage and what it represents. He rightly suggests this is real-time coverage on a par with the Virginia shootings — something that Duncan Riley, who writes good stuff at the usually puffy or snarky TechCrunch, has already called eventstreaming.

Jarvis is right: the subject matter aside (Virginia Tech shootings vs absurd consumer lines outside stores that don’t sell out) this is a good dry run for something more serious. But it’s Jarvis’ other point (if you’ve read this far, sorry for the wiggly lines getting here) that caught my attention: the tendency of media to pick holes in the potential of this:

Problems? Of course, there are. I never sit in a meeting with journalists without hearing them obsess about all the things that could go wrong; that is, sadly and inevitably, their starting point in any discussion about new opportunities. I blew my gasket Friday when I sat with a bunch of TV people doing just that.

Very true. Journalists do this all the time. That’s because we’re trained to. Not a bad thing, actually, being able to spot problems. But it has a downside. And quite a big one. It’s this:

Journalists are taught to identify “news”. In some situations, it’s obvious: A bomb goes off in Baghdad; two guys drive a flaming SUV into Glasgow Airport; Apple launches a cute phone. All news, and no one would disagree.

But it’s the rest of the stuff that gets problematic. Most journalists don’t have these kinds of stories to work with so they’re forced to look for them, and that mostly involves prying apart things, people, organizations, situations, points of view and seeing some incremental change or difference that merits a news story, such as U.S. family terrorized by possible phone hoax (Cellphones Terror Weapon Horror!)

So Wikipedia, for example, gets coverage not for the millions of great articles in there and the millions of people who go to it first for information, but the few articles that are wrong, badly written, libelous, mischievous or biased. That, for a journalist, is the news story. (Wikipedia Unreliable Shock!)

Some companies and PR folk know this tendency and exploit it: Several security companies base their business model on the idea that there are enough journalists out there to write scare stories about mobile phone viruses for an industry to emerge (I wrote what I thought was a piece somewhat mocking this scaremongery only to get another company in the same business email me thanking me for my article and suggesting that I write about their product, which rests on all the same scaremongery that I was trying to pooh-pooh.)

I am not saying journalists only write negative stories and not positive ones. I’m saying that we journalists tend to focus on kinks in the same picture, magnify them and then call it news. This is nothing new, but we should be smart enough to realize that if it’s not just us journalists making the news anymore, we have to be ready to accept the notion of “news” is changing.

Just as we can see lots of things going wrong with citizen journalism, and fixate on those to the exclusion of the bigger picture, we may well be missing the bigger picture that technology is giving us.

IVR Cheat Sheets, And Dirty Tricks?

The IVR debate rumbles on. Could automated voice phone systems be better than just having a human answering the phone? Is it better to cheat the system? Paul English’s cheat sheet has appeared more than 100 TV and radio stations in a month. One company, Angel.com, has been fighting back, first with a pretty harsh broadside, but now appears to have replaced it (the page redirects) with a more measured ‘IVR Cheat Sheet for Businesses’, figuring, I guess, that if you can’t beat ‘em, join ‘em.

Anyway, I got an interesting take on it this morning as a comment appended to my blog from someone who identified herself as Kate, with a believable-looking email address. ‘She’ wrote:

Paul English makes some great points. I saw his piece on ABC World News Tonight and he’s bringing to light that most companies operating in the IVR space have shoddy systems. In my opinion, Angel.com is one of the few companies in the IVR industry trying to change things, however, with web-based next generation systems that link to CRM systems. Small businesses are finally able to create IVR systems (using a self service model if they wish) that are even more sophisticated than what large industry is using. My Dad uses the system for his online ebay store selling vintage posters and autographed baseballs. He’s able to provide far better customer service using Angel.com’s system than he would ever be able to provide on his own. The boon to small business of using these inexpensive, next generation IVR systems is getting lost in the debate.

That’s one well-written comment. I was impressed (as I imagine, would be Angel.com. Not only can they be linked with the little guy (and who wants to bash the little guy?) but they get to bash some of their competitors too). But not being cynical about the posting, I allowed it through and emailed ‘Kate’ with a request to interview her father. If true, it’s a valid point and one to explore.

What I didn’t expect was for the email to bounce. Not that unusual, especially with comment spam, but not when the given name (‘Kate’) jibes with the email address (‘katerobins@yahoo.com’). Why go to the trouble of putting a believable fake email address, especially when you presumably would be quite happy if someone followed up and got a bit of publicity for your eBay-selling dad? Baffled, I checked the IP address where the comment came from: a Verizon address in Washington DC. Not, coincidentally, that far from Angel.com HQ in McLean, Virginia.

I wish I could say my sleuthing took me further. But I could find no Kate Robins in the phone book, no sign of someone with that Yahoo address on Google, or anyone on eBay who might be her dad (not that surprising; it’s a big place). I’ll keep looking, but if anyone knows Kate Robins, her dad, or could shed any light on this, I’d love to hear from them. I’d hate to think that my blog is being used by anonymous shills to do damage limitation exercises for the IVR/CRM industry. On the other hand, if Kate does exist and just mistyped her email address, I’d love to follow up the angle she suggests.

Bicycle Bandits And Phishing

Further to my post about the phishing incident at SunTrust, you don’t always need to be that sophisticated to rob a bank. All you need is a bicycle.

Late last month, the Richmond Times-Dispatch in Virginia reported that a man entered the SunTrust bank in Richmond “shortly before 11 a.m. and made a verbal demand for money. He displayed no weapon. After receiving an undisclosed amount of cash, the man fled on a bicycle heading west toward the Toys “R” Us store.” Clearly a man keen to get his kids’ Christmas shopping out of the way ahead of the rush.

It may not be the first time the Bicycle Bandit has hit. The Dispatch reports: “Police are investigating whether the man is the same person who robbed the Bank of Richmond at 8905 Fargo Road on Nov. 15. In that case, the robber also escaped on a bicycle.” Quite a getaway.

Could this be the same guy behind the phishing attack? Was he just probing the bank’s vulnerabilities, and decided to opt for cross-site scripting rather than a bicycle-borne attack?

Pentagon Scraps Internet Voting Plan

Further to earlier postings about security fears for a new Internet voting system for overseas Americans, AP is quoting an anonymous official as saying the Pentagon has scrapped the plan. CNET attributes the same story to a spokesperson for the Pentagon.

AP quoted the official as saying Deputy Defense Secretary Paul Wolfowitz made the decision to scrap the system because Pentagon officials were not certain they could “assure the legitimacy of votes that would be cast.” CNET quoted a spokesperson as saying pretty much the same thing:  “The action was taken in view of the inability to ensure the legitimacy of the votes cast.” 

About 6 million U.S. voters live overseas, most of them members of the military or their relatives. Pentagon officials had said they still planned to use the system, called SERVE, this fall and would test it during last Tuesday’s South Carolina primary. But the day before the voting the Pentagon called off the South Carolina test. CNET says the Defense Department is not completely dropping the idea: “Efforts will continue to look into all technical capabilities to cast votes over the Internet,” the spokesperson was quoted as saying.