Diving into UEBA systems that large corporations use to protect themselves from cyber attacks, espionage, noncompliance, fraud, 'insider' threats and other risks ...I feel like this is a kind of totalitarian surveillance hellscape we'd never accept in any other area of life.
"A Watch List is used to monitor entities ...that are considered problematic or require special attention"
"...users who have received a poor performance review can be placed on a Watch List so that their activity can be closely monitored" #cybersecurity
An "abnormal number of logon failures", a "rare domain visited" or "flight risk behavior on web browsing to multiple job sites in a short period of time" ...put this employee on the Watch List #cybersecurity
In 'Spotter'. The product is called "SNIPR".
(p378)
Currently going through security/SIEM/UEBA systems by IBM, Microsoft and Forcepoint, each of them consisting of dozens of products, and there's thousands of pages of docs available, uhm.
• • •
Missing some Tweet in this thread? You can try to
force a refresh
"Just as algorithms could be trained to predict who would click what ad, they could also be trained to predict who would like or share what post, and then give those posts more prominence"
"Teams had previously used design tactics, like experimenting with the content and frequency of notifications, to try to hook users more effectively. Their goal…was to increase a metric called L6/7, the fraction of people who logged in to Facebook six of the previous seven days"
After introducing ml-based optimization, "every user interaction once analyzed by engineers was being analyzed by algorithms. Those algorithms were creating ...more personalized feedback loops for tweaking and tailoring each user’s news feed to keep nudging up engagement numbers"
Yes, much of today's surveillance-based advertising is something between an empty promise and a giant fraud.
But the fact that we're all getting badly targeted ads does not mean that it doesn't work, because this is how it is intended to work, if it does. ft.com/content/b013d9…
It's a misunderstanding that surveillance advertising aims to accurately target everyone. If at all, it aims to accurately target a low percentage of addressed users in order to make them act how it wants them to act.
Spamming everyone else is always part of the calculation.
Much of the data is flawed or fraudulent in today's broken web economy, and many metrics, clicks and even users are fake.
At the same time, attempts to optimize behavior in digital environments based on mass profiling and testing can be successful and lead to many side effects.
T-Mobile US says it will start selling web+device usage data to the digital profiling industry by default.
But don't worry it's not tied to your name but only to personal identifiers that are much more suitable to track and follow you everywhere anyway. t-mobile.com/privacy-center…
Telecommunication services are basic digital infrastructure, and they should not be allowed to sell behavioral data at all.
It's bad enough if they trick people into 'opting in', selling it by default is beyond bad.
Such reckless and irresponsible business practices must end.
Also, T-Mobile US owns PushSpring, a consumer data broker that trades in extensive mobile data on hundreds of millions of people without their knowledge.
Do I get this right that the current state of Google et al's TURTLEDOVE/FLEDGE proposal would lead to browsers putting users into myriads of 'interest groups', still allowing advertisers, publishers and third-party adtech companies to almost act 1:1 on specific user behavior?
...as long as 100 users behave similarly, which is not a really tough restriction. Almost no remarketing/etc campaign addresses less than 100 potential targets.
I didn't have the time to follow the developments :/
Generally, I feel like Google and a few other players are working on this fundamental effort to preserve/perpetuate a web economy based on behavioral advertising without any relevant participation of non-industry stakeholders.
Cashier Watch Status: High Risk
Prior Exceptions: 3
Oracle's panoptic "Retail XBRi Loss Prevention" system constantly monitors cashiers and provides a ranked list of "high-risk" workers to "identify suspicious trends, transactions, and other data anomalies" #corporatepolice
And the best thing is you can use the *same* data from POS systems and other sources to also monitor performance! #crosspurpose
...by integrating Oracle's "Retail XBRi Loss Prevention" system with Oracle's "XBRi Sales and Productivity" system. oracle.com/industries/ret…
This is also great.
Appriss "Secure Store" promises to "uncover employee outlier behavior" for fraud and theft prevention but also to "improve efficiencies at the point-of-sale" by decreasing "sales reducing activities (SRAs)", as they call it. apprissretail.com/solutions/secu…