Diving into UEBA systems that large corporations use to protect themselves from cyber attacks, espionage, noncompliance, fraud, 'insider' threats and other risks ...I feel like this is a kind of totalitarian surveillance hellscape we'd never accept in any other area of life.
"A Watch List is used to monitor entities ...that are considered problematic or require special attention"

"...users who have received a poor performance review can be placed on a Watch List so that their activity can be closely monitored" #cybersecurity

documentation.securonix.com/onlinedoc/Cont… Image
An "abnormal number of logon failures", a "rare domain visited" or "flight risk behavior on web browsing to multiple job sites in a short period of time" ...put this employee on the Watch List #cybersecurity

In 'Spotter'. The product is called "SNIPR".

(p378) Image
Currently going through security/SIEM/UEBA systems by IBM, Microsoft and Forcepoint, each of them consisting of dozens of products, and there's thousands of pages of docs available, uhm.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Wolfie Christl

Wolfie Christl Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @WolfieChristl

12 Mar
"Just as algorithms could be trained to predict who would click what ad, they could also be trained to predict who would like or share what post, and then give those posts more prominence"

#longread on the history of 'engagement' maximization at Facebook: technologyreview.com/2021/03/11/102…
"Teams had previously used design tactics, like experimenting with the content and frequency of notifications, to try to hook users more effectively. Their goal…was to increase a metric called L6/7, the fraction of people who logged in to Facebook six of the previous seven days"
After introducing ml-based optimization, "every user interaction once analyzed by engineers was being analyzed by algorithms. Those algorithms were creating ...more personalized feedback loops for tweaking and tailoring each user’s news feed to keep nudging up engagement numbers"
Read 5 tweets
11 Mar
Yes, much of today's surveillance-based advertising is something between an empty promise and a giant fraud.

But the fact that we're all getting badly targeted ads does not mean that it doesn't work, because this is how it is intended to work, if it does.
ft.com/content/b013d9…
It's a misunderstanding that surveillance advertising aims to accurately target everyone. If at all, it aims to accurately target a low percentage of addressed users in order to make them act how it wants them to act.

Spamming everyone else is always part of the calculation.
Much of the data is flawed or fraudulent in today's broken web economy, and many metrics, clicks and even users are fake.

At the same time, attempts to optimize behavior in digital environments based on mass profiling and testing can be successful and lead to many side effects.
Read 10 tweets
11 Mar
T-Mobile US says it will start selling web+device usage data to the digital profiling industry by default.

But don't worry it's not tied to your name but only to personal identifiers that are much more suitable to track and follow you everywhere anyway.
t-mobile.com/privacy-center…
Telecommunication services are basic digital infrastructure, and they should not be allowed to sell behavioral data at all.

It's bad enough if they trick people into 'opting in', selling it by default is beyond bad.

Such reckless and irresponsible business practices must end.
Also, T-Mobile US owns PushSpring, a consumer data broker that trades in extensive mobile data on hundreds of millions of people without their knowledge.
Read 11 tweets
1 Mar
Samsung's stock health app now showing ads on a friend's Samsung S9 phone, which he bought for hundreds of €.
'Receive marketing information' in the device/privacy settings turned off.
I wonder what kinds of personal data Samsung health app processes/transmits for purposes other than providing health/fitness functionalities.

According to Exodus, the app version installed on the device has Google stuff embedded, as well as AutoNavi/Amap.
reports.exodus-privacy.eu.org/en/reports/166…
Read 12 tweets
27 Feb
Do I get this right that the current state of Google et al's TURTLEDOVE/FLEDGE proposal would lead to browsers putting users into myriads of 'interest groups', still allowing advertisers, publishers and third-party adtech companies to almost act 1:1 on specific user behavior?
...as long as 100 users behave similarly, which is not a really tough restriction. Almost no remarketing/etc campaign addresses less than 100 potential targets.

Fledge:
github.com/WICG/turtledov…

Turtledove:
github.com/WICG/turtledov…
I didn't have the time to follow the developments :/

Generally, I feel like Google and a few other players are working on this fundamental effort to preserve/perpetuate a web economy based on behavioral advertising without any relevant participation of non-industry stakeholders.
Read 12 tweets
26 Feb
Cashier Watch Status: High Risk
Prior Exceptions: 3

Oracle's panoptic "Retail XBRi Loss Prevention" system constantly monitors cashiers and provides a ranked list of "high-risk" workers to "identify suspicious trends, transactions, and other data anomalies" #corporatepolice
And the best thing is you can use the *same* data from POS systems and other sources to also monitor performance! #crosspurpose

...by integrating Oracle's "Retail XBRi Loss Prevention" system with Oracle's "XBRi Sales and Productivity" system.
oracle.com/industries/ret…
This is also great.

Appriss "Secure Store" promises to "uncover employee outlier behavior" for fraud and theft prevention but also to "improve efficiencies at the point-of-sale" by decreasing "sales reducing activities (SRAs)", as they call it.
apprissretail.com/solutions/secu…
Read 4 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!