Jun
22
2018
--

Security, privacy experts weigh in on the ICE doxxing

In what appears to be the latest salvo in a new, wired form of protest, developer Sam Lavigne posted code that scrapes LinkedIn to find Immigration and Customs Enforcement employee accounts. His code, which basically a Python-based tool that scans LinkedIn for keywords, is gone from Github and Gitlab and Medium took down his original post. The CSV of the data is still available here and here and WikiLeaks has posted a mirror.

“I find it helpful to remember that as much as internet companies use data to spy on and exploit their users, we can at times reverse the story, and leverage those very same online platforms as a means to investigate or even undermine entrenched power structures. It’s a strange side effect of our reliance on private companies and semi-public platforms to mediate nearly all aspects of our lives. We don’t necessarily need to wait for the next Snowden-style revelation to scrutinize the powerful — so much is already hiding in plain sight,” said Lavigne.

Doxxing is the process of using publicly available information to target someone online for abuse. Because we can now find out anything on anyone for a few dollars – a search for “background check” brings up dozens of paid services that can get you names and addresses in a second – scraping public data on LinkedIn seems far easier and innocuous. That doesn’t make it legal.

“Recent efforts to outlaw doxxing at the national level (like the Online Safety Modernization Act of 2017) have stalled in committee, so it’s not strictly illegal,” said James Slaby, Security Expert at Acronis. “But LinkedIn and other social networks usually consider it a violation of their terms of service to scrape their data for personal use. The question of fairness is trickier: doxxing is often justified as a rare tool that the powerless can use against the powerful to call attention to perceived injustices.”

“The problem is that doxxing is a crude tool. The torrent of online ridicule, abuse and threats that can be heaped on doxxed targets by their political or ideological opponents can also rain down on unintended and undeserving targets: family members, friends, people with similar names or appearances,” he said.

The tool itself isn’t to blame. No one would fault a job seeker or salesperson who scraped LinkedIn for targeted employees of a specific company. That said, scraping and publicly shaming employees walks a thin line.

“In my opinion, the professor who developed this scraper tool isn’t breaking the law, as it’s perfectly legal to search the web for publicly available information,” said David Kennedy, CEO of TrustedSec. “This is known in the security space as ‘open source intelligence’ collection, and scrapers are just one way to do it. That said, it is concerning to see ICE agents doxxed in this way. I understand emotions are running high on both sides of this debate, but we don’t want to increase the physical security risks to our law enforcement officers.”

“The decision by Twitter, Github and Medium to block the dissemination of this information and tracking tool makes sense – in fact, law enforcement agents’ personal information is often protected. This isn’t going to go away anytime soon, it’s only going to become more aggressive, particularly as more people grow comfortable with using the darknet and the many available hacking tools for sale in these underground forums. Law enforcement agents need to take note of this, and be much more careful about what (and how often) they post online.”

Ultimately, doxxing is problematic. Because we place our information on public forums there should be nothing to stop anyone from finding and posting it. However, the expectation that people will use our information for good and not evil is swiftly eroding. Today, wrote one security researcher, David Kavanaugh, doxxing is becoming dangerous.

“Going after the people on the ground is like shooting the messenger. Decisions are made by leadership and those are the people we should be going after. Doxxing is akin to a personal attack. Change policy, don’t ruin more lives,” he said.

Mar
12
2018
--

Twilio launches Flex, a fully programmable contact center

Earlier this year we reported that Twilio was going to launch a full contact center solution called Flex on March 12 — lo and behold, today is March 12 and Twilio today announced the launch of Flex at the Enterprise Connect conference in Orlando. Flex brings together virtually every part of the existing Twilio infrastructure and platform for developers that already power nearly 40 billion interactions a year and bundles it with a rather slick user interface for companies that want to set up an out-of-the-box contact center or update their existing deployments.

Twilio’s expertise has long been in providing backend communications services and its design expertise is mostly in building APIs, not user interfaces. With this move, though, the company is giving enterprises (and this product is meant for the kind of companies that have hundreds or thousands of people in a contact center) a full stack contact center with a full graphical user interface.

As the company’s head of its contact center business Al Cook told me, though, the main design philosophy behind Flex is to give users maximum flexibility. He argues that business today have to choose between going with products that they can’t customize themselves, so that they have to rely on expensive outside vendors that will do the customization for them (which also tends to take a lot of time), or a SaaS contact center that can be quickly deployed but is hard to scale and lacks customization options. “Think of Flex as an application platform,” Cook told me. It takes its cues from Twilio’s experience in working with developers and gives enterprises an easy API interface for customizing the service to their liking, but also provides all of the necessary tools out of the box.

“The reason why APIs were very transformative to the industry is because you are unconstrained in what you can do,” Cook explained. “Once you put a user interface on that, you constrain users.” So for Flex, the team had to ask itself some new questions. “How do you build user interfaces in a fundamentally different way that gives people the best features they want without constraining them?”

Out of the box, Flex supports all of the standard messaging channels that contact centers are now expected to support. These include Voice, video, text, picture messaging, Facebook Messenger, Twitter, LINE and WeChat. The service also supports screen sharing and co-browsing. Twilio is also integrating its own intelligent TaskRouter service into Flex to automatically route questions to the right agent. A single Flex deployment can support up to 50,000 agents.

Cook argues that getting started with Flex is a one-click affair, though once it’s up and running, most users will surely need to customize the service a bit for their own needs and embed chat widgets and other functions on their websites and into their apps (think click-to-call, for example). Some of the more in-depth customization can be done in Twilio Studio, the company’s drag and drop application builder, too.

Most large enterprises already have contact centers, though, so it’s maybe no surprise that some of the thinking behind making Flex as… well… flexible as possible is about giving those users the ability to mix and match features from Flex with their existing tools to allow for a slow and steady migration.

As we reported last month, Flex will also integrate with all the standard CRM tools like Salesforce and Zendesk, as well as workforce management and optimization tools that are currently in use in most contact centers.

Before launching the product today, Twilio already worked with ING, Zillow, National Debt Relief and RealPage to test Flex. In addition, it lined up a number of tech and consulting partners to support new users.

Sep
08
2016
--

Blackstorm raises $33.5M to help developers get their apps everywhere beyond the App Store

img_3742 Managing the App Store can be one of the most difficult experiences for new developers. Getting noticed is hard, the experience isn’t that great, and now Apple is allowing search ads. And to make things more interesting, there’s a lot of interest in different platforms beyond traditional apps — including messaging bots. Eventually, there will have to be a way to… Read More

Apr
12
2016
--

Salesforce and Zendesk want to help brands manage Facebook Messenger traffic

Blurred image of customer service people working at computers. No sooner had Facebook announced it was opening up Messenger for developers to build bots, when two players with an eye on sales and service in the enterprise — Salesforce and Zendesk — announced new products to manage Messenger traffic on their respective platforms.
Salesforce announced Salesforce Messenger, a way for customers to communicate directly with brands through the… Read More

Jul
22
2015
--

It’s Your Fault Email Is Broken

email As an email startup CEO, I hear it every week. “I hate email. Email sucks. Why can’t anyone fix it? And why would you want to spend your life working on something everyone hates?” Email is an obvious target for blame, since we collectively send 183 billion of them every single day. But blaming email is like shooting the messenger (or shooting the envelope, rather). Read More

Powered by WordPress | Theme: Aeros 2.0 by TheBuckmaker.com