Failed attempt to get the Undersecretary of Defense for Intelligence (today the Director of National Intelligence) to be serious about producing decision-support instead of simply spending money wantonly.
OSINT RF Reverse Engineering by Marc NewlinEC-Council
IoT devices frequently include obscure RF transceivers with little or no documentation, which can hinder the reverse engineering research process. Fortunately, regulatory bodies like the United States’ FCC contain a wealth of useful information.
In order to certify wireless devices for sale in different markets, manufacturers must submit their products to test labs which evaluate the behavior of their RF emissions. The test reports often contain detailed physical layer operating characteristics, including RF channels, modulation, and frequency hopping behavior.
By translating regulatory test reports into GNU Radio flow graphs, a researcher is able to focus their efforts on understanding packet formats and protocol behavior instead of grinding away at the physical layer. In this talk, I will discuss the techniques I used while researching the MouseJack vulnerabilities, which allowed me to expedite the process of evaluating a large number of vulnerable devices.
Talk Outline
Overview of various regulatory bodies (FCC, KCC/MSIP, IC, etc), and the data they make publicly available
Discussion of the official and third party tools to query regulatory bodies for specific device information
Using internal device photos from regulatory bodies to identify transceiver part numbers
Using test reports to identify physical layer operating characteristics
Building a GNU Radio flow graph based on information gathered from regulatory test reports or transceiver spec sheets
Sniffing device traffic, inferring operating behavior, and building out a model of the device communication protocol
acquisition, ash carter, Technology, Innovation and Modern War, department of defense, dod, hacking for defense, intlpol 340, joe felter, kill chain, max boot, military innovation, ms&e296, raj shah, requirements, stanford, Steve blank, China
Nine books later most still do not get it -- secret intelligence is largely waste -- unprocessed technical collection that feeds Congressional pork, nothing more.
How to build a cyber threat intelligence programMark Arena
Delivered at ACSC in Canberra on 10 April 2018.
Associated intelligence requirements spreadsheet is available for download at https://www.dropbox.com/s/rtisz5zdy5sl1w1/ACSC-Reqs.xlsx?dl=0
OSINT RF Reverse Engineering by Marc NewlinEC-Council
IoT devices frequently include obscure RF transceivers with little or no documentation, which can hinder the reverse engineering research process. Fortunately, regulatory bodies like the United States’ FCC contain a wealth of useful information.
In order to certify wireless devices for sale in different markets, manufacturers must submit their products to test labs which evaluate the behavior of their RF emissions. The test reports often contain detailed physical layer operating characteristics, including RF channels, modulation, and frequency hopping behavior.
By translating regulatory test reports into GNU Radio flow graphs, a researcher is able to focus their efforts on understanding packet formats and protocol behavior instead of grinding away at the physical layer. In this talk, I will discuss the techniques I used while researching the MouseJack vulnerabilities, which allowed me to expedite the process of evaluating a large number of vulnerable devices.
Talk Outline
Overview of various regulatory bodies (FCC, KCC/MSIP, IC, etc), and the data they make publicly available
Discussion of the official and third party tools to query regulatory bodies for specific device information
Using internal device photos from regulatory bodies to identify transceiver part numbers
Using test reports to identify physical layer operating characteristics
Building a GNU Radio flow graph based on information gathered from regulatory test reports or transceiver spec sheets
Sniffing device traffic, inferring operating behavior, and building out a model of the device communication protocol
acquisition, ash carter, Technology, Innovation and Modern War, department of defense, dod, hacking for defense, intlpol 340, joe felter, kill chain, max boot, military innovation, ms&e296, raj shah, requirements, stanford, Steve blank, China
Nine books later most still do not get it -- secret intelligence is largely waste -- unprocessed technical collection that feeds Congressional pork, nothing more.
How to build a cyber threat intelligence programMark Arena
Delivered at ACSC in Canberra on 10 April 2018.
Associated intelligence requirements spreadsheet is available for download at https://www.dropbox.com/s/rtisz5zdy5sl1w1/ACSC-Reqs.xlsx?dl=0
Originally published in 2005. Abstract: Over the years many commodity trading advisors, proprietary traders, and global macro hedge funds have successfully applied various trend following methods to profitably trade in global futures markets. Very little research, however, has been published regarding trend following strategies applied to stocks. Is it reasonable to assume that trend following works on futures but not stocks? We decided to put a long only trend following strategy to the test by running it against a comprehensive database of U.S. stocks that have been adjusted for corporate actions. Delisted companies were included to account for survivorship bias. Realistic transaction cost estimates (slippage & commission) were applied. Liquidity filters were used to limit hypothetical trading to only stocks that would have been liquid enough to trade, at the time of the trade. Coverage included 24,000+ securities spanning 22 years. The empirical results strongly suggest that trend following on stocks does offer a positive mathematical expectancy, an essential building block of an effective investing or trading system.
Introduction to National Critical Infrastructure Cyber Security: Background a...Jack Whitsitt
Given at SOURCE Boston 2013, this presentation is one of the only places you will find the conceptual and policy underpinnings of U.S. national cyber security and critical infrastructure protection efforts and information about the recent White House Cyber Executive Order
Concept for healing the Americas by creating an Open Source Agency and a Multinational Decision Support Centre to get international relations and commerce back on a sound footing, which is say, evidence based rather than driven by corruption and ideology.
Hedge Fund Indexes and Strategy Classification Drago Indjic
Invited presentation at AIMA Research Day 2003 conference: a study of hedge fund index biases, data quality and cleaning methods. Review of five proposals for hedge fund strategy classifications by leading experts.
Lecture 8 - Technology, Innovation and Great Power Competition - CyberStanford University
Technology, Innovation and Great Power Competition,TIGPC, Gordian knot Center, DIME-FIL, department of defense, dod, hacking for defense, intlpol 340, joe felter, ms&e296, raj shah, stanford, Steve blank, AI, ML, AI/ML, china, unmanned, autonomy, Michael Sulmeyer, cybercom,USCYBERCOM
Interest rates remain low and equity index valuations are historically high. What approach should a prudent financial steward take to evaluate the financial market risks while seeking a positive return on capital? This session will explore the asset management philosophies and approaches used by several large institutional money managers to assist corporations and individuals address this issue. The discussion will be led by Mr. Birnie, Managing Partner of Piedmont Wealth Advisory and a representative from Blackrock Investments. Mr. Birnie has been a trusted advisor to SC&RA for over 15 years and has developed an expertise in risk-managed investing. Blackrock Investments is the largest money manager in the world, advising the world’s largest institutions, endowments, pensions and governments.
Speaker: Douglas Birnie, Managing Partner, Piedmont Wealth Advisory
Originally published in 2005. Abstract: Over the years many commodity trading advisors, proprietary traders, and global macro hedge funds have successfully applied various trend following methods to profitably trade in global futures markets. Very little research, however, has been published regarding trend following strategies applied to stocks. Is it reasonable to assume that trend following works on futures but not stocks? We decided to put a long only trend following strategy to the test by running it against a comprehensive database of U.S. stocks that have been adjusted for corporate actions. Delisted companies were included to account for survivorship bias. Realistic transaction cost estimates (slippage & commission) were applied. Liquidity filters were used to limit hypothetical trading to only stocks that would have been liquid enough to trade, at the time of the trade. Coverage included 24,000+ securities spanning 22 years. The empirical results strongly suggest that trend following on stocks does offer a positive mathematical expectancy, an essential building block of an effective investing or trading system.
Introduction to National Critical Infrastructure Cyber Security: Background a...Jack Whitsitt
Given at SOURCE Boston 2013, this presentation is one of the only places you will find the conceptual and policy underpinnings of U.S. national cyber security and critical infrastructure protection efforts and information about the recent White House Cyber Executive Order
Concept for healing the Americas by creating an Open Source Agency and a Multinational Decision Support Centre to get international relations and commerce back on a sound footing, which is say, evidence based rather than driven by corruption and ideology.
Hedge Fund Indexes and Strategy Classification Drago Indjic
Invited presentation at AIMA Research Day 2003 conference: a study of hedge fund index biases, data quality and cleaning methods. Review of five proposals for hedge fund strategy classifications by leading experts.
Lecture 8 - Technology, Innovation and Great Power Competition - CyberStanford University
Technology, Innovation and Great Power Competition,TIGPC, Gordian knot Center, DIME-FIL, department of defense, dod, hacking for defense, intlpol 340, joe felter, ms&e296, raj shah, stanford, Steve blank, AI, ML, AI/ML, china, unmanned, autonomy, Michael Sulmeyer, cybercom,USCYBERCOM
Interest rates remain low and equity index valuations are historically high. What approach should a prudent financial steward take to evaluate the financial market risks while seeking a positive return on capital? This session will explore the asset management philosophies and approaches used by several large institutional money managers to assist corporations and individuals address this issue. The discussion will be led by Mr. Birnie, Managing Partner of Piedmont Wealth Advisory and a representative from Blackrock Investments. Mr. Birnie has been a trusted advisor to SC&RA for over 15 years and has developed an expertise in risk-managed investing. Blackrock Investments is the largest money manager in the world, advising the world’s largest institutions, endowments, pensions and governments.
Speaker: Douglas Birnie, Managing Partner, Piedmont Wealth Advisory
My latest thinking on the future of intelligence for traditional intelligence communities (not be be confused with my latest thinking on the open source everything innovation hub). This is the invited keynote, there is also a workshop briefing.
A more polished simple attempt to explain to the University of Maryland at College Park how they could become the hub for a world brain and a school of future-oriented hybrid governance. No joy.
The USA is hosed until such time as We the People eradicate the two-party tyranny, restore integrity to our electoral process, and demand that governance be transparent, truthful, and trustworthy.
Pitch to President of George Washington University on creating a School of Future-Oriented Hybrid Governance and a World Brain Institute. He never bothered to respond.
First presentation of the local to global range of gifts table that disintermediates, eliminates NGO waste and theft, and allows for meeting needs of all people through a data-driven sparse matrix that leveraging multiple individual humans to meet specific needs.
By invitation of Stephen E. Arnold one of my IT heroes, put forward a few thoughts on real time information. Without Open Source Everything, the information sharing and sense-making we need to do is simply not possible.
Offered in Beirut by invitation, lots of interest but UN bureaucracy, like the US Government political leadership, is absolutely not interested in the truth at any cost even if it lowers all other costs.
One one "cult" brief that is said to be popular with Anonymous and Lutzsec -- I would be glad if that were true. Open Source Everything is now a meme and a mind-set (see my 2012 book), this was the beginning of my final 20 year push.
Adjusting OpenMP PageRank : SHORT REPORT / NOTESSubhajit Sahu
For massive graphs that fit in RAM, but not in GPU memory, it is possible to take
advantage of a shared memory system with multiple CPUs, each with multiple cores, to
accelerate pagerank computation. If the NUMA architecture of the system is properly taken
into account with good vertex partitioning, the speedup can be significant. To take steps in
this direction, experiments are conducted to implement pagerank in OpenMP using two
different approaches, uniform and hybrid. The uniform approach runs all primitives required
for pagerank in OpenMP mode (with multiple threads). On the other hand, the hybrid
approach runs certain primitives in sequential mode (i.e., sumAt, multiply).
Global Situational Awareness of A.I. and where its headedvikram sood
You can see the future first in San Francisco.
Over the past year, the talk of the town has shifted from $10 billion compute clusters to $100 billion clusters to trillion-dollar clusters. Every six months another zero is added to the boardroom plans. Behind the scenes, there’s a fierce scramble to secure every power contract still available for the rest of the decade, every voltage transformer that can possibly be procured. American big business is gearing up to pour trillions of dollars into a long-unseen mobilization of American industrial might. By the end of the decade, American electricity production will have grown tens of percent; from the shale fields of Pennsylvania to the solar farms of Nevada, hundreds of millions of GPUs will hum.
The AGI race has begun. We are building machines that can think and reason. By 2025/26, these machines will outpace college graduates. By the end of the decade, they will be smarter than you or I; we will have superintelligence, in the true sense of the word. Along the way, national security forces not seen in half a century will be un-leashed, and before long, The Project will be on. If we’re lucky, we’ll be in an all-out race with the CCP; if we’re unlucky, an all-out war.
Everyone is now talking about AI, but few have the faintest glimmer of what is about to hit them. Nvidia analysts still think 2024 might be close to the peak. Mainstream pundits are stuck on the wilful blindness of “it’s just predicting the next word”. They see only hype and business-as-usual; at most they entertain another internet-scale technological change.
Before long, the world will wake up. But right now, there are perhaps a few hundred people, most of them in San Francisco and the AI labs, that have situational awareness. Through whatever peculiar forces of fate, I have found myself amongst them. A few years ago, these people were derided as crazy—but they trusted the trendlines, which allowed them to correctly predict the AI advances of the past few years. Whether these people are also right about the next few years remains to be seen. But these are very smart people—the smartest people I have ever met—and they are the ones building this technology. Perhaps they will be an odd footnote in history, or perhaps they will go down in history like Szilard and Oppenheimer and Teller. If they are seeing the future even close to correctly, we are in for a wild ride.
Let me tell you what we see.
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfGetInData
Recently we have observed the rise of open-source Large Language Models (LLMs) that are community-driven or developed by the AI market leaders, such as Meta (Llama3), Databricks (DBRX) and Snowflake (Arctic). On the other hand, there is a growth in interest in specialized, carefully fine-tuned yet relatively small models that can efficiently assist programmers in day-to-day tasks. Finally, Retrieval-Augmented Generation (RAG) architectures have gained a lot of traction as the preferred approach for LLMs context and prompt augmentation for building conversational SQL data copilots, code copilots and chatbots.
In this presentation, we will show how we built upon these three concepts a robust Data Copilot that can help to democratize access to company data assets and boost performance of everyone working with data platforms.
Why do we need yet another (open-source ) Copilot?
How can we build one?
Architecture and evaluation
Unleashing the Power of Data_ Choosing a Trusted Analytics Platform.pdfEnterprise Wired
In this guide, we'll explore the key considerations and features to look for when choosing a Trusted analytics platform that meets your organization's needs and delivers actionable intelligence you can trust.
Chatty Kathy - UNC Bootcamp Final Project Presentation - Final Version - 5.23...John Andrews
SlideShare Description for "Chatty Kathy - UNC Bootcamp Final Project Presentation"
Title: Chatty Kathy: Enhancing Physical Activity Among Older Adults
Description:
Discover how Chatty Kathy, an innovative project developed at the UNC Bootcamp, aims to tackle the challenge of low physical activity among older adults. Our AI-driven solution uses peer interaction to boost and sustain exercise levels, significantly improving health outcomes. This presentation covers our problem statement, the rationale behind Chatty Kathy, synthetic data and persona creation, model performance metrics, a visual demonstration of the project, and potential future developments. Join us for an insightful Q&A session to explore the potential of this groundbreaking project.
Project Team: Jay Requarth, Jana Avery, John Andrews, Dr. Dick Davis II, Nee Buntoum, Nam Yeongjin & Mat Nicholas
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Data and AI
Discussion on Vector Databases, Unstructured Data and AI
https://www.meetup.com/unstructured-data-meetup-new-york/
This meetup is for people working in unstructured data. Speakers will come present about related topics such as vector databases, LLMs, and managing data at scale. The intended audience of this group includes roles like machine learning engineers, data scientists, data engineers, software engineers, and PMs.This meetup was formerly Milvus Meetup, and is sponsored by Zilliz maintainers of Milvus.
1. Open Source Intelligence
(OSINT):
Defense Overview
26 August 2009 Version 3.1
LEADERSHIP BRIEF (6 Slides)
As Created by Robert Steele
2. Quadrennial Defense Review (QDR)
OSINT could provide urgency, balance, & coherence
QDR Focus is On:
• Balanced Strategy
• Current Ops AND Long View
• Strategic Communication
• Irregular Warfare
• Stabilization & Reconstruction
• Persistent Surveillance
• Whole of Government
Operations
• Multinational Operations
OSINT Can Provide:
Overview of all threats
Global Coverage, History
Deep multi-lingual insight
Non-state order of battle
Holistic appraisals
Commercial options
Unclassified actionable
decision-support
Unclassified actionable
decision-support
3. Contradictions versus Coherence
CONTRADICTIONS
• Established as a source but
• Critical to success of the
traditional disciplines but
• Vital to all-source
requirements, collection
management, and analysis but
• Vital to Coalition and
Stabilization Operations but
COHERENCE
not managed as a
source
funded and managed
on margin
lacking centralized
defense program
not available as a
“deliverable”
4. Can’t Manage If Can’t Measure
SWAG: OSINT is $1B/Yr to $3B/yr
Recommendation: USD(I)-Directed September Study
(Prior to Instruction Issuance to Permit Refinement)
Map the Dollars
• OMB Code M320 for the
High-Level View
• DSB “30 Day” Study for the
Leadership View
• CSIS Round-Table for the
Strategic View
• MITRE Appraisal for the
COCOM/ICT View
• DoD Internal Review of All
Contracts Procuring OSINT
in Any Form
Establish Metrics
• Strategic Short-falls in History &
Context
• Operational Short-falls in Global
Current Awareness, Personalities
& Attitudes
• Tactical Short-falls in Language,
Cultural Understanding, Combat
Charts, and Current Imagery
• Technical Short-falls in Critical
Technologies, Strategic
Generalizations (e.g. standard
aviation day being hot & humid)
5. Can’t Leverage If Can’t Link
External Coalition OSINT Across 90 Countries?
Recommendation: USD(I) or SecDef Letter to all Military
Attaches Requesting National Military OSINT POC.
• DIA, NATO, SOF, and UN all heavy into OSINT
• We don’t have POCs for NATO/PfP OSINT countries
• Need POCs for Africa, Caribbean, Americas, Asia
• CIA only deals with ten other countries, the
traditional allies, Nordics, Netherlands
• Defense Intelligence could become the leader of a
global military OSINT “grid” if we can identify and
embrace the military POCs for OSINT across all
possible countries.
6. Speculative Forecast
Marshall Information, Then Decide
What We Will Find:
• Very wasteful OSINT
redundancy across services,
commands, and by
contractors at taxpayer
expense
• 80% or more of the OSINT
created at taxpayer expense
“spilled” or lost and not
available for repurposing
• Ignorance about state of the
art in commercial intelligence
• $1-3B “out of control”
What We Will NOT Find:
• Institutionalized easy
access to foreign
military partners with
OSINT to share
• Centralized discovery
and decentralized
storage transparent to
all defense elements
• One-time purchase
• Coherence of purpose
7. Speculative Forecast
Marshall Information, Then Decide
What We Will Find:
• Very wasteful OSINT
redundancy across services,
commands, and by
contractors at taxpayer
expense
• 80% or more of the OSINT
created at taxpayer expense
“spilled” or lost and not
available for repurposing
• Ignorance about state of the
art in commercial intelligence
• $1-3B “out of control”
What We Will NOT Find:
• Institutionalized easy
access to foreign
military partners with
OSINT to share
• Centralized discovery
and decentralized
storage transparent to
all defense elements
• One-time purchase
• Coherence of purpose
Editor's Notes
This is a draft briefing for DoD LEADERSHIP
This briefing contains speculative views on future directions in OSINT funding and contracting.
USD(I) and DIASPO are granted an unrestricted unlimited copyright for official government use only.
Military attaches of any nationality are granted an unrestricted unlimited copyright for official government use only, inclusive of information sharing discussions with the other seven host country “tribes” of intelligence.
The Quadrennial Defense Review affords us an opportunity to revisit strategy and priorities for Defense over-all, and also within Defense Intelligence.
At a very general level, but with particular reference to the new emerging priorities that represent a need for universal coverage at a neighborhood level of granularity, OSINT is not only the best solution for much of this, it is the only affordable, achievable solution.
PAUSE
Up to this point, Open Source Intelligence or OSINT has been full of contradictions and lacking in coherence.
Congressman Simmons drove the Army to define OSINT as a discipline, but it is not managed as such. Senator Simmons, if he wins in 2010 as is now projected, could have more to say on this.
A coherently managed OSINT Program would appear to offer substantive benefits for defense.
We cannot manage what we cannot measure.
Our best guess estimate of what DoD is spending on open sources and methods today is no less than $1 billion a year, to as much as $3 billion a year, if one includes all contractor procurements across all mission areas.
We recommend that USD(I) direct a series of very fast—30 day—reviews as depicted here.
PAUSE
At the same time, we have never sought to engage our defense coalition partners, and new potential military partners who might be willing to discuss sharing unclassified information.
We recommend that USD(I) staff a letter via normal channels to the accredited military attaches, seeking a military POC at the home country HQS level that we can begin to include in a global working group.
Here is a speculative forecast of key findings from the fast studies if ordered by the leadership.
Our recommended letter to all the military attaches is intended to allow a multinational working group to be formed in October as a means of ensuring that all that we do takes into account all that we can beg, borrow, or buy from foreign military partners.