The Wiz: Google Gears Up for Enterprise Security

July 15, 2024

dinosaur30a_thumb_thumb_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

Anyone remember this verse from “Ease on Down the Road,” from The Wiz, the hit musical from the 1970s? Here’s the passage:

‘Cause there may be times
When you think you lost your mind
And the steps you’re takin’
Leave you three, four steps behind
But the road you’re walking
Might be long sometimes
You just keep on trukin’
And you’ll just be fine, yeah

Why am I playing catchy tunes in my head on Monday, July 15, 2024? I just read “Google Near $23 Billion Deal for Cybersecurity Startup Wiz.” For years, I have been relating Israeli-developed cyber security technology to law enforcement and intelligence professionals. I try in each lecture to profile a firm, typically based in Tel Aviv or environs and staffed with former military professionals. I try to relate the functionality of the system to the particular case or matter I am discussing in my lecture.

image

The happy band is easin’ down the road. The Googlers have something new to sell. Does it work? Sure, get down. Boogie. Thanks, MSFT Copilot. Has your security created an opportunity for Google marketers?

That stopped in October 2023. A former Israeli intelligence officer told me, “The massacre was Israel’s 9/11. There was an intelligence failure.” I backed away form the Israeli security, cyber crime, and intelware systems. They did not work. If we flash forward to July 15, 2024, the marketing is back. The well-known NSO Group is hawking its technology at high-profile LE and intel conferences. Enhancements to existing systems arrive in the form of email newsletters at the pace of the pre-October 2023 missives.

However, I am maintaining a neutral and skeptical stance. There is the October 2023 event, the subsequent war, and the increasing agitation about tactics, weapons systems in use, and efficacy of digital safeguards.

Google does not share my concerns. That’s why the company is Google, and I am a dinobaby tracking cyber security from my small office in rural Kentucky. Google makes news. I make nothing as a marginalized dinobaby.

The Wiz tells the story of a young girl who wants to get her dog back after a storm carries the creature away. The young girl offs the evil witch and seeks the help of a comedian from Peoria, Illinois, to get back to her real life. The Wiz has a happy ending, and the quoted verse makes the point that the young girl, like the Google, has to keep taking steps even though the Information Highway may be long.

That’s what Google is doing. The company is buying security (which I want to point out is cut from the same cloth as the systems which failed to notice the October 2023 run up). Google has Mandiant. Google offers a free Dark Web scanning service. Now Google has Wiz.

What’s Wiz do? Like other Israeli security companies, it does the sort of thing intended to prevent events like October 2023’s attack. And like other aggressively marketed Israeli cyber technology companies’ capabilities, one has to ask, “Will Wiz work in an emerging and fluid threat environment?” This is an important question because of the failure of the in situ Israeli cyber security systems, disabled watch stations, and general blindness to social media signals about the October 2023 incident.

If one zips through the Wiz’s Web site, one can craft a description of what the firm purports to do; for example:

Wiz is a cloud security firm embodying capabilities associated with the Israeli military technology. The idea is to create a one-stop shop to secure cloud assets. The idea is to identify and mitigate risks. The system incorporates automated functions and graphic outputs. The company asserts that it can secure models used for smart software and enforce security policies automatically.

Does it work? I will leave that up to you and the bad actors who find novel methods to work around big, modern, automated security systems. Did you know that human error and old-fashioned methods like emails with links that deliver stealers work?

Can Google make the Mandiant Wiz combination work magic? Is Googzilla a modern day Wiz able to transport the little girl back to real life?

Google has paid a rumored $20 billion plus to deliver this reality.

I maintain my neutral and skeptical stance. I keep thinking about October 2023, the aftermath of a massive security failure, and the over-the-top presentations by Israeli cyber security vendors. If the stuff worked, why did October 2023 happen? Like most modern cyber security solutions, marketing to the people who desperately want a silver bullet or digital stake to pound through the heart of cyber risk produces sales.

I am not sure that sales, marketing, and assertions about automation work in what is an inherently insecure, fast-changing, and globally vulnerable environment.

But Google will keep on trukin’’ because Microsoft has created a heck of a marketing opportunity for the Google.

Stephen E Arnold, July 15, 2024

AI Weapons: Someone Just Did Actual Research!

July 12, 2024

dinosaur30a_thumb_thumbThis essay is the work of a dinobaby. Unlike some folks, no smart software improved my native ineptness.

I read a write up that had more in common with a write up about the wonders of a steam engine than a technological report of note. The title of the “real” news report is “AI and Ukraine Drone Warfare Are Bringing Us One Step Closer to Killer Robots.”

I poked through my files and found a couple of images posted as either advertisements for specialized manufacturing firms or by marketers hunting for clicks among the warfighting crowd. Here’s one:

image 

The illustration represents a warfighting drone. I was able to snap this image in a lecture I attended in 2021. At that time, an individual could purchase online the device in quantity for about US$9,000.

Here’s another view:

image

This militarized drone has 10 inch (254 millimeter) propellers / blades.

The boxy looking thing below the rotors houses electronics, batteries, and a payload of something like a Octanitrocubane- or HMX-type of kinetic charge.

Imagine four years ago, a person or organization could buy a couple of these devices and use them in a way warmly supported by bad actors. Why fool around with an unreliable individual pumped on drugs to carry a mobile phone that would receive the “show time” command? Just sit back. Guide the drone. And — well — evidence that kinetics work.

The write up is, therefore, years behind what’s been happening in some countries for years. Yep, years.

Consider this passage:

As the involvement of AI in military applications grows, alarm over the eventual emergence of fully autonomous weapons grows with it.

I want to point out that Palmer Lucky’s Andruil outfit has been fooling around in the autonomous system space since 2017. One buzz phrase an Andruil person used in a talk was, “Lattice for Mission Autonomy.” Was Mr. Lucky to focus on this area? Based on what I picked up at a couple of conferences in Europe in 2015, the answer is, “Nope.”

The write up does have a useful factoid in the “real” news report?

It is not technology. It is not range. It is not speed, stealth, or sleekness.

It is cheap. Yes, low cost. Why spend thousands when one can assemble a drone with hobby parts, a repurposed radio control unit from the local model airplane club, and a workable but old mobile phone?

Sign up for Telegram. Get some coordinates and let that cheap drone fly. If an operating unit has a technical whiz on the team, just let the gizmo go and look for rectangular shapes with a backpack near them. (That’s a soldier answering nature’s call.) Autonomy may not be perfect, but close enough can work.

The write up says:

Attack drones used by Ukraine and Russia have typically been remotely piloted by humans thus far – often wearing VR headsets – but numerous Ukrainian companies have developed systems that can fly drones, identify targets, and track them using only AI. The detection systems employ the same fundamentals as the facial recognition systems often controversially associated with law enforcement. Some are trained with deep learning or live combat footage.

Does anyone believe that other nation-states have figured out how to use off-the-shelf components to change how warfighting takes place? Ukraine started the drone innovation thing late. Some other countries have been beavering away on autonomous capabilities for many years.

For me, the most important factoid in the write up is:

… Ukrainian AI warfare reveals that the technology can be developed rapidly and relatively cheaply. Some companies are making AI drones using off-the-shelf parts and code, which can be sent to the frontlines for immediate live testing. That speed has attracted overseas companies seeking access to battlefield data.

Yep, cheap and fast.

Innovation in some countries is locked in a time warp due to procurement policies and bureaucracy. The US F 35 was conceived decades ago. Not surprisingly, today’s deployed aircraft lack the computing sophistication of the semiconductors in a mobile phone I can acquire today a local mobile phone repair shop, often operating from a trailer on Dixie Highway. A chip from the 2001 time period is not going to do the TikTok-type or smart software-type of function like an iPhone.

So cheap and speedy iteration are the big reveals in the write up. Are those the hallmarks of US defense procurement?

Stephen E Arnold, July 12, 2024

Palantir: The UK Wants a Silver Bullet

March 11, 2024

green-dino_thumb_thumb_thumbThis essay is the work of a dumb dinobaby. No smart software required.

The UK is an interesting nation state. On one hand, one has upmarket, high-class activities taking place not too far from the squatters in Bristol. Fancy lingo, nifty arguments (Here, here!) match up nicely with some wonky computer decisions. The British government seems to have a keen interest in finding silver bullets; that is, solutions which will make problems go away. How did that work for the postal service?

I read “Health Data – It Isn’t Just Palantir or Bust,” written by lawyer, pundit, novelist, and wizard Cory Doctorow. The essay focuses on a tender offer captured by Palantir Technologies. The idea is that the British National Health Service has lots of data. The NHS has done some wild and crazy things to make those exposed to the NHS safer. Sorry, I can’t explain one taxonomy-centric project which went exactly nowhere despite the press releases generated by the vendors, speeches, presentations, and assurances that, by gad, these health data will be managed. Yeah, and Bristol’s nasty areas will be fixed up soon.

image

The British government professional is struggling with software that was described as a single solution. Thanks, MSFT Copilot. How is your security perimeter working today? Oh, that’s too bad. Good enough.

What is interesting about the write up is not the somewhat repetitive retelling of the NHS’ computer challenges. I want to highlight the comments from the lawyer – novelist about the American intelware outfit Palantir Technologies. What do we learn about Palantir?

Here the first quote from the essay:

But handing it all over to companies like Palantir isn’t the only option

The idea that a person munching on fish and chips in Swindon will know about Palantir is effectively zero. But it is clear that “like Palantir” suggests something interesting, maybe fascinating.

Here’s another reference to Palantir:

Even more bizarre are the plans to flog NHS data to foreign military surveillance giants like Palantir, with the promise that anonymization will somehow keep Britons safe from a company that is literally named after an evil, all-seeing magic talisman employed by the principal villain of Lord of the Rings (“Sauron, are we the baddies?”).

The word choice is painting a picture of an American intelware company which does focus on conveying a negative message; for instance, the words safe, evil, all seeing, villain, baddies, etc. What’s going on?

The British Medical Association and the conference of England LMC Representatives have endorsed OpenSAFELY and condemned Palantir. The idea that we must either let Palantir make off with every Briton’s most intimate health secrets or doom millions to suffer and die of preventable illness is a provably false choice.

It seems that the American company is known to the BMA and an NGO have figured out Palantir is a bit of a sticky wicket.

Several observations:

  1. My view is that Palantir promised a silver bullet to solve some of the NHS data challenges. The British government accepted the argument, so full steam ahead. Thus, the problem, I would suggest, is the procurement process
  2. The agenda in the write up is to associate Palantir with some relatively negative concepts. Is this fair? Probably not but it is typical of certain “real” analysts and journalists to mix up complex issues in order to create doubt about vendors of specialized software. These outfits are not perfect, but their products are a response to quite difficult problems.
  3. I think the write up is a mash up of anger about tender offers, the ineptitude of British government computer skills, the use of cross correlation as a symbol of Satan, and a social outrage about the Britain which is versus what some wish it were.

Net net: Will Palantir change because of this negative characterization of its products and services? Nope. Will the NHS change? Are you kidding me, of course not. Will the British government’s quest for silver bullet solutions stop? Let’s tackle this last question this way: “Why not write it in a snail mail letter and drop it in the post?”

Intelware is just so versatile at least in the marketing collateral.

Stephen E Arnold, March 11, 2024

Musky Metaphor: The Sink or Free for All Hellscape?

October 28, 2022

I read “Elon Musk Visits Twitter Carrying Sink As Deal Looms.” The write up (after presenting me with options to sign in, click a free account, or just escape the pop up) reported:

In business parlance, “kitchen sinking” means taking radical action at a company, though it is not clear if this was Mr Musk’s message – he also updated his Twitter bio to read “chief twit”. Mr Musk has said the social media site needs significant changes. At least one report has suggested he is planning major job cuts.

There was a photo, presumably copyright crowned, showing the orbital Elon Musk carrying a kitchen sink. A quick check of kitchen appliance vendors provided some examples of a kitchen sink:

I compared this sink with the one in the Beeb’s illustration and learned:

  1. Mr. Musk chose a white sink
  2. The drain was visible
  3. Mr. Musk’s “load” was a bit larger than a Starlink antenna

image

Now what’s the metaphor? Wikipedia is incredibly helpful when trying to figure out certain allusions of very bright inventors of incredible assertions about self driving software.

Wikipedia suggests:

  • Freaks of Nature (film), a 2015 comedy horror film, also known as Kitchen Sink
  • Kitchen Sink, a 1989 horror short directed by Alison Maclean
  • Kitchen Sink (TV series), cookery series on Food Network
  • “Kitchen Sink”, a song by Twenty One Pilots from their album Regional at Best
  • Kitchen Sink (album), an album by Nadine Shah, 2020
  • Kitchen Sink Press, an independent comic book publisher
  • Kitchen sink realism, a British cultural movement in the late 1950s and early 1960s
  • Kitchen sink syndrome, also known as “scope creep” in project management
  • Kitchen sink regression, a usually pejorative term for a regression analysis which uses a long list of possible independent variables
  • A sink in a kitchen for washing dishes, vegetables, etc.

I think these are incorrect.

My mind associates the kitchen sink with:

  • Going down the drain; that is, get rid of dirty water, food scraps, and soluble substances (mostly soluble if I remember what I learned from engineers at the CW Rice Engineering Company)
  • An opening into which objects can fall; for example, a ring, grandma’s silver baby spoon, or the lid to a bottle of Shaoxing wine. The allusion becomes “going down the drain” equates to a fail whale
  • A collection point for discarded vegetable matter, bits of meat with bone, fish heads, or similar detritus. Yep, fish heads.

What’s your interpretation of the Musky kitchen sink? Scope creep from Wikipedia or mine, going down the drain? Nah, hellscape.

Be sure to tweet your answer?

Stephen E Arnold, October 28, 2022

Facebook and Synthetic Data

October 13, 2021

What’s Facebook thinking about its data future?

A partial answer may be that the company is doing some contingency planning. When regulators figure out how to trim Facebook’s data hoovering, the company may have less primary data to mine, refine, and leverage.

The solution?

Synthetic data. The jargon means annotated data that computer simulations output. Run the model. Fiddle with the thresholds. Get good enough data.

How does one get a signal about Facebook’s interest in synthetic data?

Facebook, according to Venture Beat, the responsible social media company acquired AI.Reverie.

Was this a straight forward deal? Sure, just via a Facebook entity called Dolores Acquisition Sub, Inc. If this sounds familiar, the social media leader may have taken its name from a motion picture called “Westworld.”

The write up states:

AI.Reverie — which competed with startups like Tonic, Delphix, Mostly AI, Hazy, Gretel.ai, and Cvedia, among others — has a long history of military and defense contracts. In 2019, the company announced a strategic alliance with Booz Allen Hamilton with the introduction of Modzy at Nvidia’s GTC DC conference. Through Modzy — a platform for managing and deploying AI models — AI.Reverie launched a weapons detection model that ostensibly could spot ammunition, explosives, artillery, firearms, missiles, and blades from “multiple perspectives.”

Booz, Allen may be kicking its weaker partners. Perhaps the wizards at the consulting firm should have purchased AI.Reverie. But Facebook aced out the century old other people’s business outfit. (Note: I used to labor in the BAH vineyards, and I feel sorry for the individuals who were not enthusiastic about acquiring AI.Reverie. Where did that bonus go?)

Several observations are warranted:

  1. Synthetic data is the ideal dating partner for Snorkel-type machine learning systems
  2. Some researchers believe that real data is better than synthetic data, but that is a fight like spats between those who love Windows and those who love Mac OSX
  3. The uptake of “good” enough data for smart statistical systems which aim for 60 percent or better “accuracy” appears to be a mini trend.

Worth watching?

Stephen E Arnold, October 13, 2021

Deloitte Acquires Terbium Labs: Does This Mean Digital Shadows Won the Dark Web Indexing Skirmish?

July 7, 2021

Deloitte has been on a cybersecurity shopping spree this year. The giant auditing and consulting firm bought Root9B in January and CloudQuest at the beginning of June. Now, ZDNet reports, “Deloitte Scoops Up Digital Risk Protection Company Terbium Labs.” We like Terbium. Perhaps the acquisition will help Deloitte move past the unfortunate Autonomy affair. Writer Natalie Gagliordi tells us:

“The tax and auditing giant said Terbium Labs’ services — which include a digital risk protection platform that aims to helps organizations detect and remediate data exposure, theft, or misuse — will join Deloitte’s cyber practice and bolster its Detect & Respond offering suite. Terbium Labs’ digital risk platform leverages AI, machine learning, and patented data fingerprinting technologies to identify illicit use of sensitive data online. Deloitte said that adding the Terbium Labs business to its portfolio would enable the company to offer clients another way to continuously monitor for data exposed on the open, deep, or dark web. ‘Finding sensitive or proprietary data once it leaves an organization’s perimeter can be extremely challenging,’ said Kieran Norton, Deloitte Risk & Financial Advisory’s infrastructure solution leader, and principal. ‘Advanced cyber threat intelligence, paired with remediation of data risk exposure requires a balance of advanced technology, keen understanding of regulatory compliance and fine-tuning with an organization’s business needs and risk profile.’”

Among the Deloitte clients that may now benefit from Terbium tech are several governments and Fortune 500 companies. It is not revealed how much Deloitte paid for the privilege.

Terbium Labs lost the marketing fight with an outfit called Digital Shadows. That company has not yet been SPACed, acquired, or IPOed. There are quite a few Dark Web indexing outfits, and quite a bit of the Dark Web traffic appears to come from bots indexing the increasingly shrinky-dink obfuscated Web.

Is Digital Shadows’ marketing up to knocking Deloitte out of the game? Worth watching.

Cynthia Murrell, July 6, 2021

Watching the Future of Talend

March 15, 2021

I read “Talend Sells to Private Equity Firm Thoma Bravo in $2.4 Billion Deal.” I find this interesting. Talend is a software company providing extract, transform, and load services and analytics. Data remain the problem for many thumbtypers fresh from Amazon or Google certification classes. The idea is to suck in legally data from different sources. These data are often in odd ball formats to malformed because another digital mechanic missed a bolt or added a bit of finery. Some people love MarkLogic innovations in XML; others, not so enamored of the tweaks.

What’s Thoma Bravo bring to the table for a publicly traded company with a number of competitors?

I can think of two benefits:

The first is MBA think. Thoma Bravo is skilled in the methods for making a company more efficient. It is a good idea to internalize the definition of “efficiency” as the word is used at McKinsey & Co.

The second is acquisition think. From my point of view, the idea is to identify interesting companies which provide additional functionality around the core Talend business. Then Thoma Bravo assists the Talend management to bring these companies into the mothership, train sales professionals, and close deals.

No problem exists with this game plan. One can identify some indicators to monitor; for example:

  • Executive turnover
  • Realigning expenditures; possibly taking money from security and allocating the funds to sales and marketing
  • Targeting specific market segments with special bundles of enhanced Talend software and business methods.

For more information about Talend as it exists in March 2021, navigate to this link.

Oh, one final comment. Thoma Bravo was involved in making SolarWinds the business success it became.

Stephen E Arnold, March 15, 2021

Cision: More Data from Online Monitoring

March 1, 2021

Cision calls online monitoring “listening.” That’s friendly. The objective: More particular data to cross correlate with the firm’s other data holdings. Toss in about one million journalists’ email addresses, and you have the ingredients for a nifty business. “Brandwatch Is Acquired by Cision for $450M, Creating a PR, Marketing and Social Listening Giant” says:

Abel Clark, CEO of Cision said: “The continued digital shift and widespread adoption of social media is rapidly and fundamentally changing how brands and organizations engage with their customers. This is driving the imperative that PR, marketing, social, and customer care teams fully incorporate the unique insights now available into consumer-led strategies. Together, Cision and Brandwatch will help our clients to more deeply understand, connect and engage with their customers at scale across every channel.”

Cision data may open some new markets for the PR outfit. Do you, gentle reader, law enforcement and intelligence professionals would be interested in these data? Do you think that Amazon might license the data to stir into its streaming data market place stew?

No answers yet. Worth “monitoring” or “listening.”

Stephen E Arnold, March 1, 2021

Algolia: Making Search Smarter But Is This Possible?

February 5, 2021

A retail search startup pins its AI hopes on a recent acquisition, we learn from the write-up at SiliconANGLE, “Algolia Acquires MorphL to Embed AI into its Enterprise Search Tech.” The company is using its new purchase to power Algolia AI. The platform predicts searchers’ intent in order to deliver tailored (aka targeted) search results, even on a user’s first interaction with the software. Writer Mike Wheatley tells us:

“Algolia sells a cloud-based search engine that companies can embed in their sites, cloud services and mobile apps via an application programming interface. Online retailers can use the platform to help shoppers browse their product catalogs, for example. Algolia’s technology is also used by websites such as the open publishing platform Medium and the online learning course provider Coursera. Algolia’s enterprise-focused search technology enables companies to create a customized search bar, with tools such as a sidebar so shoppers can quickly filter goods by price, for example. MorphL is a Romanian startup that has created an AI platform for e-commerce personalization that works by predicting how people are likely to interact with a user interface. Its technology will extend Algolia’s search APIs with recommendations and user behavior models that will make it possible for e-commerce websites and apps to deliver more ‘intent-based experiences.’”

The Google Digital News Initiative funded MorphL’s development. The startup began as an open-source project in 2018 and is based in Bucharest, Romania. Headquartered in San Francisco, Algolia was founded in 2012. MorphL is the company’s second acquisition; it plucked SeaUrchin.IO in 2018.

Will Algolia search be smarter, maybe even cognitive? Worth watching to see how many IQ points are added to Algolia’s results.

Cynthia Murrell, February 5, 2021

CB Insights Is Moving Fast with VentureSource Acquisition

August 23, 2020

CB Insights is a market intelligence and business analytics platform that provides insights for venture capitalists, startups, angel investing, and more. Companies use CB Insights’s data to make business decisions, develop products, and project long term goals.

CB Insights wants to remain one of the top market intelligence and business analytics platforms. The firm has upped its game by investing in machine learning and AI algorithms to its platforms. CB Insights’s biggest selling points are the quality/quantity of data.

CB Insights recently acquired the Dow Jones VentureSource dataset, announced in the blog post: “Our First Acquisition: CB Insights Acquires VentureSource Data From Dow Jones.” The VentureSource acquisition adds more information to CB Insights’s platform:

“The VentureSource data assets will significantly expand our private markets coverage and strengthen our position as a leader in emerging technology information and private market data.”

It means instead of searching through various market intelligence platforms, the Dow Jones data sets are now available through CB Insights. CB Insights promotes itself as moving fast so its clients can too. They are quickly integrating the VentureSource data set into the CB Insights.

CB Insights is probably using its own data and AI to power their own business decisions. At least they get it for free.

Whitney Grace, August 23, 2020

Next Page »

  • Archives

  • Recent Posts

  • Meta