CyberOSINT banner

ZyLab Places eDiscovery in the Cloud

June 23, 2016

Through their Press Room site, ZyLab announces, “Zylab Introduces eDiscovery as a Service.” Billed as a cost-saving alternative to in-house solutions, the new platform allows users to select and pay for only the services they need through a monthly subscription. The press-release tells us:

“ZyLAB today announces that its eDiscovery solutions are now also delivered via the Internet in a software-as-a-service (SaaS) model in EMEA and AP via a managed service provider model. ZyLAB’s eDiscovery as a Service is introduced as the cost-effective alternative for organizations that do not have the time or IT resources to bring an eDiscovery solution in house. …

“With ZyLAB’s eDiscovery as a Service every type of company, in every industry can now easily scope the level of system they require. ZyLAB’s services span the entire Electronic Discovery Reference Model (EDRM) so a company can select the precise services that meet the needs of their current matter. The Service Level Agreement (SLA) will outline those selections and guarantee the availability of the data, ZyLAB’s software, and ongoing maintenance from ZyLAB’s Professional Services consultants.”

We are assured ZyLab’s SaaS solutions are of the same caliber as their on-premises solutions.  This approach can save a lot of time and hassle, especially for companies without a dedicated IT department. The write-up notes there are no long-term contracts or volume constraints involved,

and, of course, no new hardware to buy. If a company is willing to trust their data to a third party’s security measures, this could be a cost-effective way to manage eDiscovery.

Of course, if you were to trust anyone with your sensitive data, ZyLab’s record makes them a good choice. In fact, the company has been supplying eDiscovery and Information Government tech to prominent organizations for over three decades now. Large corporations, government organizations, regulatory agencies, and law firms around the world rely on their eDiscovery platform. The company was founded in 1983, with the release of the first full-text retrieval software for the PC. It’s eDiscovery/ Information Management platform was released in 2010.


Cynthia Murrell, June 23, 2016

Sponsored by, publisher of the CyberOSINT monograph


Palantir Technologies Challenges US Government Procurement

June 22, 2016

I was a wee lad when I read Don Quixote. I know that students in Spain and some other countries study the text of the 17th century novel closely. I did not. I remember flipping through a Classics’ comic book, reading the chapter summaries in Cliff’s Notes, and looking at the pictures in the edition in my high school’s library. Close enough for horse shoes. (I got an A on the test. Heh heh heh.)

Here’s what I recall the Don and his sidekick. A cultured fellow read a lot of fantasy fiction, mixed it up the real world, and went off on adventures or sallies. The protagonist (see I remember something from Ms. Sperling’s literature class in 1960) rode a horse and charged into the countryside to kill windmills. I remember there were lots and lots of adventures, not too much sex – drugs – rock and roll, and many convoluted literary tropes.

I still like the windmills. A Google search showed me an image which is very similar to the one in the comic book I used as my definitive version of the great novel. Here it is:

Image result for don quixote windmills

What does a guy riding a horse with a lance toward a windmill have to do with search and content processing? Well, I read “Palantir Lambastes Army Over $206 Million Contract Bidding.” I assume the information in the write up is spot on.

Palantir Technologies, a unicorn which is the current fixation of a Buzzfeed journalist, is going to sue the US Army over a “to be” contract for work. The issue is an all source information system procurement known as DCGS or sometimes DI2E. The acronyms are irrelevant. What is important is that the US Army has been plugging away with a cadre of established government contractors for a decade. Depending on whom one asks, DCGS is the greatest thing since sliced bread or it is a flop.

However, Palantir believes that its augmented intelligence system is a better DCGS / DI2E. than the actual DCGS / DI2E.

The US Army may not agree and appears be on the path to awarding the contract for DCGS work to other vendors.

According to the write up:

Palantir claims the Army’s solicitation is “unlawful, irrational, arbitrary and capricious,” according to the letter of intent Palantir sent to the U.S. Army and the Department of Justice, which was obtained by Bloomberg. The letter is a legal courtesy, which states Palantir will file a formal protest in the U.S. Court of Federal Claims next week and requests the Army delay awarding the first phase of the contract until litigation is resolved. The contract is slated to be awarded by the end of 2016.

The contract is worth a couple of hundred million, but the follow on work is likely to hit nine figures. Palantir has some investors who want more growth. The best way to get it, if the write up is accurate, is on the backs of legal eagles.

I don’t know anything about the US Army and next to nothing about Palantir, but I have some experience watching vendors protest the US government’s procurement process. My thought is that when bidders sue the government:

  • Costs go up. Lawyers are very busy, often for a year or more. In lawyer land, billing is really good.
  • Delays occur. The government unit snagged in the contracting hassle have to juggle more balls; for example, tasks have to be completed. When the vendors are not able to begin work, delays occur. This may not be a problem in lawyer land, but in the real world, downstream dependencies can be a hitch in the git along.
  • Old scores may be hummed. Palantir settled a legal dust up with IBM which owns i2 Analysts Notebook. The Analysts Notebook is the very same software system whose file structure Palantir wanted to understand. i2 was not too keen on making its details available. (Note: I was a consultant to i2 for a number of years, and this was input number one to me from one of the founders). IBM has a pretty good institutional memory without consulting Watson.)

And Don Quixote? I wonder if the Palantirians, some of whom fancy themselves Hobbits, are going to be able to shape the real world to their vision. The trajectory of this legal dust up will be interesting to watch as it flames across the sky toward Spain and Don Quixote’s fictional library. Flame out or direct hit? The US Army and US government procurement policies are able to absorb charging horses and possibly a lance poke or two.

Stephen E Arnold, June 22, 2016

Facial Recognition: A Work in Progress

June 18, 2016

Years ago I read “The FBI’s Next Generation Identification Program: Helping Law Enforcement Track and Share Suspect Information across State Lines.” That write up identified, probably semi accurately, Lockheed Martin as the “lead contractor” for the NGI IPS (Next Generation Identification Interstate Photo System). I mention this because the write up “FBI Has 411 Million Photos in Its Facial Recognition System, and a Federal Watchdog Isn’t Happy” does not dig into the contractor or contractors involved in this nine zero project. (An older list of some FBI contractors appears at this link.)

The GAO report about the program also lacks some details. If you are interested in what a government report of the controversial system offers, you can download for now a copy of the document at this link.

I realize that the marketing of smart systems which can make sense of images suggests three functions:

  1. High speed matching
  2. High precision
  3. High recall.

The reality is a bit different. Please, keep in mind that the beliefs created by over inflated marketing claims and carefully staged demonstrations often are at odds with how the system actually performs in real life.

Government entities have to look to technology to help deal with the ever increasing and possibly unstoppable flood of digital information. The actual systems, whether the UK’s NHS systems or the US Army’s DCGS systems, are works in progress. In many cases, the progress is halting, and the work has unanticipated consequences.

I have pointed out that enterprise search, content management, and similar and smart software are not the slam dunks many managers think they are. Hope springs eternal, but that hope has to be gated with what happens in the real, disorganized, and time starved reality in which the magic is supposed to happen.

Stephen E Arnold, June 20, 2016

Palantir Technologies: Will the Company Prevail in DCGS?

June 3, 2016

I read “Army Eyes DCGS Reforms on Capitol Hill.” Not long ago, I described a decision which struck me as putting Palantir in a checkmate position. This write up explains that Palantir does have a deus ex machina to help it prevail in its DCGS travails. You can review my earlier write up and the GAO’s decision in “GAO DCGS Letter B-412746.”

If the “Army Eyes DCGS Reform” write up is spot on, there is some procurement excitement ahead. Those activities will not be in the “FAR” future. (FAR is a US government acronym for a collection of procurement guidelines.)

I learned:

Palantir is considering suing the Army over the DCGS-A 2 solicitation, according to a Politico report. The Army has said it expects to award a $206 million contract for DCGS-A 2 later this year.

Here’s the snippet I located of the “report”:


Politico said:

“The secretive Silicon Valley firm Palantir is considering suing the Army to block a planned $206 million contract to build a next-generation battlefield intelligence network, an industry lobbyist with knowledge of the issue told POLITICO. It’s the latest sign that commercial technology companies are becoming increasingly aggressive in seeking to wrestle big-dollar contracts from the Pentagon’s traditional suppliers.

How much money is at stake? Think in terms of $2.5 to $3.5 billion over the new two or three years. That’s without scope changes and the impedimenta government contracts entail. (If you are curious, you can find the RFP summary at this link.)

How does a commercial company go about derailing the Department of Defense. I used to work at an outfit which provided to President Theodore Roosevelt an advisor. That advisor helped design the Department of Navy. Think it is easy dislodging my former employer from its government contracts?

This is not Monty Hall time. Palantir Technologies has an opportunity to disrupt US government procurement procedures. Can the Hobbits prevail? I know that Tolkien fiction works out in fantasy worlds, but the procurement process might be a bridge too FAR.

If you want to read the regulations, start here.

Stephen E Arnold, June 3, 2016

GAO DCGS Letter B-412746

June 1, 2016

A few days ago, I stumbled upon a copy of a letter from the GAO concerning Palantir Technologies dated May 18, 2016. The letter became available to me a few days after the 18th, and the US holiday probably limited circulation of the document. The letter is from the US Government Accountability Office and signed by Susan A. Poling, general counsel. There are eight recipients, some from Palantir, some from the US Army, and two in the GAO.

palantir checkmate

Has the US Army put Palantir in an untenable spot? Is there a deus ex machina about to resolve the apparent checkmate?

The letter tells Palantir Technologies that its protest of the DCGS Increment 2 award to another contractor is denied. I don’t want to revisit the history or the details as I understand them of the DCGS project. (DCGS, pronounced “dsigs”, is a US government information fusion project associated with the US Army but seemingly applicable to other Department of Defense entities like the Air Force and the Navy.)

The passage in the letter I found interesting was:

While the market research revealed that commercial items were available to meet some of the DCGS-A2 requirements, the agency concluded that there was no commercial solution that could  meet all the requirements of DCGS-A2. As the agency explained in its report, the DCGS-A2 contractor will need to do a great deal of development and integration work, which will include importing capabilities from DCGS-A1 and designing mature interfaces for them. Because  the agency concluded that significant portions of the anticipated DCSG-A2 scope of work were not available as a commercial product, the agency determined that the DCGS-A2 development effort could not be procured as a commercial product under FAR part 12 procedures. The protester has failed to show that the agency’s determination in this regard was unreasonable.

The “importing” point is a big deal. I find it difficult to imagine that IBM i2 engineers will be eager to permit the Palantir Gotham system to work like one happy family. The importation and manipulation of i2 data in a third party system is more difficult than opening an RTF file in Word in my experience. My recollection is that the unfortunate i2-Palantir legal matter was, in part, related to figuring out how to deal with ANB files. (ANB is i2 shorthand for Analysts Notebook’s file format, a somewhat complex and closely-held construct.)

Net net: Palantir Technologies will not be the dog wagging the tail of IBM i2 and a number of other major US government integrators. The good news is that there will be quite a bit of work available for firms able to support the prime contractors and the vendors eligible and selected to provide for-fee products and services.

Was this a shoot-from-the-hip decision to deny Palantir’s objection to the award? No. I believe the FAR procurement guidelines and the content of the statement of work provided the framework for the decision. However, context is important as are past experiences and perceptions of vendors in the running for substantive US government programs.

Read more

Considering an Epistemology of the Dark Web

May 31, 2016

The comparisons of Nucleus to Silk Road are rolling in. An article from Naked Security by Sophos recently published Dark Web marketplace “Nucleus” vanishes – and no one knows why. This piece echoes the questions those following this story have wondered. Was it attacked by ransomware? Maybe they were busted? The article also offers the low-down on how Tor works to explain why accurate investigations into the Dark Web are challenging. We learned,

“That’s why Tor also supports so-called hidden services, which have special URLs ending .onion, where your anonymised network requests are not only bounced around inside the Tor network, but also processed and answered from inside Tor. This makes it hard to find the servers behind a hidden service, which in turn makes it hard to block that service, even if it’s clearly breaking the law by selling firearms improperly or trafficking in illegal drugs. This, in turn, means it’s hard to measure what’s really going on in the Dark Web, and how many underground marketplaces exist to bring buyers and sellers together.”

We found it refreshing this piece reiterated how data about the Dark Web is not easy to pinpoint. From several tens of thousands of Dark Web sites to much lower counts, many cybersecurity groups and researchers seem certain they have the right number. But to continue on the endless hypotheses train related to the nucleus disappearance, we’ll weigh in. Maybe law enforcement outside the US operated the site? Just a thought.


Megan Feil, May 31, 2016

Sponsored by, publisher of the CyberOSINT monograph

Erdogan Government Cracks down on Turkish Media

May 26, 2016

The Turkish government has been forcibly seizing and intimidating the nation’s media, we learn from “Erdogan’s Latest Media Takeover is About More than Just One Newspaper” at Mashable. Is this the future of publishing?

Turkish police fought protesters and manhandled journalists as the government wrested control of Zaman, Turkey’s most popular newspaper and, as journalist Suna Vidinli puts it, the country’s “last remaining effective voice of criticism in the press.” She continues:

“President Erdogan had long planned to take over Zaman as the paper was affiliated with Gulen Group, his main remaining adversary in his quest for absolute power. Earlier in the week, the Turkish Supreme Court — in a surprising and rare move — had released two top editors of Cumhuriyet, Can Dundar and Erdem Gul, from prison. They were imprisoned for writing about the illegal trafficking of weapons to radicals in Syria.

“Erdogan saw their release as a direct move against his authority and wowed to show who was boss. He signaled that the two journalists would be put back in prison soon and declared ‘things can get shaky in the following days.’ Hence, the takeover of Zaman was carefully planned as the most brutal confiscation of media to date in Turkish history.

“The confiscation of Zaman media group highlights some critical developments in Turkey. The government immediately took the media group offline, and a special tech team was brought in to completely wipe out the news archive and web content of the newspaper.”

The Chihan News Agency was also included in the seizure, a group we learn was the only non-governmental organization to monitor Turkish exit polls to ensure fair elections. The article notes that the remaining independent media in Turkey seem to have been effectively cowed, since none of them reported on the violent takeover. Governments, media groups, and human rights organizations around the world condemned the seizure; the U.S. State Department called Turkey’s pattern of media suppression “troubling.” We couldn’t agree more.


Cynthia Murrell, May 26, 2016

Sponsored by, publisher of the CyberOSINT monograph


A Snapshot of American Innovation Today

May 23, 2016

Who exactly are today’s innovators? The Information Technology & Innovation Foundation (ITIF) performed a survey to find out, and shares a summary of their results in, “The Demographics of Innovation in the United States.” The write-up sets the context before getting into the findings:

“Behind every technological innovation is an individual or a team of individuals responsible for the hard scientific or engineering work. And behind each of them is an education and a set of experiences that impart the requisite knowledge, expertise, and opportunity. These scientists and engineers drive technological progress by creating innovative new products and services that raise incomes and improve quality of life for everyone….

“This study surveys people who are responsible for some of the most important innovations in America. These include people who have won national awards for their inventions, people who have filed for international, triadic patents for their innovative ideas in three technology areas (information technology, life sciences, and materials sciences), and innovators who have filed triadic patents for large advanced-technology companies. In total, 6,418 innovators were contacted for this report, and 923 provided viable responses. This diverse, yet focused sampling approach enables a broad, yet nuanced examination of individuals driving innovation in the United States.”

See the summary for results, including a helpful graphic. Here are some highlights: Unsurprisingly to anyone who has been paying attention, women and U.S.-born minorities are woefully underrepresented. Many of those surveyed are immigrants. The majority of survey-takers have at least one advanced degree (many from MIT), and nearly all majored in STEM subject as undergrads. Large companies contribute more than small businesses do while innovations are clustered in California, the Northeast, and close to sources of public research funding. And take heart, anyone over 30, for despite the popular image of 20-somethings reinventing the world, the median age of those surveyed is 47.

The piece concludes with some recommendations: We should encourage both women and minorities to study STEM subjects from elementary school on, especially in disadvantaged neighborhoods. We should also lend more support to talented immigrants who wish to stay in the U.S. after they attend college here. The researchers conclude that, with targeted action from the government on education, funding, technology transfer, and immigration policy, our nation can tap into a much wider pool of innovation.



Cynthia Murrell, May 23, 2016

Sponsored by, publisher of the CyberOSINT monograph


The Trials, Tribulations, and Party Anecdotes Of “Edge Case” Names

May 16, 2016

The article titled These Unlucky People Have Names That Break Computers on BBC Future delves into the strange world of “edge cases” or people with unexpected or problematic names that reveal glitches in the most commonplace systems that those of us named “Smith” or “Jones” take for granted. Consider Jennifer Null, the Virginia woman who can’t book a plane ticket or complete her taxes without extensive phone calls and headaches. The article says,

“But to any programmer, it’s painfully easy to see why “Null” could cause problems for a database. This is because the word “null” is often inserted into database fields to indicate that there is no data there. Now and again, system administrators have to try and fix the problem for people who are actually named “Null” – but the issue is rare and sometimes surprisingly difficult to solve.”

It may be tricky to find people with names like Null. Because of the nature of the controls related to names, issues generally arise for people like Null on systems where it actually does matter, like government forms. This is not an issue unique to the US, either. One Patrick McKenzie, an American programmer living in Japan, has run into regular difficulties because of the length of his last name. But that is nothing compared to Janice Keihanaikukauakahihulihe’ekahaunaele, a Hawaiian woman who championed for more flexibility in name length restrictions for state ID cards.


Chelsea Kerwin, May 16, 2016

Sponsored by, publisher of the CyberOSINT monograph


Be the CIA Librarian

May 3, 2016

Research is a vital tool for the US government, especially the Central Intelligence Agency which is why they employee librarians.  The Central Intelligence Agency is one of the main forces of the US Intelligence Community, focused on gathering information for the President and the Cabinet.  The CIA is also the topic of much fictionalized speculation in stories, mostly spy and law enforcement dramas.  Having played an important part in the United States history, could you imagine the files in its archives?

If you have a penchant for information, the US government, and a library degree then maybe you should apply to the CIA’s current job opening: as a CIA librarian.  CNN Money explains one of the perks of the job is its salary: “The CIA Is Hiring…A $100,000 Librarian.”  Beyond the great salary, which CNN is quick to point out is more than the typical family income.  Librarians server as more than people who recommend decent books to read, they serve as an entry point for research and bridge the gap between understanding knowledge and applying it in the actual field.

“In addition to the cachet of working at the CIA, ‘librarians also have opportunities to serve as embedded, or forward deployed, information experts in CIA offices and select Intelligence Community agencies.’  Translation: There may be some James Bond-like opportunities if you want them.”

Most of this librarian’s job duties will probably be assisting agents with tracking down information related to intelligence missions and interpreting it.  It is just a guess, however.  Who knows, maybe the standard CIA agent touts a gun to the stacks?


Whitney Grace, May 3, 2016
Sponsored by, publisher of the CyberOSINT monograph

Next Page »