Palantir May Be the New DCGS
March 9, 2022
It is perhaps more important than ever for our military to reliably, efficiently, and securely relay data to the other side of the world. To that end, the army is putting its faith in a firm we have covered often over the last several years. DefenseNews reports, “Palantir Scores $34M Order for Army Data Platform.” Reporter Colin Demarest writes:
“The Army Intelligence Data Platform deal includes software, training, cybersecurity activities and help with testing and initial standup of the capability, the Program Executive Office for Intelligence, Electronic Warfare and Sensors said in an announcement Feb. 22. The award signals the next step for what was once known as the Distributed Common Ground System Capability Drop 2.”
So DCGS is dead, long live AIDP. According to a statement from the Army’s Project Manager Intelligence Systems and Analytics, the platform acts as that branch’s foundation for internal intelligence and its connection to data from the intelligence community. The write-up continues:
“The Army Acquisition Support Center describes the Distributed Common Ground System as a means to buttress a commander’s understanding of threats and his or her environment. It consists of both hardware, like laptops, and software, like data filters and analytics. The Department of Defense in February 2020 named Palantir and BAE Systems as competitors on a $823 million contract to upgrade the Army’s facet of the Distributed Common Ground System. In March 2018, the Defense Department said Palantir and Raytheon would share a $876 million contract for the Distributed Common Ground System-Army Capability Drop 1.”
Perhaps this announcement will boost the intrepid firm’s stock prices. But will this technology work if the cloud goes south or a laptop fails and a replacement cannot access the data? Of course. High tech always performs as long as there are government agencies with hefty budgets.
Cynthia Murrell, March 9, 2022
Facebook: A Source of Reliable Information.
March 7, 2022
I believe everything I read online. Here’s a good example, which I pulled from the money hungry click addict BBC:
Facebook’s president of global affairs, Nick Clegg, said that “soon millions of ordinary Russians will find themselves cut off from reliable information“.
I know I thing of Facebook as providing great content for eight and nine year olds. I know Facebook is capable of dogooderness. I know that Facebook is trying really hard to be as wonderful as possible.
But I don’t think of Facebook as a source of “reliable information.”
This extraordinary characterization of Facebook as a source of “reliable information” appears in the BBC article “Facebook Hits Out at Russia Blocking Its Platforms.” Imagine, a country engaged in a special action which terminates with extreme prejudice young and old having the unmitigated gall to block Zuckbook, er, Facebook.
The write up reports:
The statement says the block on Facebook platforms has been introduced “to prevent violations of the key principles of the free flow of information”.
This is a battle of euphemisms and New Speak. Quite a pair of global powers, Facebook and Russia.
I love that “reliable information” angle. I suppose that is what Dozhd TV channel and Ekho Moskvy radio executives said too.
Stephen E Arnold, March 7, 2022
NSO Group: Now US Lawmakers Want Pegasus Information
March 7, 2022
Imagine a hearing in which elected government officials ask questions about NSO Group’s Pegasus. Once that technical information is internalized, the members will want to know if a US government agency and a company wearing a T shirt with the word “Privacy, Security, and China” printed on it use the specialized software.
“US Lawmakers Demand Answers from Apple and the FBI about the Agency’s Alleged Use of Pegasus Spyware” states:
…a pair of lawmakers in the US House are asking for some answers about the situation. The letters were signed by Rep. Jim Jordan, who is a ranking member of the House Judiciary Committee, and Rep. Mike Johnson, a ranking member of the subcommittee on civil rights. The letters were seeking information on “the FBI’s acquisition, testing, and use of NSO’s spyware.”, which indicated that the FBI has acquired NSO-developed spyware tools like Pegasus and Phantom.
Will this inquiry end up in a public hearing with breathless real news people infected with Potomac Fever reporting on what once was secret?
I don’t know. But it would be a cause to celebrate if the NSO Group matter would drift into the background. Alas. Now that elected officials “demand” answers, I think I will be subjected to another flow of Pegasus/Phantom talk.
Apple is not dragging its feet in the orchard. The company has sued NSO Group for stuff only lawyers understand in addition to billing.
Will senior officials from Tim Apple’s company and the FBI participate in what will be memorialized on cable TV, YouTube, and possibly the China affiliated TikTok?
I don’t know. What I do know is that knock on effects of the NSO Group’s cowboy approach to the digital Wild West is bigger news that Buffalo Bill’s traveling circus.
Stephen E Arnold, March 7, 2022
Is It Party Time for STM Professional Publishers?
March 4, 2022
I spotted a TorrentFreak write up called “FBI Gains Access to Sci-Hub Founder’s Google Account Data.” The article explains that investigators are gathering information about Alexandra Elbakyan, the founder of what the article references as the “Pirate Bay of Science.”
The idea behind the service is to make paywall protected content available without the paywalls. The article explains what agencies have been involved and some of the legal procedures followed. These are routine but may be surprising to those who think about new recreational vehicles and the new pizza place.
What makes the investigation interesting is that references are made to Ms. Elbakyan’s alleged links to other governmental entities.
Several observations:
- Alleged links to a foreign power engaged in hostile actions move the story from scientific, technical and medical content made available without the pro9fessional publishers permission to a higher level of security concern.
- Professional publishers have not been happy campers since Sci-Hub became available. (Is this because the service has chewed into some revenues for these commercial enterprises? My guess is, “Yep.”)
- Allegedly, Ms. Elbakyan lives in Russia and, if the Wikipedia is spot on, she is studying philosophy at the Russian Academy of Sciences. (Will extradition be possible? My view is that the process will be interesting.)
When I read the story, I thought about one professional publishing big wig who said off the record, “That crazy Kazakh has to be shut down?”
Is it party time in the world of STM professional publishing? Not yet, but some may want to buy foil party hats and cheap kazoos.
Stephen E Arnold, March 4, 2022
A Meta Burger Surprise? Nope, Seems Like a Standard Operating Procedure
March 3, 2022
I love the thinking of high school science club managers. I think I have spotted an example clearly spelled out in “Facebook Misled Investors on Scope of Misinformation Problems, Whistleblower Says.” The key point seems to be that Meta (maybe meat) says one thing and does another — often with world class ineptitude.
The write up states:
Haugen’s new complaints say that while Facebook/Meta executives trumpeted their efforts to tamp down misinformation about climate change and COVID in earnings calls and elsewhere, internally, the company knew it was falling short.
The saying one thing and doing another approach is okay until a certain someone steps forward and says, “Not so fast.” That someone is Frances Haugen, the former Facebooker turned whistle blower. The secret is that Meta (maybe meat) could not chop liver.
I loved this approach to grilling the Meta outfit:
Using whistleblower complaints to address the misinformation problem is “creative,” Nathaniel Persily, a professor at Stanford Law School and director of the Stanford Cyber Policy Center, told The Washington Post. “You cannot pass a law in the US banning disinformation,” he said. “So what can you do? You can hold the platforms accountable to promises they make. Those promises could be made to users, to the government, to shareholders.” The strategy could work, given many investors’ appetites for focusing on environmental, social, and governance investment strategies (so-called ESG investors). For years, the SEC has told publicly traded companies that they need to make clear and accurate disclosures, Jane Norberg, a partner at Arnold & Porter who recently ran the SEC’s whistleblower program, told the Post. “If the company says one thing to investors but internal documents show that what they were saying is untrue, that could be something the SEC would look at,” she said.
Would the head Meta person pull a sophomoric stunt like obfuscate, fiddle with words, and prevaricate?
Yep, just like 14 years olds explaining the chemistry experiment was not intended to blow up the lab table.
Stephen E Arnold,March 3, 2022
UK Bill Would Require Age Verification
February 25, 2022
It might seem like a no-brainer—require age verification to protect children from adult content wherever it may appear online. But The Register insists it is not so simple in, “UK.gov Threatens to Make Adults Give Credit Card Details for Access to Facebook or TikTok.” The UK’s upcoming Online Safety Bill will compel certain websites to ensure users are 18 or older, a process often done using credit card or other sensitive data. Though at first the government vowed this requirement would only apply to dedicated porn sites, a more recent statement from the Department for Digital, Culture, Media, and Sport indicates social media companies will be included. The statement notes research suggests such sites are common places for minors to access adult material.
Writer Gareth Corfield insists the bill will not even work because teenagers are perfectly capable of using a VPN to get around age verification measures. Meanwhile, adults following the rules will have to share sensitive data with third-party gatekeepers just to keep up with friends and family on social media. Then there is the threat to encryption, which would have to be discontinued to enable the bills provision for scanning social media posts. Civil liberties groups have expressed concern, just as they did the last time around. Corfield observes:
“Prior efforts for mandatory age verification controls were originally supposed to be inserted into Digital Economy Act but were abandoned in 2019 after more than one delay. At that time, the government had designated the British Board of Film Classification, rather than Ofcom, as the age verification regulator. In 2018, it estimated that legal challenges to implementing the age check rules could cost it up to £10m in the first year alone. As we pointed out at the time, despite what lawmakers would like to believe – it’s not a simple case of taking offline laws and applying them online. There are no end of technical and societal issues thrown up by asking people to submit personal details to third parties on the internet. … The newer effort, via the Online Safety Bill, will possibly fuel Britons’ use of VPNs and workarounds, which is arguably equally as risky: free VPNs come with a lot of risks and even paid products may not always work as advertised.”
So if this measure is not viable, what could be the solution to keeping kids away from harmful content? If only each child could be assigned one or more adults responsible for what their youngsters access online. We could call them “caregivers,” “guardians,” or “parents,” perhaps.
Cynthia Murrell, February 25, 2022
Anduril Victorious with SOCOM Contract
February 25, 2022
Tech startups, and the venture capitalists that back them, have been trying valiantly to break the chains of traditional government procurements. Pointing to a recent nearly billion-dollar deal, Breaking Defense ponders, “Anduril Nets Biggest DoD Contract to Date: Signifier or Outlier for Defense Start-Ups?” Anduril is based in Irvine, California, and was founded in 2017. The surveillance and military tech company beat out 11 others competing for the lucrative contract with Special Operations Command (SOCOM). Reporter Andrew Eversden writes:
“Anduril will serve as a systems integrator partner on SOCOM’s counter-unmanned systems efforts. The contract is worth a maximum of $967,599,957 over the next the decade. Under the contract, SOCOM will be able to purchase Anduril’s systems through traditional means, in addition to buying Anduril’s products as a service, meaning the command can configure the system ‘based on mission profiles and ensuring SOCOM can rapidly adapt to new and evolving threat profiles.’ According to the company press release, the company will ‘deliver, advance, and sustain CUxS capabilities for special operations forces wherever they operate.’ It will provide counter-drone capability through its Lattice AI platform, which is designed to autonomously identify and classify threats. The system will be deployed both domestically and overseas, the Jan. 20 announcement stated. Anduril has made major strides in the last year positioning itself to win major defense contracts and augment its technology portfolio. Last year, it acquired Area-I, a tube-launched unmanned aerial system maker. Last summer, the company won a five-year, $99 million production other transaction agreement with the Pentagon’s Defense Innovation Unit for its counter-drone tech. In September, it bought Copious Imaging, whose technology added another layer of threat detection to Anduril’s air defense portfolio.”
We also note the firm had the honor of collaborating with Palantir on the Army’s Tactical Intelligence Targeting Access Node (TITAN) prototype last year. Tech executives and investors have expressed frustration at the challenges of doing business with our military, but this latest contract may be a signal that startups and other non-giant companies can make their way in the federal marketplace after all. On the other hand, we are told, SOCOM has long been the DoD division most likely to embrace innovative, non-traditional partners. If this contract goes well, perhaps SOCOM’s forward-thinking perspective will spread to other agencies. No pressure, Anduril.
Cynthia Murrell, February 25, 2022
Facebook: Irish Troubles
February 24, 2022
When I think of Ireland, here’s what comes to mind:
- A really weird street with jazzy murals and a penchant for violence
- Uplifting novels by Ken Bruen
- Potatoes
- The craic
After reading “Facebook Receives Bad News That Could Disrupt Its Business,” I am now thinking big money changing hands. The write up explains:
“We issued our decision [regarding trans border data] to Meta yesterday. And we have given them 28 days to come back to us with any comments they have. And at that stage we will prepare our draft decision and send our draft decision to our colleague data protection authorities in the EU and I expect that to happen in April,” Doyle [Irish Data Protection spokes person] said. The stakes are high: if the Meta is prohibited from transferring information, its activities in Europe will be very strongly affected.
Implications? Meat — sorry, I meant Meta, formerly the Zuckbook — has one more issue to ponder. Oscar Wilde noted:
“Experience is merely the name men gave to their mistakes.”
Perhaps a VR headset will improve the Emerald Isle real world experience?
Stephen E Arnold, February 24, 2022
Yep, Those Microsoft Exchange Servers Are Appealing to Some Bad Actors
February 22, 2022
I know that few agree with my assessment of Windows 11; that is, rushed out without informing the Twit.tv experts. Why? To get attention focused on something other than Microsoft security issues. SolarWinds? Exchange Server? I don’t know.
Then I irritated a few folks with my opinion that the big deal for the electronic game company and the attendant meta chant is essentially another distraction? Why? Maybe the wonderful Windows Defender system before an issue was fixed recently? Maybe another problem with Azure? I don’t know.
I do know that I read some information, which if true, makes clear that the US has a problem with security. And I know that some of the “problem” is a result of Microsoft’s software and systems. My source is the “real” news article FBI Says BlackByte Ransomware “FBI Says BlackByte Ransomware Group Has Breached Critical US Infrastructure.” Let’s assume that the information in the write up is mostly on the money.
First, we note that the FBI issued a statement available here which says that malware has compromised multiple businesses. What’s interesting is that infrastructure sectors appear to have been compromised. What does that mean? My take is that this is a gentle way of saying that bad actors can muck up certain organizations, financial functions, and food (maybe jiggle the chemicals for fertilizer or send box cars to Texas?).
Second, the write up points out that an NFL football team’s systems may have been fiddled. Interesting indeed. Why? No idea.
Third, this paragraph is the one which I think is the most important:
In their warning, the authorities said some victims reported that the bad actors used a known Microsoft Exchange Server vulnerability to gain access to their networks. The authorities have also released filenames, indicators of compromise and hashes that IT personnel can use to check their networks for presence of the ransomware.
Yep, Microsoft. Exchange Servers.
Windows 11 distracted for a while. The game deal is headed for legal choppy water. What will Microsofties roll out next? A phone, a new foldable perhaps, another reorganization?
Fascinating that security issues keep emerging and with each revelation the stakes creep higher. Bad actors may find this information encouraging. I find it downright awful.
Stephen E Arnold, February 22, 2022
Department of Defense: Troubling News about Security
February 21, 2022
It looks like a lack of resources and opaque commercial cloud providers are two factors hampering the DOD’s efforts to keep the nation cyber-safe. Breaking Defense discusses recent research from the Pentagon’s Director of Operational Test and Evaluation (DOT&E) in, “Pentagon’s Cybersecurity Tests Aren’t Realistic, Tough Enough: Report.” We encourage anyone interested in this important topic to check out the article and/or the report itself. Reporter Jaspreet Gill summarizes:
“[The report] states DoD should refocus its cybersecurity efforts on its cyber defender personnel instead of focusing primarily on the technology associated with cyber tools, networks and systems, and train them to face off against more real threats earlier in the process. For now, cybersecurity ‘Red Teams’ are stretched too thin and the ones that do test military systems are doing it with one hand tied behind their back compared to what actual adversaries would do, the report said.”
Enabling these teams to do their best work would mean giving them more time on the network to test vulnerabilities, more extensive toolsets, realistic rules of engagement, and better end-to-end planning, the report explains. In addition, it states, cyber security training must be expanded to include mission defense teams, system users, response-action teams, commanders, and network operators. We also learn that current funding practices effectively prohibit setting up offices dedicated to cyber technology effectiveness and training. Seriously? See the write-up for more recommendations that should be obvious.
The following bit is particularly troubling in this age of increasing privatization and corporate power. Gill informs us:
“The assessment also found DoD’s cyber concerns increasingly mirror those in the commercial sector due to increasing reliance on commercial products and infrastructure, especially with cloud services. The report recommends the Pentagon renegotiate contracts with commercial cloud providers and establish requirements for future contracts. ‘The DOD increasingly uses commercial cloud services to store highly sensitive, classified data, but current contracts with cloud vendors do not allow the DOD to independently assess the security of cloud infrastructure owned by the commercial vendor, preventing the DOD from fully assessing the security of commercial clouds. Current and future contracts must provide for threat-realistic, independent security assessments by the DOD of commercial clouds, to ensure critical data is protected.’”
Well yes—again that seems obvious. Public-private partnerships should be enacted with a dash of common sense. Unfortunately, that can be difficult to come by amidst bureaucracy.
Cynthia Murrell, February 21, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
