TikTok: Allegations of Data Sharing with China! Why?

June 21, 2022

If one takes a long view about an operation, some planners find information about the behavior of children or older, yet immature, creatures potentially useful. What if a teenager, puts up a TikTok video presenting allegedly “real” illegal actions? Might that teen in three or four years be a target for soft persuasion? Leaking the video to an employer? No, of course not. Who would take such an action?

I read “Leaked Audio from 80 Internal TikTok Meetings Shows That US User Data Has Been Repeatedly Accessed from China.” Let’s assume that this allegation has a tiny shred of credibility. The financially-challenged Buzzfeed might be angling for clicks. Nevertheless, I noted this passage:

…according to leaked audio from more than 80 internal TikTok meetings, China-based employees of ByteDance have repeatedly accessed nonpublic data about US TikTok users…

Is the audio deeply faked? Could the audio be edited by a budding sound engineer?


And what’s with the TikTok “connection” to Oracle? Probably just a coincidence like one of Oracle’s investment units participating in Board meetings for Voyager Labs. A China-linked firm was on the Board for a while. No big deal. Voyager Labs? What does  that outfit do? Perhaps it is the Manchester Square office and the delightful restaurants close at hand?

The write up refers to data brokers too. That’s interesting. If a nation state wants app generated data, why not license it. No one pays much attention to “marketing services” which acquire and normalize user data, right?

Buzzfeed tried to reach a wizard at Booz, Allen. That did not work out. Why not drive to Tyson’s Corner and hang out in the Ritz Carlton at lunch time. Get a Booz, Allen expert in the wild.

Yep, China. No problem. Take a longer-term view for creating something interesting like an insider who provides a user name and password. Happens every day and will into the future. Plan ahead I assume.

Real news? Good question.

Stephen E Arnold, June 21, 2022

Quick NSO Group Update

June 20, 2022

Two items for the estimable NSO Group caught my attention.

The first is a Reuters (the trust outfit!) item called “Spanish Court Calls CEO of Israel’s NSO to Testify in Spying Case.” The trusted write up reports that t6he “rogatory” commission will head to Israel and investigate. Nothing new with this. The CEO appears to be a person of interest.

The second is an Axios story with a pat-on-the-back headline: “Scoop: Israelis Push US to Remove NSO from Blacklist.” The core of this item is that looked at one way, routine discussions are underway. Looked at another way, lobbyists are beavering away. NSO Group has not hired one law firm to work on the blacklisting. Nope, NSO Group has two law firms loosing legal eagles.

NSO Group has lost some PR traction to the Alphabet Google YouTube DeepMind Bob Hope-ism that its software is alive and as smart as a seven year old. I think crows are as smart as seven years old. Despite the best efforts of those who want to discredit the specialized software vendors, AGYD’s mastery of messaging is at the top of the heap.

Keep trying NSO Group.

Stephen E Arnold, June 20, 2022

The UK National Health Service: The Search for a Silver Bullet

June 13, 2022

Modern health care is a bit of muddle. The UK’s National Health Service has licensed, tested, tire kicked, and tried every angle to manage its myriad activities.

According to the odd orange newspaper (the Financial Times), the often befuddled NHS may be ready to embrace the PowerPoint assertions of a US company. “Palantir Gears Up to Expand Its Reach into UK’s NHS” reports:

Over the next few months, Palantir will bid for the five-year £360mn contract for the proposed Federated Data Platform (FDP), a new data tool to connect and integrate patient and other data sources from across the health system, so real-time decisions can be made effectively by clinicians and bureaucrats.

How similar is delivering health care to analyzing information to win a battle or figure out what an adversary is likely to do?

I am not sure. I do know that many intelware companies (this is my term for firms providing specialized software and services to law enforcement, crime analysts, and intelligence professionals) find that commercial clients can become squeamish under these conditions:

  1. Question from potential customer: “Who are your customers?” Intelware vendor: “Sorry, that information is classified.”
  2. Question from potential customer: “Can you provide a specific example of how your system delivered fungible results?” Intelware vendor: “We are not permitted to disclose either the use or effect of our system.”
  3. Question from potential customer: “How much consulting and engineering are needed before we can provide access to the system?” Intelware vendor: “That depends.” Customer asks a follow up question: “Can you be more specific?” Intelware vendors: “That information is classified.”

You can see how the commercial outfits not engaged in fighting crimes against children, drug smuggling, terrorist actions, termination of adversaries, etc. can be a tough sell.

But one of the big issues is the question, “Is our data available to government entities in our country or elsewhere without our knowledge or permission?”

Every licensee wants to here assurances that data are private, encrypted, protected by 20 somethings in Slough, or whatever is required to close the deal.

But there is the suspicion that when a company does quite a bit of work for certain government agencies in one or more countries, stuff happens. Data mining, insider actions, or loss of data control  due to bad actors behavior.

It will be interesting to see if this deal closes and how it plays out. Based on NHS’s track record with Google-type outfits and Smartlogic-type innovators, I have a hunch that the outcome will be a case study of modern business processes.

Palantir needs many big wins to regain some stock market momentum. At least the Financial Times did not reference Palantir’s estimate of a 30 percent chance of nuclear war. Undoubtedly such a terrible event would stretch NHS’s capabilities regardless of technology vendor underpinning the outfit.

Stephen E Arnold, June 13, 2022

NSO Group: A Spanish Road Trip Planned

June 8, 2022

Spain’s judicial system stretches back centuries. The idea, as I understand it, was for Courts and Tribunals to administer justice in the name of the King of Spain. Now perhaps some of these alcaldes de crimen became frisky; support for the Catholic Church’s Index Librorum Prohibitorum, banishments, property seizures aimed at people of a certain religious persuasion, decisions about precious metals from the lands across the sea, etc., etc.

NSO Group now has an opportunity to interact with Spain’s judiciary up close and personal.

Spanish Judge to Visit Israel Seeking Testimony from NSO on Pegasus Spyware Use” reports:

The [Spanish] court said that José Luis Calama has decided to lead a judicial commission that will travel to Israel to “take testimony from the CEO of the company that commercializes the Pegasus program.”

The article added:

NSO says that it only sells its Pegasus spyware to governments for security purposes. Pegasus has been linked to the hacking of other political leaders and activists in other countries. NSO has denied playing any part of this apparent misuse of its evasive technology that has come to light thanks to the work of digital-rights groups inspecting individual phones.

I assume that the trappings of the chat will be free of the methodologies used in investigations centuries ago. Probably pencils and papers because iPhones… well, you know.

Stephen E Arnold, June 8, 2022

A Modest Proposal: Shut Down the Intelware Companies

June 7, 2022

Oy! “As the WEF Meets, Pressure Is on World’s Powerbrokers to Shut Down Spyware Industry” advances an idea which may be tough to implement. The write up asserts:

In 2022, there is no business case for spyware technology. Its abuse is tainting the entire tech sector. If the industry’s big players do not step up and take a bold stand on surveillance now, it’s not only the human rights of millions of people at risk, it’s their own futures.

The business case is that companies engaged in cyber and threat intelligence are generating revenue. But the big news is that the more promising outfits are selling to larger firms. Who owns Terbium Labs? A consulting and accounting outfit. And what happened to Digital Shadows? Snapped up by a bigger cyber threat outfit. Plus there are investors looking for a big win in cyber security.

No business case? Sorry. I don’t agree.

The write up does include a useful item of information. Google’s write up about NSO Group’s methodology has drifted from public view, but some bad actors treasure the Googley analysis. If you have not seen the document, “A Deep Dive into an NSO Zero-Click iMessage Exploit: Remote Code Execution” it is a gem. I heard of some folks in Eastern Europe who found the document — how shall I phrase it — inspirational.

Here’s a suggestion from the write up:

For example, companies can take immediate steps such as terminating any direct contractual relationships with spyware vendors and implement concrete measures to avoid directly or indirectly supporting spyware tools and related technologies — and ensure investors, suppliers, clients and customers do the same — through robust pre-contractual due diligence and monitoring.

Yeah, great idea.

Stephen E Arnold, June 7, 2022

NSO Group: Here We Go Again

June 1, 2022

That Israeli outfit NSO Group has nailed the art of publicity.  Positive PR? Nope. Not so positive? Yep. But as a wit allegedly said, “Any publicity is good publicity?”


NSO’s Cash Dilemma: Miss Debt Repayment or Sell to Risky Customers” tries to explain some of NSO Group’s alleged activities. [This Financial Times’ article resides behind a paywall.] The write up states:

Hulio [one of NSO Group’s senior managers] said there was one option to bring in some cash quickly enough to pay salaries and service debt: reassemble a defunct internal committee and approve sales to customers flagged as “elevated risk” during due diligence.

Why is this allegation of money pressures sparking consideration of sales to nation states which may present some challenges to NSO Group, its managers and staff, and its investors?

My thought is that money must be followed.

A pursuit of money sparked some actions at other search and content processing centric companies. I mentioned this idea in my recent essay “Autonomy Business Details: Are These Relevant to Search- and Content Processing Type Outfits Today?

The decision to generate revenues seems to open the door for many ideas. Some of these are okay; for example, selling more licenses to governments of NATO countries. A few may have been less well received; for example, relaxing the criteria used to determine what countries could license Israeli surveillance innovations.

US sanctions and the PR cyclone have created a number of business challenges for NSO Group. The path forward according to the Financial Times’ article looks like this:

In recent months, Hulio has come up with a new plan dubbed the “phoenix plan” by company insiders. The idea is to split NSO’s greatest assets from its greatest liabilities — this meant separating the code behind Pegasus and company engineers who are highly paid graduates of Israel’s elite military intelligence units, from the clients that have drawn the ire of the US and human rights groups. Hulio and a group of creditors hope that by spinning out a new entity that houses the code and engineers, it can sidestep the commerce department’s blacklist, especially if a new owner were a top US defence contractor.

What’s the outlook for NSO Group? Three possibilities strike me:

  1. Other companies will fill the gap. Just as Cellebrite has to deal with an upstart iPhone penetration solution, NSO Group will find that its methods provide a springboard to other innovators.
  2. NSO Group gets folded into a government agency. One can be sure it will not be a part of a nation state with negative thoughts about Israel.
  3. NSO Group folds its tent, and certain senior managers and engineers set up another company and move on.

I want to mention that the reason there is a glass ceiling for revenues from intelware and policeware is that there are a finite number of customers for the number of products and services on offer. Once that glass ceiling bumps the head of senior managers and stakeholders, then what I see as “drastic” actions kick in. Are Palantir’s comments about nuclear war and example of this?

I am certain about one thing: NSO Group is one of the most recognized brands of intelware in the world.

Stephen E Arnold, June 1, 2022

The Business Intelligence Blind Spot: Everyone Needs These Systems

May 30, 2022

I recall that a booth called “Business Blind Spots” identified a number of behaviors which contribute to business missteps. Staff, preconceived notions, market receptivity, etc. were among the points I recall.

I want to toss one more blind spot into the raging fire of burned cash, torched reputations, and incinerated opportunities. I call this bling spot, “Everybody needs these systems.” Plug in your own “systems”; for example, software that manages several cloud accounts which are guaranteed to blow through budget assumptions with no easy way to control the rising expenses.

I read “Palantir Stock: Getting Desperate.” I think the write up has been riding the well-worn fire trail to a burning coal mine.

Palantir Technologies is when the charities, the razzle dazzle, and the jargon are stripped away, is a search and retrieval company. The idea is that a person looking for information about a bad actor, for instance, can plug in the name and see results.

Now this seems like a function which is readily available from many vendors. The twist for Palantir is that it positioned its search as one that would meet the needs of intelligence officers. The US government entity embracing Palantir’s software influenced the add-ons; for example, the ability to ingest certain types of content that only government agencies could acquire.

In order to make sales, the marketing engine of Palantir came up with the same type of “latest and greatest” verbiage that characterizes intelware (that’s software built around the specific needs of intelligence analysts). One example is importing proprietary file types. Another is keeping track of where a dataset came from, who fiddled with it, and what an authorized user did with the data when in search mode.

Over time, companies which serve government agencies have to choose one of three paths:

  1. Path 1 is to just do commercial work. Forget the intelligence market. A company which has moved in this direction is one you may not know anything about. It is LifeRaft. Look them up. Now the company does market and ad intelligence for commercial companies, ad agencies, and probably some non profit outfits.
  2. Path 2 is to just focus on government sales. An example of this type of outfit is BAE Systems which has software able to do Palantir type functions.  I am not sure BAE Systems returns phone calls from a bank or real estate agency wanting some Detica goodness.
  3. Path 3 is to do both. The best example of this is Voyager Labs which does the LifeRaft type work and the intelligence and law enforcement work of outfits like Palantir.

Which is the right path?

From my point of view, a company selling intelware should stick to government clients, maintain a low profile, and keep systems and methods secret. LifeRaft told me, “Don’t even mention our firm at the 2022 National Cyber Crime Conference.” Why? Doing work for certain government agencies gives some commercial firms and their go-go decision makers the heebie jeebies. The fear comes from folks who are interacting with investigators, intelligence operatives, and analysts could say something that will create big time thunderstorms for the commercial company. Some businesses are not exactly paragons of behavior. This means that the purchase cycle is drawn out, excuses are made, concerns about confidentiality raised, and weirdness about the amount of training, customizing, and optimizing the intelware system requires. The result? Some pretty crazy attempts to sell the product and the resulting disconnect from promises of reality from the commercial sector and the inevitable gap. This type of “gap” created some interesting situations in the decade or so.

What about government sales? Unless a company is selling hardware, software, spare parts, training, and services governments a fickle. Sure, an intelware outfit like Palantir will get initial contracts. But the government agencies have roving eyes and will keep licensing, looking for the perfect solution to intel needs. What happens is that the software only vendor runs out of customers. Once a number of big agencies sign up, the US General Services Administration or the Defense Services Administration will start angling for a deal. Cut the fees or lose the contracts. This is bad news because expensive software takes time to sell to government customers who want a demo or a  year of free or discounted use in order to figure out if the system actually works. The problem is that There are not that many government agencies in the free world to support the intelware companies hungry for allocated budget dollars. Stated another way, the intelware company has to get some contracts, make the software work, and forget about the hockey stick financial projections. The intelware vendors chase US allies, but there are vendors in those countries, and  it may make more sense to license Trendalyze or Verint, not the Silicon Valley type outfit. Bad financial news? Yep.

Path three is to sell to anyone who wants the system. This is very, very difficult because the intelware system has to be fiddled with in order to meet the specific requirements of an organization. Chasing bad actors is one thing; figuring out what type of beverage a college student wants is another thing. Hanging over the commercial sales call is the concern about the government work, the government customers, and the government processes, which — once started — are tough to turn off.

This means that companies crafted for intelware users find that government sales slow down, commercial sales cycles take a long time and often end up at a dead end, and non government organizations don’t want or can’t pay big bucks for what is search software.

The market itself is changing. If you want to analyze tweets, hire a marketing agency and get rid of them once they have completed a project. Clean, tidy, easy. If a client has some Google grade programmers, download Maltego, license the $100 Hunchly, and spend some time looking at tools on GitHub. (Thank you, Microsoft, but do you know what’s on that service? I thought so.)

The cited article makes this point:

…the company must expand internationally. What better way to get new sales than to start fires and be the person to sell the smoke detectors? That is what Palantir’s software does, assess and analyze data for threats. It is a loose analogy but fitting. But why is Palantir in such desperate need of expansion to new governments and industries? It is because the only thing keeping the stock going is the revenue growth rate which has been so strong. The company has incurred losses every year of operation. It expects operating expenses to increase.

And what about international sales? Three points:

  1. There are vendors offering comparable or better systems so buying non-US may make economic and political sense
  2. The cost of closing deals internationally is — the last time I checked — two to three times the cost of selling from Chicago to US based customers
  3. The number of purchasers is not as large as one thinks? The US is the living embodiment of Parkinson’s Law and the Peter Principle. Other countries are not much better and they have less disposable cash.

Net net: The word desperate may be appropriate for Palantir Technologies. I don’t have a good set of options for the company: Too much hype, too much development cost, too much customizing and tuning and training, and too much nuke talk. Not helpful.

Stephen E Arnold, May 30, 2022

An Analyst Wrestles with the Palantir Realities

May 23, 2022

Palantir Technologies in my world view is a services and software company positioned as a provider of intelware. Intelware means software and services which allow users to extract high-value information from text, numeric, and possibly image and video data.

Palantir, founded in 2003, has been influenced from its inception by precursor software like the original i2 Ltd. Analyst Notebook and BAE Systems Detica. Both of these systems allowed user to intake “content”, enter the names of people or things, and display the outputs so that the higher-value facts were presented in a useful way; for example, a chart or a relationship graph.

The US government works to learn about new and potentially useful software and systems. Not surprisingly, a government agency showed interest in Palantir’s software when the entrepreneurs involved in the company started describing the Palantir features and functions. Appreciate that in its early years almost two decades ago, the presentations and demonstrations captured what I call “to be” systems; that is, at some point in the future, Palantir’s system and software would be everything that Analyst Notebook, Detica, and the other intelware vendors could offer. The pitch is compelling.

Palantir, now almost two decades old, is a publicly traded company, and it is working overtime to move beyond sales to governments in the US and elsewhere. One of the characteristics of selling intelware to non-governmental organizations is that the capabilities of the system and its use by government clients are often disconcerting to a financial institution, a big hospital chain, or consulting firm focused on real estate.

Furthermore, intelware systems require data. Some data can be easily imported into a system like Palantir’s; for example, plain ASCII text and Excel spreadsheets. Other data are in a format which must be transformed so that Palantir can import the information. Other data present challenges like converting an image with a date and time stamp into an indexed content object. That indexing, to be helpful and to reduce the likelihood of errors, has to be accurate. Some non-text data must be enriched. French content processing experts refer to this enrichment as “fertilization.”

The write up “Palantir: Complete Disaster” includes this statement:

We think there are three possible courses of action in the disaster that has been Palantir, all of which are correct.

Here are the three “courses of action”:

  1. Don’t buy shares in Palantir.
  2. Buy shares, maybe short the stock.
  3. Buy shares and ride out the downturn.

Each of these options ignore two issues. The first is why Palantir is not closing deals and showing a profit. The second is why an intelware company is not able to amp up its sales to government agencies in the US, Western Europe, and selected government agencies elsewhere.

My view is that Palantir is a tough sell for these reasons:

  1. To land a deal, the prospect has to know what the payoff from using the Gotham / Foundry system is. “Intelligence” is a hot concept, but it is a tough sell unless there is a “champion” inside the prospect’s organization to grease the skids.
  2. Competitors offer comparable products for as little as $5,000 per month and some of these competitors bundle third party data which can be fused with the licensee’s data with minimal fiddling with filters and file conversions.
  3. Newer systems are easier to use, include automated workflows which speed analysts, investigators, and and researchers work.

The slow sales of Palantir follow the same type of curve that sales of Autonomy, Fast Search & Software, and many other “information” or “intelligence” focused products have. The initial sales are from government agencies which want better mouse traps. When the intelware does not deliver markedly significant payoffs, the licensees keep looking for better, faster, and cheaper options.

Will Palantir be able to generate a profit and deliver organic growth?

If the trajectory of precursor companies is the path Palantir is on, the answer is, “No.”

Stephen E Arnold, May 23, 2022

AT&T Innovation: I Thought Banjo Anticipated This Functionality

May 11, 2022

I read “AT&T Will Use Phone Location Data to Route 911 Calls to the Right Responders.” I thought that Banjo (now SafeXai) described a similar function. I thought I read a Banjo patent or two referencing the firm’s systems and methods. Despite this historical thought, I noted this statement in the article:

The company says it’ll be the first US carrier to “quickly and more accurately identify where a wireless 911 call is coming from using device GPS and hybrid information.” That’ll allow it to route the call to the correct 911 call center (public safety answering point or PSAP) which can then “dispatch first responders to the right location faster…

Banjo changed its name, but before its management shift, the company filed and obtained a number of forward-leaning patents. I recall that one of them provided a useful shopping list of off-the-shelf technologies used in smart software.  If anyone is curious, the Banjo patents referencing what I think is a similar notion include US10585724, “Notifying entities of relevant events”, US10582343, “Validating and supplementing emergency call information,” and several others. I recall reading patents held by AT&T which reference this capability. I wonder how many firms can use mobile data to provide useful services to first responders, law enforcement, and intelligence entities. Once a system and method are disclosed, individuals can replicate or exploit some systems.

Collecting data via an app’s software is made more useful with real-time data from other collection points. The value of cross-correlation of data is quite high. I find it interesting that basic LE and intel methods continue to poke their nose through the heavy cloud cover over certain interesting systems and methods. I do long for the days when certain information was secret and kept that way.

Stephen E Arnold, May 11, 2022

NSO Group Knock On: Live from Madrid

May 10, 2022

The NSO Group fan Paz Esteban has been gored (metaphorically speaking, of course). “Spain’s Spy Chief Sacked after Pegasus Spyware Revelations” reports that “Paz Esteban reportedly loses job after Catalan independence figures were said to have been targeted.” How about those hedging Latinate structures. The write up alleges:

Paz Esteban reportedly confirmed last week that 18 members of the Catalan independence movement were spied on with judicial approval by Spain’s National Intelligence Centre.

I suppose spying on the Barcelona football team makes sense if one roots for Real Madrid. It is a stretch that 18 individuals who want to do a 180 degree turn away from Madrid’s approach to maintaining law, order, health, peace, prosperity, etc. etc.

The write up notes:

Esteban reportedly confirmed last week to a congressional committee that 18 members of the Catalan independence movement were spied on with judicial approval by Spain’s National Intelligence Centre (CNI), leaving the Catalan regional government demanding answers.

Yep, the action was approved. Life would have been more like a late dinner than a burger from a fantastic American fast food restaurant. That’s the problem. The gobbling of the fries was approved by lawyers.

That’s a crisis. Making the spry 64 year old Ms. Esteban López the beard is unfortunate. My hunch is that some youthful whiz kids found the NSO Group’s Pegasus a fun digital horse to ride. The idea floated upwards for approval and ended up in front of the “judiciary.” That mysterious entity thought letting the kids ride the Pegasus was a perfectly okay idea.

Now a crisis is brewing. The gored Ms. Esteban López may only be one of the first in the intelligence, law enforcement, and judiciary to feel the prick of the digital bull’s horns and the knock from the beastie’s hooves.

Several observations:

  1. Who else will be implicated in this interesting matter? Who will be tossed aloft only to crash to the albero del ruedo?
  2. Will a parliamentary inquiry move forward? What will that become? A romp with Don Quixote and Sancho?
  3. Is a new Spanish inquisition about to begin?

Excitement in the Plaza de Toros de Las Ventas perhaps?

Stephen E Arnold, May 10, 2022

Next Page »

  • Archives

  • Recent Posts

  • Meta