Browse > Home / Archive by category 'intelware'

A Modest Proposal: Shut Down the Intelware Companies

June 7, 2022

Oy! “As the WEF Meets, Pressure Is on World’s Powerbrokers to Shut Down Spyware Industry” advances an idea which may be tough to implement. The write up asserts:

In 2022, there is no business case for spyware technology. Its abuse is tainting the entire tech sector. If the industry’s big players do not step up and take a bold stand on surveillance now, it’s not only the human rights of millions of people at risk, it’s their own futures.

The business case is that companies engaged in cyber and threat intelligence are generating revenue. But the big news is that the more promising outfits are selling to larger firms. Who owns Terbium Labs? A consulting and accounting outfit. And what happened to Digital Shadows? Snapped up by a bigger cyber threat outfit. Plus there are investors looking for a big win in cyber security.

No business case? Sorry. I don’t agree.

The write up does include a useful item of information. Google’s write up about NSO Group’s methodology has drifted from public view, but some bad actors treasure the Googley analysis. If you have not seen the document, “A Deep Dive into an NSO Zero-Click iMessage Exploit: Remote Code Execution” it is a gem. I heard of some folks in Eastern Europe who found the document — how shall I phrase it — inspirational.

Here’s a suggestion from the write up:

For example, companies can take immediate steps such as terminating any direct contractual relationships with spyware vendors and implement concrete measures to avoid directly or indirectly supporting spyware tools and related technologies — and ensure investors, suppliers, clients and customers do the same — through robust pre-contractual due diligence and monitoring.

Yeah, great idea.

Stephen E Arnold, June 7, 2022

Written by Stephen E. Arnold · Filed Under intelware, News | Comments Off on A Modest Proposal: Shut Down the Intelware Companies 

NSO Group: Here We Go Again

June 1, 2022

That Israeli outfit NSO Group has nailed the art of publicity.  Positive PR? Nope. Not so positive? Yep. But as a wit allegedly said, “Any publicity is good publicity?”

Maybe.

NSO’s Cash Dilemma: Miss Debt Repayment or Sell to Risky Customers” tries to explain some of NSO Group’s alleged activities. [This Financial Times’ article resides behind a paywall.] The write up states:

Hulio [one of NSO Group’s senior managers] said there was one option to bring in some cash quickly enough to pay salaries and service debt: reassemble a defunct internal committee and approve sales to customers flagged as “elevated risk” during due diligence.

Why is this allegation of money pressures sparking consideration of sales to nation states which may present some challenges to NSO Group, its managers and staff, and its investors?

My thought is that money must be followed.

A pursuit of money sparked some actions at other search and content processing centric companies. I mentioned this idea in my recent essay “Autonomy Business Details: Are These Relevant to Search- and Content Processing Type Outfits Today?

The decision to generate revenues seems to open the door for many ideas. Some of these are okay; for example, selling more licenses to governments of NATO countries. A few may have been less well received; for example, relaxing the criteria used to determine what countries could license Israeli surveillance innovations.

US sanctions and the PR cyclone have created a number of business challenges for NSO Group. The path forward according to the Financial Times’ article looks like this:

In recent months, Hulio has come up with a new plan dubbed the “phoenix plan” by company insiders. The idea is to split NSO’s greatest assets from its greatest liabilities — this meant separating the code behind Pegasus and company engineers who are highly paid graduates of Israel’s elite military intelligence units, from the clients that have drawn the ire of the US and human rights groups. Hulio and a group of creditors hope that by spinning out a new entity that houses the code and engineers, it can sidestep the commerce department’s blacklist, especially if a new owner were a top US defence contractor.

What’s the outlook for NSO Group? Three possibilities strike me:

  1. Other companies will fill the gap. Just as Cellebrite has to deal with an upstart iPhone penetration solution, NSO Group will find that its methods provide a springboard to other innovators.
  2. NSO Group gets folded into a government agency. One can be sure it will not be a part of a nation state with negative thoughts about Israel.
  3. NSO Group folds its tent, and certain senior managers and engineers set up another company and move on.

I want to mention that the reason there is a glass ceiling for revenues from intelware and policeware is that there are a finite number of customers for the number of products and services on offer. Once that glass ceiling bumps the head of senior managers and stakeholders, then what I see as “drastic” actions kick in. Are Palantir’s comments about nuclear war and example of this?

I am certain about one thing: NSO Group is one of the most recognized brands of intelware in the world.

Stephen E Arnold, June 1, 2022

Written by Stephen E. Arnold · Filed Under Business strategy, Financial, intelware, Marketing | Comments Off on NSO Group: Here We Go Again 

The Business Intelligence Blind Spot: Everyone Needs These Systems

May 30, 2022

I recall that a booth called “Business Blind Spots” identified a number of behaviors which contribute to business missteps. Staff, preconceived notions, market receptivity, etc. were among the points I recall.

I want to toss one more blind spot into the raging fire of burned cash, torched reputations, and incinerated opportunities. I call this bling spot, “Everybody needs these systems.” Plug in your own “systems”; for example, software that manages several cloud accounts which are guaranteed to blow through budget assumptions with no easy way to control the rising expenses.

I read “Palantir Stock: Getting Desperate.” I think the write up has been riding the well-worn fire trail to a burning coal mine.

Palantir Technologies is when the charities, the razzle dazzle, and the jargon are stripped away, is a search and retrieval company. The idea is that a person looking for information about a bad actor, for instance, can plug in the name and see results.

Now this seems like a function which is readily available from many vendors. The twist for Palantir is that it positioned its search as one that would meet the needs of intelligence officers. The US government entity embracing Palantir’s software influenced the add-ons; for example, the ability to ingest certain types of content that only government agencies could acquire.

In order to make sales, the marketing engine of Palantir came up with the same type of “latest and greatest” verbiage that characterizes intelware (that’s software built around the specific needs of intelligence analysts). One example is importing proprietary file types. Another is keeping track of where a dataset came from, who fiddled with it, and what an authorized user did with the data when in search mode.

Over time, companies which serve government agencies have to choose one of three paths:

  1. Path 1 is to just do commercial work. Forget the intelligence market. A company which has moved in this direction is one you may not know anything about. It is LifeRaft. Look them up. Now the company does market and ad intelligence for commercial companies, ad agencies, and probably some non profit outfits.
  2. Path 2 is to just focus on government sales. An example of this type of outfit is BAE Systems which has software able to do Palantir type functions.  I am not sure BAE Systems returns phone calls from a bank or real estate agency wanting some Detica goodness.
  3. Path 3 is to do both. The best example of this is Voyager Labs which does the LifeRaft type work and the intelligence and law enforcement work of outfits like Palantir.

Which is the right path?

From my point of view, a company selling intelware should stick to government clients, maintain a low profile, and keep systems and methods secret. LifeRaft told me, “Don’t even mention our firm at the 2022 National Cyber Crime Conference.” Why? Doing work for certain government agencies gives some commercial firms and their go-go decision makers the heebie jeebies. The fear comes from folks who are interacting with investigators, intelligence operatives, and analysts could say something that will create big time thunderstorms for the commercial company. Some businesses are not exactly paragons of behavior. This means that the purchase cycle is drawn out, excuses are made, concerns about confidentiality raised, and weirdness about the amount of training, customizing, and optimizing the intelware system requires. The result? Some pretty crazy attempts to sell the product and the resulting disconnect from promises of reality from the commercial sector and the inevitable gap. This type of “gap” created some interesting situations in the decade or so.

What about government sales? Unless a company is selling hardware, software, spare parts, training, and services governments a fickle. Sure, an intelware outfit like Palantir will get initial contracts. But the government agencies have roving eyes and will keep licensing, looking for the perfect solution to intel needs. What happens is that the software only vendor runs out of customers. Once a number of big agencies sign up, the US General Services Administration or the Defense Services Administration will start angling for a deal. Cut the fees or lose the contracts. This is bad news because expensive software takes time to sell to government customers who want a demo or a  year of free or discounted use in order to figure out if the system actually works. The problem is that There are not that many government agencies in the free world to support the intelware companies hungry for allocated budget dollars. Stated another way, the intelware company has to get some contracts, make the software work, and forget about the hockey stick financial projections. The intelware vendors chase US allies, but there are vendors in those countries, and  it may make more sense to license Trendalyze or Verint, not the Silicon Valley type outfit. Bad financial news? Yep.

Path three is to sell to anyone who wants the system. This is very, very difficult because the intelware system has to be fiddled with in order to meet the specific requirements of an organization. Chasing bad actors is one thing; figuring out what type of beverage a college student wants is another thing. Hanging over the commercial sales call is the concern about the government work, the government customers, and the government processes, which — once started — are tough to turn off.

This means that companies crafted for intelware users find that government sales slow down, commercial sales cycles take a long time and often end up at a dead end, and non government organizations don’t want or can’t pay big bucks for what is search software.

The market itself is changing. If you want to analyze tweets, hire a marketing agency and get rid of them once they have completed a project. Clean, tidy, easy. If a client has some Google grade programmers, download Maltego, license the $100 Hunchly, and spend some time looking at tools on GitHub. (Thank you, Microsoft, but do you know what’s on that service? I thought so.)

The cited article makes this point:

…the company must expand internationally. What better way to get new sales than to start fires and be the person to sell the smoke detectors? That is what Palantir’s software does, assess and analyze data for threats. It is a loose analogy but fitting. But why is Palantir in such desperate need of expansion to new governments and industries? It is because the only thing keeping the stock going is the revenue growth rate which has been so strong. The company has incurred losses every year of operation. It expects operating expenses to increase.

And what about international sales? Three points:

  1. There are vendors offering comparable or better systems so buying non-US may make economic and political sense
  2. The cost of closing deals internationally is — the last time I checked — two to three times the cost of selling from Chicago to US based customers
  3. The number of purchasers is not as large as one thinks? The US is the living embodiment of Parkinson’s Law and the Peter Principle. Other countries are not much better and they have less disposable cash.

Net net: The word desperate may be appropriate for Palantir Technologies. I don’t have a good set of options for the company: Too much hype, too much development cost, too much customizing and tuning and training, and too much nuke talk. Not helpful.

Stephen E Arnold, May 30, 2022

Written by Stephen E. Arnold · Filed Under Business strategy, Financial, intelware, News | Comments Off on The Business Intelligence Blind Spot: Everyone Needs These Systems 

An Analyst Wrestles with the Palantir Realities

May 23, 2022

Palantir Technologies in my world view is a services and software company positioned as a provider of intelware. Intelware means software and services which allow users to extract high-value information from text, numeric, and possibly image and video data.

Palantir, founded in 2003, has been influenced from its inception by precursor software like the original i2 Ltd. Analyst Notebook and BAE Systems Detica. Both of these systems allowed user to intake “content”, enter the names of people or things, and display the outputs so that the higher-value facts were presented in a useful way; for example, a chart or a relationship graph.

The US government works to learn about new and potentially useful software and systems. Not surprisingly, a government agency showed interest in Palantir’s software when the entrepreneurs involved in the company started describing the Palantir features and functions. Appreciate that in its early years almost two decades ago, the presentations and demonstrations captured what I call “to be” systems; that is, at some point in the future, Palantir’s system and software would be everything that Analyst Notebook, Detica, and the other intelware vendors could offer. The pitch is compelling.

Palantir, now almost two decades old, is a publicly traded company, and it is working overtime to move beyond sales to governments in the US and elsewhere. One of the characteristics of selling intelware to non-governmental organizations is that the capabilities of the system and its use by government clients are often disconcerting to a financial institution, a big hospital chain, or consulting firm focused on real estate.

Furthermore, intelware systems require data. Some data can be easily imported into a system like Palantir’s; for example, plain ASCII text and Excel spreadsheets. Other data are in a format which must be transformed so that Palantir can import the information. Other data present challenges like converting an image with a date and time stamp into an indexed content object. That indexing, to be helpful and to reduce the likelihood of errors, has to be accurate. Some non-text data must be enriched. French content processing experts refer to this enrichment as “fertilization.”

The write up “Palantir: Complete Disaster” includes this statement:

We think there are three possible courses of action in the disaster that has been Palantir, all of which are correct.

Here are the three “courses of action”:

  1. Don’t buy shares in Palantir.
  2. Buy shares, maybe short the stock.
  3. Buy shares and ride out the downturn.

Each of these options ignore two issues. The first is why Palantir is not closing deals and showing a profit. The second is why an intelware company is not able to amp up its sales to government agencies in the US, Western Europe, and selected government agencies elsewhere.

My view is that Palantir is a tough sell for these reasons:

  1. To land a deal, the prospect has to know what the payoff from using the Gotham / Foundry system is. “Intelligence” is a hot concept, but it is a tough sell unless there is a “champion” inside the prospect’s organization to grease the skids.
  2. Competitors offer comparable products for as little as $5,000 per month and some of these competitors bundle third party data which can be fused with the licensee’s data with minimal fiddling with filters and file conversions.
  3. Newer systems are easier to use, include automated workflows which speed analysts, investigators, and and researchers work.

The slow sales of Palantir follow the same type of curve that sales of Autonomy, Fast Search & Software, and many other “information” or “intelligence” focused products have. The initial sales are from government agencies which want better mouse traps. When the intelware does not deliver markedly significant payoffs, the licensees keep looking for better, faster, and cheaper options.

Will Palantir be able to generate a profit and deliver organic growth?

If the trajectory of precursor companies is the path Palantir is on, the answer is, “No.”

Stephen E Arnold, May 23, 2022

Written by Stephen E. Arnold · Filed Under Financial, intelware, law enforcement, News | Comments Off on An Analyst Wrestles with the Palantir Realities 

AT&T Innovation: I Thought Banjo Anticipated This Functionality

May 11, 2022

I read “AT&T Will Use Phone Location Data to Route 911 Calls to the Right Responders.” I thought that Banjo (now SafeXai) described a similar function. I thought I read a Banjo patent or two referencing the firm’s systems and methods. Despite this historical thought, I noted this statement in the article:

The company says it’ll be the first US carrier to “quickly and more accurately identify where a wireless 911 call is coming from using device GPS and hybrid information.” That’ll allow it to route the call to the correct 911 call center (public safety answering point or PSAP) which can then “dispatch first responders to the right location faster…

Banjo changed its name, but before its management shift, the company filed and obtained a number of forward-leaning patents. I recall that one of them provided a useful shopping list of off-the-shelf technologies used in smart software.  If anyone is curious, the Banjo patents referencing what I think is a similar notion include US10585724, “Notifying entities of relevant events”, US10582343, “Validating and supplementing emergency call information,” and several others. I recall reading patents held by AT&T which reference this capability. I wonder how many firms can use mobile data to provide useful services to first responders, law enforcement, and intelligence entities. Once a system and method are disclosed, individuals can replicate or exploit some systems.

Collecting data via an app’s software is made more useful with real-time data from other collection points. The value of cross-correlation of data is quite high. I find it interesting that basic LE and intel methods continue to poke their nose through the heavy cloud cover over certain interesting systems and methods. I do long for the days when certain information was secret and kept that way.

Stephen E Arnold, May 11, 2022

Written by Stephen E. Arnold · Filed Under intelware, Mobile, News, Policeware | Comments Off on AT&T Innovation: I Thought Banjo Anticipated This Functionality 

NSO Group Knock On: Live from Madrid

May 10, 2022

The NSO Group fan Paz Esteban has been gored (metaphorically speaking, of course). “Spain’s Spy Chief Sacked after Pegasus Spyware Revelations” reports that “Paz Esteban reportedly loses job after Catalan independence figures were said to have been targeted.” How about those hedging Latinate structures. The write up alleges:

Paz Esteban reportedly confirmed last week that 18 members of the Catalan independence movement were spied on with judicial approval by Spain’s National Intelligence Centre.

I suppose spying on the Barcelona football team makes sense if one roots for Real Madrid. It is a stretch that 18 individuals who want to do a 180 degree turn away from Madrid’s approach to maintaining law, order, health, peace, prosperity, etc. etc.

The write up notes:

Esteban reportedly confirmed last week to a congressional committee that 18 members of the Catalan independence movement were spied on with judicial approval by Spain’s National Intelligence Centre (CNI), leaving the Catalan regional government demanding answers.

Yep, the action was approved. Life would have been more like a late dinner than a burger from a fantastic American fast food restaurant. That’s the problem. The gobbling of the fries was approved by lawyers.

That’s a crisis. Making the spry 64 year old Ms. Esteban López the beard is unfortunate. My hunch is that some youthful whiz kids found the NSO Group’s Pegasus a fun digital horse to ride. The idea floated upwards for approval and ended up in front of the “judiciary.” That mysterious entity thought letting the kids ride the Pegasus was a perfectly okay idea.

Now a crisis is brewing. The gored Ms. Esteban López may only be one of the first in the intelligence, law enforcement, and judiciary to feel the prick of the digital bull’s horns and the knock from the beastie’s hooves.

Several observations:

  1. Who else will be implicated in this interesting matter? Who will be tossed aloft only to crash to the albero del ruedo?
  2. Will a parliamentary inquiry move forward? What will that become? A romp with Don Quixote and Sancho?
  3. Is a new Spanish inquisition about to begin?

Excitement in the Plaza de Toros de Las Ventas perhaps?

Stephen E Arnold, May 10, 2022

Written by Stephen E. Arnold · Filed Under Governance, Government, intelware, Legal matters, News | Comments Off on NSO Group Knock On: Live from Madrid 

Voyager Labs Exposed: Another NSO Group?

May 10, 2022

I read “Voyager Labs: L’Arma spuntata dell’intelienza artificiale.” I was expecting some high-flying smart software. What the article delivers is some juicy detail about intelware, conferences where quite non-public stories are told, and an alleged tie up between those fine folks at Palantir Technologies and the shadowy Israeli company. One caveat: One has to be able to read Italian or have a way to work around the limitations of online translation systems. (Good luck with finding a free to use system. I just asked my local Pizza Hut delivery person, who speaks and reads Italian like a Roma fan.)

Here are some allegedly spot on factoids from the write up:

  • One of the directors of the company has a remarkably unusual career at a US government agency. The individual presided over specialized interrogation activities and allowing a person with a bomb to enter a government facility. There were a handful of deaths.
  • The Voyager Labs’ cloud services are allegedly “managed globally by Palantir’s Gotham platform.
  • Voyager’s Labs’ content was described at an intelligence conference owned and managed by an American in this way: “usable and previously unattainable information by analyzing and understanding huge amounts of open, deep and obscure Web data.”
  • Allegations about the use of Voyager Labs’ system to influence an Italian election.
  • Voyager Labs identifies for licensees people with red, orange, and green icons. Green is good; red is bad; orange is in the middle?

Interesting stuff. But the zinger is the assertion that Voyager Labs’ smart software can output either dumb or aberrant results. The whiz kids at Gartner Group concluded in 2017 that Voyager Labs was a “cool vendor.” That’s good to know. Gartner likes intelware that sort of works. Cool.

Interesting profile and there are more than 100 footnotes. I assume that the founder of Voyager Labs, the conference organizer, and assorted clients were not will to participate in an interview. This is an understandable position, particularly when an Israeli outfit could be the next in the NSO Group spotlight.

Stephen E Arnold, May 10, 2022

Written by Stephen E. Arnold · Filed Under AI, intelware, News | Comments Off on Voyager Labs Exposed: Another NSO Group? 

Palantir Technologies: Following in the Footsteps of Northern Light and Autonomy

May 4, 2022

What market sector is the one least likely to resonate with race car fans? I would suggest that the third party Chinese vendor TopCharm23232 is an unlikely candidate. Another outlier might be PicRights, a fascinating copyright enforcement outfit relying on ageing technology from Israel.

What do you think about search and content processing vendors?

I spotted this ad in the Murdoch-owned Wall Street Journal which resides behind a very proper paywall.

palantir fix 1

The full page ad appeared in my Kentucky edition on May 3, 2022. I was interested when Northern Light, a vendor of search systems relying originally on open source technology shaped by Dr. Marc Krellenstein, sponsored a NASCAR vehicle. I wonder how my NASCAR fans were into Northern Light’s approach to content clustering? Some I suppose.

I also noted Autonomy plc’s sponsorship of an F-1 car and the company’s logo on the uniform of the soccer / football club Tottenham Hotspur. (That’s the club logo with a big chicken balancing on a hummingbird egg.)

How did the sponsorships work out? I am not sure about sales and closing deals, but hanging with the race car drivers and team engineers is allegedly a hoot.

Will Palantir’s technology provide the boost necessary to win the remaining F-1 races? I don’t do predictive analytics so, of course, Palantir is a winner. The stock on May 4, 2022, opened at $10.55. For purposes of comparison, Verint which is a company with some similar technology opened at $54.04. Verint does not do race cars from what I have heard.

Stephen E Arnold, May 4, 2022

Stephen E Arnold

Stephen E Arnold

Written by Stephen E. Arnold · Filed Under intelware, Marketing, News | Comments Off on Palantir Technologies: Following in the Footsteps of Northern Light and Autonomy 

Disinformation: Live and Obvious in the Windows 11 Crazy Train

April 28, 2022

I noted that a number of OSINT experts sidestepped the issues of misinformation (making stuff up), disinformation (data which nuke other information), and reformation (moving the data walnut shells like a walnut shell wizard). The experts offered comments at a recent conference I attended, and I was fascinated by the avoidance of what seems to be as a showstopper for analysts.

Let me give you an example unrelated to the professional OSINT lecturers.

The first is the story in Ars Technica. The headline is “Businesses Are Adopting Windows 11 More Quickly Than Past Versions, Says Microsoft.” Straightforward and actual factual.

Now consider “Windows 10 Still Growing, But Win 11 Had Another Bad Month, Says AdDuplex.” This appears to report data slightly off course with the Ars Technica write up.

Okay, are both sort of true? Is one statement more accurate than another? Maybe one or both are baloney?

The problem is that in order to figure out which is disinformation, one has to do quite a bit of work.

Now imagine that a really smart machine learning system ingests the content and shoves it into a whiz bang smart software system. The smart software will do what? Identify the rightness or wrongness of each set of factoids? Will the smart software go with a simple voting method and the most likely rightness will emerge from the murky plumbing of the smart software? Will the system punt as some digitally learned systems do?

The answer is that manipulation of information can generate outputs that may be disconnected from what is shaking in the real world.

Is this a problem? Yep. Is there a fix? Nope. Are there downstream consequences? Does a calculating predator exist in the technology theme park?

Stephen E Arnold, April 28, 2022

Written by Stephen E. Arnold · Filed Under AI, intelware, News | Comments Off on Disinformation: Live and Obvious in the Windows 11 Crazy Train 

Were Some Party Goers at 10 Downing Street Targeted by NSO Group Technology?

April 26, 2022

The New Scientist (yes, the New Scientist for goodness sakes) published “UK Prime Minister’s Office Smartphones Targeted by Pegasus Spyware.” (You may have to pay to view this write up, gentle reader.) The main point of the write up is it seems to me:

Researchers claim to have uncovered cyber attacks using Pegasus software against 10 Downing Street and the Foreign and Commonwealth Office.

Is this the government office about which Euronews said that UK prime minister Boris Johnson was fined over Downing Street lockdown partiers? It sure looks like it to me.

The New Scientist story recycles the Citizen Lab reports about someone using NSO Group technology to snoop on individuals in the British government. I don’t know if the research is on the money. I described the University of Toronto’s interest in NSO Group as a Munk-ey on the poster child company.

Several observations:

  • I am concerned that the recycling of information about NSO Group technology may have unintended consequences; for example, if I were a college computer science professor, I could envision asking students to check out the Pegasus software on GitHub and come up with similar functionality. But I am not a college prof yet there may be a professor in Estonia who comes up with a similar idea.
  • The idea that a scientific research publication is focusing attention on an Israeli firm whose software was used by a government illustrates how information leakage can slosh around. Is this a click decision or a political decision or an ethical decision? I have no idea, but someone made a decision to recycle the Munk story.
  • Companies pay big money to get their “brand” in front of eyeballs. NSO Group is clearly the brand champion in the intelware sector. Winner? Well, maybe.

Net net: This NSO Group buzz shows no sign of decreasing. That’s not good.

Stephen E Arnold, April 26, 2022

Written by Stephen E. Arnold · Filed Under Government, intelware, News | Comments Off on Were Some Party Goers at 10 Downing Street Targeted by NSO Group Technology? 

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta