Palantir Technologies: Following in the Footsteps of Northern Light and Autonomy
May 4, 2022
What market sector is the one least likely to resonate with race car fans? I would suggest that the third party Chinese vendor TopCharm23232 is an unlikely candidate. Another outlier might be PicRights, a fascinating copyright enforcement outfit relying on ageing technology from Israel.
What do you think about search and content processing vendors?
I spotted this ad in the Murdoch-owned Wall Street Journal which resides behind a very proper paywall.
The full page ad appeared in my Kentucky edition on May 3, 2022. I was interested when Northern Light, a vendor of search systems relying originally on open source technology shaped by Dr. Marc Krellenstein, sponsored a NASCAR vehicle. I wonder how my NASCAR fans were into Northern Light’s approach to content clustering? Some I suppose.
I also noted Autonomy plc’s sponsorship of an F-1 car and the company’s logo on the uniform of the soccer / football club Tottenham Hotspur. (That’s the club logo with a big chicken balancing on a hummingbird egg.)
How did the sponsorships work out? I am not sure about sales and closing deals, but hanging with the race car drivers and team engineers is allegedly a hoot.
Will Palantir’s technology provide the boost necessary to win the remaining F-1 races? I don’t do predictive analytics so, of course, Palantir is a winner. The stock on May 4, 2022, opened at $10.55. For purposes of comparison, Verint which is a company with some similar technology opened at $54.04. Verint does not do race cars from what I have heard.
Stephen E Arnold, May 4, 2022
Stephen E Arnold
Stephen E Arnold
Disinformation: Live and Obvious in the Windows 11 Crazy Train
April 28, 2022
I noted that a number of OSINT experts sidestepped the issues of misinformation (making stuff up), disinformation (data which nuke other information), and reformation (moving the data walnut shells like a walnut shell wizard). The experts offered comments at a recent conference I attended, and I was fascinated by the avoidance of what seems to be as a showstopper for analysts.
Let me give you an example unrelated to the professional OSINT lecturers.
The first is the story in Ars Technica. The headline is “Businesses Are Adopting Windows 11 More Quickly Than Past Versions, Says Microsoft.” Straightforward and actual factual.
Now consider “Windows 10 Still Growing, But Win 11 Had Another Bad Month, Says AdDuplex.” This appears to report data slightly off course with the Ars Technica write up.
Okay, are both sort of true? Is one statement more accurate than another? Maybe one or both are baloney?
The problem is that in order to figure out which is disinformation, one has to do quite a bit of work.
Now imagine that a really smart machine learning system ingests the content and shoves it into a whiz bang smart software system. The smart software will do what? Identify the rightness or wrongness of each set of factoids? Will the smart software go with a simple voting method and the most likely rightness will emerge from the murky plumbing of the smart software? Will the system punt as some digitally learned systems do?
The answer is that manipulation of information can generate outputs that may be disconnected from what is shaking in the real world.
Is this a problem? Yep. Is there a fix? Nope. Are there downstream consequences? Does a calculating predator exist in the technology theme park?
Stephen E Arnold, April 28, 2022
Were Some Party Goers at 10 Downing Street Targeted by NSO Group Technology?
April 26, 2022
The New Scientist (yes, the New Scientist for goodness sakes) published “UK Prime Minister’s Office Smartphones Targeted by Pegasus Spyware.” (You may have to pay to view this write up, gentle reader.) The main point of the write up is it seems to me:
Researchers claim to have uncovered cyber attacks using Pegasus software against 10 Downing Street and the Foreign and Commonwealth Office.
Is this the government office about which Euronews said that UK prime minister Boris Johnson was fined over Downing Street lockdown partiers? It sure looks like it to me.
The New Scientist story recycles the Citizen Lab reports about someone using NSO Group technology to snoop on individuals in the British government. I don’t know if the research is on the money. I described the University of Toronto’s interest in NSO Group as a Munk-ey on the poster child company.
Several observations:
- I am concerned that the recycling of information about NSO Group technology may have unintended consequences; for example, if I were a college computer science professor, I could envision asking students to check out the Pegasus software on GitHub and come up with similar functionality. But I am not a college prof yet there may be a professor in Estonia who comes up with a similar idea.
- The idea that a scientific research publication is focusing attention on an Israeli firm whose software was used by a government illustrates how information leakage can slosh around. Is this a click decision or a political decision or an ethical decision? I have no idea, but someone made a decision to recycle the Munk story.
- Companies pay big money to get their “brand” in front of eyeballs. NSO Group is clearly the brand champion in the intelware sector. Winner? Well, maybe.
Net net: This NSO Group buzz shows no sign of decreasing. That’s not good.
Stephen E Arnold, April 26, 2022
The Munk-ey on the Back of NSO Group
April 20, 2022
The Munk School at the University of Toronto has a keen interest in the NSO Group. I read “CatalanGate: Extensive Mercenary Spyware Operation against Catalans Using Pegasus and Candiru.” (I wish someone would ask me about the candiru at a dinner party. I really want to answer using my own style of expressing myself. Ah, you don’t know about the penis centric creature? Knowing can be helpful before a dip in certain South American rivers and streams.)
Back to munk-ey on NSO Group’s back.
The write up states:
The Citizen Lab, in collaboration with Catalan civil society groups, has identified at least 65 individuals targeted or infected with mercenary spyware. At least 63 were targeted or infected with Pegasus, and four others with Candiru. At least two were targeted or infected with both. Victims included Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organizations. Family members were also infected in some cases.
What’s interesting is that the Munk folks want to prevent a government from performing certain actions. How’s that working out for those who want to influence Mr. Putin. A commercial enterprise sells to a government agency, how exactly is the vendor supposed to prevent a nation state from doing what it wants?
The write up focuses on political issues, and the NSO Group’s technology is not an interesting system with useful functions. The platform becomes the equivalent of Darth Vader’s favorite light saber. How will the Munk experts control an entity its researchers deem Darth Vader pretenders?
Yeah, how would that play out?
The write up is interesting and reveals quite a bit of research.
However, the more significant issue is one which is ignored. Technology can be placed in a context. The context then defines the technology. Our present context is that technology facilitates weaponization. The ethical underpinnings of behavior, in my opinion, have been torn or removed.
Thus, the Munk team is talking about technology and seems to be disinterested in what is allowing outfits like NSO Group become a ping pong ball. Without a net, there is no game.
Perhaps the net is a thing which can be put front and center? Legacies of Roman rule, control of national state officials, and the inherent badness of core mobile phone functions are a way to let off emotional steam?
What about no click exploits for Android devices? Perhaps that is next up on the Munk agenda?
Stephen E Arnold, April 20, 2022
Tim Apple and Unintended Consequences: AirPods?
April 19, 2022
Apple in my opinion emphasizes privacy. (How about the iPhone and the alleged NSO Group Pegasus functionality?) “Ukrainians Are Tracking the Movement of Russian Troops Thanks to One Occupier Looter with AirPods.” I am not sure if the write up is accurate. The source says “truth.” But…
The tracking thing is interesting; for example, Phone home malware on an iPhone, an AirTag hidden on a Russian T-14 Armata, or AirPods. Head phones? Yep.
The cited article reports:
A Russian soldier stole [a Ukrainian’s] AirPods (wireless headphones) when looting [the Ukrainian’s] apartment while Russian occupying forces were in Gostomel. Russian soldiers withdrew, but thanks to the technology on Apple devices, Ukrainians can keep track of where their headphones are. Find My technology on Apple devices lets you find the location of a lost device on the map if it’s near Bluetooth smartphones or connected to Wi-Fi.
What can one do with the help geo-location functions? One idea is to use the coordinates as a target for a semi-smart missile. (This is not a criticism of smart software. It is part of the close enough for horseshoes methods which can often deliver the payload somewhere unintended.)
Now about that Tim Apple privacy thing? Pravda or falsehood?
Stephen E Arnold, April 19, 2022
The Value of the NSO Group? Probably More Than Zero
April 19, 2022
The Financial Times published “NSO Group Deemed Valueless to Private Equity Backers.” The orange newspaper stated that a consulting firm studied the intelware outfit and provided information with this startling number. There’s a legal dust up underway, and my hunch is that legal eagles will flock to this situation: Alleged misuse of the Pegasus system, financial investments, and the people involved in assorted agreements. The story points out that NSO Group is “not a party” to this particular lawsuit. The folks funding the legal eagles are a consulting outfit called Berkeley Research Group. An outfit called Novalpina Capital convinced some to put money into the cyber gold mine. Then the PR spotlight illuminated NSO Group and a torrent flowed downhill knocking down some once impregnable structures. Plus the FT’s article references to an outfit called Integrity Partners who, according to the Financial Times, are willing to buy NSO Group for several hundred million dollars. Is this a good deal? In my opinion, something is better than zilch.
An unnamed NSO Group spokesperson indicated that the NSO Group’s system was of interest to many customers. If this is true, wasn’t the most recent license deal inked in mid 2021 for the platform? My thought is that the company’s proprietary technology would be of interest to other intelware firms interested in obtaining the licensee base and the platform which might benefit from newer, more sophisticated geo-spatial functionality which I will describe in my OSINT lecture at the US National Cyber Crime Conference on April 26, 2022. Sorry, the info is not for a free blog, gentle reader.
In my opinion, the referenced write up presents a fairly chaotic snapshot of the players, the valuation, and the legal trajectory for this matter. We need to bear in mind that NSO Group is hitting up the US Supreme Court and dealing with its Tim Apple issues.
One thing is crystal clear to me: The NSO Group’s misstep is now sending out concentric pulses which are extremely disruptive to entities rarely in the public spotlight. This is unfortunate and underscores why the Silicon Valley Tel Aviv style is not appreciated in some upscale social circles.
Stephen E Arnold, April 19, 2022
FinFisher: Grilled or Fried?
April 18, 2022
I read “Criminal Complaint against Illegal Export of Surveillance Software Is Making an Impact: The FinFisher Group of Companies Ceases Business Operations after Its Accounts Are Seized by Public Prosecutor’s Office.” FinFisher was a developer of specialized software and services. The write up quotes Gesellschaft für Freiheitsrechte e.V.’s spokesperson as saying:
“FinFisher is dead. Its business with illegal exports of surveillance software to repressive regimes has failed. This is a direct success of our criminal complaint.
The company’s system, according to the write up allows “police and secret services [to] pinpoint a person’s location, record their telephone conversations and chats and read all their mobile phone and computer data.”
Stephen E Arnold, April 18, 2022
NSO Group to US Supreme Court: Help!
April 14, 2022
The “real news” outfit the Associated Press ran an article called “NSO Turns to US Supreme Court for Immunity in WhatsApp Suit.” The main idea is that Zuckbook’s lawsuit has to go away. The legal dust up dates from 2019. Zuckbook alleges that NSO Group zapped more than 1,000 users of WhatsApp, a popular instant messaging service. WhatsApp delivers alleged end to end encrypted messaging (EE2E). Intercepting content WhatsApp users think is secure can deliver some high value intelligence if available to certain professionals. NSO Group’s idea is that it is a “foreign government agent.” As such, NSO Group cannot be hassled for its specialized software and services. Why is the issue at the US Supreme Court? The answer is that in previous legal proceedings, federal court rulings said, “Sorry. Zuckbook’s case goes forward.”
I am no attorney, but the sovereign immunity angle sounds good: Intelware, used by some US allies, and good at what it does. The reasoning of the courts is that the NSO Group is not going to get the sovereign “get out of jail free” card in this Monopoly game. Why? According to the information in the write up, NSO Group is software, not an “agent.”
Three observations:
- NSO Group is hoping the third time is a charm in US courts it seems.
- The company just cannot stay out of the newsfeeds. Maybe its management team should start a PR firm.
- The Supreme Court can be picky about what it takes on and when it does accept a case, the outcome can be surprising, very surprising.
Net net: The intelware sector is likely to find itself under more intense scrutiny as the endless barrage of NSO Group publicity flows.
Stephen E Arnold, April 14, 2022
NSO Group: Another Admission, This One Is Very, Very Negative
April 13, 2022
I don’t have much to say about the allegations in “NSO Confirms It Gave Israeli Police Access to Malware to Spy on Israelis.” The write up states:
The world’s foremost purveyor of zero-click exploits capable of completely compromising phones of targets is still in damage control mode. The damage can no longer be controlled, though. So, it’s basically just NSO admitting the nasty things said about have been mostly true.
The article does not pull punches:
If Hulio [a big wheel at NSO Group] wants to argue about the specifics of Israeli surveillance law, that’s one thing. But to claim that “listening in on calls” and turning phones into “listening devices” isn’t spying is absurd. Even in its weakened state, the spyware was completely capable of doing plenty of surveillance. And Hulio freely admits it was used to target Israelis. That is domestic surveillance. Lawful or not, that’s what happened and that’s what NSO enabled.
I believe that NSO Group manifested the confidence and “we can do what is possible”. Unfortunately the company’s management has created some challenges for the intelware sector. There’s the frightening aspect of spyware on a phone which embeds itself without the owner of the phone clicking, answering, or tapping. Then there’s the alleged link between the Pegasus and related technology and some unfortunate outcomes. (In my book, being killed is a Grade A unfortunate outcome.) Also less robust intelware outfits operating out of Israel have to check in with a den mother before following their sales instincts and closing some deals.
The disappointing facet of this very public discussion of NSO Group’s technology and business approach is that law enforcement may find that certain technology will not be sold or licensed by some vendors. Period. That’s not helpful in my opinion. The intelware sector is going to have to relearn the policies and procedures of low profile behavior and enforcing secrecy. Can these vendors learn some new tricks? Sure. But now with reporters chasing intelware developers and lawyer circling, has the once unlimited opportunity space been converted into a digital Shrinky Dink? (Don’t know about Shrinky Dinks? Click here.)
Stephen E Arnold, April 13, 2022
NSO Group Update: Surprise! We Knew Zippo
April 13, 2022
I find it interesting that Reuters in the midst of a war, a Covid thing, and economic craziness has the desire to recycle themes about the NSO Group. “Exclusive: Senior EU Officials Were Targeted with Israeli Spyware” reports that the intelware vendor is still snagged in brambles. The news story reports that Reuters’ reporters reviewed some documents which apparently reveal more interesting applications of Pegasus and possibly other specialized services provided by the Israeli company. The alleged spying popped up as a note from the very big, very privacy talking outfit Apple. I think it would be unnerving to receive a notice like “you may be targeted” instead of “Confirm your Apple payment information.”
The trusted news source (yes, that would be Thomson Reuters) included a statement from NSO Group that suggested the firm’s specialized software was not able to perform alleged spying on EU officials. The story points out that examination of mobile devices did not reveal a smoking gun or smoking bits as it were.
Several observations:
- Real journalists from Thomson Reuters are watching NSO Group and information about the firm. I interpret this attention to mean, “More stories about NSO Group will be coming down the information highway.”
- NSO Group continues to point out that the company is mostly in the dark when these allegations become real news.
- Legal eagles will flock and frolic in Brussels and then take off, head east, and drop bundles of assorted legal documents on the individuals still working at NSO Group.
- NSO Group will get a lot of booth traffic at the ISS Telestrategies Conference in Prague in a few weeks.
Net net: The amping up of public information about NSO Group in particular and intelware in general is not helpful to a number of agencies and companies. (I spoke with a US vendor of intelware as part of the research for my Spring lectures. A spokesperson for the company said on a Zoom call, “Please, do not mention our firm to those in your law enforcmeent audiences.” The reason: The company wants to sell to marketing firms, not government agencies. Too much risk.)
Stephen E Arnold, April 13, 2022
-
- Subscribe to Beyond Search
Feature archive
News archive
-
