Who Remembers Palantir or Anduril? Maybe Peter Thiel?

November 4, 2021

Despite sci-fi stoked fears about artificial general intelligences (AGI) taking over the world, CNBC reports, “Palantir’s Peter Thiel Thinks People Should Be Concerned About Surveillance AI.” Theil, co-founder of Palantir and investor in drone-maker Anduril, is certainly in the position to know what he is talking about. The influential venture capitalist made the remarks at a recent event in Miami. Writer Sam Shead reports:

“Tech billionaire Peter Thiel believes that people should be more worried about ‘surveillance AI’ rather than artificial general intelligences, which are hypothetical AI systems with superhuman abilities. … Those that are worried about AGI aren’t actually ‘paying attention to the thing that really matters,’ Thiel said, adding that governments will use AI-powered facial recognition technology to control people. His comments come three years after Bloomberg reported that ‘Palantir knows everything about you.’ Thiel has also invested in facial recognition company Clearview AI and surveillance start-up Anduril. Palantir, which has a market value of $48 billion, has developed data trawling technology that intelligence agencies and governments use for surveillance and to spot suspicious patterns in public and private databases. Customers reportedly include the CIA, FBI, and the U.S. Army. AGI, depicted in a negative light in sci-fi movies such as ‘The Terminator’ and ‘Ex Machina,’ is being pursued by companies like DeepMind, which Thiel invested in before it was acquired by Google. Depending on who you ask, the timescale for reaching AGI ranges from a few years, to a few decades, to a few hundred years, to never.”

Yes, enthusiasm for AGI has waned as folks accept that success, if attainable at all, is a long way off. Meanwhile, Thiel is now very interested in crypto currencies. For the famously libertarian mogul, that technology helps pave the way for his vision of the future: a decentralized world. That is an interesting position for a friend of law enforcement.

Cynthia Murrell, November 4, 2021

The Zuck Strikes Back

November 2, 2021

Well, when Facebook strikes back it probably won’t use words. A few threshold modifications, a handful of key words (index terms), and some filter tweaking — – the target will be in for an exciting time. Try explaining why your Facebook page is replete with links to Drug X and other sporty concepts. Yeah, wow.

Mark Zuckerberg angrily Insists Facebook Is the Real Victim Here” includes some interesting observations:

At the top of his company’s third quarter earnings call, the Facebook CEO broadly railed against the 17 news organizations working together to report on a massive trove of leaked internal documents dubbed the Facebook Papers.

Okay, victim.

What could Facebook, Instagram, and WhatsApp do to make life difficult for bylined journalists digging through the company’s confidential-no-more content.

My DarkCyber research team offered some ideas at lunch today. I just listened and jotted notes on a napkin. Here we go:

  1. Populate a journalist’s Facebook page with content related to human trafficking, child sex crime, contraband, etc.
  2. Inject images which are typically banned from online distribution into a journalist’s Instagram content. What no Instagram? Just use Facebook data to locate a relative or friend and put the imagery on one or more of those individuals’ Instagram. That would have some knock on consequences.
  3. Recycle WhatsApp messages from interesting WhatsApp groups to a journalist’s WhatsApp posts; for example, controlled substances, forbidden videos on Dark Web repositories, or some of those sites offering fraudulent Covid vaccination cards, false identification papers, or Fullz (stolen financial data).

Facebook has some fascinating data, and it can be repurposed. I assume the journalists spending time with the company’s documents are aware of what hypothetically Facebook could do if Mr. Zuckerberg gets really angry and becomes – what’s the word – how about vindictive?

How will investigators get access to these hypothetical poisoned data? Maybe one of the specialized services which index social media content?

Stephen E Arnold, November 2, 2021

DarkCyber for November 2, 2021: Spies, Secrets, AI, and a Robot Dog with a Gun

November 2, 2021

The DarkCyber for November 2, 2021 is now available at this link. This program includes six cyber “bites”. These are short items about spies who hide secrets in peanut butter sandwiches, a drug lord who required 500 troops and 22 helicopters to arrest, where to get the Pandora Papers, a once classified document about autonomous killing policies, a US government Web site described as invasive, and a report about the National Security Agency’s contributions to computer science.

The feature in the cyber news program is a look at the Allen Institute’s Ask Delphi system. The smart software serves up answers to ethical questions. The outputs are interesting and provide an indication of the issues that bright AI engineers will have to address.

The final story provides information about a robot dog. The digital canine is equipped with a weapon which fires a cartridge the size of a hot dog at the World Series snack shop. That’s interesting information, but the “killer” feature is that the robot is its own master. Watch DarkCyber to learn the trick this machine can perform.

DarkCyber is produced by Stephen E Arnold. The video contains no advertising and the stories are not subsidized. The video is available at www.arnoldit.com/wordpress or at https://youtu.be/Y24vJetf5eY.

Kenny Toth, November 2, 2021

Voyager Labs Expands into South America

October 14, 2021

Well this is an interesting development. Brazil’s ITForum reports, “Voyager Labs Appoints VP and Opens Operations in Latin America and the Caribbean.” (I read and quote from Google’s serviceable translation.)

Voyager Labs is an Israeli specialized services firm that keeps a very low profile. Their platform uses machine learning to find and analyze clues to fight cyber attacks, organized crime, fraud, corruption, drug trafficking, money laundering, and terrorism. Voyager Labs’ clients include private companies and assorted government agencies around the world.

The brief announcement reveals:

“Voyager Labs, an AI-based cybersecurity and research specialist, announced this week the arrival in Latin America and the Caribbean. To lead the operation, the company appointed Marcelo Comité as regional vice president. The executive, according to the company, has experience in the areas of investigation, security, and defense in Brazil and the region. Comité will have as mission to consolidate teams of experts to improve the services and support in technologies in the region, according to the needs and particularities of each country. ‘It is a great challenge to drive Voyager Labs’ expansion in Latin America and the Caribbean. Together with our network of partners in each country, we will strengthen ties with strategic clients in the areas of government, police, military sector and private companies’, says the executive.”

We are intrigued by the move to South America, since most of the Israeli firms are building operations in Singapore. What’s Voyager know that its competitors do not? Not familiar with Voyager Labs? Worth knowing the company perhaps?

Cynthia Murrell, October 14, 2021

Alleged DHS Monitoring of Naturalized Citizens

September 9, 2021

Are the fates of millions of naturalized immigrants are at the mercy of one secretive algorithm run by the Department of Homeland Security and, unsurprisingly, powered by Amazon Web Services?

The Intercept examined a number of documents acquired by the Open Society Justice Initiative and Muslim Advocates through FOIA lawsuits and reports, “Little-Known Federal Software Can Trigger Revocation of Citizenship.” Dubbed ATLAS, the software runs immigrants’ information through assorted federal databases looking for any sign of dishonesty or danger. Journalists Sam Biddle and Maryam Saleh write:

“ATLAS helps DHS investigate immigrants’ personal relationships and backgrounds, examining biometric information like fingerprints and, in certain circumstances, considering an immigrant’s race, ethnicity, and national origin. It draws information from a variety of unknown sources, plus two that have been criticized as being poorly managed: the FBI’s Terrorist Screening Database, also known as the terrorist watchlist, and the National Crime Information Center. Powered by servers at tech giant Amazon, the system in 2019 alone conducted 16.5 million screenings and flagged more than 120,000 cases of potential fraud or threats to national security and public safety. Ultimately, humans at DHS are involved in determining how to handle immigrants flagged by ATLAS. But the software threatens to amplify the harm caused by bureaucratic mistakes within the immigration system, mistakes that already drive many denaturalization and deportation cases.”

DHS appears reluctant to reveal details of how ATLAS works or what information it uses, which makes it impossible to assess the program’s accuracy. It also seems the humans who act on the algorithm’s recommendations have misplaced faith in the accuracy of the data behind it. The article cites a 2020 document:

“It also notes that the accuracy of ATLAS’s input is taken as a given: ‘USCIS presumes the information submitted is accurate. … ATLAS relies on the accuracy of the information as it is collected from the immigration requestor and from the other government source systems. As such, the accuracy of the information in ATLAS is equivalent to the accuracy of the source information at the point in time when it is collected by ATLAS.’ The document further notes that ‘ATLAS does not employ any mechanisms that allow individuals to amend erroneous information’ and suggests that individuals directly contact the offices maintaining the various databases ATLAS uses if they wish to correct an error.”

We are sure that process must be a piece of cake. The authors also report:

“Denaturalization experts say that putting an immigrant’s paper trail through the algorithmic wringer can lead to automated punitive measures based not on that immigrant’s past conduct but the government’s own incompetence. … According to [Muslim Advocates’ Deborah] Choi, in some cases ‘denaturalization is sought on the basis of the mistakes of others, such as bad attorneys and translators, or even the government’s failures in record-keeping or the failures of the immigration system.’ Bureaucratic blundering can easily be construed as a sign of fraud on an immigrant’s part, especially if decades have passed since filling out the paperwork in question.”

Worth monitoring. Atlas may carry important payloads, or blow up on the launch pad.

Cynthia Murrell, September 9, 2021

Protonmail Anecdote

September 6, 2021

Protonmail has been mentioned in come circles as a secure email service. Users pay to use the system. I have included it in my lectures about online messaging as an example of a “secure” service.

I spotted this Twitter thread which may be true, but, on the other hand, it may be an example of disinformation. The thread includes a screenshot and comments which may indicate that Protonmail has provided to law enforcement details about a specific user.

The person creating the tweet with the information points out:

I appreciate protonmail transparency on what happened, they provide a onion domain to avoid that issue (and a VPN), every service has to follow the law of the country they are in and a biggest issue here is the criminalization of climate activists by the french police [sic]

Additional information or disinformation may be available from this link.

Stephen E Arnold, September 6, 2021

Palantir: A Blinded Seeing Stone?

August 27, 2021

I try to keep pace with the innovations in intelware. That’s my term for specialized software designed to provide the actionable information required by intel professionals, law enforcement, and one or two attorneys who have moved past thumbtyping.

I am not sure if the article “FBI Palantir Glitch Allowed Unauthorized Access to Private Data” is on the money. The “real news” story asserted:

A computer glitch in a secretive software program used by the FBI allowed some unauthorized employees to access private data for more than a year, prosecutors revealed in a new court filing. The screw-up in the Palantir program — a software created by a sprawling data analytics company co-founded by billionaire Peter Thiel — was detailed in a letter by prosecutors in the Manhattan federal court case against accused hacker Virgil Griffith.

Please, read the source document. Also, my personal view is that such an access lapse is not good, but if the story is accurate, I am less concerned that other FBI officials may have had access to content in Gotham or whatever the system is branded these days is less problematic than oligarchs snooping or a Xi Jinping linked tong IT wonk poking around FBI only data.

My thoughts went in a different direction, and I want to capture them. Keep in mind, I don’t know if the access revelation is “true.” Nevertheless, here’s what I jotted down whilst sitting in a lecture about a smart bung for booze lovers:

  1. Was the access issue related to Microsoft Windows or to the AWS-type services on which some Palantir installations depend? Microsoft is another “here we go again” question, but the AWS question puts the Bezos bulldozer squarely in the security breach spotlight.
  2. How many days, weeks, or months was the access control out of bounds? An hour is one thing; the answer “We don’t have a clue” is another.
  3. If — note the if, please — the access issue is due to a Palantir specific feature or function, is there a current security audit of LE, military, and intel  related installations of the “seeing stone” itself? If the answer is “yes”, why was this access issue missed? Who did the audit? Who vetted the auditor? If the answer is “no,” what are the consequences for the other software vendors and IT professionals in the “fault chain”?

The article points out that a royal “we” is troubled. That’s nice. But let’s focus on more pointed questions and deal with what might be a digital Humpty Dumpty. Just my opinion from the underground bunker in rural Kentucky.

Stephen E Arnold, August 27, 2021

Ephemeralism Is a Thing in E2EE Signal Messaging

August 27, 2021

Like that word ephemeralism. Great for some; not so great for law enforcement and intelligence professionals.

One of the worst things about the Internet is that nothing completely disappears on the Internet and stuff comes back to haunt people. Cancel culture rears its ugly head when politicians’ or celebrities’ old sexist or racist posts surface. Nothing ever exists in the moment anymore, especially when it comes to Internet conversations. Signal promises in its blog post, “Embrace Ephemerality With Default Disappearing Messages” to return the now to conversation.

Everything relating to human communication is not meant to last forever. Signal is a message designed with state of the art encryption to protect user privacy. It does not have ads, tracking, nor affiliate marketers. Signal is a non-profit organization, so it is not associated with corporations. It receives its funding from donations and grants. Signal has a new feature, where users can have their messages disappear after a set time:

“Disappearing messages provide a way to keep your message history tidy. When enabled for a conversation, messages will be deleted for the sender and recipients after the specified time. This is not for situations where your contact is your adversary — after all, if someone who receives a disappearing message really wants a record of it, they can always use another camera to take a photo of the screen before the message disappears. However, this is a nice way to automatically save storage space on your devices and limit the amount of conversation history that remains on your device if you should find yourself physically separated from it.”

Before this upgrade, disappearing messages need to be enabled for individual conversations, but now it can be set as the default. Signal also added custom timer durations.

Signal is an popular service for people who want to protect their privacy and manage space on their phones. Journalists and freedom fighters are benefit from Signal, because it allows them to protect their anonymity.

As expected, bad actors take advantage of Signal’s encryption features too. Law enforcement officials are unable to collect evidence on the bad actors and makes it difficult building a case against them.

Whitney Grace, August 27, 2021

Another Perturbation of the Intelware Market: Apple Cores Forbidden Fruit

August 6, 2021

It may be tempting for some to view Apple’s decision to implement a classic man-in-the-middle process. If the information in “Apple Plans to Scan US iPhones for Child Abuse Imagery” is correct, the maker of the iPhone has encroached on the intelware service firms’ bailiwick. The paywalled newspaper reports:

Apple intends to install software on American iPhones to scan for child abuse imagery

The approach — dubbed ‘neuralMatch’ — is on the iPhone device, thus providing functionality substantially similar to other intelware vendors’ methods for obtaining data about a user’s actions.

The article concludes:

According to people briefed on the plans, every photo uploaded to iCloud in the US will be given a “safety voucher” saying whether it is suspect or not. Once a certain number of photos are marked as suspect, Apple will enable all the suspect photos to be decrypted and, if apparently illegal, passed on to the relevant authorities.


  1. The idea allows Apple to provide a function likely to be of interest to law enforcement and intelligence professionals; for example, requesting a report about a phone with filtered and flagged data are metadata
  2. Specialized software companies may have an opportunity to refine existing intelware or develop a new category of specialized services to make sense of data about on-phone actions
  3. The proposal, if implemented, would create a PR opportunity for either Apple or its critics to try to leverage
  4. Legal issues about the on-phone filtering and metadata (if any) would add friction to some legal matters.

One question: How similar is this proposed Apple service to the operation of intelware like that allegedly available from the Hacking Team, NSO Group, and other vendors? Another question: Is this monitoring a trial balloon or has the system and method been implemented in test locations; for example, China or an Eastern European country?

Stephen E Arnold, August 6, 2021

NSO Group and France: Planning a Trip to Grenoble? Travel Advisory Maybe?

August 3, 2021

The PR poster kid for intelware captured more attention from the Guardian. “Pegasus Spyware Found on Journalists’ Phones, French Intelligence Confirms” reports in “real news” fashion:

French intelligence investigators have confirmed that Pegasus spyware has been found on the phones of three journalists, including a senior member of staff at the country’s international television station France 24. It is the first time an independent and official authority has corroborated the findings of an international investigation by the Pegasus project – a consortium of 17 media outlets, including the Guardian.

The consistently wonderful and objective, media hip newspaper provided a counter argument to this interesting finding:

NSO said Macron was not and never had been a “target” of any of its customers, meaning the company denies he was selected for surveillance or was surveilled using Pegasus. The company added that the fact that a number appeared on the list was in no way indicative of whether that number was selected for surveillance using Pegasus.

Is NSO Group adopting a Facebook- or Google-type of posture? I think response to implied criticism is to say stuff and nod in a reassuring manner? I don’t know. The Guardian, ever new media savvy, wraps up the PR grenade with this comment:

The investigation suggests widespread and continuing abuse of Pegasus, which NSO insists is only intended for use against criminals and terrorists.

Should NSO Group professionals consider a visit to France and a side trip to Grenoble in order to ride Les Bulles?

Stephen E Arnold, August 3, 2021

« Previous PageNext Page »

  • Archives

  • Recent Posts

  • Meta