Salesforce Acquires Diffeo

June 30, 2020

The announcement appears on the Salesforce Web site. redirects to the customer relationship management firm’s government and aerospace page at this link. It appears that Salesforce will use the Diffeo technology to enhance its search, retrieval, and analysis capabilities. Plus, there may be some push by Salesforce to market Diffeo to the US government. As more information becomes publicly available, DarkCyber will update its information about this MIT incubator spawned firm.

Stephen E Arnold, June 30, 2020

Policeware: Fascinating Real Journalists Again

June 27, 2020

Imagine writing about policeware — software and specialized services tailored to the needs of enforcement authorities — this way.

You learn about a quinoa farmer in rural Virginia. You look into the farmer’s activities and find that the farmer sells produce to locals heading toward North Carolina. You add flavor to your story the way a cook in Lima converts quinoa into a gourmet treat for travel weary tourists. The farmer is an interesting person. The farmer is struggling to survive. The farmer labels the quinoa as “world’s best” and “super healthy.” The farmer becomes famous because he tells you, “I sell more quinoa despite the local regulations and the Food Lion supermarket.” The problem is that the story’s author is unaware of Archer Daniels Midlands, an outfit with an interest in quinoa.

The story is a human interest write up particularized to a single quinoa farmer in a state known for a mall, traffic jams, and government contractors. Micro story gives the impression that Virginia is a great place for quinoa. Accurate? A reflection of the business environment? A clear reflection of local ordinances?


I thought about the difference between a quinoa farmer’s story and a general lack of awareness about Archer Daniel Midlands when I read “Firm That Tracked Protesters Targeted Evangelicals During 2016 Election.” The outfit providing data may have more in common with the hypothetical quinoa story that meets the eye. Coverage of the policeware or intelware market sector invites micro examples used to support large scale generalizations about the use of data from mobile phones or open source information like public posts on a social media site.

Furthermore, small companies like the one described in Vice Motherboard article exist in every business sector. Focusing on a single firm — whether a quinoa farmer or a commercial data provider — may not provide a representative description of the market.

News flash: Data are available to companies, government agencies, and not for profit organizations from hundreds of companies. Some of these are tiny like Mobilewalla. Others are beefy; for example, Oracle BlueKai. Still others occupy a middle ground like Dataminr. Others are loosely affiliated with other countries’ government entities; possibly Innity.

The fixation on policeware appears to be a desire on the part of “real” journalists to tell mobile phone users that the essential device is gathering data about the user.

News flash: Mobile devices which seek cell towers and WiFi connections emit data as part of their normal functioning. Individuals who use mobile devices to look at ads on ManyVids, surf the Dark Web from a mobile device, and use the gizmos to buy contraband and pay with Bitcoin are skywriting. Big messages are available to those with access to different sets of data.

Some of the data flows into the stellar giants of the online world; for instance, Facebook and Google. Other data gathers in the telcos. Quite useful data floods from online mobile game enthusiasts. Granny in the retirement home happily provides companies like Amazon with a flow of information about what’s hot from her quite particular point of view.

My thought is that chasing quinoa farmer stories is a new and exciting angle for some “real” journalists. But is there a different story to be researched, understood, and communicated.

“Real” journalists might begin by asking and answering with facts, not anecdotes, these questions:

What organizations are the equivalent of the agribusiness giants just in the commercial database sector? How are these data gathered, verified, and made available? What people, companies, and organizations license these data? Why does a commercial database business exist? When did data morph into mechanism for dealing with certain types of events? How many government agencies integrate these types of data into their “feet on the street” activities? What’s the upside to these data and their use? What are the downsides to these data and their use?

The stories about the quinoa farmer are okay. Moving beyond the anecdote to the foundation of commercial data licensing is more meaningful and more interesting.

The problem may be that moving beyond the quinoa approach takes work, time, and understanding. Hey, “real” journalists have to log into Slack and then jump on a Zoom call. This “go beyond quinoa” is just too much like “real work.”

That’s a problem I assert for individuals uninterested in what happened when trans-Atlantic telegraph messages began to flow. Why not look into that type of history?

Stephen E Arnold, June 27, 2020

Policeware: Making Headlines

June 26, 2020

DarkCyber noted “Machines with Brains.” The article includes a category or “pre title” with the phrase “From Our Obsession.” The “our” is ambiguous. Is it the “our” of the Silicon Valley real news team members or is it the “our” of the zip zip technology craving social milieu?

The point of the write up is that policeware using pattern recognition and other assorted technologies are not ready for prime time. The article identifies several companies as providing solutions that create problems, not ones that solve them. These entities are:

  • Amazon, IBM, and Microsoft, deeply suspect companies but ones that had the common sense to drop out of the facial recognition marathon. “Yes, quitters can be winners” in the “From Our Obsession” point of view.
  • DataWorks, “one of the biggest resellers of facial recognition technology to US Police departments.” The company allegedly has “contracts with police in Detroit, Chicago, New York City, Santa Barbara, South Carolina, Pennsylvania, and Maryland.” DarkCyber admires alphabetization and mixing states and municipalities. Without context, how large are the contracts? What are the terms of the deal? Are these proofs of concept or full-blown integrated solutions humming 24×7 or some other type of installation.
  • Cognitech
  • NEC
  • Rank One Computing

The policeware market is one which most “real” journalists struggle to understand. Yesterday, in a conversation with a “real” journalist employed by the one and only Rupert Murdoch organization, I chortled during the “interview/conversation” as the young “real journalist” struggled to understand why law enforcement and intelligence professionals try out new technologies.

My comments about the companies providing policeware did not compute for the sincere and apparently fascinated news hunter. The idea that vendors provide news technology, make modifications as technical problems arise, and alter systems as users – yes, real enforcement officials – struggle to apply technology to the challenges enforcement presents.

Several observations:

First, the policeware and intelware markets, companies, and technologies are unknown territories for most technology professionals and terra incognita for a large percentage of “real” journalists. This means the individuals do not know of what they news gather. Out of context is the principal method employed.

Second, the solutions developed for enforcement and intelligence officials are a surprise to the uninformed. No one likes surprises; for example, the idea that a cherished group of Facebook friends may harbor a child molester or a contraband dealer. How does one mitigate surprise? Easy? Sensationalism, finger pointing, and generalizations. Facial recognition sucks. Easy. Does the Amazon-powered Ripper technology suck? What’s that? Ignorance is bliss for some.

Third, exactly what bureaucratic solutions exist to deal with technology? (Oxymoron alert: Bureaucracies are subject to Parkinson’s Law and Augustine’s Laws.) Some “real” journalists enthusiastically embrace mobile devices, online hook up services pretending to be video dating services, and the Twitter lifestyle. Maybe the newly minted experts in policeware have some ideas other than “don’t use technology”? Wait. That won’t work because fairy land, in case one has been oblivious to the social construct, seems to be emulating the world of Road Warrior.

Net net: Information in context and perspective are useful when writing about a technology sector with which one is not familiar. Just a thought because the morphing of “Machines with Brains” into “humans with brains” is an interesting idea to contemplate.

Perhaps an “obsession” with perspective, context, knowledge, and less sensationalistic short cuts would be helpful?

Policeware is becoming a beat. Good. Let’s strive for context, not shouting “Fire” in a socially distanced movie theater.

Stephen E Arnold, June 26, 2020

Social Media and Clueless Youth

June 23, 2020

This is a reminder about youth and a general lack of understanding that people don’t know what they don’t know. That’s the reason Google type search systems try to deliver answers, even if the user is a clueless youth.

Navigate to “Masked Arsonist Might’ve Gotten Away with It If She Hadn’t Left Etsy Review.” The write up is semi amusing. A clueless youth burned down a fast food joint. The wizardette wore a mask, no surprise in the Rona Era, 2020 CM (CM means common mask, not common moron).

Unaware that some online services index comments, process images, generate useful metatags, and deliver a user friendly specialized software system to law enforcement, the clueless youth was:

  1. Processed by graph analytics
  2. Matched via pattern identification methods
  3. Identified
  4. Geo located
  5. Snagged (that’s what old people like me think about when law enforcement arrests an alleged arsonist. Burning a fast food joint? Amazing. The food may be questionable, but why not write do a TikTok to the manager. Fire is a tactic of an annoyed loyal follower of Attila.)

Net net: Certain law enforcement specialized software systems perform useful functions. Plus, clueless youth have an opportunity about criminal justice without the slick image of a Judge Judy presiding.

Stephen E Arnold, June 23, 2020

A Peek into Google and Palantir Contracts: The UK National Health Service Versions

June 8, 2020

Curious about the legalese, terms, and conditions of US companies licensing and servicing government entities in the United Kingdom require? Good news. You can (at least as of June 6, 2020 at 0600 US Eastern time) can read allegedly complete contracts for software and services.

A contract from is also available. Founded in 2014, does not have the cachet of a Google. If you want to look at that contract, it is for now at

The deals are between these firms and an entity doing government business under the name of NHSX which seems to mean “a joint unit bringing together teams from the Department of Health and Social Care and NHS England and NHS Improvement to drive the digital transformation of care. COVID-19 Response.”

Are there some interesting details in these documents? Yep. Will these be shared in this blog post? Nope. You will learn some of the DarkCyber’s team insight if you attend our National Crime Conference presentation about investigative tools and systems.

Not invited? For fee briefings are still offered. Contact benkent2020 at yahoo dot com.

Stephen E Arnold, June 8, 2020

Amazon Grinds into Teams and Rolls Across Its Playground Cracking the Asphalt

June 5, 2020

Distracted by an inability to deliver packages quickly, Amazon has revved the engine of the Bezos bulldozer. The giant online bookstore and the world’s richest human being is punching the gas pedal and lurching forward. The objective? The Microsoft Teams’ playground. The bulldozer will crunch over the feet of the nimble Zoomers and shove the Google toward the  shower room, but the big orange diesel leaves a visible pathway, small creatures unable to avoid the metal treads and assorted debris similar to the storefronts on Main Street USA.

The action is described in “Slack and Amazon partner to take on Microsoft Teams.” DarkCyber does not want to argue which wonky online organizational, communication, and squabbling service is better. Amazon has the technical infrastructure to make almost anything work and to bill people for taking data out of its giant cloud environment.

The write up states:

On Thursday (4 June), it emerged that Slack and Amazon have forged a multi-year agreement, allowing all Amazon employees to use Slack. The news comes at a time when Slack has seen increased competition from Microsoft Teams. In a recent SEC filing, the company said that the Microsoft platform is its “primary competitor”. This is despite the fact Microsoft’s main focus is video and voice calling, while Slack is primarily used for text-based workplace chat. As part of the deal with Amazon, Slack will deepen its partnership with AWS by migrating its voice and video calling functions to Amazon’s Chime platform, in a bid to strengthen its video and voice calling offerings.

DarkCyber thinks this development is important for three reasons:

  1. The deal makes it clear that Amazon, although late to the game, is going to be trying to be like Zoom on steroids. (A side consideration is that Amazon employees will have a more zippy way to organize the two pizza parties when a fail safe system falls over.)
  2. The tie up means that Slack is not going away. Amazon can include Slack functions in a wide array of services. Imagine how much easier it will be to chase down knock off product information using a reasonably functional Slack and Chime service? Well, maybe not too aggressively?
  3. The inclusion of Slack means that Amazon’s oft-ignored policeware services get a useful tool for enforcement and intelligence professionals. DarkCyber thinks this is important, and possibly someone will notice before Amazon jumps out of its hidey hole and reveals that it powers much of the policeware infrastructure for low profile companies.

Worth watching even though the write up is content to point out:

By using Chime technology to run Slack’s video and voice call features, the company hopes to add new features. Armstrong said that the company is looking at bringing video calling to the mobile version of Slack, as it currently does not have this feature. He also said that Slack is looking into transcription.

Hitting the small nail squarely? Yes.

Stephen E Arnold, June 6, 2020

NSO Group and Its Covid Tracker

May 30, 2020

As the COVID-19 virus globally spread, people want know where it is, when an individual was infected, and other pertinent information. Two week self-imposed isolation periods are mandatory for most potential carriers, but that is not enough to ease worried minds. TechCrunch reports that, “A Passwordless Server Run By Spyware Maker NSO Sparks Contact-Tracing Privacy Concerns.”

NSO is an Israeli company known for making mobile hacking tools. The company developed a COVID-19 app that tracks carriers. A security researcher discovered NSO’s content-tracing project “Fleming” online, he contacted them and NSO removed it. Fleming most likely contained fake data. The project was most likely a demonstration of NSO’s technology, but it still causes concern that people’s personal data is kept in a centralized database without proper security measures. The Israeli government has not approved usage of Fleming yet.

When the COVID-19 outbreak worsened in March, the Israeli government granted its security service Shin Bet unprecedented access to collecting mobile phone data to track potential infections. Fleming was one of two systems the government working on and NSO said it used location data purchased from data brokers. Data brokers sell data amassed from apps that collect and sell user data.

Content-tracking apps are beneficial during the pandemic, but an individual’s privacy should be taken into consideration. There are ways to have these apps and protect privacy rights:

“Most countries are favoring decentralized efforts, like the joint project between Apple and Google, which uses anonymized Bluetooth signals picked up from phones in near proximity, instead of collecting cell location data into a single database. Bluetooth contact tracing has won the support of academics and security researchers over location-based contact-tracing efforts, which they say would enable large-scale surveillance.”

NSO has possible ties to the Middle East, including an allegation that the Saudi Arabian government used the company’s Pegasus software to compromise Jeff Bezo’s cell phone. There is also a current legal battle that NSO built a hacking tool for Facebook’s WhatsApp. NSO Group is a provider of specialized services to government entities.

Whitney Grace, May 30, 2020

4iQ Amps Up Its Marketing

May 28, 2020

It is all about volume. Though most of us delete the ubiquitous “sextortion” emails with little thought but a passing sense of distaste, enough victims fork over Bitcoin to make it a lucrative scam. 4iQ’s blog examines the tactic in, “Demystifying ‘Sextortion’ & Blackmail Scams.”

Lest you, dear reader, are so fortunate as to be unfamiliar with such emails, the post includes examples. Dripping scorn for those who would exploit fears and threaten people during a pandemic, writer ClairelfEye explains these deceivers purchase real email addresses and passwords stolen in one of the large-scale data breaches that have become all too common. They then leverage this information to convince marks they possess more, very personal, details. She writes:

“I reached out to my social networks to see if this is widespread, and sure enough, many people confirmed that they — or someone they know — have received these types of scams in the past five weeks. … While most people get annoyed, roll their eyes and delete these blackmail e-mails, this is a numbers game. There will be a few people that fall for these low-level scams. Out of the many sextortion scams forwarded to me by friends and family, one [Bitcoin] address received 0.270616 BTC, which equals $2,082.03 USD as of April 27, 2020.”

Regarding the data breaches that make this scam possible, ClairelfEye explains:

“Working at 4iQ, I am almost too aware of data breaches happening on a daily basis. We investigate, validate and report on breached data every day. In fact, I can probably accurately surmise that this scammer got my email and clear text password in the 1.4 billion clear text credentials trove our breach hunters found back in 2017. Same goes for many of the forwarded scam emails I received. Interesting to see this information run full circle.”

The author’s colleague Alberto Casares, she tells us, is aggregating, investigating, and reporting on these extortion attempts. To participate, receivers of such emails can send them to Dubbing itself the “Adversary Intelligence Company,” 4iQ offers consumer protection products and curates and normalizes compromised identities to help combat fraud and other crimes. Founded in 2016, the company is based in Los Altos, California.

Another specialized services firm amps up its marketing. This quest for sales and venture funding may be a trend.

Cynthia Murrell, May 28, 2020

Policeware Marketing: Medium Blog Post a Preferred Channel

May 27, 2020

Just a short note. Sintelix, a developer of policeware, published a white paper called “Sintelix – The Text Intelligence Solution.” The document is available on Medium, a popular publishing platform. The white paper / product description is about 1,500 words in length. The article contains illustrations, diagrams, and lists. One of the DarkCyber team said, “It reads like a product brochure.” I thought the information was useful. The Sintelix decision to use Medium is one additional example of the stepped up marketing policeware and intelware vendors are taking. Shadowdragon is using Twitter to promote its policeware system. Palantir Technologies’ CEO has used public forums and video to explain use cases for its investigative and analytic system. LookingGlass has moved forward with online demonstrations and webinars for potential licensees of its cyber system.


  1. Tradition has dictated that vendors of specialized services developed for law enforcement and intelligence agencies market via personal contacts or restricted/classified events. The fierce competition for available government contracts may be forcing a change.
  2. Face-to-face events like breakfasts, brown bag presentations, and lectures for LE and intel professionals may be difficult to supplement with online-only initiatives. Plus, there is the danger of webinar fatigue or the sign up and no show problem. Security is also a consideration because some attendees may not be whom they purport to be on registration form.
  3. Expanded visibility like that achieved by NSO Group may have unexpected consequences. Some government procurement processes shy away from high-profile vendors. As a result, obtaining information about the activities of a Leidos, for example, is difficult. Increased visibility may repel some potential customers.

The shift in marketing, no matter how minor, is important. The downstream consequences of visibility are difficult to predict because conference organizers, procurement processes, customers who prefer face-to-face interactions, and similar pre Rona methods may no longer work as well.

Stephen E Arnold, May 27, 2020

Palantir Technologies: A Very Unusual Emission from a Specialized Services Firm

May 26, 2020

The PR battle among the firms providing specialized services to law enforcement and intelligence entities has taken an unusual turn. If you send email to an outfit like BlackDot, you will probably be ignored. The same non response holds true for the vast majority of firms delivering solutions that put bad actors at a disadvantage. Sure, there are less low profile uses of these technologies, but applications like eDiscovery do not capture the attention of the real media.

DarkCyber spotted “Our Product Is Used on Occasion to Kill People’: Palantir’s CEO Claims Its Tech Is Used to Target and Kill Terrorists.” DarkCyber has noted that NSO Group has found itself in the PR spotlight due to allegations from Facebook and assertions about an NSO professional using the firm’s system for personal activities. But the “kill people” thing is sure to catch the attention of the hundreds of specialized service firms’ attention.


What’s even more interest catching is that one of the senior managers of Palantir Technologies serves as a member of the Axel Springer shareholder committee. What’s an Axel Springer? The company owns Business Insider, the “real news” outfit which reported Mr. Karp’s rather intriguing statement about a use case for Gotham and other Palantir modules.

The story also provides a link to a video from an outfit called Axios, presumably to buttress the “true fact” of Mr. Karp’s statement.

For a low profile outfit to offer this alleged admission about software’s link to termination with extreme prejudice may have some downstream consequences. With low profile companies like Shadowdragon publicizing its system on Twitter, will PR become the go-to marketing method in the future?

Making sales is one thing, but some government customers are wary of specialized services vendors who hum the 1960s song “Talk Too Much.” Some licensees can consult the “seeing stone” or just hit Philz and listen for some Palantirian chatter.

Stephen E Arnold, May 26, 2020

Next Page »

  • Archives

  • Recent Posts

  • Meta