Palantir Technologies: Maybe the US Army Should Be Skeptical?
June 20, 2016
I read “How Hired Hackers Got “Complete Control” Of Palantir.” On one hand, Palantir surfed on secrecy as its Hyptokrypto for marketing. The idea that Palantir’s internal network would become a party wave was not part of the 2003-2004 plan. The write up is by a Sillycon Valley observer who may not be invited to a Palantir algorithms meet up.
I am confident that the write up is spot on. If it is not accurate, my hunch is that the Gotham crowd may emulate the feistiness of one of the Palantir founders. Think Hulk Hogan and the estimable publication Gawker.
I noted this passage:
the cybersecurity firm Veris Group concluded that even a low-level breach would allow hackers to gain wide-ranging and privileged access to the Palantir network, likely leading to the “compromise of critical systems and sensitive data, including customer-specific information.”
I circled this statement in true blue:
Their presence [the penetration testers] was finally discovered, the report says, after they broke into the laptops of information security employees — but even then, the intruders were able to monitor the employees’ countermoves in real time, shifting tactics to evade them.
A Hobbit is quoted as saying:
“The findings from the October 2015 report are old and have long since been resolved,” Lisa Gordon, a Palantir spokesperson, said in an emailed statement. “Our systems and our customers’ information were never at risk. As part of our best practices, we conduct regular reviews and tests of our systems, like every other technology company does.”
Gnarly. Palantir seems to have hired a penetration testing outfit. Somehow the report leaked. Secure outfits often try to limit leaks.
Stephen E Arnold, June 20, 2016