CIA allegedly bought flawed software for attacks
The agency allegedly bought flawed targeting software for drone missile attacks--software it knew was faulty, and that could misdirect attacks by as much as 39 feet--a report says.
The CIA allegedly purchased flawed targeting software for drone missile attacks on suspected terrorists--software it knew was faulty, and that could misdirect attacks by as much as 39 feet--according to a report in The Register based on claims made in a lawsuit.
The suit, filed by a Massachusetts-based company called Intelligent Integration Systems (IISi), involves another Massachusetts company, Netezza, The Register said in its report today. Netezza, a data warehousing company IBM has made a bid to buy, allegedly got a $1.18 million purchase order from the CIA last year to provide data warehouse appliances for use in drones, according to The Register. When combined with IISi's "Geospatial" software, the devices can be used to track movement of cell phones and pinpoint peoples' exact locations in real time, The Register said.
However, the IISi software does not run on the latest version of the Netezza appliance, which the CIA was purchasing, and when IISi said it couldn't port its software to Netezza's next-generation device fast enough for the CIA, Netezza allegedly met the CIA's demands on its own, with an "illegally and hastily reverse-engineered" version of IISi's code, The Register said. Despite knowing of flaws in the hacked software, the CIA acquired it, the news site reported the lawsuit as saying.
"My reaction was one of stun, amazement that they want to kill people with my software that doesn't work," IISi Chief Technology Officer Richard Zimmerman is quoted as saying in a deposition. The Register said Zimmerman was responding to an alleged comment by the CIA that it would accept untested IISi code in chunks.
Netezza initially sued IISi, claiming breach of contract over IISi's refusal to port its software to the Netezza appliance. But that case was dismissed. Now IISi has filed a lawsuit with the reverse-engineering claim and is seeking an injunction to ban Netezza and the CIA from using the software.
IISi and the CIA, which both declined to comment for The Register report, were not reachable late today.
Asked for comment, Netezza provided CNET with an e-mail statement from CEO Jim Baum that said Netezza used open-source software and specifications in the public domain to independently develop its own software for its latest data warehouse product.
"We believe that the claims made against Netezza by IISi are without merit, and we intend to vigorously defend ourselves against those claims in court," the statement said. "We did not rely on IISi's trade secrets or confidential information in developing our own geospatial product."
The company declined to confirm that the CIA was the client in question in the case. "Netezza has a classified federal client that purchased a fully tested and generally available geospatial software package independently developed by Netezza. This client has not shared any information with us about its use of this product, and we are unable to comment on its use," the Netezza statement said.
Update, Tuesday at 10:43 a.m. PDT IISi Chief Executive Paul Davis provided this statement to CNET via e-mail:
"We believe that Netezza's denial that it used our software is false and that it is directly contradicted by Netezza's own internal e-mails to CEO Jim Baum, which show clearly that Netezza 'hacked' our software and delivered that hacked and defective version to the government. We intend to vigorously pursue our claims that Netezza misused our software products, and our trade secret methods and techniques, to create what it is selling as its own products, and that the contract termination, which the court has found to be wrongful, was an effort to cover up the misuse of our software."