DoD intentionally pushes hard to get testable capabilities as early as possible to shorten feedback loops, understanding that features ancillary to the capability will be limited, stubbed out, or implemented using a stopgap that you would never use in production. This will all be cleaned up in the production implementation once everyone is happy with how the capability works. Basically an agile customer development approach, similar to what is used in startups.
In my experience, the fine-grained control and security features are never implemented in the prototypes. This can be extremely fussy and slow development that isn't needed to evaluate capability. It also requires a lot of customer involvement, so they usually aren't willing to invest the time until they are satisfied that they want to move forward with the capability. The security architecture is demonstrably the kind of thing that can be mechanically added later so DoD takes the view that there is no development risk by not implementing it in the prototype.
There may be fair criticisms of the system but it looks like the article is going out of its way to mislead and misrepresent.
Wow holy calamity lol JTRS never shipped. Paid a lot of mortgages though.
https://breakingdefense.com/2025/10/army-says-its-mitigated-...
Nice toys. Not sure the tech has anything substantial or innovative under the hood.
dmix•1h ago
> Army chief information officer and Chiulli’s supervisor, said in a statement to Reuters that the report was part of a process that helped in “triaging cybersecurity vulnerabilities” and mitigating them.
So it's a brand new prototype and this is a run of the mill cybersecurity review while it undergoes some internal testing?
rohan_•1h ago
This sounds like a nothingburger.
DaveZale•1h ago
TimorousBestie•1h ago
Especially when the cost of busted security in this context is “exceptionally grave damage.”
zdragnar•1h ago
Given this line from the article:
and it seems like there was a SIGNIFICANT mismatch in expectations between the team delivering the prototype and the people receiving it. Everyone's time was wasted as a result.btown•1h ago
Given that segmentation of data access is a core part of the pitch (see e.g. https://www.palantir.com/docs/gotham) - if security controls were intentionally omitted from the prototype scope, that seems like a reckless scoping decision to make. And if security controls were unintentionally bypassed, this speaks to insufficient red-teaming of the prototype before launch.
I couldn't be more pleased that this is coming to light, though. Perhaps it opens decisionmakers' eyes to the dangers of over-centralizing military operations on a system that simultaneously allows operators to diffuse accountability to a semi-autonomous target-calling system, and is foundationally connected to surveillance-state systems tracking U.S. citizens. Entire genres of movies posit the negative outcomes of this kind of system on civilians and military personnel alike; they are cautionary tales to Not Create The Torment Nexus. Sometimes decentralized, human-in-the-loop, need-to-look-the-target-in-the-eyes operational coordination is a feature, not a bug.
mrtnmrtn•1h ago
We reject the notion of gating, pay-walling, or upselling core security controls like audit logging, single sign-on, and multi-factor authentication. Whether you’re a small business or a federal agency, you get access to every core enterprise security feature in our standard offering:
Mandatory encryption of all data, both in transit and at rest, that uses robust, modern cryptography standards. Strong authentication and identity protection controls, including single sign-on and multi-factor authentication. Strong authorization controls, including mandatory and discretionary access controls. Robust security audit logging for detecting and investigating potential abuse. Highly extensible information governance, management, and privacy controls to meet the needs of any use case. »
Spooky23•25m ago
jandrewrogers•24m ago
It is important to understand that the customers don't have a clear view of the types of access controls they want until they start field exercises. By having relatively limited access controls in the prototype, they discover in real use cases that allowing some data access which never would have occurred to them is highly valuable which can then be refined into specific types of data sharing. In a default locked down environment, these beneficial interactions would never be discovered because they can't occur. All of the ways the users access and use data in the prototypes is logged and studied.
Similarly, other types of data sharing expose real risks that can be reduced to specific scenarios developed during operational exercises. The problem with an exhaustive access control model is that it simply has too many degrees of freedom to be usable for most people.
During development, the universe of all possible uses of access control is reduced to a much simpler and more understandable model of the key data it is important to restrict and the key data it is important to share, grounded in real-world operational learnings. These models are simpler and more precise to implement, and also easier to verify the correctness of, than a default "access control all the things" approach.
robertlagrant•4m ago
There's been no launch. It's a prototype.
derektank•1h ago
Access control and user level logging seem like kind of basic feature requirements for a military C2 system? And Lattice isn't a completely immature product either IIRC.