Schneier on Security
A blog covering security and security technology.
« RFID Washer |
| Banning Matches and Lighters on Airplanes »
March 4, 2005
Garbage Cans that Spy on You
From The Guardian:
Though he foresaw many ways in which Big Brother might watch us, even George Orwell never imagined that the authorities would keep a keen eye on your bin.
Residents of Croydon, south London, have been told that the microchips being inserted into their new wheely bins may well be adapted so that the council can judge whether they are producing too much rubbish.
I call this kind of thing "embedded government": hardware and/or software technology put inside of a device to make sure that we conform to the law.
And there are security risks.
If, for example, computer hackers broke in to the system, they could see sudden reductions in waste in specific households, suggesting the owners were on holiday and the house vacant.
To me, this is just another example of those implementing policy not being the ones who bear the costs. How long would the policy last if it were made clear to those implementing it that they would be held personally liable, even if only via their departmental budgets or careers, for any losses to residents if the database did get hacked?
Posted on March 4, 2005 at 10:32 AM
• 20 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
The gas company, electric company, and water company all maintain usage records in electronic form. The newspaper and post office are typically put on hold when a person is away for an extended period. Heck, a person could drive around a neighborhood on trash day to see whose cans are not on the curb. Do you really need to hack the system to figure out who is not home?
Gas, electric, and water are usually monthly, and after-the-fact. It generally does little good to know that the target of your casing was on vacation sometime in the last month, unless you access all of their records to look for a pattern.
Newspaper and mail, though, could pose interesting targets.
One could imagine the government putting RFID readers into the garbage bins so they could watch what we were throwing out. Perhaps we didn't put our recycling in the correct bin, or threw out batteries in the garbage instead of a recycling center.
Of course this makes sense only when RFID tags become more common.
If I call up the post office and ask them to hold my mail while I am away, I take on some risk that their records may be compromised and reveal my absence. However, if I do not have my mail held, the pile of mail which will soon overflow onto my sidewalk will be a much more likely indicator.
In short, there is a world of difference between mandatory record-keeping which produces no benefit for me, but which does produce a risk, and record-keeping which is voluntarry and produces a net benefit for me.
As for this proposal, it is unclear from the article whether the surveillance is meant to uncover excessive rubbish volume or improper trash contents (eg., recyclables). If it is simply a volume question, why not have people pay a per-bin disposal rate? Any bin with a pre-purchased disposal sticker on it is accepted by the trash hauler (and the sticker removed), and any bin lacking a sticker is left behind. If it is a matter of improper disposal, I don't understand how the chip helps, unless it can somehow tell if recyclables are located within the bin.
"If, for example, computer hackers broke in to the system, they could see sudden reductions in waste in specific households, suggesting the owners were on holiday and the house vacant."
ah well... perfect time to start a "fake-trash"* (patent pending) system; where you buy bags of fake trash and have your neighbor fill your trash with "fake-trash" so that systems are not alerted users are on vacation.
disclaimer: fake-trash and fake-trash systems are environment friendly.
Figuring out who is away on holiday is pretty easy. Walk a dog in a neighborhood for a week and you can see patterns of behavior. I can usually tell when my neighbors are away for a few days just by how things change at particular times.
That's certainly easier than hacking into a system.
Interesting, based on this there must have been gigantic crime waves all over Europe.
Simple reason being that this is actually an old hat and has been around a lot of European countries (e.g. Germany, Netherlands etc) for much longer than this pilot in London. I'm not aware that they have seen an increase of burglaries.
Apart from that, if I was a hacker clever enough to hack into this system, why would I bother with a break in and burglary, which is still quite risky? Who knows, may be the owner just comes back that night? No, if I had those hacking skills I would break into much more lucrative (and probably less risky) other websites.
No, sorry, Bruce, but you just fell for some election posturing and propaganda by a Tory councellor.
@ Chuck T
It would be somewhat of an "investment" to hack the database, but it would yield data about ALL the homes in ALL the neighborhoods in the city that are likely inhabited, but vacant. This cuts down the possibility of robbing a house where the people are home. I'm not sure about the existence of organized crime in the U.K., but they could use this system to effectively scatter the police around, and work more efficiently, instead of having to conduct much physical recon.
Oh, I see great potential for abuse ... replicate one of these critters, and have it show 'overuse' and plant it in the enemy of your choice's bin. He can then take the hit, and have to answer for it.
Wonder if you played havoc with adding a few RFID's to someone's stuff, reading addresses from across town one day, etc.
I'm sure some teen whiz-kiddie would have a great amount of fun with all this, at taxpayer's expense, of course. Then we'd all need that Special Tool to erhm, 'wash' all our chips, and reset 'em.
You know, Britain has some interesting museums dedicated to their colorful penal history. I remember reading a history dissertation about the gallows. Apparently dragging people through the streets of London with a noose around their neck became so popular (with dangerous and disruptive followers) that it was turned into a stage performance. Who would have realized that we have this and mass concentration camps (prisoner boats on the Thames) to credit to the British Empire.
Ah, but I digress. We're just talking about a way to punish people for cheating on their rubbish, right? What if someone else in the neighborhood, or even random passerbys are filling the bins? Why not spend the money trying to subsidize recyling and reuse? Bring back the people who used to walk the streets with carts and take away unwanted items...at least that would be a way to reinforce the more positive historic and cultural tendencies.
Here's an interesting background article to the topic:
August 08, 2004
"People will be charged for the amount of 'unsorted waste' that they leave in their rubbish bins, encouraging them to pick out recyclable products such as tin cans, glass bottles and paper. In a bid to reduce political controversy, ministers will leave it up to local councils to decide whether to go ahead with the scheme."
"Critics will claim that the plan will lead to more illegal dumping of rubbish and will be difficult to administer.
Experts, however, say that dustbins can be fitted with electronic tags that can be read by a machine attached to the dustcart. The machine can identify the bin, weigh it and add a charge to the owner’s bill."
Seems to me that instead of whining about the risk/cost of RFID tags, the Right Honerable Conservative gentleman could try to actually come up with a fiscally responsible way to reduce waste.
From the same article:
"According to a Downing Street study, enough rubbish is produced every hour to fill the Albert Hall in London and 80% of it goes as landfill, although parts of the country are running out of potential sites."
"The clean neighbourhoods bill will also include measures to expand on-the-spot fines of £80 for antisocial behaviour, including minor vandalism, dropping chewing gum, flyposting and graffiti."
Suppose my house is brocken into.
Where is the burden of proof that this system put me at greater risk?
Is it eough to demonstrate the theoretical risk? Would I have to demonstrate that breaching the database is possible? Would I have to prove that it had been done?
IANAL, but I'm guessing this would be a civil suit; the standard would be the "balance of probabilities".
I agree that this is a typical use of technology for the sake of god only knows what (certainly not for the benefit of the citizens), but I suspect actually suing someone based on the increased risk might be an uphill battle.
First off did anybody out there notice that this is in Croydon the same place as the "SmartWater" security paint that Bruce mentioned just a little while ago on his blog?
I have the misfortune to live and work close to Croydon and I am not very impressed with it's ability to keep the streets clean (Rats are a problem as are other vermin).
The whole point behind the excercise is as one earlier poster pointed out Central Government and it's "Green Policy". Under the goverments rules it is the weight of materials recycled not their type or recyclability that counts. Local councils are set targets by which they obtain money from central government (or more correctly lose it).
So the chip that takes the weight of your wheelie bin is a "must have" for the council as a simple computer system will enable them to fill out the central government paper work...
Just a thought as wheelie bins get blown over, will you be charged more for putting a house brick or two on top...
Thanks for enlightening us with your local insights, Clive. Up to that point I had been wondering "but what the heck is it FOR?" since it clearly has nothing to do with actual recycling. Now we know: the stupid, pointless device is designed to fulfill stupid, pointless bureaucratic rules.
And we can all guess the consequences: if your bin looks like going over the limit and getting you fined, many people will sneak their garbage into a neighbour's bin or dispose of it in some other nti-social way.
I'm not so sure that this is a security risk, though; it might provide some information, but it wouldn't be very accurate. In our household, a skipped collection has about a 50% chance of meaning we're away, and going on holidays only skips a collection about 50% of the time. Junk mail hanging out of your letter box is a more reliable indicator. And if you get a neighbour to clear out the junk mail, you could always ask them to put out your (empty) bin too -- perhaps offer it for their overflow!
I don't know whether this is really a security risk but as a general rule, personal data should only be collected and stored if there is a good reason to do so. I believe that the UK even has privacy laws to that effect. In this case, I still don't get it what problem that device is supposed to solve. If the city council needs to know how much garbage they produce or how much material they recycle, they don't need to weigh every citizen's bin do they? They just weigh the truck loads. If it is to encourage recycling, it only makes sense if people are charged according to their garbage weight or volume. This is a good idea but there is a less intrusive way to achieve the same goal, namely the prepaid stickers mentioned by Chris Walsh above, a system that has been in use in Switzerland for many years. The Guardian article states that "In the shorter term the microchips will be used to tell council officers how many of the borough's 100,000 bins the refuse collectors have emptied and how many have been missed." I wonder why that is necessary. Maybe garbage collection is outsourced and they actually want to control whether the company is doing its job. In any case, what I find worrying in that case is the attitude "let's insert some chips somewhere, we don't know yet exactly how we will use them but once we have them, we can "adapt" them to store more and more stuff." Like with the passport chips.
I assume this RFIDwasher product that I am reading about all over the web is not a hoax - its being talked about everywhere - anyone got one yet?
I guess it can wipe clean the rfidtags in your groceries and preserve your privacy.
Probably find that the govt are behind rfidwasher - and it will be transmitting back to the 'mothership' and watching what we get up to!
If it is a real product then I can imagine them being a bit like Netscape - i.e. going public making a fortune and then vanishing into oblivion. However it will not be Microsoft that gets them - but try all the largest retailers on the planet for starters !
Best of luck whoever you are - you'll need it
Just one more small step on the ladder of complete goverment control.
How much will be spent on the project over the next 10 years? Millions to say the least. Why not give those tax monies back to the people. Just sounds to me like they have way to much money to spend. Overtaxation leads to over funded goverments. Overfunded bloated goverments leads to complete goverment control over the people. although some people may not be able to see this, it is still a fact. Goverments will spend any and all tax money all the time. If your goverment had 10X the tax monies the now have, they would still spend it all on something and want that much again next year.
Optional use in Ohio, for recycleable, since start of 2009.
Of course, the feature of check your rewards for how much one contributes. Grr.
Everything that can be measured is being collected and sold.
Although it is paranoid to think this, I would not rule out a camera that records your recycleables being dumped, and whatever info sold.
If RFID were in products, it also makes useage patterns for marketing.
While your oh-so-clever criminal is hacking into the recycling database, stealing the records, and data mining them to see who has reduced their recycling output, my run-of-the-mill criminal is driving down the street on pickup day and seeing who did and did not put out a cart. Drinking your criminal's milk shake.
Anyone who is truly fearful of RFID tags on their recycling bin should wrap it in tinfoil hats.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.