Latest Essays
Page 57
Why Spam Won't Go Away
Spam is filling up the Internet, and it’s not going away anytime soon.
It’s not just e-mail. We have voice-over-IP spam, instant message spam, cellphone text message spam, blog comment spam and Usenet newsgroup spam. And, if you think broadly enough, these computer-network spam delivery mechanisms join the ranks of computer telemarketing (phone spam), junk mail (paper spam), billboards (visual space spam) and cars driving through town with megaphones (audio spam). It’s all basically the same thing—unsolicited marketing messages—and only by understanding the problem at this level of generality can we discuss solutions…
My Data, Your Machine
Consider two different security problems. In the first, you store your valuables in a safe in your basement. The threat is burglars, of course. But the safe is yours, and the house is yours, too. You control access to the safe, and probably have an alarm system.
The second security problem is similar, but you store your valuables in someone else’s safe. Even worse, it’s someone you don’t trust. He doesn’t know the combination, but he controls access to the safe. He can try to break in at his leisure. He can transport the safe anyplace he needs to. He can use whatever tools he wants. In the first case, the safe needs to be secure, but it’s still just a part of your overall home security. In the second case, the safe is the only security device you have…
Vote Early, Vote Often
In the world of voting, automatic recount laws are not uncommon. Virginia, where George Allen lost to James Webb in the Senate race by 7,800 out of over 2.3 million votes, or 0.33 percent percent, is an example. If the margin of victory is 1 percent or less, the loser is allowed to ask for a recount. If the margin is 0.5 percent or less, the government pays for it. If the margin is between 0.5 percent and 1 percent, the loser pays for it.
We have recounts because vote counting is—to put it mildly—sloppy. Americans like their election results fast, before they go to bed at night. So we’re willing to put up with inaccuracies in our tallying procedures, and ignore the fact that the numbers we see on television correlate only roughly with reality…
Did Your Vote Get Counted?
This essay also appeared in the Pittsburgh Post-Gazette.
Last week in Florida’s 13th Congressional district, the victory margin was only 386 votes out of 153,000. There’ll be a mandatory lawyered-up recount, but it won’t include the almost 18,000 votes that seem to have disappeared. The electronic voting machines didn’t include them in their final tallies, and there’s no backup to use for the recount. The district will pick a winner to send to Washington, but it won’t be because they are sure the majority voted for him. Maybe the majority did, and maybe it didn’t. There’s …
The Boarding Pass Brouhaha
Last week Christopher Soghoian created a Fake Boarding Pass Generator website, allowing anyone to create a fake Northwest Airlines boarding pass: any name, airport, date, flight.
This action got him visited by the FBI, who later came back, smashed open his front door, and seized his computers and other belongings. It resulted in calls for his arrest—the most visible by Rep. Edward Markey (D-Massachusetts)—who has since recanted. And it’s gotten him more publicity than he ever dreamed of.
All for demonstrating a known and obvious vulnerability in airport security involving boarding passes and IDs…
Do Federal Security Regulations Help?
This essay appeared as part of a point-counterpoint with Marcus Ranum.
Regulation is all about economics. Here’s the theory. In a capitalist system, companies make decisions based on their own self-interest. This isn’t a bad thing; it’s actually a very good thing. We don’t want companies to act as public charities; we want them to act as for-profit entities. But there are often effects of company decisions that are not borne by the companies; these are known as “externalities” to the decision. Companies aren’t going to take externalities into account, because, well, because they’re someone else’s problem. If we as a society want externalities to factor into company decisions, then we have to make those externalities internal. Once we do that, the natural engine of capitalism will take over…
The Architecture of Security
You’ve seen them: those large concrete blocks in front of skyscrapers, monuments and government buildings, designed to protect against car and truck bombs. They sprang up like weeds in the months after 9/11, but the idea is much older. The prettier ones doubled as planters; the uglier ones just stood there.
Form follows function. From medieval castles to modern airports, security concerns have always influenced architecture. Castles appeared during the reign of King Stephen of England because they were the best way to defend the land and there wasn’t a strong king to put any limits on castle-building. But castle design changed over the centuries in response to both innovations in warfare and politics, from motte-and-bailey to concentric design in the late medieval period to entirely decorative castles in the 19th century…
Casual Conversation, R.I.P.
The political firestorm over former U.S. Rep. Mark Foley’s salacious instant messages hides another issue, one about privacy. We are rapidly turning into a society where our intimate conversations can be saved and made public later. This represents an enormous loss of freedom and liberty, and the only way to solve the problem is through legislation.
Everyday conversation used to be ephemeral. Whether face-to-face or by phone, we could be reasonably sure that what we said disappeared as soon as we said it. Of course, organized crime bosses worried about phone taps and room bugs, but that was the exception. Privacy was the default assumption…
Why Everyone Must Be Screened
Why should we waste time at airport security, screening people with U.S. government security clearances? This perfectly reasonable question was asked recently by Robert Poole, director of transportation studies at The Reason Foundation, as he and I were interviewed by WOSU Radio in Ohio.
Poole argued that people with government security clearances, people who are entrusted with U.S. national security secrets, are trusted enough to be allowed through airport security with only a cursory screening. They’ve already gone through background checks, he said, and it would be more efficient to concentrate screening resources on everyone else…
Lessons From the Facebook Riots
Earlier this month, the popular social networking site Facebook learned a hard lesson in privacy. It introduced a new feature called “News Feeds” that shows an aggregation of everything members do on the site, such as added and deleted friends, a change in relationship status, a new favorite song, a new interest. Instead of a member’s friends having to go to his page to view any changes, these changes are all presented to them automatically.
The outrage was enormous. One group, Students Against Facebook News Feeds, amassed over 700,000 members. Members planned to protest at the company’s headquarters. Facebook’s founder was completely …
Sidebar photo of Bruce Schneier by Joe MacInnis.