Entries Tagged "cameras"

Page 10 of 21

Intercepting Predator Video

Sometimes mediocre encryption is better than strong encryption, and sometimes no encryption is better still.

The Wall Street Journal reported this week that Iraqi, and possibly also Afghan, militants are using commercial software to eavesdrop on U.S. Predators, other unmanned aerial vehicles, or UAVs, and even piloted planes. The systems weren’t “hacked”—the insurgents can’t control them—but because the downlink is unencrypted, they can watch the same video stream as the coalition troops on the ground.

The naive reaction is to ridicule the military. Encryption is so easy that HDTVs do it—just a software routine and you’re done—and the Pentagon has known about this flaw since Bosnia in the 1990s. But encrypting the data is the easiest part; key management is the hard part. Each UAV needs to share a key with the ground station. These keys have to be produced, guarded, transported, used and then destroyed. And the equipment, both the Predators and the ground terminals, needs to be classified and controlled, and all the users need security clearance.

The command and control channel is, and always has been, encrypted—because that’s both more important and easier to manage. UAVs are flown by airmen sitting at comfortable desks on U.S. military bases, where key management is simpler. But the video feed is different. It needs to be available to all sorts of people, of varying nationalities and security clearances, on a variety of field terminals, in a variety of geographical areas, in all sorts of conditions—with everything constantly changing. Key management in this environment would be a nightmare.

Additionally, how valuable is this video downlink is to the enemy? The primary fear seems to be that the militants watch the video, notice their compound being surveilled and flee before the missiles hit. Or notice a bunch of Marines walking through a recognizable area and attack them. This might make a great movie scene, but it’s not very realistic. Without context, and just by peeking at random video streams, the risk caused by eavesdropping is low.

Contrast this with the additional risks if you encrypt: A soldier in the field doesn’t have access to the real-time video because of a key management failure; a UAV can’t be quickly deployed to a new area because the keys aren’t in place; we can’t share the video information with our allies because we can’t give them the keys; most soldiers can’t use this technology because they don’t have the right clearances. Given this risk analysis, not encrypting the video is almost certainly the right decision.

There is another option, though. During the Cold War, the NSA’s primary adversary was Soviet intelligence, and it developed its crypto solutions accordingly. Even though that level of security makes no sense in Bosnia, and certainly not in Iraq and Afghanistan, it is what the NSA had to offer. If you encrypt, they said, you have to do it “right.”

The problem is, the world has changed. Today’s insurgent adversaries don’t have KGB-level intelligence gathering or cryptanalytic capabilities. At the same time, computer and network data gathering has become much cheaper and easier, so they have technical capabilities the Soviets could only dream of. Defending against these sorts of adversaries doesn’t require military-grade encryption only where it counts; it requires commercial-grade encryption everywhere possible.

This sort of solution would require the NSA to develop a whole new level of lightweight commercial-grade security systems for military applications—not just office-data “Sensitive but Unclassified” or “For Official Use Only” classifications. It would require the NSA to allow keys to be handed to uncleared UAV operators, and perhaps read over insecure phone lines and stored in people’s back pockets. It would require the sort of ad hoc key management systems you find in internet protocols, or in DRM systems. It wouldn’t be anywhere near perfect, but it would be more commensurate with the actual threats.

And it would help defend against a completely different threat facing the Pentagon: The PR threat. Regardless of whether the people responsible made the right security decision when they rushed the Predator into production, or when they convinced themselves that local adversaries wouldn’t know how to exploit it, or when they forgot to update their Bosnia-era threat analysis to account for advances in technology, the story is now being played out in the press. The Pentagon is getting beaten up because it’s not protecting against the threat—because it’s easy to make a sound bite where the threat sounds really dire. And now it has to defend against the perceived threat to the troops, regardless of whether the defense actually protects the troops or not. Reminds me of the TSA, actually.

So the military is now committed to encrypting the video … eventually. The next generation Predators, called Reapers—Who names this stuff? Second-grade boys?—will have the same weakness. Maybe we’ll have encrypted video by 2010, or 2014, but I don’t think that’s even remotely possible unless the NSA relaxes its key management and classification requirements and embraces a lightweight, less secure encryption solution for these sorts of situations. The real failure here is the failure of the Cold War security model to deal with today’s threats.

This essay originally appeared on Wired.com.

EDITED TO ADD (12/24): Good article from The New Yorker on the uses—and politics—of these UAVs.

EDITED TO ADD (12/30): Error corrected—”uncleared UAV operators” should have read “uncleared UAV viewers.” The point is that the operators in the U.S. are cleared and their communications are encrypted, but the viewers in Asia are uncleared and the data is unencrypted.

Posted on December 24, 2009 at 5:24 AMView Comments

Quantum Ghost Imaging

This is cool:

Ghost imaging is a technique that allows a high-resolution camera to produce an image of an object that the camera itself cannot see. It uses two sensors: one that looks at a light source and another that looks at the object. These sensors point in different directions. For example, the camera can face the sun and the light meter can face an object.

That object might be a soldier, a tank or an airplane, Ron Meyers, a laboratory quantum physicist explained during an Oct. 28 interview on the Pentagon Channel podcast “Armed with Science: Research and Applications for the Modern Military.”

Once this is done, a computer program compares and combines the patterns received from the object and the light. This creates a “ghost image,” a black-and-white or color picture of the object being photographed. The earliest ghost images were silhouettes, but current ones depict the objects more realistically.

[…]

Using virtually any light source—from a fluorescent bulb, lasers, or even the sun—quantum ghost imaging gives a clearer picture of objects by eliminating conditions such as clouds, fog and smoke beyond the ability of conventional imaging.

EDITED TO ADD (12/12): A better explanation of the effect, and a detailed paper.

Posted on November 18, 2009 at 6:22 AMView Comments

Australia Man Receives Reduced Sentence Due to Encryption

From the Courier-Mail:

A man who established a sophisticated network of peepholes and cameras to spy on his flatmates has escaped a jail sentence after police were unable to crack an encryption code on his home computer.

[…]

They found a series of holes drilled in to walls and ceilings throughout the Surfers Paradise apartment with wires leading back to Wyllie’s bedroom.

Police seized his personal computer, but files were encrypted and a video camera was not plugged in.

[…]

In passing sentence, Judge Devereaux took in to account the 33 days Wyllie had spent in custody after being arrested and ordered that two years’ probation was sufficient punishment, given that there was no hard evidence proving he had secretly recorded his flatmates.

Posted on October 21, 2009 at 7:19 AMView Comments

Computer Card Counter Detects Human Card Counters

All it takes is a computer that can track every card:

The anti-card-counter system uses cameras to watch players and keep track of the actual “count” of the cards, the same way a player would. It also measures how much each player is betting on each hand, and it syncs up the two data points to look for patterns in the action. If a player is betting big when the count is indeed favorable, and keeping his chips to himself when it’s not, he’s fingered by the computer… and, in the real world, he’d probably receive a visit from a burly dude in a bad suit, too.

The system reportedly works even if the gambler intentionally attempts to mislead it with high bets at unfavorable times.

Of course it does; it’s just a signal-to-noise problem.

I have long been impressed with the casino industry’s ability to, in the case of blackjack, convince the gambling public that using strategy equals cheating.

Posted on October 20, 2009 at 6:16 AMView Comments

On London's Surveillance Cameras

A recent report has concluded that the London’s surveillance cameras have solved one crime per thousand cameras per year.

David Davis MP, the former shadow home secretary, said: “It should provoke a long overdue rethink on where the crime prevention budget is being spent.”

He added: “CCTV leads to massive expense and minimum effectiveness.

“It creates a huge intrusion on privacy, yet provides little or no improvement in security.

Also:

Earlier this year separate research commissioned by the Home Office suggested that the cameras had done virtually nothing to cut crime, but were most effective in preventing vehicle crimes in car parks.

A report by a House of Lords committee also said that £500 million was spent on new cameras in the 10 years to 2006, money which could have been spent on street lighting or neighbourhood crime prevention initiatives.

A large proportion of the cash has been In London, where an estimated £200 million so far has been spent on the cameras. This suggests that each crime has cost £20,000 to detect.

I haven’t seen the report, but I know it’s hard to figure out when a crime has been “solved” by a surveillance camera. To me, the crime has to have been unsolvable without the cameras. Repeatedly I see pro-camera lobbyists pointing to the surveillance-camera images that identified the 7/7 London Transport bombers, but it is obvious that they would have been identified even without the cameras.

And it would really help my understanding of that £20,000 figure (I assume it is calculated from £200 million for the cameras times 1 in 1000 cameras used to solve a crime per year divided by ten years) if I knew what sorts of crimes the cameras “solved.” If the £200 million solved 10,000 murders, it might very well be a good security trade-off. But my guess is that most of the crimes were of a much lower level.

Cameras are largely security theater:

A Home Office spokeswoman said CCTVs “help communities feel safer”.

Posted on August 31, 2009 at 5:59 AMView Comments

Second SHB Workshop Liveblogging (6)

The first session of the morning was “Foundations,” which is kind of a catch-all for a variety of things that didn’t really fit anywhere else. Rachel Greenstadt moderated.

Terence Taylor, International Council for the Live Sciences (suggested video to watch: Darwinian Security; Natural Security), talked about the lessons evolution teaches about living with risk. Successful species didn’t survive by eliminating the risks of their environment, they survived by adaptation. Adaptation isn’t always what you think. For example, you could view the collapse of the Soviet Union as a failure to adapt, but you could also view it as successful adaptation. Risk is good. Risk is essential for the survival of a society, because risk-takers are the drivers of change. In the discussion phase, John Mueller pointed out a key difference between human and biological systems: humans tend to respond dramatically to anomalous events (the anthrax attacks), while biological systems respond to sustained change. And David Livingstone Smith asked about the difference between biological adaptation that affects the reproductive success of an organism’s genes, even at the expense of the organism, with security adaptation. (I recommend the book he edited: Natural Security: A Darwinian Approach to a Dangerous World.)

Andrew Odlyzko, University of Minnesota (suggested reading: Network Neutrality, Search Neutrality, and the Never-Ending Conflict between Efficiency and Fairness in Markets, Economics, Psychology, and Sociology of Security), discussed human-space vs. cyberspace. People cannot build secure systems—we know that—but people also cannot live with secure systems. We require a certain amount of flexibility in our systems. And finally, people don’t need secure systems. We survive with an astounding amount of insecurity in our world. The problem with cyberspace is that it was originally conceived as separate from the physical world, and that it could correct for the inadequacies of the physical world. Really, the two are intertwined, and that human space more often corrects for the inadequacies of cyberspace. Lessons: build messy systems, not clean ones; create a web of ties to other systems; create permanent records.

danah boyd, Microsoft Research (suggested reading: Taken Out of Context—American Teen Sociality in Networked Publics), does ethnographic studies of teens in cyberspace. Teens tend not to lie to their friends in cyberspace, but they lie to the system. Since an early age, they’ve been taught that they need to lie online to be safe. Teens regularly share their passwords: with their parents when forced, or with their best friend or significant other. This is a way of demonstrating trust. It’s part of the social protocol for this generation. In general, teens don’t use social media in the same way as adults do. And when they grow up, they won’t use social media in the same way as today’s adults do. Teens view privacy in terms of control, and take their cues about privacy from celebrities and how they use social media. And their sense of privacy is much more nuanced and complicated. In the discussion phase, danah wasn’t sure whether the younger generation would be more or less susceptible to Internet scams than the rest of us—they’re not nearly as technically savvy as we might think they are. “The only thing that saves teenagers is fear of their parents”; they try to lock them out, and lock others out in the process. Socio-economic status matters a lot, in ways that she is still trying to figure out. There are three different types of social networks: personal networks, articulated networks, and behavioral networks, and they’re different.

Mark Levine, Lancaster University (suggested reading: The Kindness of Crowds; Intra-group Regulation of Violence: Bystanders and the (De)-escalation of Violence), does social psychology. He argued against the common belief that groups are bad (mob violence, mass hysteria, peer group pressure). He collected data from UK CCTV cameras, searches for aggressive behavior, and studies when and how bystanders either help escalate or de-escalate the situations. Results: as groups get bigger, there is no increase of anti-social acts and a significant increase in pro-social acts. He has much more analysis and results, too complicated to summarize here. One key finding: when a third party intervenes in an aggressive interaction, it is much more likely to de-escalate. Basically, groups can act against violence. “When it comes to violence (and security), group processes are part of the solution—not part of the problem?”

Jeff MacKie-Mason, University of Michigan (suggested reading: Humans are smart devices, but not programmable; Security when people matter; A Social Mechanism for Supporting Home Computer Security), is an economist: “Security problems are incentive problems.” He discussed motivation, and how to design systems to take motivation into account. Humans are smart devices; they can’t be programmed, but they can be influenced through the sciences of motivational behavior: microeconomics, game theory, social psychology, psychodynamics, and personality psychology. He gave a couple of general examples of how these theories can inform security system design.

Joe Bonneau, Cambridge University, talked about social networks like Facebook, and privacy. People misunderstand why privacy and security is important in social networking sites like Facebook. People underestimate of what Facebook really is; it really is a reimplementation of the entire Internet. “Everything on the Internet is becoming social,” and that makes security different. Phishing is different, 419-style scams are different. Social context makes some scams easier; social networks are fun, noisy, and unpredictable. “People use social networking systems with their brain turned off.” But social context can be used to spot frauds and anomalies, and can be used to establish trust.

Three more sessions to go. (I am enjoying liveblogging the event. It’s helping me focus and pay closer attention.)

Adam Shostack’s liveblogging is here. Ross Anderson’s liveblogging is in his blog post’s comments. Matt Blaze’s audio is here.

Posted on June 12, 2009 at 9:54 AMView Comments

British High Schoolers Write About CCTV in School

If you think that under-20-year-olds don’t care about privacy, this is an eloquent op-ed by two students about why CCTV cameras have no place in their UK school:

Adults are often quick to define the youth of today as stereotypical troublemakers and violent offenders—­ generalisations which are prompted by the media—­ when in fact the majority of students at our school are as responsible and arguably better behaved then the majority of adults. Some commentators insinuated that we overheard adults talking about rights and repeated it. That notion isn’t worth the space it was typed upon. We are A-level politics students who have been studying civil liberties as part of the curriculum for the last two years. Sam campaigned for David Davis when he resigned over the issue of civil liberties and spoke at speakers’ corner about the issue. The criticism of our campaign only serves to illustrate the ignorance of adults who have surrendered within only the last few years our right to protest in parliament, our right to go about our business without being stopped and questioned by police about our identity and our affairs, and our personal privacy.

Eroding standards in schools and deteriorating discipline are down to a broken society and the failure of the education system. The truth is that we are whatever the generation before us has created. If you criticise us, we are your failures; and if you applaud us we are your successes, and we reflect the imperfections of society and of human life. If you want to reform the education system, if you want to raise education standards, then watching children every hour of every day isn’t the answer. The answer is to encourage students to learn by creating an environment in which they can express their ideas freely and without intimidation.

Posted on June 8, 2009 at 1:38 PMView Comments

Using Surveillance Cameras to Detect Cashier Cheating

It’s called “sweethearting”: when cashiers pass free merchandise to friends. And some stores are using security cameras to detect it:

Mathematical algorithms embedded in the stores’ new security system pick out sweethearting on their own. There’s no need for a security guard watching banks of video monitors or reviewing hours of grainy footage. When the system thinks it’s spotted evidence, it alerts management on a computer screen and offers up the footage.

[…]

Big Y’s security system comes from a Cambridge, Mass.-based company called StopLift Inc. The technology works by scouring video pixels for various gestures and deciding whether they add up to a normal transaction at the register or not.

How good is it? My guess is that it’s not very good, but this is an instance where that may be good enough. As long as there aren’t a lot of false positives—as long as a person can quickly review the suspect footage and dismiss it as a false positive—the cost savings might be worth the expense.

Posted on May 13, 2009 at 7:55 AMView Comments

The Terrorism Arrests that Weren't

Remember those terrorism arrests that the UK government conducted, after a secret document was accidentally photographed? No one was charged:

The Crown Prosecution Service said there was insufficient evidence to press charges or hold them any longer.

The Muslim Council of Britain said the government behaved “very dishonourably” over the treatment of the men should admit it had made a mistake.

Of the 12 men arrested in the raids, 11 were Pakistani nationals, 10 held student visas and one was from Britain.

Posted on April 24, 2009 at 1:27 PMView Comments

1 8 9 10 11 12 21

Sidebar photo of Bruce Schneier by Joe MacInnis.