Page 3 of 5
From an article on the cocaine trade between Mexico and the U.S.:
“They erect this fence,” he said, “only to go out there a few days later and discover that these guys have a catapult, and they’re flinging hundred-pound bales of marijuana over to the other side.” He paused and looked at me for a second. “A catapult,” he repeated. “We’ve got the best fence money can buy, and they counter us with a 2,500-year-old technology.”
This writer wrestles with the costs and benefits of tighter controls on pseudoephedrine, a key chemical used to make methamphetamine:
Now, personally, I sincerely doubt that the pharmaceutical industry has reliable estimates of how many of their purchasers actually have colds—or that they would share data indicating that half of their revenues came from meth cooks. But let’s say this is accurate: half of all pseudoephedrine is sold to meth labs. That still wouldn’t mean that manufacturers of cold medicines are making “hundreds of millions of dollars a year” off of the stuff—not in the sense that they end up hundreds of millions of dollars richer. The margins on off-patent medicines are not high, and in retail, 50% or more of the cost of the product is retailer and distributor markup*. Then there’s the costs of manufacturing.
But this is sort of a side issue. What really bothers me is the way that Humphreys—and others who show up in the comments—regard the rather extraordinary cost of making PSE prescription-only as too trivial to mention.
Let’s return to those 15 million cold sufferers. Assume that on average, they want one box a year. That’s going to require a visit to the doctor. At an average copay of $20, their costs alone would be $300 million a year, but of course, the health care system is also paying a substantial amount for the doctor’s visit. The average reimbursement from private insurance is $130; for Medicare, it’s about $60. Medicaid pays less, but that’s why people on Medicaid have such a hard time finding a doctor. So average those two together, and add the copays, and you’ve got at least $1.5 billion in direct costs to obtain a simple decongestant. But that doesn’t include the hassle and possibly lost wages for the doctor’s visits. Nor the possible secondary effects of putting more demands on an already none-too-plentiful supply of primary care physicians.
I like seeing the debate framed as a security trade-off.
Really interesting research.
Search-redirection attacks combine several well-worn tactics from black-hat SEO and web security. First, an attacker identifies high-visibility websites (e.g., at universities) that are vulnerable to code-injection attacks. The attacker injects code onto the server that intercepts all incoming HTTP requests to the compromised page and responds differently based on the type of request:
Requests from search-engine crawlers return a mix of the original content, along with links to websites promoted by the attacker and text that makes the website appealing to drug-related queries.
- Requests from users arriving from search engines are checked for drug terms in the original search query. If a drug name is found in the search term, then the compromised server redirects the user to a pharmacy or another intermediary, which then redirects the user to a pharmacy.
- All other requests, including typing the link directly into a browser, return the infected website’s original content.
- The net effect is that web users are seamlessly delivered to illicit pharmacies via infected web servers, and the compromise is kept hidden from view of the affected host’s webmaster in nearly all circumstances.
Upon inspecting search results, we identified 7,000 websites that had been compromised in this manner between April 2010 and February 2011. One quarter of the top ten search results were observed to actively redirect to pharmacies, and another 15% of the top results were for sites that no longer redirected but had previously been compromised. We also found that legitimate health resources, including authorized pharmacies, were largely crowded out of the top results by search-redirection attacks and blog and forum spam promoting fake pharmacies.
And the paper.
A few miles away across the Rio Grande, the FBI determined that Chavez and Gomez were using lookouts to monitor the SENTRI Express Lane at the border. The lookouts identified “targets”—people with regular commutes who primarily drove Ford vehicles. According to the FBI affidavit, the smugglers would follow their targets and get the vehicle identification number off the car’s dashboard. Then a corrupt locksmith with access to Ford’s vehicle database would make a duplicate key.
Keys in hand, the gang would put drugs in a car at night in Mexico and then pick up their shipment from the parked vehicle the next morning in Texas, authorities say.
This attack works because 1) there’s a database of keys available to lots of people, and 2) both the SENTRI system and the victims are predictable.
This is interesting:
When World Kitchen took over the Pyrex brand, it started making more products out of prestressed soda-lime glass instead of borosilicate. With pre-stressed, or tempered, glass, the surface is under compression from forces inside the glass. It is stronger than borosilicate glass, but when it’s heated, it still expands as much as ordinary glass does. It doesn’t shatter immediately, because the expansion first acts only to release some of the built-in stress. But only up to a point.
One unfortunate use of Pyrex is cooking crack cocaine, which involves a container of water undergoing a rapid temperature change when the drug is converted from powder form. That process creates more stress than soda-lime glass can withstand, so an entire underground industry was forced to switch from measuring cups purchased at Walmart to test tubes and beakers stolen from labs.
Police set up a highway sign warning motorists that there are random stops for narcotics checks ahead, but actually search people who take the next exit.
They’re used to smuggle drugs into the U.S.
Since the vessels have a low profile—the hulls only rise about a foot above the waterline—they are hard to see from a distance and produce a small radar signature. U.S. counterdrug officials estimate that SPSS are responsible for 32% of all cocaine movement in the transit zone.
But let’s not forget the terrorism angle:
“What worries me [about the SPSS] is if you can move that much cocaine, what else can you put in that semi-submersible. Can you put a weapon of mass destruction in it?” Navy Adm. Jim Stavridis, Commander, U.S. Southern Command
In Brazil.
I think this is the first security vulnerability found in RFC 1149: “Standard for the transmission of IP datagrams on avian carriers.” Deep packet inspection seems to be the only way to prevent this attack, although adequate fencing will prevent the protocol from running in the first place.
A nice essay on security trade-offs:
The mismatch between the resources devoted to fighting organised crime compared with those directed towards counter-terrorism is unnerving. Government says that there are millions of pounds in police budgets that should be devoted to dealing with organised crime. In truth, only a handful of British police forces know how to tackle it. The ridiculous Victorian patchwork of shire constabularies means that most are too small to tackle serious criminality that doesn’t recognise country, never mind county, borders.
The Serious Organised Crime Agency (Soca) was launched two years ago as Britain’s equivalent of the FBI, with the remit of taking on the Mr Bigs of international crime. But ministers have trimmed Soca’s budget this year. Far from expanding to counter the ever-growing threat, the agency is shrinking and there is smouldering unhappiness in the ranks. Soca’s budget for taking the fight to the cartels and syndicates is £400 million—exactly the same amount that the Government intends to spend overseas in countries such as Pakistan on workshops and seminars to counter al-Qaeda’s ideology.
Good article on the difficulty of keeping drugs out of prisons. Lots of ways to evade security, including making use of corrupt guards.
Sidebar photo of Bruce Schneier by Joe MacInnis.