Entries Tagged "false positives"

Page 9 of 13

Non-Terrorist Embarrassment in Boston

The story is almost too funny to write about seriously. To advertise the Cartoon Network show “Aqua Teen Hunger Force,” the network put up 38 blinking signs (kind of like Lite Brites) around the Boston area. The Boston police decided—with absolutely no supporting evidence—that these were bombs and shut down parts of the city.

Now the police look stupid, but they’re trying really not hard not to act humiliated:

Governor Deval Patrick told the Associated Press: “It’s a hoax—and it’s not funny.”

Unfortunately, it is funny. What isn’t funny is now the Boston government is trying to prosecute the artist and the network instead of owning up to their own stupidity. The police now claim that they were “hoax” explosive devices. I don’t think you can claim they are hoax explosive devices unless they were intended to look like explosive devices, which merely a cursory look at any of them shows that they weren’t.

But it’s much easier to blame others than to admit that you were wrong:

“It is outrageous, in a post 9/11 world, that a company would use this type of marketing scheme,” Mayor Thomas Menino said. “I am prepared to take any and all legal action against Turner Broadcasting and its affiliates for any and all expenses incurred.”

And:

Rep. Ed Markey, a Boston-area congressman, said, “Whoever thought this up needs to find another job.”

“Scaring an entire region, tying up the T and major roadways, and forcing first responders to spend 12 hours chasing down trinkets instead of terrorists is marketing run amok,” Markey, a Democrat, said in a written statement. “It would be hard to dream up a more appalling publicity stunt.”

And:

“It had a very sinister appearance,” [Massachusetts Attorney General Martha] Coakley told reporters. “It had a battery behind it, and wires.”

For heavens sake, don’t let her inside a Radio Shack.

I like this comment:

They consisted of magnetic signs with blinking lights in the shape of a cartoon character.

And everyone knows that bombs have blinking lights on ‘em. Every single movie bomb you’ve ever seen has a blinking light.

Triumph for Homeland Security, guys.

And this one:

“It’s almost too easy to be a terrorist these days,” said Jennifer Mason, 26. “You stick a box on a corner and you can shut down a city.”

And this one, by one of the artists who installed the signs:

“I find it kind of ridiculous that they’re making these statements on TV that we must not be safe from terrorism, because they were up there for three weeks and no one noticed. It’s pretty commonsensical to look at them and say this is a piece of art and installation,” he said.

Right. If this wasn’t a ridiculous overreaction to a non-existent threat, then how come the devices were in place for weeks without anyone noticing them? What does that say about the Boston police?

Maybe if the Boston police stopped wasting time and money searching bags on subways….

Of the 2,449 inspections between Oct. 10 and Dec. 31, the bags of 27 riders tested positive in the initial screening for explosives, prompting further searches, the Globe found in an analysis of daily inspection reports obtained under the state’s Freedom of Information Act.

In the additional screening, 11 passengers had their bags checked by explosive-sniffing dogs, and 16 underwent a physical search. Nothing was found.

These blinking signs have been up for weeks in ten cities—Boston, New York, Los Angeles, Chicago, Atlanta, Seattle, Portland, Austin, San Francisco, and Philadelphia—and no one else has managed to panic so completely. Refuse to be terrorized, people!

EDITED TO ADD (2/2): Here’s some good information about whether the stunt broke the law or not.

EDITED TO ADD (2/3): This is 100% right:

Let’s get a few facts straight on the Aqua Teen Hunger Force sign fiasco:

1. Attorney General Martha Coakley needs to shut up and stop using the word “hoax.” There was no hoax. Hoax implies Turner Networks and the ATHF people were trying to defraud or confuse people as to what they were doing. Hoax implies they were trying to make their signs look like bombs. They weren’t. They made Lite-Brite signs of a cartoon character giving the finger.

2. It bears repeating again that Turner, and especially Berdovsky, did absolutely nothing illegal. The devices were not bombs. They did not look like bombs. They were all placed in public spaces and caused no obstruction to traffic or commerce. At most, Berdovsky is guilty of littering or illegal flyering.

3. The “devices” were placed in ten cities, and have been there for over two weeks. No other city managed to freak out and commit an entire platoon of police officers to scaring their own city claiming they might be bombs. No other mayor agreed to talk to Fox News with any statement beyond “no comment” when spending the day asking if this was a “terrorist dry run.”

4. There is nothing, not a single thing, remotely suggesting that Turner or the guerilla marketing firm they hired intended to cause a public disturbance. Many have claimed the signs were “like saying ‘fire’ in a crowded theater.” Wrong. This was like taping a picture of a fire to the wall of a theater and someone freaked out and called the fire department.

And this is also worth reading.

EDITED TO ADD (2/6): More info.

Posted on February 1, 2007 at 1:08 PMView Comments

No-Fly List to Be Scrubbed

After over five years of harassing innocents and not catching any terrorists, the no-fly list is finally being checked for accuracy, and probably cut in half.

Yes, it’s great to see that even the threat of oversight by a Democratic Congress is enough to get these things done, but it’s nowhere near enough.

The no-fly list doesn’t work. And, of course, you can easily bypass it. You can 1) print a boarding pass under an assumed name or buy a ticket under an assumed name, or 2) fly without ID. In fact, the whole notion of checking ID as a security measure is fraught with problems. And the list itself is just awful.

My favorite sound bite:

Imagine a list of suspected terrorists so dangerous that we can’t ever let them fly, yet so innocent that we can’t arrest them – even under the draconian provisions of the Patriot Act.

Even with a better list, it’s a waste of money.

Posted on January 19, 2007 at 7:14 AMView Comments

Automated Targeting System

If you’ve traveled abroad recently, you’ve been investigated. You’ve been assigned a score indicating what kind of terrorist threat you pose. That score is used by the government to determine the treatment you receive when you return to the U.S. and for other purposes as well.

Curious about your score? You can’t see it. Interested in what information was used? You can’t know that. Want to clear your name if you’ve been wrongly categorized? You can’t challenge it. Want to know what kind of rules the computer is using to judge you? That’s secret, too. So is when and how the score will be used.

U.S. customs agencies have been quietly operating this system for several years. Called Automated Targeting System, it assigns a “risk assessment” score to people entering or leaving the country, or engaging in import or export activity. This score, and the information used to derive it, can be shared with federal, state, local and even foreign governments. It can be used if you apply for a government job, grant, license, contract or other benefit. It can be shared with nongovernmental organizations and individuals in the course of an investigation. In some circumstances private contractors can get it, even those outside the country. And it will be saved for 40 years.

Little is known about this program. Its bare outlines were disclosed in the Federal Register in October. We do know that the score is partially based on details of your flight record—where you’re from, how you bought your ticket, where you’re sitting, any special meal requests—or on motor vehicle records, as well as on information from crime, watch-list and other databases.

Civil liberties groups have called the program Kafkaesque. But I have an even bigger problem with it. It’s a waste of money.

The idea of feeding a limited set of characteristics into a computer, which then somehow divines a person’s terrorist leanings, is farcical. Uncovering terrorist plots requires intelligence and investigation, not large-scale processing of everyone.

Additionally, any system like this will generate so many false alarms as to be completely unusable. In 2005 Customs & Border Protection processed 431 million people. Assuming an unrealistic model that identifies terrorists (and innocents) with 99.9% accuracy, that’s still 431,000 false alarms annually.

The number of false alarms will be much higher than that. The no-fly list is filled with inaccuracies; we’ve all read about innocent people named David Nelson who can’t fly without hours-long harassment. Airline data, too, are riddled with errors.

The odds of this program’s being implemented securely, with adequate privacy protections, are not good. Last year I participated in a government working group to assess the security and privacy of a similar program developed by the Transportation Security Administration, called Secure Flight. After five years and $100 million spent, the program still can’t achieve the simple task of matching airline passengers against terrorist watch lists.

In 2002 we learned about yet another program, called Total Information Awareness, for which the government would collect information on every American and assign him or her a terrorist risk score. Congress found the idea so abhorrent that it halted funding for the program. Two years ago, and again this year, Secure Flight was also banned by Congress until it could pass a series of tests for accuracy and privacy protection.

In fact, the Automated Targeting System is arguably illegal, as well (a point several congressmen made recently); all recent Department of Homeland Security appropriations bills specifically prohibit the department from using profiling systems against persons not on a watch list.

There is something un-American about a government program that uses secret criteria to collect dossiers on innocent people and shares that information with various agencies, all without any oversight. It’s the sort of thing you’d expect from the former Soviet Union or East Germany or China. And it doesn’t make us any safer from terrorism.

This essay, without the links, was published in Forbes. They also published a rebuttal by William Baldwin, although it doesn’t seen to rebut any of the actual points.

Here’s an odd division of labor: a corporate data consultant argues for more openness, while a journalist favors more secrecy.

It’s only odd if you don’t understand security.

Posted on December 22, 2006 at 11:38 AMView Comments

Microsoft Anti-Phishing and Small Businesses

Microsoft has a new anti-phishing service in Internet Explorer 7 that will turn the address bar green and display the website owner’s identity when surfers visit on-line merchants previously approved as legitimate. So far, so good. But the service is only available to corporations: not to sole proprietorships, partnerships, or individuals.

Of course, if a merchant’s bar doesn’t turn green it doesn’t mean that they’re bad. It’ll be white, which indicates “no information.” There are also yellow and red indications, corresponding to “suspicious” and “known fraudulent site.” But small businesses are worried that customers will be afraid to buy from non-green sites.

That’s possible, but it’s more likely that users will learn that the marker isn’t reliable and start to ignore it.

Any white-list system like this has two sources of error. False positives, where phishers get the marker. And false negatives, where legitimate honest merchants don’t. Any system like this has to effectively deal with both.

EDITED TO ADD (12/21): Research paper: “Phinding Phish: An Evaulation of Anti-Phishing Toolbars,” by L. Cranor, S. Egleman, J. Hong, and Y. Zhang.

Posted on December 21, 2006 at 6:58 AMView Comments

Forecasting Murderers

There’s new software that can predict who is likely to become a murderer.

Using probation department cases entered into the system between 2002 and 2004, Berk and his colleagues performed a two-year follow-up study—enough time, they theorized, for a person to reoffend if he was going to. They tracked each individual, with particular attention to the people who went on to kill. That created the model. What remains at this stage is to find a way to marry the software to the probation department’s information technology system.

When caseworkers begin applying the model next year they will input data about their individual cases – what Berk calls “dropping ‘Joe’ down the model”—to come up with scores that will allow the caseworkers to assign the most intense supervision to the riskiest cases.

Even a crime as serious as aggravated assault—pistol whipping, for example—”might not mean that much” if the first-time offender is 30, but it is an “alarming indicator” in a first-time offender who is 18, Berk said.

The model was built using adult probation data stripped of personal identifying information for confidentiality. Berk thinks it could be an even more powerful diagnostic tool if he could have access to similarly anonymous juvenile records.

The central public policy question in all of this is a resource allocation problem. With not enough resources to go around, overloaded case workers have to cull their cases to find the ones in most urgent need of attention—the so-called true positives, as epidemiologists say.

But before that can begin in earnest, the public has to decide how many false positives it can afford in order to head off future killers, and how many false negatives (seemingly nonviolent people who nevertheless go on to kill) it is willing to risk to narrow the false positive pool.

Pretty scary stuff, as it gets into the realm of thoughtcrime.

Posted on December 1, 2006 at 7:34 AMView Comments

Paramedic Stopped at Airport Security for Nitroglycerine Residue

At least we know those chemical-residue detectors are working:

The punch line is that my bag tested positive for nitroglycerine residue. Which is, in hindsight, totally not unexpected, since it has been home to several bottles of nitro spray that at one point or another have found their way into my pockets and then into my bag. (Don’t look at me like that—I’m not stealing the damn drug. It’s just that it’s frequently easier to shove them in a pants pocket rather than keep fishing for one at the bedside or whatever, and besides, we’ve now gone to single-patient use sprays so that once you use one on one patient, it’s fininshed.) Whether one discharged, or leaked, or whatevered in my bag, it somehow got NTG molecules all over the place, and that’s what the detector picked up. The guy said this happens all the time but I’m not so sure, and in any event I’m not even remotely certain how I could go about getting the NTG residue off my bag so this doesn’t happen in the future. NTG spray has a pretty distinctive smell. All I can smell in my bag is consumer electronics, so it must have been some minute amount somewhere.

Posted on October 25, 2006 at 8:59 AMView Comments

Please Stop My Car

Residents of Prescott Valley are being invited to register their car if they don’t drive in the middle of the night. Police will then stop those cars if they are on the road at that time, under the assumption that they’re stolen.

The Watch Your Car decal program is a voluntary program whereby vehicle owners enroll their vehicles with the AATA. The vehicle is then entered into a special database, developed and maintained by the AATA, which is directly linked to the Motor Vehicle Division (MVD).

Participants then display the Watch Your Car decals in the front and rear windows of their vehicle. By displaying the decals, vehicle owners convey to law enforcement officials that their vehicle is not usually in use between the hours of 1:00 AM and 5:00 AM, when the majority of thefts occur.

If a police officer witnesses the vehicle in operation between these hours, they have the authority to pull it over and question the driver. With access to the MVD database, the officer will be able to determine if the vehicle has been stolen, or not. The program also allows law enforcement officials to notify the vehicle’s owner immediately upon determination that it is being illegally operated.

This program is entirely optional, but there’s a serious externality. If the police spend time chasing false alarms, they’re not available for other police business. If the town charged car owners a fine for each false alarm, I would have no problems with this program. It doesn’t have to be a large fine, but it has to be enough to offset the cost to the town. It’s no different than police departments charging homeowners for false burglar alarms, when the alarm systems are automatically hooked into the police stations.

Posted on October 16, 2006 at 6:30 AMView Comments

This Is What Vigilantism Looks Like

Another airplane passenger false alarm:

Seth Stein is used to jetting around the world to create stylish holiday homes for wealthy clients. This means the hip architect is familiar with the irritations of heightened airline security post-9/11. But not even he could have imagined being mistaken for an Islamist terrorist and physically pinned to his seat while aboard an American Airlines flight—especially as he has Jewish origins.

Turns out that one of the other passengers decided to take matters into his own hands.

In Mr Stein’s case, he was pounced on as the crew and other travellers looked on. The drama unfolded less than an hour into the flight. As he settled down with a book and a ginger ale, the father-of-three was grabbed from behind and held in a head-lock.

“This guy just told me his name was Michael Wilk, that he was with the New York Police Department, that I’d been acting suspiciously and should stay calm. I could barely find my voice and couldn’t believe it was happening,” said Mr Stein.

“He went into my pocket and took out my passport and my iPod. All the other passengers were looking concerned.” Eventually, cabin crew explained that the captain had run a security check on Mr Stein after being alerted by the policeman and that this had cleared him. The passenger had been asked to go back to his seat before he had restrained Mr Stein. When the plane arrived in New York, Mr Stein was met by apologetic police officers who offered to fast-track him out of the airport.

Even stranger:

In a twist to the story, Mr Stein has since discovered that there is only one Michael Wilk on the NYPD’s official register of officers, but the man retired 25 years ago. Officials have told the architect that his assailant may work for another law enforcement agency but have refused to say which one.

I’ve written about this kind of thing before.

EDITED TO ADD (10/3): Here’s a man booted off a plane for speaking Tamil into his cellphone.

Posted on October 3, 2006 at 12:42 PMView Comments

Faulty Data and the Arar Case

Maher Arar is a Syrian-born Canadian citizen. On September 26, 2002, he tried to fly from Switzerland to Toronto. Changing planes in New York, he was detained by the U.S. authorities, and eventually shipped to Syria where he was tortured. He’s 100% innocent. (Background here.)

The Canadian government has completed its “Commission of Inquiry into the Actions of Canadian Officials in Relation to Maher Arar,” the results of which are public. From their press release:

On Maher Arar, the Commissioner comes to one important conclusion: “I am able to say categorically that there is no evidence to indicate that Mr. Arar has committed any offence or that his activities constitute a threat to the security of Canada.”

Certainly something that everyone who supports the U.S.’s right to detain and torture people without having to demonstrate their guilt should think about. But what’s more interesting to readers of this blog is the role that inaccurate data played in the deportation and ultimately torture of an innocent man.

Privacy International summarizes the report. These are among their bullet points:

  • The RCMP provided the U.S. with an entire database of information relating to a terrorism investigation (three CDs of information), in a way that did not comply with RCMP policies that require screening for relevance, reliability, and personal information. In fact, this action was without precedent.
  • The RCMP provided the U.S. with inaccurate information about Arar that portrayed him in an infairly negative fashion and overstated his importance to a RCMP investigation. They included some “erroneous notes.”
  • While he was detained in the U.S., the RCMP provided information regarding him to the U.S. Federal Bureau of Investigation (FBI), “some of which portrayed him in an inaccurate and unfair way.” The RCMP provided inaccurate information to the U.S. authorities that tended to link Arar to other terrorist suspects; and told the U.S. authorities that Arar had previously refused to be interviewed, which was also incorrect; and the RCMP also said that soon after refusing the interview he suddenly left Canada for Tunisia. “The statement about the refusal to be interviewed had the potential to arouse suspicion, especially among law enforcement officers, that Mr. Arar had something to hide.” The RCMP’s information to the U.S. authorities also placed Arar in the vicinity of Washington DC on September 11, 2001 when he was instead in California.

Judicial oversight is a security mechanism. It prevents the police from incarcerating the wrong person. The point of habeas corpus is that the police need to present their evidence in front of a neutral third party, and not indefinitely detain or torture people just because they believe they’re guilty. We are all less secure if we water down these security measures.

Posted on September 29, 2006 at 7:06 AMView Comments

Burglars Foil Alarm Systems

Clever trick:

Their scheme: Cut a closed store’s phone lines. Hang back while cops respond to the alarm. After officers fail to spot anything wrong and drive away, break into the store and spend as much time as they need to make off with a weekend’s worth of cash.

And one I wrote about in Beyond Fear (page 56):

Attackers commonly force active failures specifically to cause a larger system to fail. Burglars cut an alarm wire at a warehouse and then retreat a safe distance. The police arrive and find nothing, decide that it’s an active failure, and tell the warehouse owner to deal with it in the morning. Then, after the police leave, the burglars reappear and steal everything.

Posted on September 13, 2006 at 11:10 AMView Comments

1 7 8 9 10 11 13

Sidebar photo of Bruce Schneier by Joe MacInnis.