Entries Tagged "law enforcement"

Page 39 of 46

A Real Movie-Plot Threat

Arson Squad Blows Up News Rack, Tom Cruise Movie to Blame

A newspaper promotion for Tom Cruise’s “Mission: Impossible III” movie was off to an explosive start when a California arson squad blew up a news rack, thinking it contained a bomb.

The confusion: the Los Angeles Times rack was fitted with a digital musical device designed to play the Mission: Impossible theme song when the door was opened. But in some cases, the red plastic boxes with protruding wires were jarred loose and dropped onto the stack of newspapers inside, alarming customers.

You just can’t make this stuff up.

Posted on May 2, 2006 at 1:41 PMView Comments

The "I'm Not the Criminal You're Looking For" Card

This is a great idea:

Lawmakers in Iowa are proposing a special “passport” meant to protect victims of identity theft against false criminal action and credit charges.

The “Identity Theft Passport” will be a card or certificate that victims of identity fraud can show to police or creditors to help demonstrate their innocence, Tom Sands, a state representative of the Iowa House and supporter of the proposal, said in an e-mail interview Tuesday.

I wrote about something similar in Beyond Fear:

In Singapore, some names are so common that the police issue He’s-not-the-guy-we’re-looking-for documents exonerating innocent people with the same names as wanted criminals.

EDITED TO ADD (4/7): Of course it will be forged; all documents are forged. And yes, I’ve recently written that documents are hard to verify. This is a still good idea, even though it’s not perfect.

Posted on April 6, 2006 at 1:13 PMView Comments

MySpace Used as Forensics Tool

From CNN:

Detectives used profiles posted on the MySpace social networking Web site to identify six suspects in a rape and robbery….

[…]

She knew only their first names but their pictures were posted on MySpace.

“Primarily, we pulled up her friends list. It helped us identify some of the players,” said Bartley.

Posted on March 28, 2006 at 1:19 PMView Comments

Security Overreaction

Who needs terrorists? We can cause terror all by ourselves:

A worker at a Downtown building who was using a pellet gun with a scope to scare pigeons prompted a massive police response that led to the shutdown of several blocks this afternoon.

[…]

Dozens of motorcycle and special response officers responded to the area.

The Fort Pitt Tunnels inbound were shut down temporarily.

The Port Authority was forced to reroute buses around the area.

People in some buildings were told to stay inside while those in others were evacuated.

Students who attend Pittsburgh High School for the Creative & Performing Arts (CAPA High) remained in their Fort Duquesne Boulevard school this afternoon until the situation was resolved.

The All-City Senior Orchestra rehearsal scheduled for 4 p.m. at CAPA High has been canceled.

Students who attend all other Pittsburgh Public Schools have been dismissed since Port Authority buses and school buses that normally travel through Downtown were being re-routed.

Community College of Allegheny County canceled evening classes at its Downtown center tonight on Stanwix Street.

Before the all-clear was given and roads were reopened, police searched buildings floor-by-floor looking for the gunman and stationed snipers in surrounding buildings.

Posted on March 24, 2006 at 7:59 AMView Comments

Police Department Privilege Escalation

It’s easier than you think to create your own police department in the United States.

Yosef Maiwandi formed the San Gabriel Valley Transit Authority—a tiny, privately run nonprofit organization that provides bus rides to disabled people and senior citizens. It operates out of an auto repair shop. Then, because the law seems to allow transit companies to form their own police departments, he formed the San Gabriel Valley Transit Authority Police Department. As a thank you, he made Stefan Eriksson a deputy police commissioner of the San Gabriel Transit Authority Police’s anti-terrorism division, and gave him business cards.

Police departments like this don’t have much legal authority, they don’t really need to. My guess is that the name alone is impressive enough.

In the computer security world, privilege escalation means using some legitimately granted authority to secure extra authority that was not intended. This is a real-world counterpart. Even though transit police departments are meant to police their vehicles only, the title—and the ostensible authority that comes along with it—is useful elsewhere. Someone with criminal intent could easily use this authority to evade scrutiny or commit fraud.

Deal said that his agency has discovered that several railroad agencies around California have created police departments—even though the companies have no rail lines in California to patrol. The police certification agency is seeking to decertify those agencies because it sees no reason for them to exist in California.

The issue of private transit firms creating police agencies has in recent years been a concern in Illinois, where several individuals with criminal histories created railroads as a means of forming a police agency.

The real problem is that we’re too deferential to police power. We don’t know the limits of police authority, whether it be an airport policeman or someone with a business card from the “San Gabriel Valley Transit Authority Police Department.”

Posted on March 15, 2006 at 7:47 AMView Comments

More on Greek Wiretapping

Earlier this month I blogged about a wiretapping scandal in Greece.

Unknowns tapped the mobile phones of about 100 Greek politicians and offices, including the U.S. embassy in Athens and the Greek prime minister.

Details are sketchy, but it seems that a piece of malicious code was discovered by Ericsson technicians in Vodafone’s mobile phone software. The code tapped into the conference call system. It “conference called” phone calls to 14 prepaid mobile phones where the calls were recorded.

More details are emerging. It turns out that the “malicious code” was actually code designed into the system. It’s eavesdropping code put into the system for the police.

The attackers managed to bypass the authorization mechanisms of the eavesdropping system, and activate the “lawful interception” module in the mobile network. They then redirected about 100 numbers to 14 shadow numbers they controlled. (Here are translations of some of the press conferences with technical details. And here are details of the system used.)

There is an important security lesson here. I have long argued that when you build surveillance mechanisms into communication systems, you invite the bad guys to use those mechanisms for their own purposes. That’s exactly what happened here.

UPDATED TO ADD (3/2): From a reader: “I have an update. There is some news from the ‘Hellenic Authority for the Information and Communication Security and Privacy’ with a few facts and I got a rumor that there is a root backdoor in the telnetd of Ericssons AXE backdoor. (No, I can’t confirm the rumor.)”

Posted on March 1, 2006 at 8:04 AMView Comments

DNA Surveillance in the UK

Wholesale surveillance from the UK:

About 4,000 men working and living in South Croydon are being asked to voluntarily give their DNA as part of the hunt for a teenage model’s killer.

Well, sort of voluntarily:

“It is an entirely voluntary process. None of those DNA samples or finger prints will be used to check out any other unsolved crimes.

“Obviously if someone does refuse then each case will be reviewed on its own merits.

Did the detective chief inspector just threaten those 4,000 men? Sure seems that way to me.

Posted on February 28, 2006 at 7:31 AMView Comments

Police Cameras in Your Home

This is so nutty that I wasn’t even going to blog it. But too many of you are e-mailing the article to me.

Houston’s police chief on Wednesday proposed placing surveillance cameras in apartment complexes, downtown streets, shopping malls and even private homes to fight crime during a shortage of police officers.

“I know a lot of people are concerned about Big Brother, but my response to that is, if you are not doing anything wrong, why should you worry about it?” Chief Harold Hurtt told reporters Wednesday at a regular briefing.

One of the problems we have in the privacy community is that we don’t have a crisp answer to that question. Any suggestions?

Posted on February 23, 2006 at 1:12 PMView Comments

Photographing Airports

Patrick Smith, a former pilot, writes about his experiences—involving the police—taking pictures in airports:

He makes sure to remind me, just as his colleague in New Hampshire
had done, that next time I’d benefit from advance permission, and that “we live in a different world now.” Not to put undue weight on the cheap prose of patriotic convenience, but few things are more repellant than that oft- repeated catchphrase. There’s something so pathetically submissive about it—a sound bite of such defeat and capitulation. It’s also untrue; indeed we find ourselves in an altered way of life, though not for the reasons our protectors would have us think. We weren’t forced into this by terrorists, we’ve chosen it. When it comes to flying, we tend to hold the events of Sept. 11 as the be-all and end-all of air crimes, conveniently purging our memories of several decades’ worth of bombings and hijackings. The threats and challenges faced by airports aren’t terribly different from what they’ve always been. What’s different, or “too bad,” to quote the New Hampshire deputy, is our paranoid, overzealous reaction to those threats, and our amped-up obeisance to authority.

Posted on February 22, 2006 at 2:09 PMView Comments

1 37 38 39 40 41 46

Sidebar photo of Bruce Schneier by Joe MacInnis.