Security Pat Downs at Football Games
A fan’s view of the extra “security” at football games.
Entries Tagged "police"
Page 26 of 28
Surveillance Via Cell Phones
It captures criminals:
Today, even murderers carry cell phones.
They may have left no witnesses, fingerprints or DNA. But if a murderer makes calls on a cell phone around the time of the crime (and they often do), they leave behind a trail of records that show not only who they called and at what time, but where they were when the call was made.
The cell phone records, which document what tower a caller was nearest when he dialed, can put a suspect at the scene of the crime with as much accuracy as an eyewitness. In urban areas crowded with cell towers, the records can pinpoint someone’s location within a few blocks.
Should a suspect tell detectives he was in another part of town the night of the murder, records from cell phone towers can smash his alibi, giving detectives leverage in an interview.
I am fine with the police using this tool, as long as the warrant process is there to ensure that they don’t abuse the tool.
Man Arrested for Being A Computer Nerd
In this disturbing story, a man is arrested in the London subways as a terrorist because, well because he was acting like a computer nerd.
At least the police didn’t shoot to kill.
EDITED TO ADD: This picture was supposedly taken in the London Tube a few weeks after the first set of bombings.
EDITED TO ADD: Snopes says that the picture is a fake.
Actors Playing New York City Policemen
Did you know you could be arrested for carrying a police uniform in New York City?
With security tighter in the Big Apple since Sept. 11, 2001, the union that represents TV and film actors has begun advising its New York-area members to stop buying police costumes or carrying them to gigs, even if their performances require them.
The Screen Actors Guild said in a statement posted on its Web site on Friday that “an apparent shift in city policy” may put actors at risk of arrest if they are stopped while carrying anything that looks too much like a real police uniform.
The odds that an actor might be stopped and questioned on his or her way to work went up this month when police began conducting random searches of passengers’ bags in New York’s subway system. The guild said two of its members had been detained by security personnel at an airport and a courthouse in recent months for possessing police costumes.
This seems like overkill to me. I understand that a police uniform is an authentication device—not a very good one, but one nonetheless—and we want to make it harder for the bad guys to get one. But there’s no reason to prohibit screen or stage actors from having police uniforms if it’s part of their job. This seems similar to the laws surrounding lockpicks: you can be arrested for carrying them without a good reason, but locksmiths are allowed to own the tools of their trade.
Here’s another bit from the article:
Under police department rules, real officers must be on hand any time an actor dons a police costume during a TV or film production.
I guess that’s to prevent the actor from actually impersonating a policeman. But how often does that actually happen? Is this a good use of police manpower?
Does anyone know how other cities and countries handle this?
Cryptographically-Secured Murder Confession
From the Associated Press:
Joseph Duncan III is a computer expert who bragged online, days before authorities believe he killed three people in Idaho, about a tell-all journal that would not be accessed for decades, authorities say.
Duncan, 42, a convicted sex offender, figured technology would catch up in 30 years, “and then the world will know who I really was, and what I really did, and what I really thought,” he wrote May 13.
Police seized Duncan’s computer equipment from his Fargo apartment last August, when they were looking for evidence in a Detroit Lakes, Minn., child molestation case.
At least one compact disc and a part of his hard drive were encrypted well enough that one of the region’s top computer forensic specialists could not access it, The Forum reported Monday.
This is the kind of story that the government likes to use to illustrate the dangers of encryption. How can we allow people to use strong encryption, they ask, if it means not being able to convict monsters like Duncan?
But how is this different than Duncan speaking the confession when no one was able to hear? Or writing it down and hiding it where no one could ever find it? Or not saying anything at all? If the police can’t convict him without this confession—which we only have his word for as existing—then maybe he’s innocent?
Technologies have good and bad uses. Encryption, telephones, cars: they’re all used by both honest citizens and by criminals. For almost all technologies, the good far outweighs the bad. Banning a technology because the bad guys use it, denying everyone else the beneficial uses of that technology, is almost always a bad security trade-off.
EDITED TO ADD: Looking at the details of the encryption, it’s certainly possible that the authorities will break the diary. It probably depends on how random a key Duncan chose, although possibly on whether or not there’s an implementation error in the cryptographic software. If I had more details, I could speculate further.
E-Mail Interception Decision Reversed
Is e-mail in transit communications or data in storage? Seems like a basic question, but the answer matters a lot to the police. A U.S. federal Appeals Court has ruled that the interception of e-mail in temporary storage violates the federal wiretap act, reversing an earlier court opinion.
The case and associated privacy issues are summarized here. Basically, different privacy laws protect electronic communications in transit and data in storage; the former is protected much more than the latter. E-mail stored by the sender or the recipient is obviously data in storage. But what about e-mail on its way from the sender to the receiver? On the one hand, it’s obviously communications on transit. But the other side argued that it’s actually stored on various computers as it wends its way through the Internet; hence it’s data in storage.
The initial court decision in this case held that e-mail in transit is just data in storage. Judge Lipez wrote an inspired dissent in the original opinion. In the rehearing en banc (more judges), he wrote the opinion for the majority which overturned the earlier opinion.
The opinion itself is long, but well worth reading. It’s well reasoned, and reflects extraordinary understanding and attention to detail. And a great last line:
If the issue presented be “garden-variety”… this is a garden in need of a weed killer.
I participated in an Amicus Curiae (“friend of the court”) brief in the case. Here’s another amicus brief by six civil liberties organizations.
There’s a larger issue here, and it’s the same one that the entertainment industry used to greatly expand copyright law in cyberspace. They argued that every time a copyrighted work is moved from computer to computer, or CD-ROM to RAM, or server to client, or disk drive to video card, a “copy” is being made. This ridiculous definition of “copy” has allowed them to exert far greater legal control over how people use copyrighted works.
Shoot-to-Kill Revisited
I’ve already written about the police “shoot-to-kill” policy in the UK in response to the terrorist bombings last month, explaining why it’s a bad security trade-off. Now the International Association of Chiefs of Police have issued new guidelines that also recommend a shoot-to-kill policy.
What might cause a police officer to think you’re a suicide bomber, and then shoot you in the head?
The police organization’s behavioral profile says such a person might exhibit “multiple anomalies,” including wearing a heavy coat or jacket in warm weather or carrying a briefcase, duffel bag or backpack with protrusions or visible wires. The person might display nervousness, an unwillingness to make eye contact or excessive sweating. There might be chemical burns on the clothing or stains on the hands. The person might mumble prayers or be “pacing back and forth in front of a venue.”
Is that all that’s required?
The police group’s guidelines also say the threat to officers does not have to be “imminent,” as police training traditionally teaches. Officers do not have to wait until a suspected bomber makes a move, another traditional requirement for police to use deadly force. An officer just needs to have a “reasonable basis” to believe that the suspect can detonate a bomb, the guidelines say.
Does anyone actually think they’re safer if a policy like this is put into effect?
EDITED TO ADD: For reference:
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.
But what does a 215-year-old document know?
UK Police and Encryption
From The Guardian:
Police last night told Tony Blair that they need sweeping new powers to counter the terrorist threat, including the right to detain a suspect for up to three months without charge instead of the current 14 days….
They also want to make it a criminal offence for suspects to refuse to cooperate in giving the police full access to computer files by refusing to disclose their encryption keys.
On Channel 4 News today, Sir Ian Blair was asked why the police wanted to extend the time they could hold someone without charges from 14 days to 3 months. Part of his answer was that they sometimes needed to access encrypted computer files and 14 days was not enough time for them to break the encryption.
There’s something fishy going on here.
It’s certainly possible that password-guessing programs are more successful with three months to guess. But the Regulation of Investigatory Powers (RIP) Act, which went into effect in 2000, already allows the police to jail people who don’t surrender encryption keys:
If intercepted communications are encrypted (encoded and made secret), the act will force the individual to surrender the keys (pin numbers which allow users to decipher encoded data), on pain of jail sentences of up to two years.
Shoot-to-Kill
We’ve recently learned that London’s Metropolitan Police has a shoot-to-kill policy when dealing with suspected suicide terrorists. The theory is that only a direct headshot will kill the terrorist immediately, and thus destroy the ability to execute a bombing attack.
Roy Ramm, former Met Police specialist operations commander, said the rules for confronting potential suicide bombers had recently changed to “shoot to kill”….
Mr Ramm said the danger of shooting a suspected suicide bomber in the body was that it could detonate a bomb they were carrying on them.
“The fact is that when you’re dealing with suicide bombers they only way you can stop them effectively—and protect yourself—is to try for a head-shot,” he said.
This policy is based on the extremely short-sighted assumption that a terrorist needs to push buttons to make a bomb explode. In fact, ever since World War I, the most common type of bomb carried by a person has been the hand grenade. It is entirely conceivable, especially when a shoot-to-kill policy is known to be in effect, that suicide bombers will use the same kind of dead-man’s trigger on their bombs: a detonate that is activated when a button is released, rather than when it is pushed.
This is a difficult one. Whatever policy you choose, the terrorists will adapt to make that policy the wrong one.
The police are now sorry they accidentally killed an innocent they suspected of being a suicide bomber, but I can certainly understand the mistake. In the end, the best solution is to train police officers and then leave the decision to them. But honestly, policies that are more likely to result in living incarcerated suspects—and recover well from false alarms—that can be interrogated are better than policies that are more likely to result in corpses.
EDITED TO ADD these comments by Nicholas Weaver:
“One other thing: The suspect was on the ground, and immobilized. Thus the decision was made to shoot the suspect, repeatedly (7 times) in the head, based on the perception that he could have been a suicide attacker (who dispite being a suicide attacker, wasn’t holding a dead-man’s switch. Or heck, wire up the bomb to a $50 heart-rate monitor).
“If this is policy, it is STUPID: There is an easy way for the attackers to counter it, and when you have a subway execution of an innocent man, the damage (in the hearts and minds of british muslims) is immense.
“One thing to remember:
“These were NON uniformed officers, and the suspect was brasilian (and probably didn’t speak very good english).
“Why did he run? What would YOU do if three individuals accosted you, speaking a language which you were unfamiliar with, drawing weapons? You would RUN LIKE HELL!
“I find the blaming the victim (‘but he was running!’) reprehensible.”
ANOTHER EDIT: The consensus seems to be that he spoke English well enough. I don’t think we can blame the officers without a whole lot more details about what happened, and possibly not even then. Clearly they were under a lot of stress, and made a split-second decision.
But I think we can reasonably criticize the shoot-to-kill policy that the officers were following. That policy is a threat to our security, and our society.
Searching Bags in Subways
The New York City police will begin randomly searching people’s bags on subways, buses, commuter trains, and ferries.
“The police can and should be aggressively investigating anyone they suspect is trying to bring explosives into the subway,” said Christopher Dunn, associate legal director at the New York Civil Liberties Union. “However, random police searches of people without any suspicion of wrongdoing are contrary to our most basic constitutional values. This is a very troubling announcement.”
If the choice is between random searching and profiling, then random searching is a more effective security countermeasure. But Dunn is correct above when he says that there are some enormous trade-offs in liberty. And I don’t think we’re getting very much security in return.
Especially considering this:
[Police Commissioner Raymond] Kelly stressed that officers posted at subway entrances would not engage in racial profiling, and that passengers are free to “turn around and leave.”
“Okay guys; here are your explosives. If one of you gets singled out for a search, just turn around and leave. And then go back in via another entrance, or take a taxi to the next subway stop.”
And I don’t think they’ll be truly random, either. I think the police doing the searching will profile, because that’s what happens.
It’s another “movie plot threat.” It’s another “public relations security system.” It’s a waste of money, it substantially reduces our liberties, and it won’t make us any safer.
Final note: I often get comments along the lines of “Stop criticizing stuff; tell us what we should do.” My answer is always the same. Counterterrorism is most effective when it doesn’t make arbitrary assumptions about the terrorists’ plans. Stop searching bags on the subways, and spend the money on 1) intelligence and investigation—stopping the terrorists regardless of what their plans are, and 2) emergency response—lessening the impact of a terrorist attack, regardless of what the plans are. Countermeasures that defend against particular targets, or assume particular tactics, or cause the terrorists to make insignificant modifications in their plans, or that surveil the entire population looking for the few terrorists, are largely not worth it.
EDITED TO ADD: A Citizen’s Guide to Refusing New York Subway Searches.
Sidebar photo of Bruce Schneier by Joe MacInnis.