RFID in British License Plates
The British government is testing a scheme to put active—the kind that are independently powered—RFID chips in automobile license plates. They can be read at least 300 feet away, and probably much, much further.
Entries Tagged "privacy"
Page 136 of 145
Cryptographically-Secured Murder Confession
From the Associated Press:
Joseph Duncan III is a computer expert who bragged online, days before authorities believe he killed three people in Idaho, about a tell-all journal that would not be accessed for decades, authorities say.
Duncan, 42, a convicted sex offender, figured technology would catch up in 30 years, “and then the world will know who I really was, and what I really did, and what I really thought,” he wrote May 13.
Police seized Duncan’s computer equipment from his Fargo apartment last August, when they were looking for evidence in a Detroit Lakes, Minn., child molestation case.
At least one compact disc and a part of his hard drive were encrypted well enough that one of the region’s top computer forensic specialists could not access it, The Forum reported Monday.
This is the kind of story that the government likes to use to illustrate the dangers of encryption. How can we allow people to use strong encryption, they ask, if it means not being able to convict monsters like Duncan?
But how is this different than Duncan speaking the confession when no one was able to hear? Or writing it down and hiding it where no one could ever find it? Or not saying anything at all? If the police can’t convict him without this confession—which we only have his word for as existing—then maybe he’s innocent?
Technologies have good and bad uses. Encryption, telephones, cars: they’re all used by both honest citizens and by criminals. For almost all technologies, the good far outweighs the bad. Banning a technology because the bad guys use it, denying everyone else the beneficial uses of that technology, is almost always a bad security trade-off.
EDITED TO ADD: Looking at the details of the encryption, it’s certainly possible that the authorities will break the diary. It probably depends on how random a key Duncan chose, although possibly on whether or not there’s an implementation error in the cryptographic software. If I had more details, I could speculate further.
Secure Flight News
According to Wired News, the DHS is looking for someone in Congress to sponsor a bill that eliminates congressional oversight over the Secure Flight program.
The bill would allow them to go ahead with the program regardless of GAO’s assessment. (Current law requires them to meet ten criteria set by Congress; the most recent GAO report said that they did not meet nine of them.) The bill would allow them to use commercial data even though they have not demonstrated its effectiveness. (The DHS funding bill passed by both the House and the Senate prohibits them from using commercial data during passenger screening, because there has been absolutely no test results showing that it is effective.)
In this new bill, all that would be required to go ahead with Secure Flight would be for Secretary Chertoff to say so:
Additionally, the proposed changes would permit Secure Flight to be rolled out to the nation’s airports after Homeland Security chief Michael Chertoff certifies the program will be effective and not overly invasive. The current bill requires independent congressional investigators to make that determination.
Looks like the DHS, being unable to comply with the law, is trying to change it. This is a rogue program that needs to be stopped.
In other news, the TSA has deleted about three million personal records it used for Secure Flight testing. This seems like a good idea, but it prevents people from knowing what data the government had on them—in violation of the Privacy Act.
Civil liberties activist Bill Scannell says it’s difficult to know whether TSA’s decision to destroy records so swiftly is a housecleaning effort or something else.
“Is the TSA just such an incredibly efficient organization that they’re getting rid of things that are no longer needed?” Scannell said. “Or is this a matter of the destruction of evidence?”
Scannell says it’s a fair question to ask in light of revelations that the TSA already violated the Privacy Act last year when it failed to fully disclose the scope of its testing for Secure Flight and its collection of commercial data on individuals.
My previous essay on Secure Flight is here.
E-Mail Interception Decision Reversed
Is e-mail in transit communications or data in storage? Seems like a basic question, but the answer matters a lot to the police. A U.S. federal Appeals Court has ruled that the interception of e-mail in temporary storage violates the federal wiretap act, reversing an earlier court opinion.
The case and associated privacy issues are summarized here. Basically, different privacy laws protect electronic communications in transit and data in storage; the former is protected much more than the latter. E-mail stored by the sender or the recipient is obviously data in storage. But what about e-mail on its way from the sender to the receiver? On the one hand, it’s obviously communications on transit. But the other side argued that it’s actually stored on various computers as it wends its way through the Internet; hence it’s data in storage.
The initial court decision in this case held that e-mail in transit is just data in storage. Judge Lipez wrote an inspired dissent in the original opinion. In the rehearing en banc (more judges), he wrote the opinion for the majority which overturned the earlier opinion.
The opinion itself is long, but well worth reading. It’s well reasoned, and reflects extraordinary understanding and attention to detail. And a great last line:
If the issue presented be “garden-variety”… this is a garden in need of a weed killer.
I participated in an Amicus Curiae (“friend of the court”) brief in the case. Here’s another amicus brief by six civil liberties organizations.
There’s a larger issue here, and it’s the same one that the entertainment industry used to greatly expand copyright law in cyberspace. They argued that every time a copyrighted work is moved from computer to computer, or CD-ROM to RAM, or server to client, or disk drive to video card, a “copy” is being made. This ridiculous definition of “copy” has allowed them to exert far greater legal control over how people use copyrighted works.
RFID Passport Security Revisited
I’ve written previously (including this op ed in the International Herald Tribune) about RFID chips in passports. An article in today’s USA Today (the paper version has a really good graphic) summarizes the latest State Department proposal, and it looks pretty good. They’re addressing privacy concerns, and they’re doing it right.
The most important feature they’ve included is an access-control system for the RFID chip. The data on the chip is encrypted, and the key is printed on the passport. The officer swipes the passport through an optical reader to get the key, and then the RFID reader uses the key to communicate with the RFID chip. This means that the passport-holder can control who has access to the information on the chip; someone cannot skim information from the passport without first opening it up and reading the information inside. Good security.
The new design also includes a thin radio shield in the cover, protecting the chip when the passport is closed. More good security.
Assuming that the RFID passport works as advertised (a big “if,” I grant you), then I am no longer opposed to the idea. And, more importantly, we have an example of an RFID identification system with good privacy safeguards. We should demand that any other RFID identification cards have similar privacy safeguards.
EDITED TO ADD: There’s more information in a Wired story:
The 64-KB chips store a copy of the information from a passport’s data page, including name, date of birth and a digitized version of the passport photo. To prevent counterfeiting or alterations, the chips are digitally signed….
“We are seriously considering the adoption of basic access control,” [Frank] Moss [the State Department’s deputy assistant secretary for passport services] said, referring to a process where chips remain locked until a code on the data page is first read by an optical scanner. The chip would then also transmit only encrypted data in order to prevent eavesdropping.
So it sounds like this access-control mechanism is not definite. In any case, I believe the system described in the USA Today article is a good one.
Wireless Interception Distance Records
Don’t believe wireless distance limitations. Again and again they’re proven wrong.
At DefCon earlier this month, a group was able to set up an unamplified 802.11 network at a distance of 124.9 miles.
The record holders relied on more than just a pair of wireless laptops. The equipment required for the feat, according to the event website, included a “collection of homemade antennas, surplus 12 foot satellite dishes, home-welded support structures, scaffolds, ropes and computers”.
Bad news for those of us who rely on physical distance to secure our wireless networks.
Even more important, the world record for communicating with a passive RFID device was set at 69 feet. (Pictures here.) Remember that the next time someone tells you that it’s impossible to read RFID identity cards at a distance.
Whenever you hear a manufacturer talk about a distance limitation for any wireless technology—wireless LANs, RFID, Bluetooth, anything—assume he’s wrong. If he’s not wrong today, he will be in a couple of years. Assume that someone who spends some money and effort building more sensitive technology can do much better, and that it will take less money and effort over the years. Technology always gets better; it never gets worse. If something is difficult and expensive now, it will get easier and cheaper in the future.
Technological Parenting
Salon has an interesting article about parents turning to technology to monitor their children, instead of to other people in their community.
“What is happening is that parents now assume the worst possible outcome, rather than seeing other adults as their allies,” says Frank Furedi, a professor of sociology at England’s University of Kent and the author of “Paranoid Parenting.” “You never hear stories about asking neighbors to care for kids or coming together as community. Instead we become insular, privatized communities, and look for
technological solutions to what are really social problems.” Indeed, while our parents’ generation was taught to “honor thy neighbor,” the mantra for today’s kids is “stranger danger,” and the message is clear—expect the worst of anyone unfamiliar—anywhere, and at any time.
This is security based on fear, not reason. And I think people who act this way make their families less safe.
EDITED TO ADD: Here’s a link to the book Paranoid Parenting.
Eavesdropping on Bluetooth Automobiles
This is impressive:
This new toool is called The Car Whisperer and allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.
This tool allows to interact with other drivers when traveling or maybe used in order to talk to that pushy Audi driver right behind you 😉 . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.
EDITED TO ADD: Another article.
Hacking Hotel Infrared Systems
From Wired:
A vulnerability in many hotel television infrared systems can allow a hacker to obtain guests’ names and their room numbers from the billing system.
It can also let someone read the e-mail of guests who use web mail through the TV, putting business travelers at risk of corporate espionage. And it can allow an intruder to add or delete charges on a hotel guest’s bill or watch pornographic films and other premium content on their hotel TV without paying for it….
“No one thinks about the security risks of infrared because they think it’s used for minor things like garage doors and TV remotes,” Laurie said. “But infrared uses really simple codes, and they don’t put any kind of authentication (in it)…. If the system was designed properly, I shouldn’t be able to do what I can do.”
Sidebar photo of Bruce Schneier by Joe MacInnis.