Entries Tagged "schools"

Page 1 of 8

Hacking School Surveillance Systems

Lance Vick is suggesting that students hack their schools’ surveillance systems.

“This is an ethical minefield that I feel students would be well within their rights to challenge, and if needed, undermine,” he said.

Of course, there are a lot more laws in place against this sort of thing than there were in — say — the 1980s, but it’s still worth thinking about.

EDITED TO ADD (1/2): Another essay on the topic.

Posted on December 30, 2019 at 10:20 AMView Comments

IoT Attack Against a University Network

Verizon’s Data Brief Digest 2017 describes an attack against an unnamed university by attackers who hacked a variety of IoT devices and had them spam network targets and slow them down:

Analysis of the university firewall identified over 5,000 devices making hundreds of Domain Name Service (DNS) look-ups every 15 minutes, slowing the institution’s entire network and restricting access to the majority of internet services.

In this instance, all of the DNS requests were attempting to look up seafood restaurants — and it wasn’t because thousands of students all had an overwhelming urge to eat fish — but because devices on the network had been instructed to repeatedly carry out this request.

“We identified that this was coming from their IoT network, their vending machines and their light sensors were actually looking for seafood domains; 5,000 discreet systems and they were nearly all in the IoT infrastructure,” says Laurance Dine, managing principal of investigative response at Verizon.

The actual Verizon document doesn’t appear to be available online yet, but there is an advance version that only discusses the incident above, available here.

Posted on February 17, 2017 at 8:30 AMView Comments

Fear and Anxiety

More psychological research on our reaction to terrorism and mass violence:

The researchers collected posts on Twitter made in response to the 2012 shooting attack at Sandy Hook Elementary School in Newtown, Connecticut. They looked at tweets about the school shooting over a five-and-a-half-month period to see whether people used different language in connection with the event depending on how geographically close they were to Newtown, or how much time had elapsed since the tragedy. The analysis showed that the further away people were from the tragedy in either space or time, the less they used words related to sadness (loss, grieve, mourn), suggesting that feelings of sorrow waned with growing psychological distance. But words related to anxiety (crazy, fearful, scared) showed the opposite pattern, increasing in frequency as people gained distance in either time or space from the tragic events. For example, within the first week of the shootings, words expressing sadness accounted for 1.69 percent of all words used in tweets about the event; about five months later, these had dwindled to 0.62 percent. In contrast, anxiety-related words went up from 0.27 percent to 0.62 percent over the same time.

Why does psychological distance mute sadness but incubate anxiety? The authors point out that as people feel more remote from an event, they shift from thinking of it in very concrete terms to more abstract ones, a pattern that has been shown in a number of previous studies. Concrete thoughts highlight the individual lives affected and the horrific details of the tragedy. (Images have >particular power to make us feel the loss of individuals in a mass tragedy.) But when people think about the event abstractly, they’re more apt to focus on its underlying causes, which is anxiety inducing if the cause is seen as arising from an unresolved issue.

This is related.

Posted on February 16, 2016 at 6:27 AMView Comments

DOS Attack Against Los Angeles Schools

Yesterday, the city of Los Angeles closed all of its schools — over 1,000 schools — because of a bomb threat. It was a hoax.

LA officials defended the move, with that city’s police chief dismissing the criticism as “irresponsible.”

“It is very easy in hindsight to criticize a decision based on results the decider could never have known,” Chief Charlie Beck said at a news conference.

I wrote about this back in 2007, where I called it CYA security: given the choice between overreacting to a threat and wasting everyone’s time, and underreacting and potentially losing your job, it’s easy to overreact.

What’s interesting is that New York received the same threat, and treated it as the hoax it was. Why the difference?

EDITED TO ADD (12/17): Best part of the story: the e-mailer’s address was madbomber@cock.li.

EDITED TO ADD (1/13): There have been copycats.

Posted on December 16, 2015 at 6:28 AMView Comments

Child Arrested Because Adults Are Stupid

A Texas 9th-grader makes an electronic clock and brings it to school. Teachers immediately become stupid and call the police:

The bell rang at least twice, he said, while the officers searched his belongings and questioned his intentions. The principal threatened to expel him if he didn’t make a written statement, he said.

“They were like, ‘So you tried to make a bomb?'” Ahmed said.

“I told them no, I was trying to make a clock.”

“He said, It looks like a movie bomb to me.'”

The student’s name is Ahmed Mohamed, which certainly didn’t help.

I am reminded of the 2007 story of an MIT student getting arrested for bringing a piece of wearable electronic art to the airport. And I wrote about the “war on the unexpected” back in 2007, too.

We simply have to stop terrorizing ourselves. We just look stupid when we do it.

EDITED TO ADD: New York Times article. Glenn Greenwald commentary.

EDITED TO ADD (9/21): There’s more to the story. He’s been invited to the White House, Google, MIT, and Facebook, and offered internships by Reddit and Twitter. On the other hand, Sarah Palin doesn’t believe it was just a clock. And he’s changing schools.

EDITED TO ADD (10/13): Two more essays.

Posted on September 16, 2015 at 10:09 AMView Comments

High-tech Cheating on Exams

India is cracking down on people who use technology to cheat on exams:

Candidates have been told to wear light clothes with half-sleeves, and shirts that do not have big buttons.

They cannot wear earrings and carry calculators, pens, handbags and wallets.

Shoes have also been discarded in favour of open slippers.

In India students cheating in exams have been often found concealing Bluetooth devices and mobile SIM cards that have been stitched to their shirts.

I haven’t heard much about this sort of thing in the US or Europe, but I assume it’s happening there too.

Posted on July 10, 2015 at 12:44 PMView Comments

Nice Security Mindset Example

A real-world one-way function:

Alice and Bob procure the same edition of the white pages book for a particular town, say Cambridge. For each letter Alice wants to encrypt, she finds a person in the book whose last name starts with this letter and uses his/her phone number as the encryption of that letter.

To decrypt the message Bob has to read through the whole book to find all the numbers.

And a way to break it:

I still use this example, with an assumption that there is no reverse look-up. I recently taught it to my AMSA students. And one of my 8th graders said, “If I were Bob, I would just call all the phone numbers and ask their last names.”

In the fifteen years since I’ve been using this example, this idea never occurred to me. I am very shy so it would never enter my mind to call a stranger and ask for their last name. My student made me realize that my own personality affected my mathematical inventiveness.

I’ve written about the security mindset in the past, and this is a great example of it.

Posted on April 9, 2013 at 1:49 PMView Comments

1 2 3 8

Sidebar photo of Bruce Schneier by Joe MacInnis.