sensors Archives - Page 5 of 13 - Schneier on Security

Entries Tagged "sensors"

Page 5 of 13

How Much Counterterrorism Can We Afford?

In an article on using terahertz rays (is that different from terahertz radar?) to detect biological agents, we find this quote:

“High-tech, low-tech, we can’t afford to overlook any possibility in dealing with mass casualty events,” according to center head Donald Sebastian. “You need multiple methods of detection and response. Terrorism comes in many forms; you have to see, smell, taste and analyze everything.”

He’s got it completely backwards. I think we can easily afford not to do what he’s saying, and can’t afford to do it.

The technology to detect traces of chemical and biological agents is neat, though. And I am very much in favor of research along these lines.

Posted on June 23, 2010 at 6:00 AM • View Comments

Alerting Users that Applications are Using Cameras, Microphones, Etc.

Interesting research: “What You See is What They Get: Protecting users from unwanted use of microphones, cameras, and other sensors,” by Jon Howell and Stuart Schechter.

Abstract: Sensors such as cameras and microphones collect privacy-sensitive data streams without the user’s explicit action. Conventional sensor access policies either hassle users to grant applications access to sensors or grant with no approval at all. Once access is granted, an application may collect sensor data even after the application’s interface suggests that the sensor is no longer being accessed.

We introduce the sensor-access widget, a graphical user interface element that resides within an application’s display. The widget provides an animated representation of the personal data being collected by its corresponding sensor, calling attention to the application’s attempt to collect the data. The widget indicates whether the sensor data is currently allowed to flow to the application. The widget also acts as a control point through which the user can configure the sensor and grant or deny the application access. By building perpetual disclosure of sensor data collection into the platform, sensor-access widgets enable new access-control policies that relax the tension between the user’s privacy needs and applications’ ease of access.

Apple seems to be taking some steps in this direction with the location sensor disclosure in iPhone 4.0 OS.

Posted on May 24, 2010 at 7:32 AM • View Comments

Militarized Marine Mammals

Dolphins and sea lions:

A Navy seal—actually a sea lion—took less than a minute to find a fake mine under a pier near San Francisco’s AT&T Park.

A dolphin quickly located a terrorist lurking in the black water before another sea lion, using a device carried in its mouth, cuffed the pretend saboteur’s ankle so authorities could reel him in.

Earlier posts on the topic.

Posted on May 20, 2010 at 6:50 AM • View Comments

Life Recorder

In 2006, writing about future threats on privacy, I described a life recorder:

A “life recorder” you can wear on your lapel that constantly records is still a few generations off: 200 gigabytes/year for audio and 700 gigabytes/year for video. It’ll be sold as a security device, so that no one can attack you without being recorded.

I can’t find a quote right now, but in talks I would say that this kind of technology would first be used by groups of people with diminished rights: children, soldiers, prisoners, and the non-lucid elderly.

It’s been proposed:

With GPS capabilities built into phones that can be made ever smaller, and the ability for these phones to transmit both sound and audio, isn’t it time to think about a wearable device that could be used to call for help and accurately report what was happening?

[…]

The device could contain cameras and microphones that activate if the device was triggered to create evidence that could locate an attacker and cause them to flee, an alarm sound that could help locate the victim and also help scare off an attacker, and a set of sensors that could detect everything from sudden deceleration to an irregular heartbeat or compromised breathing.

Just one sentence on the security and privacy issues:

Indeed, privacy concerns need to be addressed so that stalkers and predators couldn’t compromise the device.

Indeed.

Posted on April 19, 2010 at 6:30 AM • View Comments

New York and the Moscow Subway Bombing

People intent on preventing a Moscow-style terrorist attack against the New York subway system are proposing a range of expensive new underground security measures, some temporary and some permanent.

They should save their money – and instead invest every penny they’re considering pouring into new technologies into intelligence and old-fashioned policing.

Intensifying security at specific stations only works against terrorists who aren’t smart enough to move to another station. Cameras are useful only if all the stars align: The terrorists happen to walk into the frame, the video feeds are being watched in real time and the police can respond quickly enough to be effective. They’re much more useful after an attack, to figure out who pulled it off.

Installing biological and chemical detectors requires similarly implausible luck – plus a terrorist plot that includes the specific biological or chemical agent that is being detected.

What all these misguided reactions have in common is that they’re based on “movie-plot threats”: overly specific attack scenarios. They fill our imagination vividly, in full color with rich detail. Before long, we’re envisioning an entire story line, with or without Bruce Willis saving the day. And we’re scared.

It’s not that movie-plot threats are not worth worrying about. It’s that each one – Moscow’s subway attack, the bombing of the Oklahoma City federal building, etc. – is too specific. These threats are infinite, and the bad guys can easily switch among them.

New York has thousands of possible targets, and there are dozens of possible tactics. Implementing security against movie-plot threats is only effective if we correctly guess which specific threat to protect against. That’s unlikely.

A far better strategy is to spend our limited counterterrorism resources on investigation and intelligence – and on emergency response. These measures don’t hinge on any specific threat; they don’t require us to guess the tactic or target correctly. They’re effective in a variety of circumstances, even nonterrorist ones.

The result may not be flashy or outwardly reassuring – as are pricey new scanners in airports. But the strategy will save more lives.

The 2006 arrest of the liquid bombers – who wanted to detonate liquid explosives to be brought onboard airliners traveling from England to North America – serves as an excellent example. The plotters were arrested in their London apartments, and their attack was foiled before they ever got to the airport.

It didn’t matter if they were using liquids or solids or gases. It didn’t even matter if they were targeting airports or shopping malls or theaters. It was a straightforward, although hardly simple, matter of following leads.

Gimmicky security measures are tempting – but they’re distractions we can’t afford. The Christmas Day bomber chose his tactic because it would circumvent last year’s security measures, and the next attacker will choose his tactic – and target – according to similar criteria. Spend money on cameras and guards in the subways, and the terrorists will simply modify their plot to render those countermeasures ineffective.

Humans are a species of storytellers, and the Moscow story has obvious parallels in New York. When we read the word “subway,” we can’t help but think about the system we use every day. This is a natural response, but it doesn’t make for good public policy. We’d all be safer if we rose above the simple parallels and the need to calm our fears with expensive and seductive new technologies – and countered the threat the smart way.

This essay originally appeared in the New York Daily News.

Posted on April 7, 2010 at 8:52 AM • View Comments

Detecting Being Watched

This seems like science fiction to me:

The camera uses the same “red eye” effect of from camera flashes to project it hundreds of meters, allowing it to identify binoculars, sniper scopes, cameras and even human eyeballs that are staring at you….

Posted on April 5, 2010 at 1:30 PM • View Comments

Wanted: Trust Detector

It’s good to dream:

IARPA’s five-year plan aims to design experiments that can measure trust with high certainty—a tricky proposition for a psychological study. Developing such experimental protocols could prove very useful for assessing levels of trust within one-on-one talks, or even during group interactions.

A second part of the IARPA proposal might involve using new types of sensors and software to gauge human facial, language or body signals that might help predict trustworthiness. Perhaps facial recognition technology that could deduce emotions or facial tics might help, not to mention better lie detectors.

IARPA is the Intelligence Advanced Research Projects Activity, the U.S. intelligence community’s answer to DARPA.

Posted on March 11, 2010 at 6:17 AM • View Comments

Car-Key Copier

This is neat:

The Impressioner consists of a sensor that goes into the lock and sends information back to a computer via USB about the location of the lock’s tumblers—a corresponding computer program comes up with the code, depending on the make of car you’ve entered beforehand. Once you know the code, a key-cutting machine can use it to carve up a key.

Right now, it’s a prototype that only works on Ford car locks. The article points out that both locksmiths and thieves can use this device.

Another article.

EDITED TO ADD (2/16): How it likely works.

Posted on February 12, 2010 at 6:23 AM • View Comments

Scanning Cargo for Nuclear Material and Conventional Explosives

Still experimental:

The team propose using a particle accelerator to alternately smash ionised hydrogen molecules and deuterium ions into targets of carbon and boron respectively. The collisions produce beams of gamma rays of various energies as well as neutrons. These beams are then passed through the cargo.

By measuring the way the beams are absorbed, Goldberg and company say they can work out whether the cargo contains explosives or nuclear materials. And they say they can do it at the rate of 20 containers per hour.

That’s an ambitious goal that presents numerous challenges.

For example, the beam currents will provide relatively sparse data so the team will have to employ a technique called few-view tomography to fill in the gaps. It will also mean that each container will have to be zapped several times. That may not be entirely desirable for certain types of goods such as food and equipment with delicate electronics.

Just how beams of gamma rays and neutrons affect these kinds of goods is something that will have to be determined

Then there is the question of false positives. One advantage of a machine like this is that it has several scanning modes is that if one reveals something suspicious, it can switch to another to look in more detail. That should build up a decent picture of the cargo’s contents and reduce false positives.

Posted on January 27, 2010 at 6:53 AM • View Comments

Body Cavity Scanners

At least one company is touting its technology:

Nesch, a company based in Crown Point, Indiana, may have a solution. It’s called diffraction-enhanced X-ray imaging or DEXI, which employs proprietary diffraction enhanced imaging and multiple image radiography

Rather than simply shining X-rays through the subject and looking at the amount that passes through (like a conventional X-ray machine), DEXI analyzes the X-rays that are scattered or refracted by soft tissue or other low-density material. Conventional X-rays show little more than the skeleton, but the new technique can reveal far more, which makes it useful for both medical and security applications.

Posted on January 14, 2010 at 6:00 AM • View Comments

←Previous 1 … 3 4 5 6 7 … 13 Next→

Sidebar photo of Bruce Schneier by Joe MacInnis.