Entries Tagged "terrorism"

Page 44 of 80

Kill Switches and Remote Control

It used to be that just the entertainment industries wanted to control your computers—and televisions and iPods and everything else—to ensure that you didn’t violate any copyright rules. But now everyone else wants to get their hooks into your gear.

OnStar will soon include the ability for the police to shut off your engine remotely. Buses are getting the same capability, in case terrorists want to re-enact the movie Speed. The Pentagon wants a kill switch installed on airplanes, and is worried about potential enemies installing kill switches on their own equipment.

Microsoft is doing some of the most creative thinking along these lines, with something it’s calling “Digital Manners Policies.” According to its patent application, DMP-enabled devices would accept broadcast “orders” limiting their capabilities. Cellphones could be remotely set to vibrate mode in restaurants and concert halls, and be turned off on airplanes and in hospitals. Cameras could be prohibited from taking pictures in locker rooms and museums, and recording equipment could be disabled in theaters. Professors finally could prevent students from texting one another during class.

The possibilities are endless, and very dangerous. Making this work involves building a nearly flawless hierarchical system of authority. That’s a difficult security problem even in its simplest form. Distributing that system among a variety of different devices—computers, phones, PDAs, cameras, recorders—with different firmware and manufacturers, is even more difficult. Not to mention delegating different levels of authority to various agencies, enterprises, industries and individuals, and then enforcing the necessary safeguards.

Once we go down this path—giving one device authority over other devices—the security problems start piling up. Who has the authority to limit functionality of my devices, and how do they get that authority? What prevents them from abusing that power? Do I get the ability to override their limitations? In what circumstances, and how? Can they override my override?

How do we prevent this from being abused? Can a burglar, for example, enforce a “no photography” rule and prevent security cameras from working? Can the police enforce the same rule to avoid another Rodney King incident? Do the police get “superuser” devices that cannot be limited, and do they get “supercontroller” devices that can limit anything? How do we ensure that only they get them, and what do we do when the devices inevitably fall into the wrong hands?

It’s comparatively easy to make this work in closed specialized systems—OnStar, airplane avionics, military hardware—but much more difficult in open-ended systems. If you think Microsoft’s vision could possibly be securely designed, all you have to do is look at the dismal effectiveness of the various copy-protection and digital-rights-management systems we’ve seen over the years. That’s a similar capabilities-enforcement mechanism, albeit simpler than these more general systems.

And that’s the key to understanding this system. Don’t be fooled by the scare stories of wireless devices on airplanes and in hospitals, or visions of a world where no one is yammering loudly on their cellphones in posh restaurants. This is really about media companies wanting to exert their control further over your electronics. They not only want to prevent you from surreptitiously recording movies and concerts, they want your new television to enforce good “manners” on your computer, and not allow it to record any programs. They want your iPod to politely refuse to copy music to a computer other than your own. They want to enforce their legislated definition of manners: to control what you do and when you do it, and to charge you repeatedly for the privilege whenever possible.

“Digital Manners Policies” is a marketing term. Let’s call this what it really is: Selective Device Jamming. It’s not polite, it’s dangerous. It won’t make anyone more secure—or more polite.

This essay originally appeared in Wired.com.

Posted on July 1, 2008 at 6:48 AMView Comments

New Technology to Detect Chemical, Biological, and Explosive Agents

Interesting:

“We have found we can potentially detect an incredibly small quantity of material, as small as one dust-speck-sized particle weighing one trillionth of a gram, on an individual’s clothing or baggage,” Farquar said. “This is important because if a person handles explosives they are likely to have some remaining residue.”

Using a system they call Single-Particle Aerosol Mass Spectrometry, or SPAMS, the Livermore scientists already have developed and tested the technology for detecting chemical and biological agents.

The new research expands SPAMS’ capabilities to include several types of explosives that have been used worldwide in improvised explosive devices and other terrorist attacks.

“SPAMS is a sensitive, specific, potential option for airport and baggage screening,” Farquar said. “The ability of the SPAMS technology to determine the identity of a single particle could be a valuable asset when the target analyte is dangerous in small quantities or has no legal reason for being present in an environment.”

Posted on June 23, 2008 at 6:07 AMView Comments

Bus Defended Against Terrorists Who Want to Reenact the Movie Speed

We’re spending money on this?

…a new GPS device enables authorities to remotely control a bus—slowing it down to 5 mph and preventing it from restarting once it has stopped. The device has been installed on thousands of local commuter and tourist buses.

The technology is designed to prevent a terrorist from ramming a bus filled with people and explosives into buildings or tunnels.

Private bus companies have received millions of dollars from the Department of Homeland Security for the security systems. It costs $1,500 to equip each bus, with $50-per-bus monthly maintenance costs.

Gray Line double-decker tourist buses and Coach USA have spent hundreds of thousands of dollars in federal funds to install 3,000 devices. After receiving a $124,000 federal grant, DeCamp Bus Lines is installing the device on its 80 commuter buses, which travel routes from northern New Jersey to the Port Authority Bus Terminal in Midtown.

New Jersey Transit is currently in the process of equipping all of its roughly 3,000 buses with the technology. NJ Transit Chief of Police Joseph Bober said: “This enhanced technology helps us protect our bus drivers and customers. It’s another proactive tool to protect our property, employees and customers.”

Posted on June 10, 2008 at 12:31 PMView Comments

The War on Photography

What is it with photographers these days? Are they really all terrorists, or does everyone just think they are?

Since 9/11, there has been an increasing war on photography. Photographers have been harassed, questioned, detained, arrested or worse, and declared to be unwelcome. We’ve been repeatedly told to watch out for photographers, especially suspicious ones. Clearly any terrorist is going to first photograph his target, so vigilance is required.

Except that it’s nonsense. The 9/11 terrorists didn’t photograph anything. Nor did the London transport bombers, the Madrid subway bombers, or the liquid bombers arrested in 2006. Timothy McVeigh didn’t photograph the Oklahoma City Federal Building. The Unabomber didn’t photograph anything; neither did shoe-bomber Richard Reid. Photographs aren’t being found amongst the papers of Palestinian suicide bombers. The IRA wasn’t known for its photography. Even those manufactured terrorist plots that the US government likes to talk about—the Ft. Dix terrorists, the JFK airport bombers, the Miami 7, the Lackawanna 6—no photography.

Given that real terrorists, and even wannabe terrorists, don’t seem to photograph anything, why is it such pervasive conventional wisdom that terrorists photograph their targets? Why are our fears so great that we have no choice but to be suspicious of any photographer?

Because it’s a movie-plot threat.

A movie-plot threat is a specific threat, vivid in our minds like the plot of a movie. You remember them from the months after the 9/11 attacks: anthrax spread from crop dusters, a contaminated milk supply, terrorist scuba divers armed with almanacs. Our imaginations run wild with detailed and specific threats, from the news, and from actual movies and television shows. These movie plots resonate in our minds and in the minds of others we talk to. And many of us get scared.

Terrorists taking pictures is a quintessential detail in any good movie. Of course it makes sense that terrorists will take pictures of their targets. They have to do reconnaissance, don’t they? We need 45 minutes of television action before the actual terrorist attack—90 minutes if it’s a movie—and a photography scene is just perfect. It’s our movie-plot terrorists that are photographers, even if the real-world ones are not.

The problem with movie-plot security is it only works if we guess the plot correctly. If we spend a zillion dollars defending Wimbledon and terrorists blow up a different sporting event, that’s money wasted. If we post guards all over the Underground and terrorists bomb a crowded shopping area, that’s also a waste. If we teach everyone to be alert for photographers, and terrorists don’t take photographs, we’ve wasted money and effort, and taught people to fear something they shouldn’t.

And even if terrorists did photograph their targets, the math doesn’t make sense. Billions of photographs are taken by honest people every year, 50 billion by amateurs alone in the US. And the national monuments you imagine terrorists taking photographs of are the same ones tourists like to take pictures of. If you see someone taking one of those photographs, the odds are infinitesimal that he’s a terrorist.

Of course, it’s far easier to explain the problem than it is to fix it. Because we’re a species of storytellers, we find movie-plot threats uniquely compelling. A single vivid scenario will do more to convince people that photographers might be terrorists than all the data I can muster to demonstrate that they’re not.

Fear aside, there aren’t many legal restrictions on what you can photograph from a public place that’s already in public view. If you’re harassed, it’s almost certainly a law enforcement official, public or private, acting way beyond his authority. There’s nothing in any post-9/11 law that restricts your right to photograph.

This is worth fighting. Search “photographer rights” on Google and download one of the several wallet documents that can help you if you get harassed; I found one for the UK, US, and Australia. Don’t cede your right to photograph in public. Don’t propagate the terrorist photographer story. Remind them that prohibiting photography was something we used to ridicule about the USSR. Eventually sanity will be restored, but it may take a while.

This essay originally appeared in The Guardian.

EDITED TO ADD (6/6): Interesting comment by someone who trains security guards.

EDITED TO ADD (6/13): More on photographers’ rights in the U.S.

Posted on June 5, 2008 at 6:44 AMView Comments

More on Airplane Seat Cameras

I already blogged this once: an airplane-seat camera system that tries to detect terrorists before they leap up and do whatever they were planning on doing. Amazingly enough, the EU is “testing” this system:

Each camera tracks passengers’ facial expressions, with the footage then analysed by software to detect developing terrorist activity or potential air rage. Six wide-angle cameras are also positioned to monitor the plane’s aisles, presumably to catch anyone standing by the cockpit door with a suspiciously crusty bread roll.

But since people never sit still on planes, the software’s also designed so that footage from multiple cameras can be analysed. So, if one person continually walks from his seat to the bathroom, then several cameras can be used to track his facial movements.

The software watches for all sorts of other terrorist-like activities too, including running in the cabin, someone nervously touching their face or excessive sweating. An innocent nose scratch won’t see the F16s scrambled, but a combination of several threat indicators could trigger a red alert.

This pegs the stupid meter. All it will do is false alarm. No one has any idea what sorts of facial characteristics are unique to terrorists. And how in the world are they “testing” this system without any real terrorists? In any case, what happens when the alarm goes off? How exactly is a ten-second warning going to save people?

Sure, you can invent a terrorist tactic where a system like this, assuming it actually works, saves people—but that’s the very definition of a movie-plot threat. How about we spend this money on something that’s effective in more than just a few carefully chosen scenarios?

Posted on June 4, 2008 at 12:05 PMView Comments

Spray-On Explosive Detector

Interesting:

William Trogler and his team at the University of California, San Diego, made a silafluorene-fluorene copolymer to identify nitrogen-containing explosives. It is the first of its kind to act as a switchable sensor with picogram (10-15g) detection limits, and is reported in the Royal Society of Chemistry’s Journal of Materials Chemistry.

Trogler’s polymer can detect explosives at much lower levels than existing systems because it detects particles instead of explosive vapours. In the team’s new method one simply sprays the polymer solution over the test area, let it dry, and shine UV light on it. Spots of explosive quench the fluorescent polymer and turn blue….

Posted on May 28, 2008 at 12:40 PMView Comments

BlackBerry Giving Encryption Keys to Indian Government

RIM encrypts e-mail between BlackBerry devices and the server the server with 256-bit AES encryption. The Indian government doesn’t like this at all; they want to snoop on the data. RIM’s response was basically: That’s not possible. The Indian government’s counter was: Then we’ll ban BlackBerries. After months of threats, it looks like RIM is giving in to Indian demands and handing over the encryption keys.

EDITED TO ADD (5/27): News:

BlackBerry vendor Research-In-Motion (RIM) said it cannot hand over the message encrytion key to the government as its security structure does not allow any ‘third party’ or even the company to read the information transferred over its network.

EDITED TO ADD (7/2): Looks like they have resolved the impasse.

Posted on May 21, 2008 at 2:09 PMView Comments

Terrorists Attacking via Air Conditioners

From the DHS and the FBI, a great movie-plot threat:

It is possible to introduce chemical or biological agents directly into external air-intakes or internal air-circulation systems. Unless the building has carbon filters (or the equivalent), volatile chemical agents would not be stopped and would enter the building untenanted.

[…]

Other scenarios involve the use of helicopters equipped with agricultural spraying equipment to discharge large chemical or biological contaminant clouds near external or roof-mounted air intakes or ventilators.

[…]

Terrorists have considered producing a radiological dispersal device (RDD) by burning or exploding a source or sources containing radioactive material. If large quantities of easily dispersed radioactive material were released or exploded near an HVAC intake or circulation system, it is possible that targeted individuals could suffer some adverse health effects.

I’m sure glad my government is working on this stuff.

Posted on May 16, 2008 at 12:03 PMView Comments

1 42 43 44 45 46 80

Sidebar photo of Bruce Schneier by Joe MacInnis.