Entries Tagged "UK"

Page 3 of 18

Stories from MI5

This essay is filled with historical MI5 stories—often bizarre, sometimes amusing. My favorite:

It was recently revealed that back in the 1970s—at the height of the obsession with traitors—MI5 trained a specially bred group of Gerbils to detect spies. Gerbils have a very acute sense of smell and they were used in interrogations to tell whether the suspects were releasing adrenaline—because that would show they were under stress and lying.

Then they tried the Gerbils to see if they could detect terrorists who were about to carry a bomb onto a plane. But the gerbils got confused because they couldn’t tell the difference between the terrorists and ordinary people who were frightened of flying who were also pumping out adrenaline in their sweat.

So the gerbils failed as well.

Posted on August 14, 2013 at 12:06 PMView Comments

Scientists Banned from Revealing Details of Car-Security Hack

The UK has banned researchers from revealing details of security vulnerabilities in car locks. In 2008, Phillips brought a similar suit against researchers who broke the Mifare chip. That time, they lost. This time, Volkswagen sued and won.

This is bad news for security researchers. (Remember back in 2001 when security researcher Ed Felten sued the RIAA in the US to be able to publish his research results?) We’re not going to improve security unless we’re allowed to publish our results. And we can’t start suppressing scientific results, just because a big corporation doesn’t like what it does to their reputation.

EDITED TO ADD (8/14): Here’s the ruling.

Posted on August 1, 2013 at 6:37 AMView Comments

Alan Turing Cryptanalysis Papers

GCHQ, the UK government’s communications headquarters, has released two new—well, 70 years old, but new to us—cryptanalysis documents by Alan Turing.

The papers, one entitled The Applications of Probability to Crypt, and the other entitled Paper on the Statistics of Repetitions, discuss mathematical approaches to code breaking.

[…]

According to the GCHQ mathematician, who identified himself only as Richard, the papers detailed using “mathematical analysis to try and determine which are the more likely settings so that they can be tried as quickly as possible.”

The papers don’t seem to be online yet, but here’s their National Archives data.

EDITED TO ADD (5/12): The papers are available for download at GBP 3.50 each.

Posted on April 23, 2012 at 6:18 AMView Comments

British Tourists Arrested in the U.S. for Tweeting

Does this story make sense to anyone?

The Department of Homeland Security flagged him as a potential threat when he posted an excited tweet to his pals about his forthcoming trip to Hollywood which read: ‘Free this week, for quick gossip/prep before I go and destroy America’.

After making their way through passport control at Los Angeles International Airport (LAX) last Monday afternoon the pair were detained by armed guards.

Despite telling officials the term ‘destroy’ was British slang for ‘party’, they were held on suspicion of planning to ‘commit crimes’ and had their passports confiscated.

There just as to be more than this story. The DHS isn’t monitoring the Tweets of random British tourists—they just can’t be.

EDITED TO ADD (1/30): According to DHS documents received by EPIC, the DHS monitors the Internet, including social media.

In February 2011, the Department of Homeland Security announced that the agency planned to implement a program that would monitor media content, including social media data. The proposed initiatives would gather information from “online forums, blogs, public websites, and messages boards” and disseminate information to “federal, state, local, and foreign government and private sector partners.” The program would be executed, in part, by individuals who established fictitious usernames and passwords to create covert social media profiles to spy on other users. The agency stated it would store personal information for up to five years.

[…]

The records reveal that the DHS is paying General Dynamics to monitor the news. The agency instructed the company to monitor for “[media] reports that reflect adversely on the U.S. Government, DHS, or prevent, protect, respond government activities.”

[…]

The DHS instructed the company to “Monitor public social communications on the Internet.” The records list the websites that will be monitored, including the comments sections of [The New York Times, The Los Angeles Times, the Huffington Post, the Drudge Report, Wired, and ABC News.]”

Still, I have trouble believing that this is what happened. For this to work General Dynamics would have had to monitor Twitter for key words. (“Destroy America” is certainly a good key word to search for.) Then, they would have to find out the real name associated with the Twitter account—unlike Facebook or Google+, Twitter doesn’t have real name information—so the TSA could cross-index that name with the airline’s passenger manifests. Then the TSA has to get all this information into the INS computers, so that the border control agent knows to detain him. Sure, it sounds straightforward, but getting all those computers to talk to each other that fast isn’t easy. There has to be more going on here.

EDITED TO ADD (1/30): One reader points out that this story is from the Daily Mail, and that it’s prudent to wait for some more reputable news source to report the story.

EDITED TO ADD (1/30): There’s another story from The Register, but they’re just using the Daily Mail.

EDITED TO ADD (1/30): The FBI is looking for someone to build them a system that can monitor social networks.

The information comes from a document released on 19 January looking for companies who might want to build a monitoring system for the FBI. It spells out what the bureau wants from such a system and invites potential contractors to reply by 10 February.

The bureau’s wish list calls for the system to be able to automatically search “publicly available” material from Facebook, Twitter and other social media sites for keywords relating to terrorism, surveillance operations, online crime and other FBI missions. Agents would be alerted if the searches produce evidence of “breaking events, incidents, and emerging threats.”

Agents will have the option of displaying the tweets and other material captured by the system on a map, to which they can add layers of other data, including the locations of US embassies and military installations, details of previous terrorist attacks and the output from local traffic cameras.

EDITED TO ADD (1/30): New reports are saying that customs was tipped off about the two people, and their detention was not a result of data mining:

“Based on information provided by the LAX Port Authority Infoline—a suspicious activity tipline—CBP conducted a secondary interview of two subjects presenting for entry into the United States,” says the spokesperson, who notes that the CBP “denies entry to thousands of individuals” each year. “Information gathered during this interview revealed that both individuals were inadmissible to the United States and were returned to their country of residence.”

This makes a lot more sense to me.

Posted on January 30, 2012 at 10:52 AMView Comments

"Operation Pumpkin"

Wouldn’t it be great if this were not a joke: the security contingency that was in place in the event that Kate Middleton tried to run away just before the wedding.

After protracted, top-secret negotiations between royal staff from Clarence House and representatives from the Metropolitan Police, MI5 and elements of the military, a compromise was agreed. In the event of Operation Pumpkin being put into effect Ms Middleton will be permitted to run out of Westminster Abbey with her bodyguards trailing discreetly at a distance. Plain-clothes undercover police, MI5 officers and SAS soldiers stationed in the crowd will form a mobile flying wedge ahead of her, clearing a path for the fugitive future princess to escape down.

Prince William will then have a limited time, the subject of tense negotiations between Clarence House and security chiefs, in which the path behind Ms Middleton will be kept open for him to go after her, after which the mobile protective cordon will close again at the Abbey end due to lack of manpower and the Prince will have let his bride slip through his fingers.

If Wills reacts fast enough, however, he will be able to chase after his fleeing fiancee for just under half a mile.

I wonder what security would have done if she just took off and ran.

EDITED TO ADD (5/5): The double negative in the first sentence has confused some people. To be clear: the article quoted, and Operation Pumpkin in general, is fiction.

Posted on May 4, 2011 at 12:15 PMView Comments

Security Fears of Wi-Fi in London Underground

The London Underground is getting Wi-Fi. Of course there are security fears:

But Will Geddes, founder of ICP Group which specialises in reducing terror or technology-related threats, said the plan was problematic.

He said: “There are lots of implications in terms of terrorism and security.

“This will enable people to use their laptop on the Tube as if it was a cell phone.”

Mr Geddes said there had been numerous examples of bomb attacks detonated remotely by mobile phone in Afghanistan and Iraq.

He warned a wi-fi system would enable a terror cell to communicate underground.

And he said “Trojan” or eavesdropping software could be used to penetrate users’ laptops and garner information such as bank details.

Mr Geddes added: “Eavesdropping software can be found and downloaded within minutes.”

This is just silly. We could have a similar conversation regarding any piece of our infrastructure. Yes, the bad guys could use it, just as they use telephones and automobiles and all-night restaurants. If we didn’t deploy technologies because of this fear, we’d still be living in the Middle Ages.

Posted on April 13, 2011 at 1:14 PMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.