Science Addiction

A dormant blog by Devanshu Mehta

Tag: Security

If Airport Security Wasn’t Funny Enough




Airport Security ftw!

Originally uploaded by sirbrett84.

Via Schneier, here’s a funny little photo that sums up many thoughts I have about Airport security. I wish there was a button to click to fix the problem…

FBI Employees Face Criminal Probe Over Patriot Act

According to an article at Wired.com, “FBI personnel who used misleading emergency letters to acquire thousands of Americans’ phone records are the subject of a criminal investigation […] The privately disclosed investigation would mark the first time government officials have faced possible prosecution for misuse of Patriot Act investigative tools.”

Also- you can “help out the EFF”:http://www.eff.org/deeplinks/archives/005349.php go through the documents received via Freedom of Information Act requests regarding the FBI PATRIOT ACT abuses.

Habeas Corpus and Other Quaint Ideas From the Past

While I admit that there may be some geeky fashions and some fashion geeks, here at Science Addiction I try to stay away from fashion. But this one is different.

See, back in the 20th century- and in fact, much earlier- there used to be a quaint concept called Habeas Corpus that was quite in vogue. Now, along with the dot-com boom (renamed as Web2.0) and the Y2K crisis (renamed as Daylight Savings bug), this idea from the past is making a come back!

It’s all Greek to me, you say. Well, it’s Latin, young Geek. Habeas Corpus, literally translated as you have the body.

In the legal system, in many countries around the world including the United States, it means that a person detained by the government has the right to seek relief from unlawful imprisonment. The United States Constitution specifically states that it shall not be suspended, unless there is a rebellion or invasion and the public safety requires it.
Read the rest of this entry »

A Great Cory Doctorow Speech at USC

SciFi writer, activist, “BoingBoing”:http://www.boingboing.net editor, EFF evangelist and now US-Canada Fulbright Chair at the University of Southern California recently gave a talk to people at USC that covers many topics ranging from digital freedoms to science fiction that is “truly worth listening to”:http://uscpublicdiplomacy.com/audio/060830_doctorow.mp3 [MP3]. Of course, the greatest Cory Doctorow speech of them all is his “talk at Microsoft about why DRM is bad for business, bad for people, bad for artists and bad technology”:http://researchchannel.org/prog/displayevent.asp?rid=3302 (streaming video). The “text of that talk is also available”:http://www.dashes.com/anil/stuff/doctorow-drm-ms.html online.

Classic Security Book Now Free

Ross Anderson’s classic security book “Security Engineering”:http://www.cl.cam.ac.uk/~rja14/book.html is now available for free on his web site. This is a fantastic and fundamental resource for anyone interested in security. Good to see the publisher agree to this- with the new school year starting, it is great timing as well.

Terror Without the Terrorism

Bruce Schneier has “a fantastic article at Wired.com”:http://www.wired.com/news/columns/0,71642-0.html?tw=wn_columns_securitymatters_1 on the aftermath of the supposed London terror plots. The terror plots were not near fruition, they were apprehended by solid law enforcement tactics, the science of the plots has been debunked and yet, our air-lives have been disrupted, our “leaders” are posturing and shrill rhetoric fills the vacuum.

Before you call me names, hear me out. The threat is real. However, the roller-coaster perceived threat-level and fear mongering is generating as much terror as terrorism itself.

From Schneier:

Regardless of the threat, from the would-be bombers’ perspective, the explosives and planes were merely tactics. Their goal was to cause terror, and in that they’ve succeeded.

Imagine for a moment what would have happened if they had blown up 10 planes. There would be canceled flights, chaos at airports, bans on carry-on luggage, world leaders talking tough new security measures, political posturing and all sorts of false alarms as jittery people panicked. To a lesser degree, that’s basically what’s happening right now.

Worst Privacy Debacles of All Time

“Wired”:http://www.wired.com/news/politics/privacy/0,71622-0.html has put up a list of the worst privacy debacles in the United States of all time. Of course, since this article was prompted by the “AOL debacle”:http://www.scienceaddiction.com/2006/08/18/take-action-aol-privacy-and-the-database-of-intentions/ that incident in particular has not made the list. I wonder if it would have made the list, and if so, at what position. I would rank it pretty high on importance on principle but low on potential damage to individuals.

This list is pretty good, and the #1 position is my favorite:

*1. The creation of the Social Security Number:*
Although security blogger Adam Shostack is known for his expertise on information-age data leaks, he considers the creation of the Social Security Number in 1936 to be the “largest privacy disaster in the history of the U.S.” Referencing controversy over the card’s creation at the time, he said, “Ironically, privacy advocates warned that the number would become a de facto national ID, and their concerns were belittled, then proven right, setting a pattern that still goes on today.”

The AOL Breach Aftermath

The repercussions of the “severe breach of trust by AOL”:http://www.scienceaddiction.com/2006/08/18/take-action-aol-privacy-and-the-database-of-intentions/ a few weeks ago, when they released the search records of more than 650,000 users, are beginning to be felt by those responsible.

“AP is reporting”:http://news.yahoo.com/s/ap/20060821/ap_on_hi_te/aol_search_privacy that three employees connected with the release of the records are no longer working for the company. The individual researcher and his/her supervisor have been fired and the chief technology officer Maureen Govern has either been fired or has resigned.

Holding individuals responsible is a good starting point, but is far from enough. This move only sends a signal to other employees within the company, but there is still no clear message for other companies with similar lax data retention and release policies. AOL must suffer heavy financial consequences so that every company that is entrusted with customer information considers it in their best interest to take that trust seriously. As things stand right now, there is only a vague threat of losing customers but unfortunately this is neither tangible nor obvious.

NSA Eavesdropping Ruled Unconstitutional (updated)

This is fantastic news- a federal judge ruled today that the “NSA eavesdropping program is unconstitutional”:http://www.cnn.com/2006/POLITICS/08/17/domesticspying.lawsuit.ap/index.html in the case that the ACLU brought against it. The government contended that it was within the President’s authority, and the details were state secrets but the judge did not buy it. The ACLU argument was that the President had already admitted the program and the publicly available information was sufficient for the judge to rule on.

The judge ordered an immediate halt to the program.

*UPDATE*:
* A “pdf of the judge’s ruling”:http://i.a.cnn.net/cnn/2006/images/08/17/nsa.lawsuit.pdf
* A quote from the judge:

Judge Taylor states that “[t]here are no hereditary Kings in America and no powers not created by the Constitution,” so all the president’s “inherent powers” must derive from the Constitution.

*UPDATE #2*
* Attorney General Gonzales “says he will appeal”:http://www.cnn.com/2006/POLITICS/08/17/domesticspying.lawsuit/index.html to a higher court. “Contribute to the ACLU”:http://action.aclu.org/site/PageServer?pagename=FJ_donationhome to keep up the good fight.

95 Theses of Geek Activism

Geek activism has not taken off yet, but it should. With the gamers recognizing the need for a louder voice, EFF gaining momentum and Linux taking on the mainstream on the one hand and recent severe losses in privacy, freedom of speech and intellectual property rights on the other, now seems to be the best time to rally around the cause.

Geeks are not known to be political or highly vocal (outside of our own circles)- this must change if we want things to improve. So here is my list of things people of all shapes, sizes and sides of the debate need to know. Some of these are obvious, others may not be meant for you. But hopefully, some of these will inspire you to do the right thing and others will help you frame the next discussion, debate or argument you have on these topics. Read the rest of this entry »