Surveillance and Ubiquity

HexView has an article about tracking vehicles with RFID tire pressure monitors. The devices are found in tires and transmit tire pressure to the engine control module, which sounds innocuous enough, but to prevent modules from reading neighboring cars’ tires by accident, they also transmit a unique ID. Thus, you can follow a car around […]

anonymity, hardware, legal, privacy, risk, society, terrorism

The Resilient Society, and How Not To Build It

Today I found a link to an article by my least-favorite current presidential candidate, Rudy Giuliani. I was expecting a cavalcade of fear-mongering — his usual stock in trade — but discovered to my surprise an article entitled “The Resilient Society.” This gave me pause, as resilience is precisely what I believe must be the […]

legal, risk, society, terrorism

The War on the Unexpected

Bruce Schneier has a good post today called “The War on the Unexpected,” about the unintended results of asking the general population to report anything suspicious.  Even discounting deliberate malfeasance (reporting the neighbor you don’t like as “suspicious”), people find a lot of things suspicious, and the gatekeepers have no motivation to apply intelligent filtering […]

risk, society, terrorism

The Inevitability of False Positives

I was reading an article about web scanner coverage and false positives by Larry Suto that RSnake linked to on ha.ckers. Though this is only tangentially related to the actual paper, it reminded me of something interesting — the inevitability of false positives when detecting something rare. When measuring the error of a detection process, […]

risk, statistics, terrorism

SCADA Hacking Renders Vital Infrastructure Vulnerable

Forbes.com recently had an article called “America’s Hackable Backbone” regarding the recent surge in SCADA hacking. SCADA, Supervisory Control And Data Acquisition, is a truly ancient protocol, in use for over 20 years, which was not remotely designed with security in mind. At the time, SCADA was used only on dedicated networks that lacked any […]

hardware, risk, SOA/XML, terrorism