Ramblings & ephemera

Problems with ID cards

From Bruce Schneier’s Crypto-Gram of 15 April 2004: My argument may not be obvious, but it’s not hard to follow, either. It centers around the notion that security must be evaluated not based on how it works, but on how it fails. It doesn’t really matter how well an ID card works when used by […]

Woody Allen’s atheism

From Robert E. Lauder’s interview with Woody Allen, “Whatever Works” (Commonweal: 15 April 2010): Well, you know, you want some kind of relief from the agony and terror of human existence. Human existence is a brutal experience to me…it’s a brutal, meaningless experience—an agonizing, meaningless experience with some oases, delight, some charm and peace, but […]

Warnings about invalid security certs are ignored by users

Image by rustybrick via Flickr From Robert McMillan’s “Security certificate warnings don’t work, researchers say” (IDG News Service: 27 July 2009): In a laboratory experiment, researchers found that between 55 percent and 100 percent of participants ignored certificate security warnings, depending on which browser they were using (different browsers use different language to warn their […]

RFID security problems

photo credit: sleepymyf 2005 From Brian Krebs’ “Leaving Las Vegas: So Long DefCon and Blackhat” (The Washington Post: 1 August 2005): DefCon 13 also was notable for being the location where two new world records were set — both involved shooting certain electronic signals unprecedented distances. Los Angeles-based Flexilis set the world record for transmitting […]

How to deal with the fact that users can’t learn much about security

From Bruce Schneier’s “Second SHB Workshop Liveblogging (4)” (Schneier on Security: 11 June 2009): Diana Smetters, Palo Alto Research Center …, started with these premises: you can teach users, but you can’t teach them very much, so you’d better carefully design systems so that you 1) minimize what they have to learn, 2) make it […]

A better alternative to text CAPTCHAs

From Rich Gossweiler, Maryam Kamvar, & Shumeet Baluja’s “What’s Up CAPTCHA?: A CAPTCHA Based On Image Orientation” (Google: 20-24 April 2009): There are several classes of images which can be successfully oriented by computers. Some objects, such as faces, cars, pedestrians, sky, grass etc. … Many images, however, are difficult for computers to orient. For […]

How the fundamentalist thinks

From ScienceDaily’s “Brain Differences Found Between Believers In God And Non-believers” (5 March 2009): In two studies led by Assistant Psychology Professor Michael Inzlicht, participants performed a Stroop task – a well-known test of cognitive control – while hooked up to electrodes that measured their brain activity. Compared to non-believers, the religious participants showed significantly […]

Crazy anti-terrorism plans that worked

From a Special Operations officer quoted in Tom Ricks’s Inbox (The Washington Post: 5 October 2008): One of the most interesting operations was the laundry mat [sic]. Having lost many troops and civilians to bombings, the Brits decided they needed to determine who was making the bombs and where they were being manufactured. One bright […]

CCTV in your plane’s cabin?

From Michael Reilly’s “In-flight surveillance could foil terrorists in the sky” (New Scientist: 29 May 2008): CCTV cameras are bringing more and more public places under surveillance – and passenger aircraft could be next. A prototype European system uses multiple cameras and “Big Brother” software to try and automatically detect terrorists or other dangers caused […]

US government makes unsafe RFID-laden passports even less safe through business practices

From Bill Gertz’s “Outsourced passports netting govt. profits, risking national security” (The Washington Times: 26 March 2008): The United States has outsourced the manufacturing of its electronic passports to overseas companies — including one in Thailand that was victimized by Chinese espionage — raising concerns that cost savings are being put ahead of national security, […]

Bush, rhetoric, & the exercise of power

From Mark Danner’s “Words in a Time of War: Taking the Measure of the First Rhetoric-Major President” (Tomgram: 10 May 2007): [Note: This commencement address was given to graduates of the Department of Rhetoric at Zellerbach Hall, University of California, Berkeley, on May 10, 2007] … I give you my favorite quotation from the Bush […]

The future of security

From Bruce Schneier’s “Security in Ten Years” (Crypto-Gram: 15 December 2007): Bruce Schneier: … The nature of the attacks will be different: the targets, tactics and results. Security is both a trade-off and an arms race, a balance between attacker and defender, and changes in technology upset that balance. Technology might make one particular tactic […]

Problems with airport security

From Jeffrey Goldberg’s “The Things He Carried” (The Atlantic: November 2008): Because the TSA’s security regimen seems to be mainly thing-based—most of its 44,500 airport officers are assigned to truffle through carry-on bags for things like guns, bombs, three-ounce tubes of anthrax, Crest toothpaste, nail clippers, Snapple, and so on—I focused my efforts on bringing […]

Bruce Schneier on wholesale, constant surveillance

From Stephen J. Dubner’s interview with Bruce Schneier in “Bruce Schneier Blazes Through Your Questions” (The New York Times: 4 December 2007): There’s a huge difference between nosy neighbors and cameras. Cameras are everywhere. Cameras are always on. Cameras have perfect memory. It’s not the surveillance we’ve been used to; it’s wholesale surveillance. I wrote […]

Richard Stallman on why “intellectual property” is a misnomer

From Richard Stallman’s “Transcript of Richard Stallman at the 4th international GPLv3 conference; 23rd August 2006” (FSF Europe: 23 August 2006): Anyway, the term “intellectual property” is a propaganda term which should never be used, because merely using it, no matter what you say about it, presumes it makes sense. It doesn’t really make sense, […]

More problems with voting, election 2008

From Ian Urbina’s “High Turnout May Add to Problems at Polling Places” (The New York Times: 3 November 2008): Two-thirds of voters will mark their choice with a pencil on a paper ballot that is counted by an optical scanning machine, a method considered far more reliable and verifiable than touch screens. But paper ballots […]

Matthew, the blind phone phreaker

From Kevin Poulsen’s “Teenage Hacker Is Blind, Brash and in the Crosshairs of the FBI” (Wired: 29 February 2008): At 4 in the morning of May 1, 2005, deputies from the El Paso County Sheriff’s Office converged on the suburban Colorado Springs home of Richard Gasper, a TSA screener at the local Colorado Springs Municipal […]

How Obama raised money in Silicon Valley & using the Net

From Joshua Green’s “The Amazing Money Machine” (The Atlantic: June 2008): That early fund-raiser [in February 2007] and others like it were important to Obama in several respects. As someone attempting to build a campaign on the fly, he needed money to operate. As someone who dared challenge Hillary Clinton, he needed a considerable amount […]

Cloned trucks used to commit crimes

From Brian Ross’ “Fake FedEx Trucks; When the Drugs Absolutely Have to Get There” (ABC News: 18 January 2008): Savvy criminals are using some of the country’s most credible logos, including FedEx, Wal-Mart, DirecTV and the U.S. Border Patrol, to create fake trucks to smuggle drugs, money and illegal aliens across the border, according to […]

The latest on electronic voting machines

From James Turner’s interview with Dr. Barbara Simons, past President of the Association for Computing Machinery & recent appointee to the Advisory Board of the Federal Election Assistance Commission, at “A 2008 e-Voting Wrapup with Dr. Barbara Simons” (O’Reilly Media: 7 November 2008): [Note from Scott: headers added by me] Optical Scan: Good & Bad […]