Water that uniquely identifies its owner

science, security, writing ideas / /

From SmartWater Technology:

SmartWater Security Systems are forensic coding systems which can be applied in several ways:

SmartWater Tracer

An aqueous based solution with a unique forensic code.

SmartWater Tracer uniquely codes your property, whilst being virtually invisible to the naked eye, glows under UV light and is practically impossible to remove entirely. Tracer is used in commercial businesses, schools, hospitals and other organisations. Tracer is also used in our Home Coding System so that you can use it safely on jewellery and other sentimental items.

SmartWater Instant

Forensic Coding combined with microdot technology.

SmartWater has been designed to protect household property and motor vehicles. Each bottle of SmartWater solution contains a unique forensic code, which is assigned to a household or vehicle.

An additional feature of SmartWater Instant is the inclusion of tiny micro-dot particles which enable Police to quickly identify the true owner of the property.

SmartWater SuperLabel

Forensic Coding is embedded into the adhesive of tamper resistant labels – combines effective asset management with the protection of Tracer.

The SuperLabel is designed to be tamper resistant making it extremely difficult to remove. Should the label be removed, ownership of the asset can be established from the smallest speck of adhesive, as it contains the forensic code. As with the other SmartWater products this is also designed to glow under Ultra Violet light. Your company logo can also be incorporated into the adhesive, providing quick identification of the true owner of the property.

Water that uniquely identifies its owner Read More »

Don’t fly where we won’t tell you not to fly

security, true stories / /

From Bruce Schneier’s “The Silliness of Secrecy“, quoting The Wall Street Journal:

Ever since Sept. 11, 2001, the federal government has advised airplane pilots against flying near 100 nuclear power plants around the country or they will be forced down by fighter jets. But pilots say there’s a hitch in the instructions: aviation security officials refuse to disclose the precise location of the plants because they consider that “SSI” — Sensitive Security Information.

“The message is; ‘please don’t fly there, but we can’t tell you where there is,'” says Melissa Rudinger of the Aircraft Owners and Pilots Association, a trade group representing 60% of American pilots.

Determined to find a way out of the Catch-22, the pilots’ group sat down with a commercial mapping company, and in a matter of days plotted the exact geographical locations of the plants from data found on the Internet and in libraries. It made the information available to its 400,000 members on its Web site — until officials from the Transportation Security Administration asked them to take the information down. “Their concern was that [terrorists] mining the Internet could use it,” Ms. Rudinger says.

Don’t fly where we won’t tell you not to fly Read More »

Brandeis on openness in business, society, & government

business, commonplace book, politics, security / /

From Bruce Schneier’s “Brandeis Quote on Openness“:

Louis D. Brandeis, Other People’s Money and How the Bankers Use It 92 (1914): “Publicity is justly commended as a remedy for social and industrial diseases. Sunlight is said to be the best of disinfectants; electric light the most efficient policeman.”

[Note: Also in Harper’s Weekly, Dec 20 1913]

Brandeis on openness in business, society, & government Read More »

How to fake an anthrax scare

science, security, writing ideas / /

From Bruce Schneier’s “White Powder Anthrax Hoaxes“:

Earlier this month, there was an anthrax scare at the Indonesian embassy in Australia. Someone sent them some white powder in an envelope, which was scary enough. Then it tested positive for bacillus. The building was decontaminated, and the staff was quarantined for twelve hours. By then, tests came back negative for anthrax.

A lot of thought went into this false alarm. The attackers obviously knew that their white powder would be quickly tested for the presence of a bacterium of the bacillus family (of which anthrax is a member), but that the bacillus would have to be cultured for a couple of days before a more exact identification could be made. So even without any anthrax, they managed to cause two days of terror.

… In an interesting side note, the media have revealed for the first time that 360 “white powder” incidents have taken place since 11 September 2001. This news had been suppressed by the government, which had issued D notices to the media for all such incidents. So there has been one such incident approximately every four days — an astonishing number, given Australia’s otherwise low crime rate.

How to fake an anthrax scare Read More »

Zombies from China attack Internet

security / /

From Computerworld‘s “Army of zombies invades China“:

China’s rapid Internet growth has brought with it a somewhat disturbing side effect: multiplying zombies up to no good.

Zombies, or Internet-connected computers infected by worms or viruses and under the control of a hacker, are used to launch denial-of-service (DoS) attacks, or send spam or phishing e-mails. An average of 157,000 new zombies are identified each day, and 20% of these are in China, security company CipherTrust Inc. reported this week.

… “Criminals look for a weaker link, so places like China, or anywhere behind the U.S. in terms of computer literacy, are a good target,” Stanley said.

China’s fast-growing Internet population is also an attraction, he said. As of January, there were 94 million Internet users in the China, up 18% from the year before, according to the China Internet Network Information Center (CNNIC).

Zombies from China attack Internet Read More »

A living story, tattooed on flesh

commonplace book, cool stuff, fiction, language & literature, on writing, weird / /

From The New York Times Magazine‘s “Skin Literature“:

Most artists spend their careers trying to create something that will live forever. But the writer Shelley Jackson is creating a work of literature that is intentionally and indisputably mortal. Jackson is publishing her latest short story by recruiting 2,095 people, each of whom will have one word of the story tattooed on his or her body. The story, titled ‘Skin,’ will appear only on the collective limbs, torsos and backsides of its participants. And decades from now, when the last of Jackson’s ‘words’ dies, so, too, will her tale.

As of November, Jackson, the Brooklyn-based author of a short-story collection called ‘The Melancholy of Anatomy,’ had enrolled about 1,800 volunteers, some from such distant countries as Argentina, Jordan, Thailand and Finland. Participants, who contact Jackson through her Web site, cannot choose which word they receive. And their tattoos must be inked in the font that Jackson has specified. But they do have some freedom to bend and stretch the narrative. They can select the place on their bodies they want to become part of the Jackson opus. In return, Jackson asks her ‘words’ to sign a 12-page release absolving her of liability and promising not to share the story with others. (Participants are the only people who will get to see the full text of the story.) They must also send her two photographs — one of the word on their skin, the other a portrait of themselves without the word visible — which she may later publish or exhibit.

… Mothers and daughters are requesting consecutive words. So are couples, perhaps hoping to form the syntactic equivalent of a civil union. For others, the motives are social: Jackson is encouraging her far-flung words to get to know each other via e-mail, telephone, even in person. (Imagine the possibilities. A sentence getting together for dinner. A paragraph having a party.) …

… when a participant meets his or her demise, Jackson vows, she will try to attend that person’s funeral. But the 41-year-old author understands that some of her 2,095 collaborators, many of whom are in their 20’s, might outlive her. If she dies first, she says, she hopes several of them will come to her funeral and make her the first writer ever to be mourned by her words.

A living story, tattooed on flesh Read More »

To counterbalance that last one

commonplace book, overheard / /

From Ben Jones’s “Benblog“:

That is our challenge, unique in the cosmos, to know that our own brief existence is simply a moment in time, and to experience that breath in the universe with a smile, knowing that we will fade once again into the oneness, floating someday, cosmic dust in a snowflake, minerals floating the phloem, breathed ourselves in and out of the ever unfolding universe.

To counterbalance that last one Read More »

Greatest 1st sentence of any blog post, ever

commonplace book, overheard / /

From Ben Jones’s “Benblog“:

In thinking through my sadness about whether or not I alone can help stave off the destruction of humanity, as important as I feel it is to ensure we do not subject future generations to endless strife, I couldn’t help seeing the aged sadness in my eyes, facing the near futility of the task, and the personal sacrifices that entails, if nothing else than subjecting one’s conscience every day to the true misery of the world we’ve made, by our own choice.

Greatest 1st sentence of any blog post, ever Read More »

Commanding the waves to stop

commonplace book, history / /
Author: Earth Network Editor Use: Image in pub...
Image via Wikipedia

From Wikipedia’s “Canute the Great“:

[King Canute (994/995 – November 12, 1035)] is perhaps best remembered for the legend of how he commanded the waves to go back. According to the legend, he grew tired of flattery from his courtiers. When one such flatterer gushed that the king could even command the obedience of the sea, Canute proved him wrong by practical demonstration at Bosham, his point being that even a king’s powers have limits. Unfortunately, this legend is usually misunderstood to mean that he believed himself so powerful that the natural elements would obey him, and that his failure to command the tides only made him look foolish. It is quite possible that the legend is simply pro-Canute propaganda.

Commanding the waves to stop Read More »

Global secrets are poor security

security / /

From Bruce Schneier’s “The Keys to the Sydney Subway“:

Global secrets are generally considered poor security. The problems are twofold. One, you cannot apply any granularity to the security system; someone either knows the secret or does not. And two, global secrets are brittle. They fail badly; if the secret gets out, then the bad guys have a pretty powerful secret.

This is the situation right now in Sydney, where someone stole the master key that gives access to every train in the metropolitan area, and also starts them. …

Another problem with global secrets is that it’s expensive to recover from a security failure. …

A final problem with global secrets is that it’s simply too easy to lose control of them.

Global secrets are poor security Read More »

Four principles of modernity

commonplace book, science / /

From “Relativity, Uncertainty, Incompleteness and Undecidability“:

In this article four fundamental principles are presented: relativity, uncertainty, incompleteness and undecidability. They were studied by, respectively, Albert Einstein, Werner Heisenberg, Kurt Gödel and Alan Turing. …

Relativity says that there is no privileged, “objective” viewpoint for certain observations. … Now, if things move relative to each other, then obviously their positions at a given time are also measured relative to each other. …

Werner Heisenberg showed that if we built a machine to tell us with high precision were an electron is, this machine could not also tell us the speed of the electron. If we want to measure its speed without altering it we can use a different light but then we wouldn’t know where it is. At atomic scale, no instrument can tell us at the same time exactly where a particle is and exactly at what speed it is moving. …

If this system is complete, then anything that is true is provable. Similarly, anything false is provable false. Kurt Gödel got the intuition that traditional mathematical logic was not complete, and devoted several years to try to find one thing, a single thing that was inside the mathematics but outside the reach of logic. … Gödel’s incompleteness means that the classical mathematical logic deductive system, and actually any logical system consistent and expressive enough, is not complete, has “holes” full of expressions that are not logically true nor false. …

Turing’s halting problem is one of the problems that fall in to the category of undecidable problems. It says that it is not possible to write a program to decide if other program is correctly written, in the sense that it will never hang. This creates a limit to the verification of all programs, as all the attempts of building actual computers, usable in practice and different from Turing machines have been proved to be equivalent in power and limitations to the basic Turing machine.

Four principles of modernity Read More »

Funes the Memorious, for real

commonplace book, science / /

From “New form of superior memory syndrome found“:

Scientists at the University of California-Irvine have identified the first known case of a new, superior memory syndrome.

Researchers Elizabeth Parker, Larry Cahill and James McGaugh spent more than five years studying the case of “AJ,” a 40-year-old woman with incredibly strong memories of her personal past.

Given a date, AJ can recall with astonishing accuracy what she was doing on that date and what day of the week it was. Because her case is the first of its kind, the researchers have proposed a name for her syndrome — hyperthymestic syndrome — based on the Greek word thymesis for “remembering” and hyper, meaning “more than normal.” …

“What makes this young woman so remarkable is that she uses no mnemonic devices to help her remember things,” said McGaugh.

Funes the Memorious, for real Read More »

The incompetent don’t know it

commonplace book, science / /

From “Unskilled and Unaware of It“:

It seems that the reason for this phenomenon is obvious: The more incompetent someone is in a particular area, the less qualified that person is to assess anyone’s skill in that space, including their own. When one fails to recognize that he or she has performed poorly, the individual is left assuming that they have performed well. As a result, the incompetent will tend to grossly overestimate their skills and abilities. A few years ago, two men from the Department of Psychology at Cornell University made an effort to determine just how profoundly one misoverestimates one’s own skills in relation to one’s actual abilities. They made four predictions, and executed four studies.

Justin Kruger and David Dunning made the following predictions before beginning their investigation:

  • Incompetent individuals, compared with their more competent peers, will dramatically overestimate their ability and performance relative to objective criteria.
  • Incompetent individuals will suffer from deficient metacognitive skills, in that they will be less able than their more competent peers to recognize competence when they see it–be it their own or anyone else’s.
  • Incompetent individuals will be less able than their more competent peers to gain insight into their true level of performance by means of social comparison information. In particular, because of their difficulty recognizing competence in others, incompetent individuals will be unable to use information about the choices and performances of others to form more accurate impressions of their own ability.
  • The incompetent can gain insight about their shortcomings, but this comes (paradoxically) by making them more competent, thus providing them the metacognitive skills necessary to be able to realize that they have performed poorly.

… In short, the study showed that the researchers’ predictions were spot-on. …

Also interestingly, the top performers tended to underestimate their own performance compared to their peers. The researchers found that those participants fell prey to the false-consensus effect, a phenomenon where one assumes that one’s peers are performing at least as well as oneself when given no evidence to the contrary.

The incompetent don’t know it Read More »

How to really practice to get better

business, commonplace book / /

From “How to be an expert“:

Maybe the “naaturally talented artist” was simply the one who practiced a hell of a lot more. Or rather, a hell of a lot more deliberately. Dr. K. Anders Ericsson, professor of psychology at Florida State University, has spent most of his 20+ year career on the study of genuises, prodigies, and superior performers. In the book The New Brain (it was on my coffee table) Richard Restak quotes Ericsson as concluding:

“For the superior performer the goal isn’t just repeating the same thing again and again but achieving higher levels of control over every aspect of their performance. That’s why they don’t find practice boring. Each practice session they are working on doing something better than they did the last time.”

So it’s not just how long they practice, it’s how they practice. Basically, it comes down to something like this:

Most of us want to practice the things we’re already good at, and avoid the things we suck at. We stay average or intermediate amateurs forever.

Yet the research says that if we were willing to put in more hours, and to use those hours to practice the things that aren’t so fun, we could become good. Great. Potentially brilliant. We need, as Restak refers to it, “a rage to master.” That dedication to mastery drives the potential expert to focus on the most subtle aspects of performance, and to never be satisfied. There is always more to improve on, and they’re willing to work on the less fun stuff.

How to really practice to get better Read More »

3500 forgotten cans

commonplace book, weird, writing ideas / /

From “Mental Health Association of Portland“:

Over 3,500 copper canisters like these hold the cremated remains of patients of the Oregon State Hospital that went unclaimed by their families and friends. They sit on shelves in an abandoned building on the grounds of the Oregon State Hospital. They symbolize the loneliness, isolation, shame and despair too many patients of the hospital experienced.

Our members are helping find a final resting place for the remains. We have helped families find their lost relatives. We’re pressing the hospital and the state to create a suitable memorial. We’ve demanded former, current and future patients be advised and consulted about the creation of a memorial, its site, design and any ceremony.

oregon_cans.jpg

From The New York Times‘ “Long-Forgotten Reminders Of the Mentally Ill in Oregon”:

Next to the old mortuary, where the dead were once washed and prepared for burial or cremation, is a locked room without a name.

Inside the room, in a dim and dusty corner of one of many abandoned buildings on the decaying campus of the Oregon State Hospital here, are 3,489 copper urns, the shiny metal dull and smeared with corrosion, the canisters turning green.

The urns hold the ashes of mental patients who died here from the late 1880’s to the mid-1970’s. The remains were unclaimed by families who had long abandoned their sick relatives, when they were alive and after they were dead.

The urns have engraved serial numbers pressed into the tops of the cans. The lowest number on the urns still stored in the room is 01, the highest 5,118. Over the decades, about 1,600 families have reclaimed urns containing their relatives’ ashes, but those left are lined up meticulously on wood shelves. Short strips of masking tape with storage information are affixed to each shelf: ”Vault #2, Shelf #36, plus four unmarked urns,” one piece of tattered tape says.

Most of the labels that once displayed the full names of the dead patients have been washed off by water damage or peeled away by time. Still, a few frayed labels are legible: among the urns stored on one shelf are a Bess, a Ben and an Andrew.

3500 forgotten cans Read More »

A 4000 year old ship in the desert

commonplace book, history / /

From “World’s oldest ship timbers found in Egyptian desert“:

The oldest remains of seafaring ships in the world have been found in caves at the edge of the Egyptian desert along with cargo boxes that suggest ancient Egyptians sailed nearly 1,000 miles on rough waters to get treasures from a place they called God’s Land, or Punt.

Florida State University anthropology professor Cheryl Ward has determined that wooden planks found in the manmade caves are about 4,000 years old – making them the world’s most ancient ship timbers. Shipworms that had tunneled into the planks indicated the ships had weathered a long voyage of a few months, likely to the fabled southern Red Sea trading center of Punt, a place referenced in hieroglyphics on empty cargo boxes found in the caves, Ward said.

A 4000 year old ship in the desert Read More »

Interesting way to acquire someone’s signature

security / /

From Simson Garfinkel’s “Absolute Identification“, chapter 3 of Database Nation:

Already, the United Parcel Service, the nation’s largest package delivery service, is also the nation’s leader in biometric piracy. For most packages, UPS requires that a signature be written to serve as proof of delivery. In 1987, UPS started scanning the pen-and-ink signatures recorded for each package delivery. These images were stored in a database and faxed to any person who called UPS’s 800 number and asked for a ‘proof of delivery’ receipt. In 1990, UPS improved its piracy technology by equipping its drivers with portable electronic computers called DIADs (Delivery Information Acquisition Devices). Each computer has a built-in bar code reader and a signature pad. When a delivery is made, the UPS driver scans the bar code on each package and then has the person receiving the delivery sign for the package. The bar code number and the handwritten signature are recorded inside the DIAD, and ultimately uploaded to the company’s databanks.

The push to make signatures available in electronic form came from UPS customers, Pat Steffen, a spokesperson for UPS, told me when I called the company to complain about the practices. Signatures are considered proof of delivery. Digitizing that proof allows UPS to manipulate it like any other digital data. The faxed proof-of-delivery certificates are sent automatically from UPS computers, she explained. It’s also possible for UPS customers to download tracking software and view the signatures directly on their personal computers.

Ironically, by making a person’s written signature widely available, UPS is helping to dilute the written signature’s very value. Once the signature is digitized, it’s easy to manipulate it further with a computer–for example, you can paste it at the bottom of a contract. UPS’s system is particularly vulnerable: any package can be tracked as long as you know the package’s airbill, and UPS issues its preprinted airbills in sequential order–for example, ‘0930 8164 904,’ ‘0930 8164 913,’ and ‘0930 8164 922.’ An attacker can easily learn a company’s UPS airbill, use that airbill to obtain a comprehensive list of every delivery recipient–and then make a copy of every recipient’s signature.

UPS understands the vulnerability, but it can’t address the problem very well. A note on the company’s web site says:

UPS authorizes you to use UPS tracking systems solely to track shipments tendered by or for you to UPS for delivery and for no other purpose. Any other use of UPS tracking systems and information is strictly prohibited.

But, realistically speaking, UPS can do little to prevent this kind of attack. ‘If someone wants to go out of their way to get package numbers, it can be done. If someone wants to go out of their way to do anything, I suppose that’s possible. It is not an easy thing to do,’ said Steffen. Guessing would be harder, of course, if UPS used longer airbill numbers and didn’t issue them in a predictable sequence.

Interesting way to acquire someone’s signature Read More »

Pi to unfathomable places

cool stuff, science / /

From “Man recites pi from memory to 83,431 places“:

A Japanese psychiatric counselor has recited pi to 83,431 decimal places from memory, breaking his own personal best of 54,000 digits and setting an unofficial world record, a media report said Saturday.

Akira Haraguchi, 59, had begun his attempt to recall the value of pi – a mathematical value that has an infinite number of decimal places – at a public hall in Chiba city, east of Tokyo, on Friday morning and appeared to give up by noon after only reaching 16,000 decimal places, the Tokyo Shimbun said on its Web site.

But a determined Haraguchi started anew and had broken his old record on Friday evening, about 11 hours after first sitting down to his task, the paper said. …

Pi, usually given as an abbreviated 3.14, is the ratio of the circumference to the diameter of a circle. The number has fascinated and confounded mathematicians for centuries.

Aided by a supercomputer, a University of Tokyo mathematician set the world record for figuring out pi to 1.24 trillion decimal places in 2002.

Pi to unfathomable places Read More »

An interesting way to look at DRM

commonplace book, technology / /

From “The Big DRM Mistake?“:

Fundamentally, DRM is a about persistent access control – it is a term for a set of technologies that allow for data to be protected beyond the file system of the original machine. Thus, for example, the read/write/execute access control on most *nix file systems will not only be applicable to the original machine but to all machines.

Stated in these terms, I agree with the aims of DRM. However, it is the ways in which large media and software businesses have mis-applied DRM that have ruined the associations most users have with the technology.

An interesting way to look at DRM Read More »

What is a socio-technical system?

social software, tech in changing society, technology / /

From “Why a Socio-Technical System?“:

You have divined by now that a socio-technical system is a mixture of people and technology. It is, in fact, a much more complex mixture. Below, we outline many of the items that may be found in an STS. In the notes, we will make the case that many of the individual items of a socio-technical system are difficult to distinguish from each other because of their close inter-relationships.

Socio-technical systems include:

Hardware Mainframes, workstations, peripheral, connecting networks. This is the classic meaning of technology. It is hard to imagine a socio-technical system without some hardware component (though we welcome suggestions). In our above examples, the hardware is the microcomputers and their connecting wires, hubs, routers, etc.

Software Operating systems, utilities, application programs, specialized code. It is getting increasingly hard to tell the difference between software and hardware, but we expect that software is likely to be an integral part of any socio-technical system. Software (and by implication, hardware too) often incorporates social rules and organizational procedures as part of its design (e.g. optimize these parameters, ask for these data, store the data in these formats, etc.). Thus, software can serve as a stand-in for some of the factors listed below, and the incorporation of social rules into the technology can make these rules harder to see and harder to change. In the examples above, much of the software is likely to change from the emergency room to the elementary school. The software that does not change (e.g. the operating system) may have been designed more with one socio-technical system in mind (e.g. Unix was designed with an academic socio-technical system in mind). The re-use of this software in a different socio-technical system may cause problems of mismatch.

Physical surroundings. Buildings also influence and embody social rules, and their design can effect the ways that a technology is used. The manager’s office that is protected by a secretary’s office is one example; the large office suite with no walls is another. The physical environment of the military supplier and the elementary school are likely to be quite different, and some security issues may be handled by this physical environment rather than by the technology. Moving a technology that assumes one physical environment into a different environment one may cause mismatch problems.

People Individuals, groups, roles (support, training, management, line personnel, engineer, etc.), agencies. Note that we list here not just people (e.g. Mr. Jones) but roles (Mr. Jones, head of quality assurance), groups (Management staff in Quality Assurance) and agencies (The Department of Defense). In addition to his role as head of quality assurance, Mr. Jones may also have other roles (e.g. a teacher, a professional electrical engineer, etc.). The person in charge of the microcomputers in our example above may have very different roles in the different socio-technical systems, and these different roles will bring with them different responsibilities and ethical issues. Software and hardware designed assuming the kind of support one would find in a university environment may not match well with an elementary school or emergency room environment.

Procedures both official and actual, management models, reporting relationships, documentation requirements, data flow, rules & norms. Procedures describe the way things are done in an organization (or at least the official line regarding how they ought to be done). Both the official rules and their actual implementation are important in understanding a socio-technical system. In addition, there are norms about how things are done that allow organizations to work. These norms may not be specified (indeed, it might be counter-productive to specify them). But those who understand them know how to, for instance, make complaints, get a questionable part passed, and find answers to technical questions. Procedures are prime candidates to be encoded in software design.

Laws and regulations. These also are procedures like those above, but they carry special societal sanctions if the violators are caught. They might be laws regarding the protection of privacy, or regulations about the testing of chips in military use. These societal laws and regulations might be in conflict with internal procedures and rules. For instance, some companies have implicit expectations that employees will share (and probably copy) commercial software. Obviously these illegal expectations cannot be made explicit, but they can be made known.

Data and data structures. What data are collected, how they are archived, to whom they are made available, and the formats in which they are stored are all decisions that go into the design of a socio-technical system. Data archiving in an emergency room it will be quite different from that in an insurance company, and will be subject to different ethical issues too.

What is a socio-technical system? Read More »