Thieves use Bluetooth to find laptops in cars

From “Phone pirates in seek and steal mission“:

MOBILE phone technology is being used by thieves to seek out and steal laptops locked in cars in Cambridgeshire.

Up-to-date mobiles often have Bluetooth technology, which allows other compatible devices, including laptops, to link up and exchange information, and log on to the internet.

But thieves in Cambridge have cottoned on to an alternative use for the function, using it as a scanner which will let them know if another Bluetooth device is locked in a car boot.

Det Sgt Al Funge, from Cambridge’s crime investigation unit, said: “There have been a number of instances of this new technology being used to identify cars which have valuable electronics, including laptops, inside.

Thieves use Bluetooth to find laptops in cars Read More »

Hear someone typing & know what was written

From Edward Felten’s “Acoustic Snooping on Typed Information“:

Li Zhuang, Feng Zhou, and Doug Tygar have an interesting new paper showing that if you have an audio recording of somebody typing on an ordinary computer keyboard for fifteen minutes or so, you can figure out everything they typed. The idea is that different keys tend to make slightly different sounds, and although you don’t know in advance which keys make which sounds, you can use machine learning to figure that out, assuming that the person is mostly typing English text. (Presumably it would work for other languages too.) …

The algorithm works in three basic stages. First, it isolates the sound of each individual keystroke. Second, it takes all of the recorded keystrokes and puts them into about fifty categories, where the keystrokes within each category sound very similar. Third, it uses fancy machine learning methods to recover the sequence of characters typed, under the assumption that the sequence has the statistical characteristics of English text. …

The only advantage you have is that English text has persistent regularities. For example, the two-letter sequence “th” is much more common that “rq”, and the word “the” is much more common than “xprld”. This turns out to be enough for modern machine learning methods to do the job, despite the difficulties I described in the previous paragraph. The recovered text gets about 95% of the characters right, and about 90% of the words. It’s quite readable.

Hear someone typing & know what was written Read More »

How to fake an anthrax scare

From Bruce Schneier’s “White Powder Anthrax Hoaxes“:

Earlier this month, there was an anthrax scare at the Indonesian embassy in Australia. Someone sent them some white powder in an envelope, which was scary enough. Then it tested positive for bacillus. The building was decontaminated, and the staff was quarantined for twelve hours. By then, tests came back negative for anthrax.

A lot of thought went into this false alarm. The attackers obviously knew that their white powder would be quickly tested for the presence of a bacterium of the bacillus family (of which anthrax is a member), but that the bacillus would have to be cultured for a couple of days before a more exact identification could be made. So even without any anthrax, they managed to cause two days of terror.

… In an interesting side note, the media have revealed for the first time that 360 “white powder” incidents have taken place since 11 September 2001. This news had been suppressed by the government, which had issued D notices to the media for all such incidents. So there has been one such incident approximately every four days — an astonishing number, given Australia’s otherwise low crime rate.

How to fake an anthrax scare Read More »

A living story, tattooed on flesh

From The New York Times Magazine‘s “Skin Literature“:

Most artists spend their careers trying to create something that will live forever. But the writer Shelley Jackson is creating a work of literature that is intentionally and indisputably mortal. Jackson is publishing her latest short story by recruiting 2,095 people, each of whom will have one word of the story tattooed on his or her body. The story, titled ‘Skin,’ will appear only on the collective limbs, torsos and backsides of its participants. And decades from now, when the last of Jackson’s ‘words’ dies, so, too, will her tale.

As of November, Jackson, the Brooklyn-based author of a short-story collection called ‘The Melancholy of Anatomy,’ had enrolled about 1,800 volunteers, some from such distant countries as Argentina, Jordan, Thailand and Finland. Participants, who contact Jackson through her Web site, cannot choose which word they receive. And their tattoos must be inked in the font that Jackson has specified. But they do have some freedom to bend and stretch the narrative. They can select the place on their bodies they want to become part of the Jackson opus. In return, Jackson asks her ‘words’ to sign a 12-page release absolving her of liability and promising not to share the story with others. (Participants are the only people who will get to see the full text of the story.) They must also send her two photographs — one of the word on their skin, the other a portrait of themselves without the word visible — which she may later publish or exhibit.

… Mothers and daughters are requesting consecutive words. So are couples, perhaps hoping to form the syntactic equivalent of a civil union. For others, the motives are social: Jackson is encouraging her far-flung words to get to know each other via e-mail, telephone, even in person. (Imagine the possibilities. A sentence getting together for dinner. A paragraph having a party.) …

… when a participant meets his or her demise, Jackson vows, she will try to attend that person’s funeral. But the 41-year-old author understands that some of her 2,095 collaborators, many of whom are in their 20’s, might outlive her. If she dies first, she says, she hopes several of them will come to her funeral and make her the first writer ever to be mourned by her words.

A living story, tattooed on flesh Read More »

Interesting way to acquire someone’s signature

From Simson Garfinkel’s “Absolute Identification“, chapter 3 of Database Nation:

Already, the United Parcel Service, the nation’s largest package delivery service, is also the nation’s leader in biometric piracy. For most packages, UPS requires that a signature be written to serve as proof of delivery. In 1987, UPS started scanning the pen-and-ink signatures recorded for each package delivery. These images were stored in a database and faxed to any person who called UPS’s 800 number and asked for a ‘proof of delivery’ receipt. In 1990, UPS improved its piracy technology by equipping its drivers with portable electronic computers called DIADs (Delivery Information Acquisition Devices). Each computer has a built-in bar code reader and a signature pad. When a delivery is made, the UPS driver scans the bar code on each package and then has the person receiving the delivery sign for the package. The bar code number and the handwritten signature are recorded inside the DIAD, and ultimately uploaded to the company’s databanks.

The push to make signatures available in electronic form came from UPS customers, Pat Steffen, a spokesperson for UPS, told me when I called the company to complain about the practices. Signatures are considered proof of delivery. Digitizing that proof allows UPS to manipulate it like any other digital data. The faxed proof-of-delivery certificates are sent automatically from UPS computers, she explained. It’s also possible for UPS customers to download tracking software and view the signatures directly on their personal computers.

Ironically, by making a person’s written signature widely available, UPS is helping to dilute the written signature’s very value. Once the signature is digitized, it’s easy to manipulate it further with a computer–for example, you can paste it at the bottom of a contract. UPS’s system is particularly vulnerable: any package can be tracked as long as you know the package’s airbill, and UPS issues its preprinted airbills in sequential order–for example, ‘0930 8164 904,’ ‘0930 8164 913,’ and ‘0930 8164 922.’ An attacker can easily learn a company’s UPS airbill, use that airbill to obtain a comprehensive list of every delivery recipient–and then make a copy of every recipient’s signature.

UPS understands the vulnerability, but it can’t address the problem very well. A note on the company’s web site says:

UPS authorizes you to use UPS tracking systems solely to track shipments tendered by or for you to UPS for delivery and for no other purpose. Any other use of UPS tracking systems and information is strictly prohibited.

But, realistically speaking, UPS can do little to prevent this kind of attack. ‘If someone wants to go out of their way to get package numbers, it can be done. If someone wants to go out of their way to do anything, I suppose that’s possible. It is not an easy thing to do,’ said Steffen. Guessing would be harder, of course, if UPS used longer airbill numbers and didn’t issue them in a predictable sequence.

Interesting way to acquire someone’s signature Read More »

A wonderful postmodern joke

A postmodern joke from Disinfotainment:

How many deconstructionists does it take to screw in a light bulb?

Even the framing of this question makes a grid of patriarchal assumptions that reveals a slavish devotion to phallocentric ideas – such as, technical accomplishment has inherent value, knowledge can be attained and quantities of labor can be determined empirically, all of which makes a discourse which further marginalizes the already disenfranchised.

A wonderful postmodern joke Read More »

French policians and French writers

From "The Habit of Democracy" by Adam Gopnik in the 15 October 2001 issue of The New Yorker, a review of two books about Alexis de Tocqueville:

[Tocqueville] decided to devote himself to politics in France, and, like all French literary men, made a mess of it. (French writers are emporers of conceits; French politicians must be umpires of the conceited.) 

French policians and French writers Read More »

Amongst family and friends

From "The Producer" in the 15 October 2001 issue of The New Yorker, an article about the Hollywood producer Brian Grazer:

His creation achieved its brilliant apotheosis a few years ago, when he reconceived Brian Grazer as a form of performance art. He started putting photographs of himself, grinning like a pixie, in dime-store frames and taking them to parties. Unobserved, he would leave his little photo among the grandly framed portraits of the host’s family and famous friends, for the host to discover, to his startled amusement, usually several weeks later. 

Amongst family and friends Read More »

He stopped in time

Joe Freeman & I were at a party at Jans & Sarah’s. He announced to me that his company had just decided on a new name: Iron Jelly.

"Why that name?" I asked.

Joe explained, "Well, I was looking through a list of words, and I went down the list until I saw two next to each other that I liked: ‘iron jelly’."

"It’s a good thing you didn’t go down a bit further, to ‘vaginal warts’," I said.

Joe didn’t know what to say. 

He stopped in time Read More »