Ramblings & ephemera

Why airport security fails constantly

From Bruce Schneier’s “Airport Passenger Screening” (Crypto-Gram Newsletter: 15 April 2006): It seems like every time someone tests airport security, airport security fails. In tests between November 2001 and February 2002, screeners missed 70 percent of knives, 30 percent of guns, and 60 percent of (fake) bombs. And recently, testers were able to smuggle bomb-making […]

Al Qaeda hijacks web server to distribute video

From Matt Tanase’s Don’t let this happen to you: Smaller companies often assume they have nothing of interest to hackers. Often times that is the case, but they are still after resources, as in this case. Unfortunately, the hackers in this case are tied to Al Qaeda. They placed the recent hostage video on a […]

Social network analysis by the NSA

From John Diamond and Leslie Cauley’s “Pre-9/11 records help flag suspicious calling” (USA TODAY: 22 May 2006): Armed with details of billions of telephone calls, the National Security Agency used phone records linked to the Sept. 11, 2001 attacks to create a template of how phone activity among terrorists looks, say current and former intelligence […]

Matching identities across databases, anonymously

From MIT Technology Review‘s’ “Blindfolding Big Brother, Sort of“: In 1983, entrepreneur Jeff Jonas founded Systems Research and Development (SRD), a firm that provided software to identify people and determine who was in their circle of friends. In the early 1990s, the company moved to Las Vegas, where it worked on security software for casinos. […]

Security will retard innovation

From Technology Review‘s “Terror’s Server“: Zittrain [Jonathan Zittrain, codirector of the Berkman Center for Internet and Society at Harvard Law School] concurs with Neumann [Peter Neumann, a computer scientist at SRI International, a nonprofit research institute in Menlo Park, CA] but also predicts an impending overreaction. Terrorism or no terrorism, he sees a convergence of […]

Terrorist social networks

From Technology Review‘s “Terror’s Server“: For example, research suggests that people with nefarious intent tend to exhibit distinct patterns in their use of e-mails or online forums like chat rooms. Whereas most people establish a wide variety of contacts over time, those engaged in plotting a crime tend to keep in touch only with a […]

How terrorists use the Web

From Technology Review‘s “Terror’s Server“: According to [Gabriel] Weimann [professor of communications at University of Haifa], the number of [terror-related] websites has leapt from only 12 in 1997 to around 4,300 today. … These sites serve as a means to recruit members, solicit funds, and promote and spread ideology. … The September 11 hijackers used […]

Bruce Schneier on what we should do

From Bruce Schneier’s “Searching Bags in Subways“: Final note: I often get comments along the lines of “Stop criticizing stuff; tell us what we should do.” My answer is always the same. Counterterrorism is most effective when it doesn’t make arbitrary assumptions about the terrorists’ plans. Stop searching bags on the subways, and spend the […]

Tracking terrorists with Unintended Information Revelation

From “New search engine to help thwart terrorists“: With news that the London bombers were British citizens, radicalised on the streets of England and with squeaky-clean police records, comes the realisation that new mechanisms for hunting terrorists before they strike must be developed. Researchers at the University of Buffalo, US, believe they have discovered a […]

Don’t fly where we won’t tell you not to fly

From Bruce Schneier’s “The Silliness of Secrecy“, quoting The Wall Street Journal: Ever since Sept. 11, 2001, the federal government has advised airplane pilots against flying near 100 nuclear power plants around the country or they will be forced down by fighter jets. But pilots say there’s a hitch in the instructions: aviation security officials […]

How to fake an anthrax scare

From Bruce Schneier’s “White Powder Anthrax Hoaxes“: Earlier this month, there was an anthrax scare at the Indonesian embassy in Australia. Someone sent them some white powder in an envelope, which was scary enough. Then it tested positive for bacillus. The building was decontaminated, and the staff was quarantined for twelve hours. By then, tests […]

Risk management

From Glenn Fleishman’s post to the Interesting People mailing list: I heard the strangely frank head of TSA on NPR this morning–perhaps he forgot he was speaking to the public?–talk quite honestly about what I would describe as “yield management for risk.” Basically: * The pilots are now protected, so the plane won’t be weaponized […]

Jans clarifies it for us

Back in November 2002, a bunch of us went camping in a cabin in the woods. Around midnight, we were sitting around the fire, talking. The subject of crime came up, specifically the statute of limitations. Scott: I think the statute of limitations doesn’t apply only in cases of murder and rape. Denise: That’s right. […]