Reason Magazine
- reason.com
- reason.tv
- reason.org
- Donate
- Site Search:
Reason on Facebook
Reason on Twitter
Reason on YouTube
Reason RSSGet Reason E-mail Updates!
Manage your Reason e-mail list subscriptionsadvertisements
These Boots Were Made for Terror
When an Indian court learned that terrorists had used images from Google Earth when they plotted last year's Mumbai attacks, it called for a ban on the service. Now Bruce Schneier has published a smart rejoinder in The Guardian:
By its very nature, communications infrastructure is general. It can be used to plan both legal and illegal activities, and it's generally impossible to tell which is which. When I send and receive email, it looks exactly the same as a terrorist doing the same thing. To the mobile phone network, a call from one terrorist to another looks exactly the same as a mobile phone call from one victim to another. Any attempt to ban or limit infrastructure affects everybody. If India bans Google Earth, a future terrorist won't be able to use it to plan; nor will anybody else. Open Wi-Fi networks are useful for many reasons, the large majority of them positive, and closing them down affects all those reasons. Terrorist attacks are very rare, and it is almost always a bad trade-off to deny society the benefits of a communications technology just because the bad guys might use it too.
Communications infrastructure is especially valuable during a terrorist attack. Twitter was the best way for people to get real-time information about the attacks in Mumbai. If the Indian government shut Twitter down - or London blocked mobile phone coverage - during a terrorist attack, the lack of communications for everyone, not just the terrorists, would increase the level of terror and could even increase the body count. Information lessens fear and makes people safer.
None of this is new. Criminals have used telephones and mobile phones since they were invented. Drug smugglers use airplanes and boats, radios and satellite phones. Bank robbers have long used cars and motorcycles as getaway vehicles, and horses before then. I haven't seen it talked about yet, but the Mumbai terrorists used boats as well. They also wore boots. They ate lunch at restaurants, drank bottled water, and breathed the air. Society survives all of this because the good uses of infrastructure far outweigh the bad uses, even though the good uses are - by and large - small and pedestrian and the bad uses are rare and spectacular.
Elsewhere in Reason: Katherine Mangu-Ward interviewed Schneier about privacy, risk, and terror earlier this month.
Elemenope|1.30.09 @ 9:41AM|#
None of this is new. Criminals have used telephones and
mobile phones since they were invented. Drug smugglers use
airplanes and boats, radios and satellite phones. Bank robbers have
long used cars and motorcycles as getaway vehicles, and horses
before then. I haven't seen it talked about yet, but the Mumbai
terrorists used boats as well. They also wore boots. They ate lunch
at restaurants, drank bottled water, and breathed the air. Society
survives all of this because the good uses of infrastructure far
outweigh the bad uses, even though the good uses are - by and large
- small and pedestrian and the bad uses are rare and
spectacular.
The main problem with reductive argument is that people with power
tend to have a very poorly developed sense of the
absurd.
victim of draconian stupidity|1.30.09 @ 9:44AM|#
Yes..mmm..."logic" = not relevant in the War On Terror, or the WoD, or the WoML......whatever
andy|1.30.09 @ 9:45AM|#
Iuris praecepta haec sunt: honeste vivere, alterum non laedere,
suum cuique tribuere.
-Ulpian
Elemenope|1.30.09 @ 9:50AM|#
Iuris praecepta haec sunt: honeste vivere, alterum non
laedere, suum cuique tribuere.
Man, that wasn't even true in Rome.
|1.30.09 @ 9:59AM|#
Man, that wasn't even true in Rome.
Plus, slaves had to be tortured for their testimony to be
valid. Somebody tell John Yoo.
|1.30.09 @ 10:00AM|#
By its very nature, communications infrastructure is
general. It can be used to plan both legal and illegal activities,
and it's generally impossible to tell which is which.
Of course, this is true of nearly every area of human activity. The
clerk who gets robbed, the guy who robs him, and the cops all drove
cars to the convenience store, and probably all own guns.
Reinmoose|1.30.09 @ 10:09AM|#
[whispers]
I heard that right before they committed the act, the terrorists
went to the bathroom
[/whispers]
|1.30.09 @ 10:09AM|#
Society survives all of this because the good uses of
infrastructure far outweigh the bad uses, even though the good uses
are - by and large - small and pedestrian and the bad uses are rare
and spectacular.
(!) well, duh
Dislaimer: Much of what seems obvious to me is apparently a deep
and opaque mystery to the sort of people whose only goal in life is
to get themselves elected.
Elemenope|1.30.09 @ 10:13AM|#
Since there was a great deal of beating on Michael Moore yesterday (not that he doesn't deserve it for some things), I think this is a fun time to point out that this was essentially the entire point of Bowling for Columbine.
Jesse Walker|1.30.09 @ 10:23AM|#
Since there was a great deal of beating on Michael Moore
yesterday (not that he doesn't deserve it for some things), I think
this is a fun time to point out that this was essentially the
entire point of Bowling for Columbine.
There was
no point to Bowling for Columbine.
|1.30.09 @ 10:30AM|#
There was no point to Bowling for Columbine.
Oh, yes there was. To get critical acclaim for Moore and to boost
his ego. Oscars don't mean shit...except to Oscar recipients.
"Everyone walked out. They hated it. I've seen plagues that had
better opening nights than this. You said that Oscar was
practically on my mantle."
"Now you know why I used the qualifier 'practically'."
|1.30.09 @ 10:31AM|#
I never saw Bowling for Columbine, but I did see Roger and Me (which is why I never bothered to watch Bowling. Has that guy ever done anything but waste film?
Elemenope|1.30.09 @ 10:32AM|#
There was no point to Bowling for Columbine.
Well, you are certainly entitled to that analysis, and it seems a
reasonable one, but I'm gonna go ahead and disagree. While the film
meandered and digressed quite a bit, each segment was about
postulating and then deconstructing each argument for why the US
has more violent gun deaths than other countries. The *point* was
we might as well assume that the deaths a Columbine were caused by
the shooters playing a game of bowling that morning, because all
the traditional narratives seem to have about as much descriptive
power. Since there can be no non-absurd theory of causation for why
bowling causes shootings, the point is really about
scapegoating.
Of course, MM himself indulges in scapegoating a bit in the film
too. But as I've said before, hypocrisy is no great impediment to
truth.
andy|1.30.09 @ 10:46AM|#
ok, try again:
"If you have ten thousand regulations you destroy all respect for
the law."
Winston Churchill.
|1.30.09 @ 10:57AM|#
This is one of the reasons I expect to see authentication being used for everything electronic one day. Scan the biometric body part de jour will become a standard way of doing business. Everything you do via electronics will require a biometric scan. Go to the bank, ATM, make a purchase, phone call, start your car, unlock the front door to your house, enter a public or private building, ect.
Elemenope|1.30.09 @ 11:00AM|#
Google Earth: the most Terrifying thing since sliced
bread.
If you use a knife to cut the loaf, kids will get the wrong
idea.
"No sliced bread! No sliced bread!"
if you\'re right...|1.30.09 @ 11:05AM|#
TryckiVic.... maybe you're right...
stolen organ black market, here I come!
|1.30.09 @ 11:07AM|#
It's really impractical to require a biometric scan to start your car. What if you want to let a friend borrow it?
Elemenope|1.30.09 @ 11:09AM|#
It's really impractical to require a biometric scan to start
your car. What if you want to let a friend borrow it?
Lending without payment smells like communism.
|1.30.09 @ 11:12AM|#
You would be able to program the car to accept a friends biometric. That way you control who can start it. Your neighbor and good friend of 20 years may have access, your 14 year old hell raising kid, no.
wearing Trickyvic\'s eye|1.30.09 @ 11:14AM|#
...and I have your car. Thanks for the ride. Any other parts you'd care to do without?
Kolohe|1.30.09 @ 11:14AM|#
It looks like they finally undithered the
Naval Observatory
Not sure how long ago they did this though.
Elemenope|1.30.09 @ 11:15AM|#
...and I have your car. Thanks for the ride. Any other parts
you'd care to do without?
And the verb "to hack" comes full circle.
|1.30.09 @ 11:15AM|#
Sometimes lending without payment is laziness. "Go get some beer while I play this video game. You can take my car."
kid|1.30.09 @ 11:17AM|#
...if your 14 year old can get a fake ID to buy beer... or can buy illegal substances with relative ease... I'm sure he'll find a way around your biometrics pretty fast.... eg: the moment he has a date and needs to get a room..er..backseat
|1.30.09 @ 11:20AM|#
"""...and I have your car. Thanks for the ride. Any other parts
you'd care to do without?"""
Too bad you still didn't get access, the system ruled my eye
invalid because it did not detect blood flow.
|1.30.09 @ 11:22AM|#
Lending without payment smells like communism.
Actually it smells more like an untaxed economic transaction.
That's not fair.
You'll need to pay us the proper tax for him borrowing your car as
he would have paid on a rental car of the same class for the same
amount of time, but at full price.
need blood flow!|1.30.09 @ 11:23AM|#
really? you want me to hack off a larger chunk? maybe even leave
your heart beating for a while?
Of course, if i'm lazy, maybe I'll forgo the kidnapping/mutilation
and just hotwire it. Or insert a virus into the onboard computer...
whatever requires least effort.
bio-hacking for fun!|1.30.09 @ 11:26AM|#
Hackers publish thousands of copies of fingerprint of German
Minister who promotes fingerprint biometric
http://www.boingboing.net/2008/04/01/hackers-publish-thou.html
|1.30.09 @ 11:28AM|#
Biometrics is far more fool proof than anything else we have.
That's why it will become the main method of authentication.
I was thinking about this last night when I bought some liquor. I
used my debit card and the transaction took about 1 min to
complete. It made me think of how convienent it would be for them
to scan a finger or eye and generate an IOU so the transaction time
would be reduced to about 5 seconds. The IOU turns into a
transaction a few seconds later. Creating the IOU when you don't
have the money in the bank would be punishable as if you wrote a
hot check.
..time traveller|1.30.09 @ 11:32AM|#
...I just came back from the future and was surprised people talked all the time about things called "banks"... what are they?
texmex kidnapper|1.30.09 @ 11:36AM|#
actually, the fastest method to bypass any biometric sys has
been invented long ago...it's the same as is used now to get safe
combinations, extort "protection" money, etc. It's called
"kidnapping a loved one and making threats"
works pretty well, whatever the security features...
Also, check out "torture"... everyone's doing it now!
|1.30.09 @ 11:42AM|#
You couldn't hotwire the car, the cpu will prevent the engine
from starting without authentication. Hacking my be a different
story but I'm sure they will figure out a way to either prevent it
or make the car in a way hacking takes too much effort.
I sure most of you non-believers would have argued me 20 years ago
that I would never have to use an RFID enable ID or show a valid
drivers license to enter an office building. It's SOP in NYC
now.
"""Hackers publish thousands of copies of fingerprint of German
Minister who promotes fingerprint biometric""""
Fingerprints are old news, and probably won't the biometeric used.
They have finger scans that map the blood vessels in your
finger.
Clonemaster|1.30.09 @ 11:46AM|#
stem cell research and cloning will soon give me as many copies
of your fingers as I want...if nanotech doesn't do it before, that
is.
still, old methods still work fine...
|1.30.09 @ 11:49AM|#
texmex kiddnapper, I agree. I'd call that the gold standard. It works well todate in the upper echelon of espionage. We may never beat that one becuase it use the help of the person with the biometrics.
|1.30.09 @ 11:54AM|#
No system is 100% infallible, so scenarios that point it out
does not affect my claim of future authentication schemes and
where, and how they will be used.
Government and private industry will want to use the best methods.
It will be biometrics. It already plays a role for high security,
it's just a question of when it becomes cost effective for
widespread use. That's not far in the future.
|1.30.09 @ 12:11PM|#
"""stem cell research and cloning will soon give me as many
copies of your fingers as I want...if nanotech doesn't do it
before, that is."""
Hey, pick up some skin cells from the intended victim and clone
them. How long would that take and at what cost? By then you've
lost interest in stealing your neighbor's car and you could buy
your own car with the amount it would taken to clone. By the time
cloning in your basement can be done, you'll need a biometric scan
to purchase the equipment, unless you steal it, but you would keep
it long unless you built a room that's a Faraday cage since the
device will be broadcasting it's location the whole time you have
it, and that's assuming an alarm wasn't activated as soon as you
removed the device from the room where you're stealing it. That's
called asset tracking. Some hospitals may be using it, but
companies are trying to sell it to hospitals now. It's wifi based.
Every item has an RFID tag, from wheelchairs to bottles of asprin.
If you what to know where they are, you look it up in a computer,
an alarm is triggered if the signal drops. So if a wheelchair is
removed from hospital property, they know about it in real time and
they can tell where it left the area so they know where to go look,
or send the cops, or whatever.
Anyways, the point is biometric authentication will prevent more
theft and fraud than current systems. It will also allow authorites
and buisnesses added intelligence capabilites for analysis be it
determining what a suspect did in the last x days or to evaluate
inventory trends.
Naga Sadow|1.30.09 @ 12:17PM|#
I'm a shitty programer but I know the MGM system better than most of the managers and supervisors. Why? They never bothered to learn the underlying systems. DOS is apparently not even taught anymore. It's turning the current systems into backdoor havens. I suspect that at some point we will tread upon a scenario Verner Vinge wrote about in his novels. With programs and systems built on one another eventually we will no longer be able to learn the entire system. A programmer/archaeologist will be the end result.
flix|1.30.09 @ 12:24PM|#
Naga Sadow,
Vernor Vinge!
A Deepness in the Sky... what an amazing work of art
|1.30.09 @ 12:24PM|#
Vic, security is 90% vigilance and has nothing to do with
hardware. Most people find excessive security tedious and disable
it. They make a cost-benefit analysis and determine that the
likelihood of something being stolen doesn't warrant high
security.
All security hardware can be hacked. But the true weak point is
people.
flix|1.30.09 @ 12:26PM|#
also, pretty heavy on the biometrics... remember those QH
localizers?
absolutely epic
Naga Sadow|1.30.09 @ 12:28PM|#
flix,
You damn right it is! My personal pick for best scifi novel EVER is
"A Fire upon the Deepo", followed by "A Deepness in the Sky". Pham
Nuwen is actually a cognomen I use . . . elsewhere.
Naga Sadow|1.30.09 @ 12:30PM|#
flix,
The strange thing is that no one on these boards really read his
novels. He didn't even make it on the list of 100 most Libertarian
sci fi novelists!
|1.30.09 @ 12:51PM|#
"""All security hardware can be hacked. But the true weak point
is people."""
That's irrelevant to my point. It's not about locking thing up
100%. It's about tech and security trends. The Pentagon didn't drop
the iris scan concept because it could be hacked or compromised in
Texmex kiddnapper's style. It was the most secure method at the
time. It's about improving on the current systems not making things
100% failsafe. That hasn't stopped security from being the big
buisness it is. The more ease of use, the more likely it will be
used and when protocols become mandated by law they will be used.
My lastest encounter was buying Advil with psudoeffidrine. It
required me handing over my drivers license and information entered
into a database for me to purchase what was a friggin over the
counter cold medicine. Thank you Congress for the meth act.
20 years ago I would have said you were full of it if you told me
that in the future my name would have to be entered in a database
to buy over the counter Advil cold medicine.
|1.30.09 @ 8:07PM|#
"...it is almost always a bad trade-off to deny society the
benefits of a communications technology just because the bad guys
might use it too."
In my line of work, I call this designing for criminals. I'm asked
-- never explicitly -- to do this quite often. Adjust plans and
methodologies to account for the statistically insignificant number
of individuals who might pervert a system, abuse or subvert its
commercial intent, etc. I resist when I can with a reasoned
argument for the benefits of designing for neutral or benevolent
agents. Sometimes, my clients see reason. Often, though, legal
actors prevail because it is their job to protect against any and
all liability -- even if neutral and benevolent agents must jump
through extra hoops or suffer an absence of usable features to
prevent a tiny group of people from abusing the system. It's all so
tiresome.
Site comments/questions:
Media Inquiries and Reprint Permissions:
(310) 367-6109
Editorial & Production Offices:
3415 S. Sepulveda Blvd.
Suite 400
Los Angeles, CA 90034
(310) 391-2245