Posts filed under 'News coverage

Oct 28, '13

Britain has just been hit by a storm; two people have been killed by falling trees, and one swept out to sea. The rail network is in chaos and over 100,000 homes lost electric power. What can security engineering teach about such events?

Risk communication could be very much better. The storm had been forecast for several days but the instructions and advice from authority have almost all been framed in vague and general terms. Our research on browser warnings shows that people mostly ignore vague warnings (“Warning – visiting this web site may harm your computer!”) but pay much more attention to concrete ones (such as “The site you are about to visit has been confirmed to contain software that poses a significant risk to you, with no tangible benefit. It would try to infect your computer with malware designed to steal your bank account and credit card details in order to defraud you”). In fact, making warnings more concrete is the only thing that works here – nudge favourites such as appealing to social norms, or authority, or even putting a cartoon face on the page to activate social cognition, don’t seem to have a significant effect in this context.

So how should the Met Office and the emergency services deal with the next storm?

(more…)

Sep 2, '13

August was a slow month, but we got a legal case where our client was accused of tampering with a curfew tag, and I was asked for an expert report on the evidence presented by Serco, the curfew tagging contractor. Many offenders in the UK are released early (or escape prison altogether) on condition that they stay at home from 8pm to 8am and wear an ankle bracelet so their compliance can be monitored. These curfew tags have been used for fourteen years now but are controversial for various reasons; but with the prisons full and 17,500 people on tag at any one time, the objective of policy is to improve the system rather than abolish it.

In this spirit I offer a redacted version of my expert report which may give some insight into the frailty of the system. The logs relating to my defendant’s case showed large numbers of false alarms; some of these had good explanations (such as power cuts) but many didn’t. The overall impression is of an unreliable technology surrounded by chaotic procedures. Of policy concern too is that the tagging contractor not only supplies the tags and the back-end systems, but the call centre and the interface to the court system. What’s more, if you break your curfew, it isn’t the Crown Prosecution Service that takes you before the magistrates, but the contractor – relying on expert evidence from one of its subcontractors. Such closed systems are notoriously vulnerable to groupthink. Anyway, we asked the court for access not just to the tag in the case, but a complete set of tagging equipment for testing, plus system specifications, false alarm statistics and audit reports. The contractor promptly replied that “although we continue to feel that the defendant is in breach of the order, our attention has been drawn to a number of factors that would allow me to properly discontinue proceedings in the public interest.”

The report is published with the consent of my client and her solicitor. Long-time readers of this blog may recall similarities with the case of Jane Badger. If you’re designing systems on whose output someone may have to rely in court, you’d better think hard about how they’ll stand up to hostile review.

Jul 1, '13

I was intrigued this morning to see on the front page of the Guardian newspaper a new revelation by NSA whistleblower Edward Snowden: a US eavesdropping technique “DROPMIRE implanted on the Cryptofax at the EU embassy [Washington] D.C.”. I was even more intrigued by an image that accompanied the report (click for higher resolution):

The Guardian, 1 July 2013, page 1

Having done many experiments to eavesdrop on office equipment myself, the noisy image at the bottom third of the picture above looked instantly familiar: it is what you might get from listening with a radio receiver on the compromising emanations of a video signal of a page of text. (more…)

May 8, '13

The Queen’s speech at today’s state opening of Parliament includes the prediction:

“In relation to the problem of matching Internet protocol addresses, my Government will bring forward proposals to enable the protection of the public and the investigation of crime in cyberspace”

This is all that remains of the Home Office’s ambition to bring forward a revised version of the Draft Communications Data Bill that two Parliamentary Select Committees were so unimpressed by, and which the Liberal Democrats have declined to support.

The sole issue on which there appears to be political consensus is that “something must be done” about the traceability failure that regularly occurs when the Internet is accessed from a smartphone. The shortage of IPv4 addresses means that the mobile companies cannot give each smartphone a unique IP address — so hundreds of users share the same IP address with only the TCP/UDP source port number distinguishing their traffic. Because this sharing is done very dynamically the mobile phone companies find it problematic to record the source port mapping, and they have argued that the way the EU Data Retention Directive is written they have no obligation to make and keep such records.

I wrote about this issue at some length on this blog in January 2010, although until very recently the Home Office considered it to be tantamount to a state secret and were extremely coy about discussing it in the public.

The Queen’s “bring forward proposals” phrase appears to cover a range of options:

  • the mobile companies decide that they can manage to log the source port mapping data after all;
  • the Home Office pays for new kit at the mobile companies that will allow source port mapping to be done;
  • there is a short bill (or clause in another bill) that requires the logging to be done (this might avoid any question of payments being ultra vires, or would ensure compliance by companies (possibly broadband suppliers) that looked like becoming stragglers;
  • there are discussions but nothing happens at all — perhaps because the tide turns against Data Retention as being a necessary and proportionate policy. A number of other EU countries have found it to be incompatible with fundamental human rights.

The Open Rights Group (ORG) have recently produced a pamphlet (available online here) setting out how surveillance might be better approached in this century. I contributed the chapter on the technical issues…

… if you don’t have time to read the whole thing then the New Statesman has an edited version of my chapter; and you can watch a short video of myself (and two other contributors) explaining the major issues.

Apr 28, '13

On Friday I went to a fascinating lobbying meeting on the new EU data protection regulation. Europe is by default the world’s privacy regulator, as America doesn’t care and no-one else is big enough to matter; so this is really important. Some 3000 amendments have been proposed and the regulation is in the final stages of the committee process; the rapporteurs of the various parties are negotiating compromise amendments which should be ready for a vote within weeks. So the pressure is really on.

Friday was extraordinary because all the lobbyists came together in one room to argue their cases. This is because the liberal shadow rapporteur Alexander Alvaro was injured in a car crash last month, so Sarah Ludford, a London MEP, took over at the last minute. Normally lobbyists see MEPs singly or in small groups, but as time was short Sarah called a mass meeting at Europa House in London. So we all got to hear what the others were pushing for. Campaigners for open government say we’d have better laws if more if the process was public; here’s an example where that happened (literally) by accident.

I am posting my notes of the meeting here, as it’s a good case history of how lobbying works, as well as of how our privacy is being lost. There were about 100 people present, of which only 5 were from civil society. Most were corporate lobbyists: good-looking, articulate and impressive, but pushing some jaw-dropping agendas. For example the lovely lady from the Association of British Insurers found it painful that the regulation might ban profiling that was unfair or discriminatory.

(more…)

Apr 24, '13

I’m at the launch in London of the new campaign for medical privacy, MedConfidential.org. Sam Smith and I will be liveblogging the day’s events in comments below. For background, see here, here, here and here. Most of today’s audience are from groups for whom medical privacy is particularly important, such as charities dealing with rape victims, substance abuse, sexual health and child wefare.

Apr 20, '13

Those of us who love America and have many friends there were delighted at President Obama’s initial reaction to the Boston bombings. He said if whoever attacked the city sought to intimidate victims or shake American values, “it should be pretty clear by now that they picked the wrong city to do it.” It seemed that sanity had at last returned, after all the scaremongering of the “War on terror”, and the ghost of 9/11 was finally being laid to rest.

One day later, a million people were under virtual house arrest; the 19-year-old fugitive from justice happened to be a Muslim. Whatever happened to the doctrine that infringements of one liberty to protect another should be necessary and proportionate?

In the London bombings, four idiots killed themselves in the first incident with a few dozen bystanders, but the second four failed and ran for it when their bombs didn’t go off. It didn’t occur to anyone to lock down London. They were eventually tracked down and arrested, together with their support team. Digital forensics played a big role; the last bomber to be caught left the country and changed his SIM, but not his IMEI. It’s next to impossible for anyone to escape nowadays if the authorities try hard.

Apr 15, '13

With some delay here is the second and final part on our impressions of David Birch’s Tomorrow’s Transactions Forum (TTF13), which we attended thanks to Dave’s generosity (See full agenda and PowerPoint presentations here). See part 1 here.

NOTE: Although written in first person, what follows results from a combination of Laurent Simon’s and my notes.

The theme of day 2 at TTF13 was social inclusion. The kick off question was “How to develop tools to help people deal with money?” (people with no financial culture and based on a transactional account).

This was followed by presentations on “Comic Relief” (the day before ‘the big day’), “Universal Credit” and expert panel on financial inclusion.
(more…)

Apr 6, '13

Last weekend, my wife and I were in Milton Keynes where we bought a cradle as a present for our new granddaughter. They had only the demo model in the shop, but sold us one to pick up from their store in Cambridge. So yesterday I went into John Lewis with the receipt, to be told by the official that as I couldn’t show the card with which the purchase was made, they needed photo-id. I told him that along with over a million others I’d resisted the previous government’s ID card proposals, the last government had lost the election, and I didn’t carry ID on principle. The response was the usual nonsense: that I should have read the terms and conditions (but when I studied the receipt later it said nothing about ID) and that he was just doing his job (but John Lewis prides itself on being employee-owned, so in theory at least he is a partner in the firm). I won’t be shopping there again anytime soon.

We get harassed more and more by security theatre, by snooping and by bullying. What’s the best way to push back? Why can businesses be so pointlessly annoying?

Perhaps John Lewis are consciously pro-Labour given their history as a co-op; but it’s not prudent to advertise that in a three-way marginal like Cambridge, let alone in the leafy southern suburbs where they make most of their money. Or perhaps it’s just incompetence. When my wife phoned later to complain, the customer services people apologised and said we should have been told when we bought the thing that we’d need to show ID. She offered to post the cradle to our daughter, but then rung back later to say they’d lost the order and would need our paperwork. So that’s another 30-mile round-trip to their depot. But if they’re incompetent, why should I trust them enough to buy their food?

I invite the chairman, Charlie Mayfield, to explain by means of a follow-up to this post whether this was policy or cockup. Will he continue to demand photo-id even from customers who have a principled objection? Will he tell us who in the firm imposed this policy, and show us the training material that was prepared to ensure that counter staff would explain it properly to customers?

Mar 28, '13

Regular readers of this blog will have noticed growing issues with medical privacy. On April 24th, a new medical confidentiality campaign will kick off in London.

New legislation that comes into force next month will permit the upload of identifiable patient data directly from family doctors’ records to central systems, from which it will be sold and made available to researchers and private companies. Other developments include the creation of online patient records, and a proposal to create shared record systems across health and social care.

MedConfidential has been formed to deal with these multiple threats to patient privacy, and is hosting its first conference on April 24th in central London. This will be a one-day briefing session to provide details of the new policies and explain their potential impact. The conference is free of charge but places are limited. If you would like to attend, please contact Terri Dowty: terri@medconfidential.org


Calendar

April 2014
M T W T F S S
« Mar    
 123456
78910111213
14151617181920
21222324252627
282930  

Posts by Month

Posts by Category