Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Archive for the ‘Security’ Category

    Sydney Morning Herald: Could peer-to-peer technology solve the privacy conundrum?

    Wednesday, August 20th, 2014

    The Sydney Morning Herald reports on a privacy proposal concerning peer-to-peer technology by computer scientists from Saarland University and the Center for IT Security, Privacy and Accountability (CISPA), in Germany, and the Italian IMT Institute for Advanced Studies:

    A unique approach to crunching website visitor data promises the best of both worlds between accuracy and privacy.

    Data leaned from people’s behaviour online is an important tool in everything from marketing to social planning, but consumers lose control over their privacy the more data is collected about them. [...]

    [The computer scientists'] technology, known as Privada, uses peer-to-peer file sharing as the inspiration to send parts of website visitor data to different servers for processing and storage.

    When Privada collects a behavioural metric on visitors (women aged 35-45, for example) it sends it to a third-party server. Other metrics are sent to other servers, so no central database has the complete picture.

    Each server then adds up to 10 per cent of data “noise” to their records, enough to keep any single user from being identified and leaving the reassembled data 90 per cent accurate. [...] Read more »

    MIT Technolog Review: Q&A: Former NSA Deputy Director John C. Inglis

    Tuesday, August 19th, 2014

    MIT Technology Review talks about privacy and security with John C. Inglis, a former deputy director at the National Security Agency and a current advisor to Securonix, a company selling security and surveillance software. Inglis was at the NSA at the time of the leaks by former NSA contractor Edward Snowden, which have revealed surveillance programs that have raised significant privacy and civil liberty questions.

    Could technology be used to make mass surveillance programs more respectful of privacy? Former NSA cryptographer William Binney says that he helped build a system with such safeguards but that it was rejected by the agency’s leaders.

    It would be foolhardy for NSA to reject technology that would at once help us pursue national security and defend privacy and civil liberties. I know it ultimately didn’t pass muster. There is incidental collection, as there are two sides to every communication in the world, but you’re bound by law and policy to treat innocents as innocent until you have compelling information to treat them otherwise. If you asked [NSA employees] how they compromise between privacy and national security, they would say that the question is flawed because they’re expected to do both.

    Forbes: Whoops, Anyone Could Watch California City’s Police Surveillance Cameras

    Monday, August 18th, 2014

    Forbes reports that Thomas “T.K.” Kinsey and Dustin Hoffman of Exigent Systems, an IT company, were able to hack into the surveillance system of law enforcement in Redlands, Calif.:

    Redlands has over 140 surveillance cameras around the 70,000-person town that have helped the police spot and stop drunk drivers, brawlers, vandals, and people illegally smoking in parks, according to a case study on the site of Leverage Information Systems, the company that provided the camera system. [...]

    The cameras were deployed as a mesh network, with camera nodes popping up as “available wireless networks” dubbed with names that were far from stealth, such as “RPD – West End.” The cameras used a proprietary mesh protocol to communicate but were not password-protected. Hoffman and Kinsey said that the protocol was fairly easily reverse-engineered and that tapping into the network was then easy, requiring no specialized hardware, and allowing anyone to have a police-eye’s view of the town. “All you need is a little Linux knowledge and some $20 Wi-Fi hardware,” says Hoffman. He and Kinsey mapped what the cameras watched, including the entrance to an adult video store. Read more »

    FTC Approves iKeepSafe COPPA ‘Safe Harbor’ Oversight Program

    Friday, August 15th, 2014

    The Federal Trade Commission announced that it “has approved the Safe Harbor Program of iKeepSafe, also known as the Internet Keep Safe Coalition, as a safe harbor oversight program under the Children’s Online Privacy Protection Act (COPPA) and the agency’s COPPA Rule.”

    The Commission’s COPPA Rule requires operators of online sites and services directed at children under the age of 13 to provide notice and obtain permission from a child’s parents before collecting personal information from that child. The COPPA safe harbor provision promotes flexibility and efficiency by encouraging industry members and others to develop their own COPPA oversight programs, known as “safe harbor” programs. [...]

    The COPPA law directs the Commission to review proposals to create new oversight programs.  The Commission determined that the iKeepSafe safe harbor program provides “the same or greater protections for children” as those contained in the COPPA Rule; effective mechanisms to assess operators’ compliance; effective incentives for operators’ compliance with the guidelines; and an adequate means for resolving consumer complaints.

    Privacy International: Identity theft persists in Pakistan’s biometric era

    Wednesday, August 13th, 2014

    Privacy International recently looked into identity theft in Pakistan, a country that has registered many of its inhabitants’ biometric information and issued computerized national identification cards:

    Even in the world of biometric identity and strong systems, people are able to obtain fraudulent identity cards by changing their particular details, or, in some cases, only the photo ID. The former Chairman of [National Database and Registration Authority (NADRA), the independent government agency responsible for the management of the entire national database system], Tariq Malik also said that given increasing levels of forgery and misuse in other personal documents, now is the hour to get expired identity cards renewed. He said that the menace of bogus identity cards could be wiped out by updating personal biometric details in the national database. [...]

    NADRA reports that it has deployed a state-of-the-art facial matching system with the capabilities to stop fraud and forgery in identity documents, yet people are still able to obtain forged identity cards. This was very puzzling to understand given the supposed surety, accuracy and privacy of NADRA database that such a scam was still happening even after the introduction of new chip-based identity cards.

    Read the full article for more information on identity theft in Pakistan.

    Washington Post: Feds to study illegal use of spy gear

    Tuesday, August 12th, 2014

    The Washington Post reports that the Federal Communications Commission will investigate the reported misuse of surveillance technology to spy on ordinary individuals:

    The Federal Communications Commission has established a task force to study reported misuse of surveillance technology that can intercept cellular signals to locate people, monitor their calls and send malicious software to their phones.

    The powerful technology — called an IMSI catcher, though also referred to by the trade name “Stingray” — is produced by several major surveillance companies and widely used by police and intelligence services around the world.

    The FCC, in response to questions from U.S. Rep. Alan M. Grayson (D-Fla.), plans to study the extent to which criminal gangs and foreign intelligence services are using the devices against Americans. [...] Read more »