By Cory Doctorow at 8:19 am Thursday, May 24
• Comments • Share
Ted Kaczynski updated his own entry in the Harvard alumni directory, just in time for his class's 50th reunion:
While many of his classmates sent in lengthy updates on their lives for the 2 ½-inch-thick “red book,” the entry for “Theodore John Kaczynski” only contains nine lines.
The listing says his occupation is “Prisoner,” and his home address is “No. 04475-046, US Penitentiary—Max, P.O. Box 8500, Florence, CO 8126-8500.”
Under the awards section, the listing says, “Eight life sentences, issued by the United States District Court for the Eastern District of California, 1998.”
Unabomber Ted Kaczynski lists self as ‘prisoner’ in Harvard alumni directory
(Thanks, Fipi Lele!)
By Cory Doctorow at 1:47 am Friday, May 18
• Comments • Share
Disclosures made by the UK Department of Work and Pensions in response Freedom of Information requests show that over 1,000 civil servants illegally snooped on private citizens' data over a 13-month period. A separate disclosure from the Department of Health showed over 150 illegal breaches in the same period. As Zack Whittaker points out in a piece on ZDNet, these are the same civil servants who will havvess to unlimited amounts of sensitive personal information if the government's plan to require mandatory snooping on all Internet traffic goes through. Who needs crooks breaking into government databases when you've got civil servants stomping through them with impunity?
Between April 2010 and March 2011, 513 civil servants were found to have made “unauthorised disclosures of official, sensitive, private and/or personal information”. The year continuing, between April 2011 and January 2012, more than 460 staff were disciplined.
The DoH on the other hand said it did not log each and every breach of unlawful access to U.K. medical records. It did say there were 158 recorded breaches in 2011. Only four years earlier, there were only 28 cases, representing a fivefold increase.
The FOI requests were made by Channel 4’s investigative series, Dispatches.
UK government staff caught snooping on citizen data
(via /.)
By Cory Doctorow at 8:06 am Wednesday, May 16
• Comments • Share
Yesterday, Byron Sonne was acquitted of all charges against him. Sonne is the Toronto-area security researcher who pointedly demonstrated the inadequacy and incoherence of the heavy-handed, $1.2B security arrangements for the G20 summit in 2010. Denise Balkissoon has done some of the best reporting on the bizarre trial that followed (after Sonne spent nearly a year in jail), and now she's got good commentary on the acquittal:
“Byron Sonne, you’re a free man,” said one of his lawyers, Joe DiLuca, as Sonne stood outside the courthouse.
“I can be a moron again on the internet,” Sonne said, as he ripped up court documents that listed the bail conditions—including a curfew and not using a cellphone—that he has lived with since May 2011...
Later on the day of the verdict, in Kensington Market, Sonne stood having a cigarette and discussing Anonymous and Gandhi with Alex Hundert, who pled guilty to counselling to commit mischief during the G20. “They took a somewhat radical person like me and said, ‘Let’s put the guy in jail with real radicals,'” said Sonne, who was not involved with organized activists in advance of the summit. “I’m not interested in playing by the rules anymore.”
Sonne said he intends to help non-technologically savvy activists learn to encrypt their computers and online communications. Police were unable to unencrypt one of Sonne’s hard drives, which led the Crown to argue that it must contain nefarious plans. “There’s nothing on there that wasn’t on my other computers,” said Sonne, who said he encrypted it for travelling over the U.S. border. “But it’s good to know that the technology works.”
Sonne aims to get back the computer security certification that was suspended during his arrest, and wants to start rebuilding his professional network.
Sounds like he needs a job. Toronto-area readers, take note!
Here's our previous Sonne posts.
Byron Sonne, found not guilty on all charges, has plans for the future
(Thanks, Denise!)
In Fort Worth, Texas, Elisa Castillo—a 56-year-old grandmother with no prior drug offenses— has been sentenced to life without parole. She maintains her innocence, and never "touched the drugs that sent her to prison,"
points out the ACLU; "Her fate was sealed, in large part because she didn't have a card to play when negotiating her sentence."
The Houston Chronicle has more.
— Xeni
By Cory Doctorow at 12:00 pm Tuesday, May 15
• Comments • Share
The May 27, 1922 issue of The Evening Independent carried a story about moonshiners wearing "cow shoes" to trick revenuers -- rather than leaving suspicious footprints leading up to their secret stills, they'd leave innocent-looking hoofprints in the dirt and grass. The New Yorker's "Photo Booth" had a good snap of one of the shoes (above).
Shiners Wear "Cow Shoes"
(via Kottke)
By Cory Doctorow at 6:06 pm Wednesday, May 9
• Comments • Share
Some highlights from the House Oversight Committee's report on the TSA's finance, courtesy of TechDirt:
* As of February 15, 2012, the total value of TSA’s equipment in storage was, according to TSA officials, estimated at $184 million. However, when questioned by Committee staff, TSA’s warehouse staff and procurement officials were unable to provide the total value of equipment in storage.
* Committee staff discovered that 85% of the approximately 5,700 major transportation security equipment currently warehoused at the TLC had been stored for longer than six months; 35% of the equipment had been stored for more than one year. One piece of equipment had been in storage more than six years – 60% of its useful life.
* As of February 2012, Committee staff discovered that TSA had 472 Advanced Technology 2 (AT2) carry-on baggage screening machines at the TLC and that more than 99% have remained in storage for more than nine months; 34% of AT2s have been stored for longer than one year.
* TSA knowingly purchased more Explosive Trace Detectors (ETDs) than were necessary in order to receive a bulk discount under an incorrect and baseless assumption that demand would increase. TSA management stated: “[w]e purchased more than we needed in order to get a discount...
* TSA intentionally delayed Congressional oversight of the Transportation Logistics Center and provided inaccurate, incomplete, and potentially misleading information to Congress in order to conceal the agency’s continued mismanagement of warehouse operations..
* TSA willfully delayed Congressional oversight of the agency’s Transportation Logistics Center twice in a failed attempt to hide the disposal of approximately 1,300 pieces of screening equipment from its warehouses in Dallas, Texas, prior to the arrival of Congressional staff..
* TSA potentially violated 18 U.S.C. Sec. 1001, by knowingly providing an inaccurate warehouse inventory report to Congressional staff that accounted for the disposal of equipment that was still in storage at the TLC during a site visit by Congressional staff..
* TSA provided Congressional staff with a list of disposed equipment that falsely identified disposal dates and directly contradicted the inventory of equipment in the Quarterly Warehouse Inventory Report provided to Committee staff on February 13, 2012.
Congress: The TSA Is Wasting Hundreds Of Millions In Taxpayer Dollars
By Cory Doctorow at 5:00 pm Tuesday, May 8
• Comments • Share
Nicola Schiavone is the recently jailed Camorra mafioso. His Naples home was photographed by the Italian tax police who raided it. It's quite an eyefull of Mafia-chic strangeness. The Guardian has the story.
Criminal? Italian mafia interior tastes exposed - in pictures
By Cory Doctorow at 6:00 am Thursday, May 3
• Comments • Share
Bruce Schneier comments on an NYT report on cybercrime that shows that there's just not much money to be had in being a ripoff artist. Dinei Florêncio and Cormac Herley wrote:
A cybercrime where profits are slim and competition is ruthless also offers simple explanations of facts that are otherwise puzzling. Credentials and stolen credit-card numbers are offered for sale at pennies on the dollar for the simple reason that they are hard to monetize. Cybercrime billionaires are hard to locate because there aren’t any. Few people know anyone who has lost substantial money because victims are far rarer than the exaggerated estimates would imply.
The authors frame cybercrime as a "tragedy of the commons," where the overfishing (overphishing) by crooks has reduced everyone's margins to nothing, making it hard graft indeed. Meanwhile, cybercrime estimates are subject to the same lobbynomics used to calculate losses from music downloading and profits from drug seizures:
Suppose we asked 5,000 people to report their cybercrime losses, which we will then extrapolate over a population of 200 million. Every dollar claimed gets multiplied by 40,000. A single individual who falsely claims $25,000 in losses adds a spurious $1 billion to the estimate. And since no one can claim negative losses, the error can't be canceled.
Cybercrime as a Tragedy of the Commons
By Cory Doctorow at 7:44 am Tuesday, May 1
• Comments • Share
The long-running UK Parliamentary investigation into the NewsCorp newspapers' practice of hacking emails and voicemails has wound down, and delivered a final, damning report. In it, the cross-party Parliamentary group describes Rupert Murdoch as "not a fit person" to run a major corporation. It also says that James Murdoch -- Rupert's son -- practiced 'wilful ignorance' of illegal activities at his papers. From Dan Sabbagh and Josh Halliday in The Guardian:
The cross-party group of MPs said that Les Hinton, the former executive chairman of News International, was "complicit" in a cover-up at the newspaper group, and that Colin Myler, former editor of the News of the World, and the paper's ex-head of legal, Tom Crone, deliberately withheld crucial information and answered questions falsely. All three were accused of misleading parliament by the culture select committee.
Rupert Murdoch, the document said, "did not take steps to become fully informed about phone hacking" and "turned a blind eye and exhibited wilful blindness to what was going on in his companies and publications".
The committee concluded that the culture of the company's newspapers "permeated from the top" and "speaks volumes about the lack of effective corporate governance at News Corporation and News International".
That prompted the MPs report to say: "We conclude, therefore, that Rupert Murdoch is not a fit person to exercise the stewardship of major international company."
James Murdoch is described as exhibiting a "lack of curiosity … wilful ignorance even" at the time of the negotiations surrounding the 2008 Gordon Taylor phone-hacking settlement and later in 2009 and 2010. The younger son of Rupert Murdoch is criticised for failing to appreciate the significance of the News of the World hacking when the "for Neville" email first became public in 2009 and during subsequent investigations by parliament in February 2010 and a New York Times report in September 2010.
Rupert Murdoch 'not fit' to lead major international company, MPs conclude
By Cory Doctorow at 5:44 am Sunday, Apr 29
• Comments • Share
Ronaldo sez, "I am writing because something relevant happened in Brazil two days ago regarding the local copyright collecting societies (analagous to Ascap and BMI in the US). After more than 6 months of investigation by a Senate special inquiry commission, 15 directors have been indicted for various types of fraud and crimes. Also, the Senate is proposing a new law to completely revamp the copyright collection system, based on principles of transparency, efficiency and tech improvement (I helped the Senate draft the law). I believe this might be interesting for people outside Brazil for various reasons. Both because it paves the way to a more transparent and accountable copyright collection system, and also because it is a huge contrast with cases like Megaupload: in Brazil it is the copyright societies that are been indicted for fraud."
The part that I'm excited about is "principles of transparency, efficiency and tech improvement." Collecting societies are based on the idea of statistically sampling music usage and remitting funds based on the analysis. Given that we live in the age of analytics, it's unforgivable that the basic algorithm for collection distribution is "all the money goes to the big four labels, except for some scraps that we give to a few indies, and the rather titanic rake we keep for ourselves." I think the 21st century is waiting for a collecting society run with the institutional transparency of GNU/Linux and the analytic efficiency of Google.
CPI do Ecad propõe novas leis e órgãos para gerir direitos autorais
(Thanks, Ronaldo!)
By Xeni Jardin at 8:10 pm Wednesday, Apr 25
• Comments • Share
Photo: Reuters. A man is screened with a backscatter x-ray machine at an LAX TSA checkpoint.
Four present and past security screeners at LAX took 22 payments of up to $2400 each to let large shipments of coke, meth, and pot slip through baggage X-ray machines. Oh, we are so very, very shocked.
In one incident detailed in the 40-page indictment (Link), screeners plotted to allow eight pounds of crystal meth to get through—then one of them ducked into an airport men's room where he was handed $600, the second payment for that delivery.
Read the rest
By Cory Doctorow at 10:29 pm Tuesday, Apr 24
• Comments • Share
If the previous ATM skimmer posts didn't scare the pants off you, this one from San Fernando Valley, which Brian Krebs reports on, might. It has a near-undetectable pinhole camera for recording timestamped footage of your PIN entry, and apart from that indicator, the only way to spot it is to yank hard on the front of the ATM before you start using it.
A few tips about ATM skimmers and skimming scams. It’s difficult — once you’re aware of how sophisticated some of these skimmers can be — to avoid being paranoid around ATMs; friends and family often tease me for stopping to tug at ATMs that I pass on the street, even when I have no intention of withdrawing money from the machines.
Still, it’s good and healthy to be somewhat paranoid while at an ATM. Make sure nobody is “shoulder surfing” you to watch you enter your PIN. A simple precaution defeats shoulder surfing and many other types of video-based PIN stealing mechanism: Cover the PIN pad with your hand or another object when you enter your PIN.
Skimtacular: All-in-One ATM Skimmer
By Cory Doctorow at 6:01 pm Wednesday, Apr 18
• Comments • Share
An FBI Phoenix memo (PDF) published on Public Intelligence documents a trademark indicator added by Vagos Motocrycle Club, an outlaw biker gang, to its jacket patch, to help them detect undercover law-enforcement officers. The gang's leaders apparently believed that the FBI couldn't find a vendor that would reproduce the patch and the circle-R indicator without authorization. I don't believe they're correct on this score.
(U//LES) The Vagos added the ® symbol to the bottom center of the large back patch as shown in photo 1. There are only about 20 of these new patches which are currently being worn by members. It is believed that the new patches will be given out to new members as they are vetted by the Vagos leadership. By doing this, the Vagos believe they will have exclusive rights to the Vagos patch and no one, including undercover officers, would be able to wear the patch without the consent of the International Vagos OMG leadership.
(U//FOUO) Research within the United States Patent and Trademark Office was conducted which indicated the Vagos International Motorcycle Club Corporation California, 780 N. Diamond Bar Blvd., #B12, Diamond Bar California, 91765, filed to make the Vagos name and symbol a registered trademark on July 2, 2010, Serial Number 85076951. Changes and requests by the Vagos Corporation were submitted as recently as May 2, 2011 to the Patent and Trademark Office.
(U//LES) FBI Motorcycle Gang Trademarks Logo to Prevent Undercover Infiltration
(via Wired)
By Maggie Koerth-Baker at 5:28 pm Monday, Apr 16
• Comments • Share
Science in fiction affects our ability to understand science in real life. For instance, you might already be familiar with the idea that detective shows on TV, particularly forensics shows like CSI, might be influencing what juries expect to see in a courtroom.
This is called the "CSI effect" and it's hotly debated. Some prosecutors think it has a real impact on jury decisions—if they don't get the fancy, scientific evidence they've been conditioned to expect then they won't convict. Meanwhile, though, empirical evidence seems to show a more complicated pattern. Surveys of more than 2000 Michigan jurors found that, while people were heavily expecting to see some high-tech forensic evidence during trials, that expectation probably had more to do with the general proliferation of technology throughout society. More interestingly, that broad expectation didn't seem to definitively influence how jurors voted during a specific trial. In other words: The jury is still out. (*Puts on sunglasses*)
A FRONTLINE documentary that airs tomorrow centers around an interesting corollary on this issue: Whether or not shows like CSI influence juries to expect more technology, they do present a wildly inaccurate portrait of how accurate that technology is. The reality is, many of the tools and techniques used in detective work have never been scientifically verified. We don't know that they actually tell us what they purport to tell us. Other forensic technologies do work, but only if you use them right—and there's no across-the-board standard guaranteeing that happens.
Even ideas you think you can trust implicitly—like fingerprint evidence—turn out to have serious flaws that are seriously under-appreciated by cops, lawyers, judges, and juries.
Brandon Mayfield, an Oregon lawyer, was at the center of international controversy in 2004 after the FBI and an independent analyst incorrectly matched his prints to a partial print found on a bag of detonators from the Madrid terrorist bombings.
Dror asked five fingerprint experts to examine what they were told were the erroneously matched prints of Mayfield. In fact, they were re-examining prints from their own past cases. Only one of the experts stuck by their previous judgments. Three reversed their previous decisions and one deemed them “inconclusive.”
Dror’s argument is that these competent and well-meaning experts were swayed by “cognitive bias”: what they knew (or thought they knew) about the case in front of them swayed their analysis. The Mayfield case and studies like Dror’s have changed how fingerprints are used in the criminal justice system. The FBI no longer testifies that fingerprints are 100 percent infallible.
Watch a short video that explains more about the flaws in fingerprint analysis.
The Real CSI episode of FRONTLINE airs tomorrow, April 17th. Check out the FRONTLINE website for more information.
Image: Fingerprint developed with black magnetic powder on a cool mint Listerine oral care strip, a Creative Commons Attribution (2.0) image from jackofspades's photostream.
, my book about the future of energy in the United States, will be published April 10th.