Insightful article on airport security

On January 3, 2008, In legal, security, By eugenekogan

If only more people could understand this logical point of view:

No matter that a deadly sharp can be fashioned from virtually anything found on a plane, be it a broken wine bottle or a snapped-off length of plastic, we are content wasting billions of taxpayer dollars and untold hours of labor in a delusional attempt to thwart an attack that has already happened, asked to queue for absurd lengths of time, subject to embarrassing pat-downs and loss of our belongings.

source: The Airport Security Follies

  • email
  • Digg
  • Facebook
  • LinkedIn
  • Google Bookmarks
  • StumbleUpon
 
0 Comments
Leave A Response

SWAT team at your service

On December 17, 2007, In legal, security, By eugenekogan

Imagine having a SWAT team under your command, willing to go just about anywhere you ask them to. Now also imagine that you’re a 15 year old kid with nothing better to do than play pranks on your friends. Carnage ensues.

This article, titled SWAT team goes to wrong home in 911 scam, from Salinas, CA, discusses a situation where the above presumptions were actually true. Apparently, a kid from Chicago was chatting online with another kid in Salinas, and decided to prank him. Using a yet to be determined method of spoofing his caller ID, he made his phone number appear to be the one of his “friend” in California. He then called 911 and told them he was being attacked by men with assault rifles. The police department obviously takes an emergency call like this seriously, so they dispatched a SWAT team to the unsuspecting boy’s house. Meanwhile, the guy back in Chicago is probably giggling like a school girl, knowing what is about to happen.

I haven’t heard the term “swatting” before, but that is what the media is calling this type of prank, which is actually a serious crime. The hard part in prosecuting something like this is attribution, just like any crime committed over the Internet. The swatter could literally be across the world in China. He could also be working with a group of people, simultaneously causing chaos at police departments across the country, or targeting a particular area. This type of attack makes me think of denial of service or intrusion detection system flooding. If you do it enough, eventually your targets become preoccupied with all the false alarms, and are not able to respond to a true emergency that might be happening at the same time.

Now, using caller ID to quickly and accurately determine someone’s location in a 911 call is generally very effective and helpful. A lot of times people calling 911 are too frazzled to even remember their address. But how can we ensure that these swatting pranks don’t get out of hand? As far as I can tell, the only real solution is something like the Truth in Caller ID Act, which was proposed by the Senate. That’s unfortunate, since I’m usually not a proponent of new, restrictive legislation, but some people will always abuse the system and ruin it for the rest of us.

  • email
  • Digg
  • Facebook
  • LinkedIn
  • Google Bookmarks
  • StumbleUpon
 
0 Comments
Leave A Response

Thanks for the taxes

On November 20, 2007, In legal, By eugenekogan

I try to avoid discussing political issues, but this one hit close to home.

It looks like the Maryland sales tax is going up to 6%, and will now include computer services. This will not end well for our economy, considering how much of it is dependent on technology. I have a feeling even more companies will be moving to Virginia or Delaware thanks to this new law.

The measure increases sales tax by 1% and adds computer support services, data center support, custom programming, consulting, and disaster recovery services to the list. Legislators approved the change as part of a tax package they passed early Monday morning.

The Computing Technology Industry Association said the move “will bring cascading harm” to the state’s IT industry, small local businesses, workers, and consumers.

This should be hitting the news today since it was just signed by the Governor this morning.

Update: House kills ‘tech tax’:  replaces bill with cuts, surcharges on millionaires

  • email
  • Digg
  • Facebook
  • LinkedIn
  • Google Bookmarks
  • StumbleUpon
 
0 Comments
Leave A Response

Big Brother

On October 3, 2007, In legal, security, tech, By eugenekogan

There is an insightful article in the Economist titled “Learning to live with Big Brother”. It makes some interesting points about the state of government (and commercial) surveillance as it stands today, and how it might evolve over the next several years. Here are some choice quotes that I liked:

Britain used to pride itself on respecting privacy more than most other democracies do. But there is not much objection among Britons as “talking” surveillance cameras, fitted with loudspeakers, are installed, enabling human monitors to shout rebukes at anyone spotted dropping litter, relieving themselves against a wall or engaging in other “anti-social” behaviour.

Ross Anderson, a professor at Cambridge University in Britain, has compared the present situation to a “boiled frog”—which fails to jump out of the saucepan as the water gradually heats. If liberty is eroded slowly, people will get used to it. He added a caveat: it was possible the invasion of privacy would reach a critical mass and prompt a revolt.

  • email
  • Digg
  • Facebook
  • LinkedIn
  • Google Bookmarks
  • StumbleUpon
 
0 Comments
Leave A Response

Is Comcast actively reseting BitTorrent traffic?

On September 5, 2007, In legal, networking, security, By eugenekogan

There are widely spreading rumors that Comcast is actively trying to degrade the performance of BitTorrent file transfers on its broadband cable modem network. Since BT uses a complex peer-to-peer architecture, stopping it is not as simple as just blocking a few port numbers. So, it looks like Comcast has resorted to sending spoofed TCP reset packets to terminate the occasional BT connection, making the protocol much slower and less reliable.

Why are they doing this? Well, the obvious reason is that BitTorrent traffic is taking up a huge part of their bandwidth, and that’s slowing down their over-subscribed cable modem networks. But this makes no sense. If Comcast users choose to allocate their bandwidth to BT, why shouldn’t they be allowed to? After all, that’s what they pay around $60 per month for.

Of course, Comcast will claim that they are trying to throttle the BitTorrent protocol due to the large number of copyrighted files it is used to transfer. Are they ignoring all the legal software, video, and music content that is also available via BitTorrent? There are tons of open source Linux distributions (which can be 4GB in size) that are frequently distributed via BT. And don’t forget local bands and amateur movie makers who use the protocol to spread their media content.

This makes about as much sense as blocking all email to help stop spam, or blocking all web traffic to help stop phishing attacks. Going after a widely used, generic, peer-to-peer file transfer protocol is the wrong approach.

By the way, according to Comcast, this is their policy on blocking network ports:

The only ports that may be actively blocked on the Comcast network are 67, 68, 135, 137, 138, 139, 445, 512, 520, and 1080 at this time. Any ports that are blocked will not be unblocked. If the port you would like to use is on this list, please select another port to use with your software. There are over 10,000 ports available for use. Please be advised that Comcast reserves the entitlement to block any ports on the network without prior notice. We thank you for understanding this security policy.

There is a good discussion about this topic on Slashdot.

  • email
  • Digg
  • Facebook
  • LinkedIn
  • Google Bookmarks
  • StumbleUpon
 
0 Comments
Leave A Response
« Previous Entries Next Entries »
Go To Top »