This is actually a hack of this original Cyanide and Happiness strip, but it’s still funny…
Gold!
Author: Christopher Parsons
Policy wonk. Torontonian. Photographer. Not necessarily in that order.
Categories
FBI: Smart Meter Hacks Likely to Spread
Though a little over a year old, this post concerning the security of smartmeters is particularly valuable considering the rapid adoption of the technologies throughout Canada. Particularly pertinent:
Citing confidential sources, the FBI said it believes former employees of the meter manufacturer and employees of the utility were altering the meters in exchange for cash and training others to do so. “These individuals are charging $300 to $1,000 to reprogram residential meters, and about $3,000 to reprogram commercial meters,” the alert states.
The FBI believes that miscreants hacked into the smart meters using an optical converter device — such as an infrared light — connected to a laptop that allows the smart meter to communicate with the computer. After making that connection, the thieves changed the settings for recording power consumption using software that can be downloaded from the Internet.
“The optical converter used in this scheme can be obtained on the Internet for about $400,” the alert reads. “The optical port on each meter is intended to allow technicians to diagnose problems in the field. This method does not require removal, alteration, or disassembly of the meter, and leaves the meter physically intact.”
The bureau also said another method of attacking the meters involves placing a strong magnet on the devices, which causes it to stop measuring usage, while still providing electricity to the customer.
So, this suggests that insider threats and poor shielding enable significant fraud. Can’t say it’s surprising given how often these meters have been compromised when deployed in other jurisdictions.
No. Orin Kerr did a good analysis of this (see: http://www.volokh.com/2013/01/16/the-criminal-charges-against-aaron-swartz-part-2-prosecutorial-discretion/) which would have had significantly reduced time in jail, if any. Also, prospective millions in harm was similarly overwrought. This is normal for prosecutors to announce, and the media usually fails to dig into the press release to tease reality from PR.
Categories
Swartz vs Rapists
Now, the charges against Aaron were reported …poorly…insofar as individuals don’t tend to get all the charges piled onto one another when it comes time to sentencing. But still, he was looking at upwards to ½ the time the rapists are facing.
He was facing up to 35-years in prison. What are you talking about?
Orin Kerr walks through (see: http://www.volokh.com/2013/01/16/the-criminal-charges-against-aaron-swartz-part-2-prosecutorial-discretion/) how the charges likely would have unfolding had Aaron’s defense…and appeals…failed. My comment on sentence was a reference to the plea that was on the table (3 months, then 6 months).
(As a note: my comment isn’t meant as either supporting the prosecution of Aaron or the sentencing of the rapists.)
There are a lot of issues related to ‘wiretapping the Internet.’ A post from Privacy International, from 2012, nicely details the amount of metadata and data fields linked with just a Facebook message and the challenges in ‘just’ picking out certain fields from large lists.
As the organization notes:
Fundamentally, the whole of the request to the Facebook page must be read, at which point the type of message is known, and only then can the technology pretend it didn’t see the earlier parts. Whether this information is kept is often dismissed as “technical detail”, but in fact it is the fundamental point.
We should be vary of government harvesting large amounts of data and then promising to dispose of it; while such actions could be performed, initially, once the data is potentially accessible the laws to legitimize its capture, retention, storage, and processing will almost certainly follow.
Chatterjee has a good, quick, article on the significance of ‘big data.’. Note experts warning that, as a result of massive data aggregation, almost all individuals will have secret or sensitive information about themselves stored, traded, or used in the course of companies’ daily activities. This information isn’t necessarily about anything illegal, but legality is not the sole benchmark for whether humans want others to know things about them: embarrassing, shameful, or similar information that may not break the law could be financially, personally, or emotionally damaging should it be provided to third-parties.
Also, take note of Ohm’s warning that we should slow down and think about what is happening with regard to massive data aggregation and mining; we shouldn’t just commit ourselves to pushing the ‘privacy envelope.’ Headlong rushes and acceptance of novel technical structures that invisibly affect billions, with little clear accountability for corporate data mining practices, is a recipe for constructing futural harms.
Categories
2013.3.19
So even in the worst cases, free products don’t usually end too badly. Well, unless you’re a user, or one of the alternatives that gets crushed along the way. But everyone who funds and builds a free product usually comes out of it pretty well, especially if they don’t care what happens to their users.
Free is so prevalent in our industry not because everyone’s irresponsible, but because it works.
In other industries, this is called predatory pricing, and many forms of it are illegal because they’re so destructive to healthy businesses and the welfare of an economy. But the tech industry is far less regulated, younger, and faster-moving than most industries. We celebrate our ability to do things that are illegal or economically infeasible in other markets with productive-sounding words like “disruption”.
Marco Arment, “Free Works”
Categories
Internet Census 2012
While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.
Super interesting research, though incredibly illegal and borderline ethical (at absolute best, and most charitable).
The Internet is a surveillance state. Whether we admit it to ourselves or not, and whether we like it or not, we’re being tracked all the time. Google tracks us, both on its pages and on other pages it has access to. Facebook does the same; it even tracks non-Facebook users. Apple tracks us on our iPhones and iPads. One reporter used a tool called Collusion to track who was tracking him; 105 companies tracked his Internet use during one 36-hour period.
This is ubiquitous surveillance: All of us being watched, all the time, and that data being stored forever. This is what a surveillance state looks like, and it’s efficient beyond the wildest dreams of George Orwell.
Opinion: The Internet is a surveillance state – CNN.com (via new-aesthetic)
There are a few important things to recognize about Schneier’s argument (which, I don’t think, detract from his overall points):
- Surveillance isn’t inherently bad. It speaks to a distribution of power where another party enjoys heightened capabilities resulting from their perception of the surveilled. Surveillance becomes ‘bad’ when the power disequilibrium has harmful moral or empirical consequences.
- Again, it isn’t entirely surveillance that’s the ‘problem’ with the Internet; it’s the persistent recollection of information by third-parties, often without the data subject knowing that (a) the data was collected; (b) it was subsequently recalled in an unrelated context; © it was then used to influence interactions with the data subject. These problems have always existed, in some fashion, but we are living in an era where what used to historically have been lost to the ethers of time is being retained in massive databases. The nature of perpetual computational memory – often made worse when errors in retained data spawn in perpetuity across interlinked systems – challenges how humans understand time, history, and subjectivity in very powerful ways.
- With regards to (2), this is why Europeans are interested in their so-called ‘Right to Be Forgotten’. And, before thinking that forgetting some data collected vis-a-vis the Internet would lead to the end of the (digital) world, consider that Canadians largely already ‘enjoy’ this right under the consent doctrines of federal privacy law: the ‘net isn’t broken here, at least not yet!
(Note: for more on the consent doctrine as it relates to social media, see our paper on SSRN entitled, “Forgetting, Non-Forgetting and Quasi-Forgetting in Social Networking: Canadian Policy and Corporate Practice”)
Excited Pixels 