Life under a national security state is not a life. Living under such a state is simply living like a slave, or at best it is like living in a big prison, albeit one that has invisible bars. While invisible, these bars are, nevertheless, extremely constraining.
Maher Arar, from “What Life Looks Like Under a National Security State”
When it comes to a backhoe versus fiber, the backhoe always wins.
Jim Reese, from Steven Levy’s In The Plex
Ron Amadeo has a terrific and comprehensive post on all the various Android UI issues. Well worth the read if UI and UX is something you pay attention to.
The issue here is that data reduced to paper form loses much of its usefulness. The effect is to take power away from the recipient of the data (and by extension in this case from you as a citizen) and conserve it in a government institution as much as possible. Unless the user is bloody-minded enough to re-enter it manually, which of course is only possible at a certain scale.
Bruce Schneier has a clever piece discussing the contemporary model of ‘feudal security’, where user have committed themselves to differing lords of the Internet. As a taste:
Some of us have pledged our allegiance to Google: We have Gmail accounts, we use Google Calendar and Google Docs, and we have Android phones. Others have pledged allegiance to Apple: We have Macintosh laptops, iPhones, and iPads; and we let iCloud automatically synchronize and back up everything. Still others of us let Microsoft do it all. Or we buy our music and e-books from Amazon, which keeps records of what we own and allows downloading to a Kindle, computer, or phone. Some of us have pretty much abandoned e-mail altogether … for Facebook.
These vendors are becoming our feudal lords, and we are becoming their vassals. We might refuse to pledge allegiance to all of them – or to a particular one we don’t like. Or we can spread our allegiance around. But either way, it’s becoming increasingly difficult to not pledge allegiance to at least one of them.
Feudalism provides security. Classical medieval feudalism depended on overlapping, complex, hierarchical relationships. There were oaths and obligations: a series of rights and privileges. A critical aspect of this system was protection: vassals would pledge their allegiance to a lord, and in return, that lord would protect them from harm.
Of course, I’m romanticizing here; European history was never this simple, and the description is based on stories of that time, but that’s the general model.
And it’s this model that’s starting to permeate computer security today.
The rest of the piece is clever; highly recommend taking a read.
… sacrifices often involve the rights and liberties of minorities and dissidents, so the costs aren’t born equally by all in society. When people say they’re willing to give up rights and liberties in the name of security, they’re often sacrificing the rights and liberties of others rather than their own.
Dan Solove, Nothing to Hide: The False Tradeoff between Privacy and Security
Kudos to the mayor of Saanich for, you know, obeying BC law with regards to ubiquitous license plate surveillance technologies that have been found to violate BC law. As the mayer says,
“Certainly [Saanich police] are finding it a useful tool, but because this thing is hosted by the RCMP, who isn’t subject to this oversight, there’s a glitch there,” Leonard said.
“Until it gets sorted out, we just voluntarily suspended use.”
It’s good to see ‘voluntary’ decisions to not violate BC law. Guess now we wait and see whether the other mayors of BC take similarly strong stances.
WPA2-PSK is recognized as a pretty reasonable way for most consumer to secure their wifi access point. That said, this mechanism falls pretty flat on its face when router manufacturers screw up, and it looks like Belkin has screwed up badly. From a Register article we see that:
Each of the eight characters of the default passphrase are created by substituting a corresponding hex-digit of the WAN MAC address using a static substitution table. Since the WAN MAC address is the WLAN MAC address + one or two (depending on the model), a wireless attacker can easily guess the wan mac address of the device and thus calculate the default WPA2 passphrase.
This is just really poor mechanism to calculate the password. At least the manufacturer has been totally silent on the issue, and unwilling to disclose how they intend to defray potential attacks; this gives the possibility that Belkin’ll fix things instead of just abandoning consumers (which seems to be, sadly, a pretty default vendor response when their errors undermine users’ privacy and security). Here’s hoping that Belkin decides to not be like most router vendors…
As Denham points out, though, the RCMP is not under her jurisdiction, so she can’t bring them into line. But the RCMP simply shouldn’t be running a surveillance system on people who haven’t broken any law, and they shouldn’t be able to take advantage of the federal-provincial jurisdictional split to do so either.
This means Canada’s Privacy Commissioner Jennifer Stoddart is going to have to school the Mounties on what privacy rights really mean, and why setting up a massive “just in case” database is not only a bad idea, it’s against the law.
Vincent Gogolek, “It Takes Two To Kill Illegal Police Licence Surveillance”
Alec Muffett has a terrific piece that clearly articulates why, exactly, passwords are beneficial elements of a broader security apparatus. He also notes core ‘risks’ associated with passwords, and how many of these risks can be defrayed (spoiler alert: just use a strong password management system).
Excited Pixels