The smart guns are here May 16, 2013
Posted by Cameron Shelley in : STV202 , add a commentGuns have been in the news a lot lately, due to the development of 3D printable ones. However, gun news is not confined to additive manufacturing. From NPR comes an item about a “smart gun”, that is, a rifle that does the aiming and firing for the shooter. The Tracking Point rifle has a computerized scope with laser range-finger and heads-up display that corrects the shooter’s aim for environmental conditions, and can also delay pulling the trigger until it computes that the shot will hit its mark. It also allows the shooter to record videos of each shot for review, or posting to YouTube.
The video promotes the rifle’s use as a means of making hunting more efficient. As noted in the article, this efficiency will not suit purists, who point out that the system has the effect of deskilling the practice of hunting. I am reminded of a quote from an episode of The Simpsons, where Lenny, a gun enthusiast and NRA member, discourses on why hunters need assault rifles:
“Assault weapons have gotten a lot of bad press lately, but they’re manufactured for a reason: to take out today’s modern super animals, such as the flying squirrel, and the electric eel.”
Of course, as is often the case when tools become automated, purists will stick to the old ways, while people who otherwise would not engage in hunting may take it up with the new gear that makes it easier to score. They will be encouraged by the familiar, first-person-shooter look of the Heads-Up Display.
Naturally, the new technology poses security issues. The TrackingPoint rifle seems like a godsend to anyone planning an assassination. Aware of the issue, company President Jason Schauble notes that the scope is password protected:
“It has a password protection on the scope. When a user stores it, he can password protect the scope that takes the advanced functionality out. So the gun will still operate as a firearm itself, but you cannot do the tag/track/exact, the long range, the technology-driven precision guided firearm piece without entering that pass code,” he says.
I wonder how many of the devices will have their passwords stuck on them with Post-it notes? In any event, the password scheme seems unimpressive. Given that the scope requires users to look into it, eye-scanning might be more a propos. Even in that case, it is unclear how robust the password system will be, or whether or not having to think of a password will deter people who want the system for malicious purposes.
Besides assassinations, some users may be inclined to appropriate the system for various stunts. Some will imitate William Tell and shoot objects perched on heads. Others may find excitement out of getting the system to do odd things that the designers have probably not considered. Think of Autotune, a system that was originally designed to correct variations of pitch in singing, but was quickly used to produce odd and inventive, new sound effects instead. TrackingPoint hackers will likely find ways to get the system to produce interesting patterns of shots, playing “X”s and “O”s or spelling names with bullet holes, perhaps.
It will be interesting to see how this gun factors into the ongoing gun control debate in the US. Is access to smart guns an inalienable right? Or, should they be regulated in some way? Perhaps the best move would be not to ban smart guns but to produce a weapon smart enough not the pull the trigger at all.
Two treasure-hunting robots April 29, 2013
Posted by Cameron Shelley in : STV202, STV302 , comments closedSometimes, the daily news provides items that make for an inadvertent but interesting pair. Today’s news provides just such a comparison, both from the Huffington Post.
The first item concerns a robot that has revealed burial chambers under the Temple of the Feathered Serpent at Teotihuacan, near Mexico City. Teotihuacan was the site of an ancient civilization that built this monumental city, ever more thoroughly excavated by archaeologists.
New technologies have permitted the excavations to go even further. A 2011 survey using ground-penetrating radar revealed an unexplored tunnel under the Temple. This year, a 77-pound robot named Tlaloc II-TC (after Mexico’s ancient god of rain) was used to inspect the tunnel and see what may be seen. The result was the discovery of several burial chambers, perhaps even those of the rulers of the City.
(Courtesy of INAH)
The second item concerns a young man, who goes by the handle “ioduremetallique”, who has designed a robot that excavates pop cans from vending machines. Have a look!
The design is clever, and I am sure that newer versions will work even faster.
Robots can be great prostheses, helping people to reach places that are difficult or impossible otherwise. Besides helping us stretch our physical limitations, they will help to challenge our ethical boundaries as well.
Scared yet? April 11, 2013
Posted by Cameron Shelley in : STV202, STV302 , comments closedIt has been a while since we had any scary Internet security bulletins, so here are a couple.
First is this story from FastCompany about how “cybercriminals” took control of the heating system in a New Jersey manufacturing plant:
According to ICS-CERT, hackers exploited vulnerabilities in industrial heating systems which were connected to the internet, and then changed the temperature inside the buildings.
Actually, this hack sounds useful. Have you never wished you could take control of the HVAC in your building? It seems that you can, if you know the right cybercriminals, or are one yourself.
Second is this story from ComputerWorld about a conference demo by hackers showing how they built an Android app (awkwardly named “PlaneSploit”) that allows them to take control of airplanes in flight:
Once he was into the airplane’s computer, he was able to manipulate the steering of a Boeing jet while the aircraft was in “autopilot” mode. The only countermeasure available to pilots, if they even realized they were being hacked, would be to turn off autopilot. Yet many planes no longer have old analog instruments for manual flying. [Security consultant Hugh] Teso said he could take control of most all airplane systems; he could even cause the plane to crash by setting it on a collision course with another plane. He could also give the passengers a serious adrenaline rush by making the oxygen masks drop down.
Wheeee!!!
Happily, Teso demonstrated his ability on a simulated flight since a real demonstration would be “too dangerous and unethical”.
How do such security issues arise? Well, no system is ever perfectly secure. However, I think that Bruce Schneier has a point when he argues that security is usually an after-thought:
Companies find that it is cheaper to weather the occasional press storm, spend money on PR campaigns touting good security and fix public problems after the fact, than to design security in from the beginning.
As long as security is treated as a bolt-on, vulnerabilities like the ones above will remain a fact of life when dealing with networked gear.
(Taylortbb/Wikimedia commons)
DNA gun January 24, 2013
Posted by Cameron Shelley in : STV203 , comments closedFrom the Huffington Post comes the interesting news that a British firm “SelectaDNA” has designed a “DNA gun”. At first, you might think a DNA gun would extract some of the target’s DNA and capture it for analysis. Instead, this DNA gun actually tags the target with synthetic DNA. The tagged person can then be identified later by detecting the synthetic DNA on them. The idea is for police to use the gun as a way of tagging miscreants during a melee for apprehension at a later and more convenient time.
(SelectaDNA)
Tagging people for later arrest is not a new tactic. In the past, police have inserted dye into water then sprayed into crowds of rioters by water canons. On other occasions, police have used paintballs to tag people for later inquiries. I suppose that DNA pellets have the advantage that they do not make a mess, and sympathizers will not be able to smear themselves with the synthetic DNA in solidarity with tagged rioters.
The bright orange colour of the gun is meant, I guess, to emphasize that it is not a weapon. Even so, the act of drawing and aiming the device will no doubt be viewed as an act of aggression by both the wielder and the target.
Privacy and emails November 19, 2012
Posted by Cameron Shelley in : STV302 , comments closedThe General Petraeus affair has brought new attention to an established issue, that is, privacy of emails. Petraeus was brought low when the FBI accessed an anonymous Gmail account that Petraeus had used to conduct an affair with his biographer, Paula Broadwell. As many commentators have pointed out, it seems odd or ironic that the head of the CIA resorted to a simple (and not very secure) ruse to conduct secret business.
(Rahuldeshmukh101/Wikimedia commons)
In any event, the ease with which the FBI obtained access to Petraeus’s emails underlines the lack of privacy that people with such accounts enjoy, according to critics:
The fact that police can get that information with a subpoena — just a letter, usually without approval of a judge — is deeply disturbing to civil libertarians like Chris Calabrese, legislative counsel for privacy issues at the ACLU.
The position of the ACLU is that such information should require a warrant, just as if the police were intending to search your house. Needless to say, the police do not take the same view of the matter:
But Scott Burns, executive director of the National District Attorneys Association, says Americans should understand how much more work that would create. “The difference is, an investigative subpoena is a one- or two-pager, and a search warrant is a book report,” Burns says.
All those extra warrants, he says, would make life “incredibly difficult” for police.
This issue of the security of someone’s email illustrates a common trade-off: Enjoying security means being able to conduct your affairs without enduring the scrutiny of the state. As then-Canadian-Minister-of-Justice (and later Prime Minister) Pierre Trudeau once said, “There is no place for the state in the bedrooms of the nation.” However, privacy also means being able to hide misdeeds from the public, even when the public has a stake in the outcome. (What if Petraeus’s mistress had been a foreign agent?) The issue becomes one of how to balance these competing and legitimate interests in a way that is fair to all concerned.
Although I am sure that it would be small comfort to Petraeus, it is worth noting that his arch-adversaries have similar difficulties. According to ABC News, the Taliban has had problems keeping its email list secret:
In a Dilbert-esque faux pax, a Taliban spokesperson sent out a routine email last week with one notable difference.He publicly CC’d the names of everyone on his mailing list.
The names were disclosed in an email by Qari Yousuf Ahmedi, an official Taliban spokesperson, on Saturday. The email was a press release he received from the account of Zabihullah Mujahid, another Taliban spokesperson. Ahmedi then forwarded Mujahid’s email to the full Taliban mailing list, but rather than using the BCC function, or blind carbon copy which keeps email addresses private, Ahmedi made the addresses public.
The email list consists mostly of journalists, who would be the natural recipients of a press release. However, it also includes a number of Afghan legislators, academics, and activists, whose loyalties are now, no doubt, under review.
Stewart Brand once said that, “information wants to be free.” The tendency of information to escape confinement on the Internet is notorious, as these examples demonstrate. If you are determined to communicate in secret on the ‘net, then you should look at these hints from the New York Times. Good luck!
E-voting wrap-up November 13, 2012
Posted by Cameron Shelley in : STV302 , comments closedBefore the latest US Federal election becomes a distant memory, it would be instructive to review some of the e-voting stories (or non-stories) that were raised a week ago.
(Argonne National Laboratory/Flickr.com)
Nick Bilton of the New York Times asks why a nation that put a man on the moon cannot hold an election featuring e-voting:
So at a time when we can see video shot by a robot on Mars, when there are cars that can drive themselves, and when we can deposit checks on our smartphones without going to a bank, why do most people still have to go to a polling place to vote?
The answer, as he acknowledges (and as we have noted previously) is that e-voting systems are not secure against hacking. Anonymous is an interesting phenomenon, but not one that should be determining the outcome of American elections.
Why, then, can a nation that never put a man on the moon nor a robot on Mars, that is, Estonia, hold an election featuring e-voting? In a nutshell, Estonia is in a superior position regarding security, and has a political system that lowers the payoff on hacking the system:
What’s Estonia’s secret? For one, all Estonians are issued a government ID with a scannable chip and a PIN number that gives them a unique online identity — they can use this identity to file their taxes or pay library fines or buy bus passes. That makes Internet voting workable. (The votes are encrypted to preserve anonymity.) What’s more, Estonia has a proportional representation voting system, rather than a winner-take-all system like the United States.
I suppose the latter point is that, in a winner-take-all system, there are often a handful of “swing” districts (think Ohio in this election) that could decide the overall outcome. Thus, hackers could determine the outcome of an election with a few, well-placed interventions. In a proportional system, however, hacking would have to be far-flung and probably much more conspicuous.
That observation does not bode well for e-voting in Canada, since we have no national ID system and have a winner-take-all electoral setup.
For those hungry for more dirt on electronic voting in the last election, check out the synopsis at this article from IEEE Spectrum. And, in the meantime, enjoy your paper ballots!
Terrorist detection November 12, 2012
Posted by Cameron Shelley in : STV202 , comments closedSurveillance provides a basic security function. In many cases, security means excluding certain people from gaining access to some resource. (In other cases, it might mean excluding certain activities, rather than individuals.) In order to do this, some surveillance or monitoring of those seeking access is the obvious solution.
Usually, we look to specialized security measures, such as trained security personnel, to provide that surveillance. Sometimes, though, security is crowdsourced; that is, the general public are asked to be on the lookout for suspicious behaviors. Bruce Schneier calls these systems “see something, say something” measures. This approach is embodied in the “iSee-iSay” app discussed previously. In a more recent, and low-tech, example, Schneier notes that the US Department of Homeland Security has has published a list of 19 behaviors any combination of which may indicate that a hotel guest is a terrorist.
As Schneier notes, he has engaged in several of these activities himself. I can confirm that I have as well, even though I am not a terrorist. Clearly, the problem with this approach is that it is not designed to lead to accurate identification of terrorists or, more precisely, to separate terrorists from the general public.
In more technical terms, the plan embodied in this list is highly sensitive, that is, it is likely that terrorists staying in a hotel will display at least one of these behaviors. However, it is also very non-specific, that is, it is likely that many non-terrorists will display at least one of these behaviors as well. As a result, there would be many false positives (false alarms) if this procedure were actually followed. In practical terms, the result would not be increased security but increased paranoia accompanied by alarm fatigue.
E-voting USA 2012 November 6, 2012
Posted by Cameron Shelley in : STV302 , comments closedWith the American elections now taking place, there has been renewed interest in the state of e-voting. Voting electronically has long been an expectation, something that the march of progress would inevitably bring about. However, e-voting has failed, so far, to achieve the currency that might have been expected. Along the lines of, “Dude, where’s my jetpack?” people wonder where their voting app is. Some countries, such as Estonia, have fairly robust e-voting systems in place. So, what is holding up their arrival in the US?
The short answer to that question is, “security.” As pointed out in a recent article in the CACM, internet voting is fundamentally insecure. Anytime you connect a computer to the Internet, it becomes vulnerable to a number of unauthorized interventions. Such insecurity is not acceptable to a process that is so crucial to the functioning of a democratic state.
As a test of an e-voting system set for use in an election in Washington DC a couple of years ago, organizers invited netizens to try to hack the system. They were quickly obliged by a group from the University of Michigan, who broke into the e-voting system, reprogrammed it to elect Bender the robot from Futurama, and to play the Michigan fight song after every vote.
An article in New Scientist points to one of the salient differences between the US and Estonia regarding the establishment of secure e-voting:
In other countries, online voting has been done effectively. Estonia, for example, has held online elections since 2005, as have several other countries. The difference, says Smith, is that unlike the US, Estonia has a national identification system for its citizens.
Confirming that an incoming vote is authentic is difficult without a national system of ID authentication already in place.
Interestingly, the sub-headling of this article also demonstrates a conceptual issue regarding e-voting, namely the concept that security is a separate issue from the voting itself:
The technology is ready for elections to be held online, but until cybersecurity is strengthened they are on hold.
If security is not adequate, then the technology is not ready for elections to be held online. Security is not something that gets added to an electoral process, it is part of the process.
This fact is also evident in some of the accommodations being made for voters in New Jersey and New York whose normal polling stations are unavailable due to the effects of Hurricane Sandy. The State of New Jersey, for example, is allowing voting via email, followed by confirmation in hardcopy. The measure is problematic because it leaves the voting process open to fraud; it is difficult to authenticate emails. Also, it compromises the secrecy of the ballot; that is, a vote sent by email could be intercepted and read by third parties. However, in light of the situation, allowing displaced people to vote is thought to be important enough to trade off against lessened security and privacy.
Another issue that may rise in importance is the accuracy of electronic voting machines. Voting machines are known to make mistakes, e.g., to enter votes for candidate A for candidate B instead. Obviously, accuracy is important in an election, especially a close one.
In addition, many types of voting machines do not produce paper copies of votes; the votes remain merely as records in the machine’s computer memory. This setup can raise problems if the machine’s memory is corrupted, or if a re-count is required. Many states require manual re-counts in the event of a close result: How can you manually recount votes that are stored in a computer’s memory? And, how can you re-count votes in the event that the machine’s memory is compromised in some way?
I am reminded of the story recounted by Ray Corrigan in Digital decision making: A candidate in a US election demanded to observe the votes being counted, as was his legal right. He was shown into a room where sat the computer doing the counting. Not much to see! I doubt that observing a computer’s screensaver constitutes the kind of electoral transparency that the framers of the law had in mind.
On that note, there is also news that the Ohio Secretary of State’s office has allowed uncertified modifications to be made to software in the State’s voting machines. Normally, software patches to voting machines must be tested and certified to produce the right outcome. This condition was not applied to the latest patch because the patch is intended to allow for the monitoring of vote counting and not to modify the counting process itself. Of course, intentions and outcomes are sometimes different: Perhaps the patch will affect the counting process in spite of being intended not to. Who knows?
So, despite being futuristic, e-voting presents difficult challenges. As Tim Berners Lee points out, many US states would like to retire their e-voting systems but find it hard to do:
A decade ago, there was a great deal of momentum toward paperless electronic voting. Spooked by the chaos of the 2000 presidential election in Florida, Congress unleashed a torrent of money to buy new high-tech machines. Today, momentum is in the opposite direction. Computer security researchers have convinced most observers that machines like the ones in Fairfield Township degrade the security and reliability of elections rather than enhancing them. Several states passed laws mandating an end to paperless elections. But bureaucratic inertia and tight budgets have slowed the pace at which these flawed machines can be retired.
After spending billions on advanced e-voting systems, we have seen the future, and it has paper ballots!
Can more efficiency increase costs? September 24, 2012
Posted by Cameron Shelley in : STV202, STV302 , comments closedA recent New York Times article discusses reports that the introduction of Electronic Health Records (EHRs) in American hospitals may be increasing the cost of health care in that country. EHRs were introduced, in part, in order to cut down on health care costs by making record keeping and sharing more efficient and therefore cheaper. However, as the article notes, health care bills at hospitals that have adopted EHRs has increased, not decreased. What gives?
One possibility is that EHR systems encourage fraud. It is easy for doctors to click on check boxes that say they have performed tests or examinations that they have not actually performed. For example, one patient noted that he was billed for a complete medical examination that did not occur. He complained and the bill was changed. The patient, a health consultant, blamed the design of the software:
“No one would admit it,” Mr. Burleigh [the patient] said, “but the most logical explanation was he went to a menu and clicked standard exam,” and the software filled in an examination of all of his systems.
In fact, companies that produce EHR systems may be using this sort of “feature” as a selling point. Some vendors advertise that their software helps doctors to game the billing codes to maximize the amount they are able to charge for their services.
Certainly, some systems include features that lend themselves to the maximization of billing levels. They are able to automatically generate detailed reports about patient history, and allow for the copying of examination findings from one patient to another, a practice known as “cloning.” The point of these features seems to be that more detailed records can warrant more severe diagnoses, and therefore more costly services.
Of course, fraud or sharp practice were possible before EHRs. Perhaps, the security measures on EHRs may be more lax than on paper-driven systems. Some critics blame the lack of regulation on EHRs:
Dr. Simborg [former chair of a federal panel on the matter], for one, said he helped draft regulations in 2007 that would have prevented much of the abuse that now appears to be occurring. But because the government was eager to encourage doctors and hospitals to enter the electronic era, he said, those proposals have largely been ignored.
However, the article does not comment on the state of regulations on the earlier billing systems.
Besides fraud, it is possible that increased efficiency could lead to increases in cost. Jevons’ Paradox applies to situations in which gains in efficiency are eroded, or even offset, by increases in consumption. Increases in energy efficiency, Jevons observed, make energy cheaper, encouraging people to consume more of it. In the case of EHRs, gains in efficiency in administration may be “consumed” through a focus on more expensive procedures. That is, doctors may react to time and effort saved in dealing with paper records by scrutinizing patients more thoroughly, perhaps looking for signs of more severe and expensive issues to treat.
It may be that the two issues are related. We would like to think that doctors would expend any gains from increased efficiency productively. However, what counts as productive depends on the incentive structure present in the system. If it pays doctors more to spend their gains in time by fiddling the bills, then we must expect that to happen.
The design of EHRs does seem to be focussed on generating medical bills. As Marshall McLuhan might point out, if bill-generation is the focus of the system, it will soon become the focus of the users as well. So, to reap benefits for patients of time gained through efficiency, perhaps the design of EHRs could be less about the generation of medical bills and more about generation of positive medical outcomes.
Your robot valet is here May 2, 2012
Posted by Cameron Shelley in : STV202 , comments closedA recent column on robots in FastCompany describes a condo in Florida that will have robot valets. Well, almost. Residents in the building will drive their cars into parking bays where an automatic system will take over. The system acts like a the automated manager in a storage facility, taking the car to a slot in a set of (large) shelves within the bowels of the condo or retrieving it on command. A video explains:
The system promises some advantages for users over self-parking in a parking structure:
- Convenience: the system takes some driving time off the hands of car owners. This might especially fruitful for taking the car out of storage, since the driver can send a command remotely so that the system will have the car ready when the driver steps out.
- Efficiency: A shelving system without the need for driving lanes, ramps, etc. should be able to fit more cars into a given space than a conventional parking structure.
- Safety: Although not raised in the video, an automated parking system could improve safety. Transitioning between modes is challenging for safety in most systems, and entering or leaving a parking lot creates new opportunities for damage. An automated system might well do a better job than the manual one.
- Happiness: The valet system is undoubtedly cool and will also relieve owners of the need to enter parking structures, which tend to be unpleasant at best. So, drivers will be happy!
As ever, there are some potential challenges that remain:
- Casual access: It is not clear what access people have to their cars when they do not want to drive. Ever left a bag in the trunk by accident? It is easy and efficient to just visit your car in a parking structure and retrieve your stuff. It would be wasteful if the system had to fetch the car just so that the driver can get into the trunk.
- Entropy: At some point, the system will not match the right car with its owner. How frequently will it make such mistakes and how well will it cope with them?
- Efficiency: A car share system would be still more efficient than a bank full of idle, individually-owned vehicles. Such a system would also help to reduce the entropy problem, since the need to match cars to owners would not occur. Of course, the condo owners may not be into sharing cars.
- Security: Since the system is accessible remotely, e.g., by text message, it will make the cars available to hackers. What sort of measures will be in place to prevent tampering or theft?
The system represents an interesting idea, the transfer of storage technology to the parking garage. Still more interesting would be a real robot valet that could park your car in an existing structure, making it compatible with existing facilities. Of course, that would be even more of a challenge.
