I do not think that word means what you think it means

Archive for the category “Security”

False Flags

Over the last week or so, there’s been an incredible amount of news coverage about the (alleged) ‘attempted assassination’ of an Russian ex-spy in Salisbury.

Today, the news has been full of stuff about how the nerve-agent used ‘points the finger at Moscow’, which just pings all the ‘yeah, but’ bells in my head.

Now, I’m not trying to say “Russia wasn’t involved”, because I simply don’t know.  But… this sort of “well it must’ve been them, they’re the ones who made it” ‘evidence’ and hype always makes me a bit twitchy.  If you extrapolate that, you might as well say that a car manufacturer must be responsible for every accident on the road, “because they’re the ones who made it”.

I don’t know enough on this one way or the other.  But if I were a player on a much larger political stage, and I wanted to (for example) divert public and media attention away from one ongoing political clusterfuck, and point it all somewhere else, I’d be looking at making a Big Bad Enemy that can be blamed for Why You Should Be Afraid. And I’d probably work to either get materials that can be attributed to that Big Bad Enemy, or… well, or just make up all that ‘evidence’. Because of course it’s all ‘top secret’ and ‘in the interests of national security’, so they’re never going to produce that evidence in public anyway.

And it’s impossible to imply that only Russia had access to this stuff.  If nothing else, American scientists (and there’s no way there weren’t security/agency personnel in that entourage!) visited and helped decontaminate the plant where the nerve agents in question were being produced.  If they were approved for Russian military use (and they were) then those nerve agents would’ve been distributed to army installations and so on. All too easy at that point for them to be ‘mislaid’ and/or sold or stolen to anyone else.

All told, this entire story stinks, and rings very much as “A big boy did it, and ran away!”  It’s all just a bit convenient.

Running Into The Flames

Following on from the stories about the terrorist attack yesterday at the Houses of Parliament, the BBC has a piece on the people from St Thomas’s Hospital (literally just over the bridge from the Houses of Parliament) who, on hearing about the incidents, ran to help.  And not just doctors and nurses – I feel a huge dollop of recognition should also be due to Tobias Ellwood, the MP for Bournemouth East, who went to help resuscitate the stabbed policeman.

I don’t care what the hell else is said about those events, but those people are heroes.  Stories like these always remind me of the speech from the West Wing TV Series, (The episode “20 Hours In America, Part II“, if you want to look it up) in the aftermath of another (fictional) terrorist attack …

… and two others are in critical condition, when, after having heard the explosion from their practice facility, they ran into the fire to help get people out. Ran into the fire. The streets of heaven are too crowded with angels tonight.

Gets me every damn time, the people who don’t stand and take pictures, who don’t run away, but instead run towards the danger.  I’d like to think I’m of a similar ilk – but who really knows, until that time comes?

Slack Data

In the car I hired last weekend, it had a load of built-in tech – Ford’s Sync system – that was quite interesting, not least for the fact that it worked really nicely and easily. Connecting my phone to the car was a doddle, the satnav worked well (and better than my usual stand-alone device in several ways) and it all just seemed pretty easy.

However. It’s obvious that it was designed for a standard “family car” scenario, rather than a vehicle that would be hired to many different users. Which makes sense, but leads to an interesting longer-term problem…

Basically, people are lazy – and don’t think about their data. So the convenience of connecting one’s phone to the car system for hands-free calls etc is great, as is the simple download of the phone’s address book to the system. But if you then don’t delete it when you take the car back to the hire place, it’s all available to the next user. The same applies to the satnav system – ‘recent destinations’ is a goldmine of activity, right down to house number and location. (And I suspect, with a bit of work, one could connect the destination to a phone number in that downloaded phonebook)

It just interests me, how little people care (or understand) about their information. I cleared down the whole car system before I returned it, which took less than five minutes all told. So it’s not much work, but it’s still work, which most people don’t seem willing to undertake.

I’ve suggested to the hire company that it should perhaps be part of the car sanitising process when it’s returned (or before it’s hired back out, whichever) although I realise that makes it more hassle for them, and there’s a lot of different setups in the various cars.

Of course, it’d be better if people cleaned up after themselves – or the car tech had a “forget everything” button/process (although that would still be too much effort for most people) that did the job. But that won’t happen until people realise how important this shit can be, and sadly that tends to only happen by negative paths/occurrences/events, and will always be learned too late.

Lockdown (Experimental)

In the interests of – well, really just geekery – I’ve turned on HTTPS encryption on D4D™. It should be an invisible process to users of the site, but I want to know if it actually is or not.

I firmly believe in making all internet connections more secure, for a bundle of reasons I’m not going to go into right now. So I figure I might as well do some testing of it here (as well as on some other projects I’ve been running, or that are coming up and haven’t been mentioned here) to see how it goes.

In other news, it’s been a busy old week again, but I’ll write more about that in a different post.

Security Stupidity

Every so often, I’ll see a scenario that just leaves me utterly gobsmacked. Sadly, they’re usually based around security of some sort – for whatever reason, it’s something I’m generally pretty tuned in to, and aware of.

Yesterday’s one was an absolute blinder – and caused by a complete lack of thought/awareness.

While I was walking at lunchtime, the person in front of me was paying a bill over the phone. Using hands-free, so it was all done out loud.  (I don’t quite get why some people use hands-free for conversations on mobiles while walking – particularly when they’re still holding the mouthpiece to their mouths anyway. People be weird)

That wasn’t so bad – he was entering the card details using the keypad, so in that aspect it was fairly secure. Not how I’d have chosen to do it, but hey, I’m not one to judge.

The bit where it all went tits up, though, was that the payment line then reads the numbers back to the user, as a confirmation. “If this is correct, press 1“.

It’s a scenario where the developers etc. have thought about how to confirm the card data, and it makes sense to read it back. They’ve just not seen the real-world situations where people then do these things in public, on hands-free speakers. But it meant that – were I a bad person – I’d have all of that guy’s card information (it even read back the CV2 validation number) which I could have made use of.


And in case anyone’s wondering, I did tap him on the shoulder when he’d finished the call, and explained that he really should get that card changed ASAP. If I could hear it, or if he does that on a regular basis, then the card is compromised, and it’s only fair to make him aware of it.

It’s up to him, of course – but the fact I told him his card number, expiry date, and CV2 (correctly – I really do need to get out more) certainly seemed to focus his mind somewhat…

Home Security

Over the last couple of years, I’ve walked round the village fairly frequently, just for extra exercise (and also, you know, why not?)

Over the last couple of days (the days between Christmas and New Year, which I saw someone call “the festive perineum”, which amused me more than it should have) while doing that route, it’s made me think about just how easy people make it for potential burglars, just by advertising that they’re not home.

No lights, curtains open, even stuff left outside the door.  It’s really quite gobsmacking.

After all, it’s not like time-switches are rare (or expensive) – they’re the easiest thing to use to at least make a house look occupied. Yet even that simple thing seems to be beyond so many people. I (kind of) get it, if you’re in 355 nights out of the year or whatever, that it might not be something you bother with. But it’s not like the Festering Season comes as a surprise – and if you know you’re going to be away, why not spend a tenner and at least get a couple of timeswitches so you can put on a radio/TV and a light?

Maybe (hopefully) these people have never had a break-in, have never known that icky feeling that someone else – someone uninvited – has been in your home, has gone through your things. Let alone that that person has then taken some of those things, and you have to figure out just what has gone.  I hope that’s the case, but it’s still no excuse for being complacent about it (in my opinion) and leaving oneself open to the chance of that happening.

It’s no excuse for complacency, but then, people so rarely seem to need an excuse to think “It’ll never happen to me”. Until it does – and then it’ll be everyone else’s fault.

For Your Safety

You know, I for one am getting really tired of the government phrases “It’s for your safety” and “it’s for your security”, which are getting bandied around more and more.

This week it’s been used about blocking flights to and from Sharm El-Sheikh because of an alleged – but unproven – bomb in the hold of the plane that crashed in the Sinai desert last week. It’s also been used in discussions about monitoring everyone’s internet traffic and holding those records for at least a year, and in revelations about MI5 monitoring every domestic phone-call in the UK for the last ten years.

Governments like people to be scared – and more and more, we seem to be happy to let the government take these measures ‘because it makes us safer’. It doesn’t, it just gives up more information to the government – and all in the name of ‘safety’.

Basically, it’s shit.

[I know, I need to think more about this and write more. But it’s a phrase that bugs me every time it’s used]

Post Navigation