Feeds

The surveillance arms race

Just what is excessive?

The essential guide to IT transformation

Computers, Freedom, and Privacy Surveillance breeds more surveillance. That seems to be the primary message from the first day of this year's Computers, Freedom, and Privacy conference, held this week in Montreal.

The theme of the conference is "autonomy", one of those vanishing luxuries.

Lawyer Eugene Oscapella uses the war on drugs as an example. This effort provides the justification for all sorts of surveillance, from surprise school sweeps covering kids all the way down to kindergarten, to sending sniffer dogs through hotel rooms (besides airports, bus stations, and ferries), to dawn raids by police in full body armour and carrying machine guns. And the official explanation given after a failed bust? Policing is not an exact science.

Is flying over a house with a forward looking Infra-Red camera, as in the case of R v Tessling, invasive?

Since 2001, however, the war on drugs has been fuelling the War on Terror via the claim that terrorists are funded by the drug trade - and also by getting people used to being watched and searched. "The normalisation of extraordinary powers."

Some of that watching is being done by your own devices, as Simson Garfinkel explained in a discussion of computer forensics. Mobile phones are not standardised, so there is tension between law enforcement agencies, which want everything to be easy to read, and mobile phone companies, which may regard the inner workings of their designs as proprietary information. One English company has, however, come up with a scheme for reading mobile phone data directly from the SIM, bypassing the inconveniences of incompatible plugs and operating systems entirely.

Forensics breeds anti-forensics, so tools keep being developed to evade detection, disrupt the collection of information, and waste the examiner's time. For more, see the forensics wiki.

One interesting sideline: Garfinkel debunked the widespread belief that it's impossible to erase data from a hard drive in a single pass. On modern hard drives, he said, there's no evidence that you can't, and the National Institute of Standards (NIST) said in 2006 that a single pass is sufficient. But people just don't believe it.

Just as people also don't believe that the apparently contentless, impersonal information about who they contact and when is often actually more valuable to law enforcement than the content everyone tries so hard to protect. Using traffic data (such as the location data from mobile phones, or the pattern of calls or email correspondence) George Danezis figured that you could infer status, relationships, and much else. Computational sociology suggests that surveilling around six per cent of nodes can - if you pick the right six per cent - give you information about nearly 100 per cent of the entire network. Selection is the key, and traffic data makes it possible to pick that correct six per cent.

This is, of course, not how law enforcement has been working in the UK or elsewhere. Instead, they tend to take the Humphrey Appleby view that they must know everything, and so we get laws requiring data retention. If it doesn't work, we'd better do more of it. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
'Stop dissing Google or quit': OK, I quit, says Code Club co-founder
And now a message from our sponsors: 'STFU or else'
Ex US cybersecurity czar guilty in child sex abuse website case
Health and Human Services IT security chief headed online to share vile images
Don't even THINK about copyright violation, says Indian state
Pre-emptive arrest for pirates in Karnataka
The police are WRONG: Watching YouTube videos is NOT illegal
And our man Corfield is pretty bloody cross about it
Felony charges? Harsh! Alleged Anon hackers plead guilty to misdemeanours
US judge questions harsh sentence sought by prosecutors
Oz biz regulator discovers shared servers in EPIC FACEPALM
'Not aware' that one IP can hold more than one Website
Apple tried to get a ban on Galaxy, judge said: NO, NO, NO
Judge Koh refuses Samsung ban for the third time
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.