I’m a big fan of digital camera technology, and thus I usually am quick to support intelligent uses related to detective controls. Take for example a Bed & Breakfast that had issues with people loitering across the street dealing drugs. The B&B installed a camera, took some extracted video to the absent property owner and the next thing you know the neighborhood felt safe again. Here’s another example. Some well-intentioned system administrators were moving equipment in the racks when suddenly a core network device went off-line. Everyone started pointing fingers but a simple review of the video at the exact moment that the services were terminated shows who was in the cookie jar pulling power cables, and who was not.

Surveillance doesn’t happen in a vacuum, however, and there should be the same care and caution applied as with any other detective controls. Sadly, some investigators get so excited about the opportunity to nail every tiny infraction with uncontestably strong evidence that they start to sound like rabid dogs, ready to chase down every living thing and chew it to the bone.

Take for instance this proposal, recently captured in The Times:

BRITAIN’S top traffic policeman is pushing through plans to create a national network of roadside spy cameras that will be able to track the movements of motorists around the clock.

Meredydd Hughes wants the cameras to be installed every 400 yards on motorways, as well as at supermarkets, petrol stations and in town centres.

They are designed to crack down on uninsured driving, road tax evasion and stolen cars, but will also monitor millions of law-abiding drivers.

It sounds expensive and invasive with little return, if you ask me. One thing that surveillance camera projects should never do is start with an overly broad objective. It is similar to saying you want to write software to improve security every 400 yards on motorways…if you don’t start out with a good focus on the purpose of the system, then you will never end up with a clear picture of its usefulness.

On the other hand, when someone actually reveals that not only is there no intended benefit to the public but the real purpose of the surveillance (detective control) system is to become a source of revenue/taxation for the police, well, that should ring some alarm bells under the category of “clear conflict of interest”:

An Acpo strategy document, seen by The Sunday Times, makes the controversial suggestion that every ANPR “intercept officer� should aim to issue at least 310 fixed-penalty notices a year.

Fascinating article in the Guardian by Jeff Jarvis about online communication as a tool in the French riots:

the arrest last week of at least three young bloggers for allegedly using their sites to incite violence precisely highlights the confusion this new medium brings

I am surprised to hear that the French government is trying to control the debate by spending advertising money on Google. That just seems unsettling on so many levels, it’s hard to know where to begin.

The Guardian reports today that train stations in the UK are considering passenger security to be implemented in a similar fashion to airports. The problem with train stations today, which they rightly identify, is that they are not “closed”, especially compared to the sealed-off nature of airport terminals. Trains also are regularly accessible, unlike planes at 30,000 ft.

When you get right down to it, train security actually does not have much in common with planes other than the movement of large numbers of passengers on a schedule (e.g. “public transportation”).

The airport screening model seems to be increasingly considered high-cost and largely biased in some odd control areas, especially if you consider the lack of relevance to other forms of public transportation, so let’s hope the upcoming conference gets back to the basics like preventive and detective controls, defense-in-depth, etc.

An increase in attacks meant to setup high speed, public, distribution networks (pubstro) seems to be spreading. In a nutshell, this means vulnerable servers are being used as hosts for hidden ftp servers with little impact on other data that might be exposed on the host. Nothing especially new here other than the amazing efficiency of the attacks, which leads to robust “networks” of compromised systems, as well as the fact that breach laws are now in effect. The odd situation with market forces in this scenario is that attackers seem better at writing code to remotely install agents to generate revenue than many of the companies that are actually supposed to be in charge of the servers themselves. If this rate of change goes unchecked, my guess is that developers may see a more lucrative future in stealing resources than in being tasked to try and prevent them from being stolen. But who should bear the cost of the disincentives?

Some discussion on Educause suggests even fully-patched Windows 2000 systems are at risk.