Apparently with 100 miles of listening coverage ShotSpotter claims a June average of 85 gunshots detected per night from 30 cities including Chicago, Minneapolis, Washington and Oakland.

Their technology is based upon earthquake monitoring systems (and we know how accurate those are). It uses a network of listening sensors to identify sound wave patterns, triangulate them, and then notify nearby law enforcement. The company marketing page makes some bold claims:

…ShotSpotter systems are not fooled by noises which sound like gunfire but are misleading (like car backfires, firecrackers, etc.). Similarly, the technology filters out echoes and other acoustical anomalies. Using a continuous feedback loop which constantly adjusts sensor trigger and other parameters, ShotSpotter is able to deliver instantaneous system reports to dispatchers within seconds of a weapon being fired.

Seems like a good thing, but I wonder if the sensors can be turned on for other listening purposes. The low density of sensors might be one key factor that limits this type of use today.

My guess is that with only 8-12 sensors needed per square mile, a sound could have to be very loud to be noticed. Some articles say it only has an 80-ft accuracy. This could be by design, but probably has more to do with cost savings and 12 is apparently still sufficient to hear gunshots inside homes. Besides, more sensors could always be deployed. I just imagine someone will eventually want to tune the system to listen for certain words like “bomb”, gang slang, or drug terms.

Nonetheless, unlike cameras, which are criticized widely for full-scale surveillance in their typical setup, a sound-based system has the advantage of being tunable for known-bad activity. In that sense, it is easy to see how it grew out of earthquake sensing.

Coupled with cameras, sound sensors could in theory allow cameras to use the same known-bad activation, bringing automation and reducing privacy concerns of cameras. When a shot is fired, it would then spin up cameras and start recording in a specific direction. Even more into the future, imagine drones and/or robots that spring to life when they hear a sound and rush to a scene to start recording video.

Back to current issues, KCBS reportsa “successful” use of the technology in San Francisco:

“Even though the young man ran after the shooting, meaning he wasn’t at the location where the shooting occurred, the shot spotter technology pinpointed exactly where that shooting occurred. In this case it worked perfectly, exactly how it’s intended to work,” said Mannina.

The technology also allowed officers to secure physical evidence that they otherwise would not have found, had the new technology not been up and running.

ShotSpotter was used again early Monday morning when a gunshot was fired inside a house on Ceres Street. Several people were inside the house at the time, including a couple of small children, but no one was hurt. Police did arrest one person inside the house.

I like how officers are coupling technology with existing forensics processes to increase the accuracy of their investigations, but it begs the question of the accuracy of their information. I am sure it has already gone to trial but I wonder how people have argued the accuracy of the sound triangulation system?

Oakland is reported to have spent almost $400K on 84 sensors ($4,620/sensor) in 2006, and as a result was faced with a data analysis problem:

In its first year, the system detected nearly 3,000 gunshots, overwhelming city dispatchers. To counter the deluge, the police department worked with ShotSpotter to develop a mobile system through which officers would monitor alerts through laptops in patrol cars.

Interesting solution. Officers were equipped with more localized data, rather than having it route through a central dispatch system. Again, this could reduce privacy issues if local officers have to tie sounds to a case and thus no long-term central storage system is maintained.

It does not surprise me much that success of the system is said to depend on the talent, availability and training of those tasked with using it. This is just like any security logging and event monitoring technology:

ShotSpotter has proven more effective in some cities than in others. In North Charleston, S.C., for example, city officials say it helped to reduce the number of violent crimes in some of the more-dangerous neighborhoods by 35 percent in 2004.

But some larger cities have faced more limitations. Some Oakland lawmakers say that ShotSpotter has resulted in fewer than a dozen arrests since it was installed. The problem, they say, is that police don’t dedicate enough resources to follow up on the shooting calls.

Oh, well, I guess there still is no silver bullet solution. It is still a very interesting technology to watch, and I think it does far better integrated into other processes, rather than trying to stand on its own.

I posted far too much on Schneier’s Blog about Gary McKinnon. I started to get curious after reading other comments that asked what exactly was going on…so here’s my uneducated perspective:

Well, now that Harald is doing my work for me on historical facts, I thought I’d post some the details documented in the appeal:

http://www.publications.parliament.uk/pa/ld200708/ldjudgmt/jd080730/mckinn-1.htm

Page two has the UK courts’ opinion:

“As the Divisional Court itself pointed out (at para 34), the gravity of the offences alleged against the appellant should not be understated: the equivalent domestic offences include an offence under section 12 of the Aviation and Maritime Security Act 1990 for which the maximum sentence is life imprisonment.”

I suppose they are referring to the fact that he interfered with military systems:

“Having gained access to these computers the appellant deleted data from them including critical operating system files from nine computers, the deletion of which shut down the entire US Army’s Military District of Washington network of over 2000 computers for 24 hours, significantly disrupting Governmental functions; 2,455 user accounts on a US Army computer that controlled access to an Army computer network, causing these computers to reboot and become inoperable; and logs from computers at US Naval Weapons Station Earle, one of which was used for monitoring the identity, location, physical condition, staffing and battle readiness of Navy ships, deletion of these files rendering the Base’s entire network of over 300 computers inoperable at a critical time immediately following 11 September 2001 and thereafter leaving the network vulnerable to other intruders.”

Understated? What about the risk they are being overstated? Seriously. I have seen numerous global companies go inoperable for 24 hours due to a fat-finger internal error and watched execs just shrug it off as the cost of doing business. Try to sell a redundancy or security solution and some would say they’d rather pay for downtime.

The range of US estimates for damages appear to have been all over the place. Someplace between hundreds of thousands of dollars and millions was the cost to restore Windows to less than 100 systems? Or is the Pentagon saying that a corrupt windows system with no redundancy/backup and connected to the Internet is to be considered mission critical. Seems like it should be one way or the other, no? Were these systems so critical that they had proper redundancy, or were they so irrelevant that they could be replaced for a nominal fee. If there is something else going on, is that really the fault of an attacker or is there negligence also at work?

I guess my point is that the cost estimate reminds me of a $640 DoD toilet-seat story. And then there was the $1 trillion missing story in 2005

http://www.sfgate.com/cgi-bin/article.cgi?file=/c/a/2003/05/18/MN251738.DTL&type=printable

Would you really trust those guys with a damage/cost estimate, especially when they are embarrassed publicly?

The actual cost of re-installing a Windows OS and restoring a backup might be something in the order of a few hundred dollars per system, but it probably required endless paperwork and bureaucracy…plus it happened around the time of 9/11 and clearly ticked off the Army and Navy. And I doubt it helped that he supposedly left behind one taunting text message.

Anyway, the appeal text says the accused scanned over 73,000 systems but damaged or accessed just 97 of them. If we take a $700K estimate of repair in paragraph 15 that comes out to a repair cost per system of $7216.50. Given a hard figure, I wonder how that stands up to disaster recovery program estimates and the cost of downtime.

In other words the “damages” very well may have been trumped up in an overly rigid system to the point where prosecutors hope the Angelos case above is what McKinnon is going to face if/when he arrives in court in America.

Angelos, like McKinnon, backed away from a plea bargain arrangement with angry officials, then got the book thrown at him, and ended up with a life sentence for selling marijuana.

The Slate article discussed how the judge said “his hands were tied” when he handed out the sentence. Bad sign for America’s justice system, no? I think that’s what should have been addressed in the appeals document, instead of a comparison of bargaining rights, but I’m not a lawyer.

Nope, not a lawyer. Never been one. I think the Guardian already said what I meant already anyway. I just had to read the source and write up my notes if you know what I mean.

The controversy reveals a brewing battle over governance by a private testing firm of its own methods:

An attorney representing ETS conceded that it was impossible to know whether students took advantage of the poor proctoring at the high school to cheat, but said it would be unfair to other AP test takers throughout the nation to allow their scores to stand.

“ETS is a testing service, not a law enforcement agency,” ETS attorney Bruce M. Berman wrote in a letter sent Monday to the attorney representing the students. “Thus, it is not required to prove that test takers cheated as a prerequisite to canceling scores. . . . . Individual attestations of innocence are irrelevant.”

Do they charge for a re-test? Was it the fault of the school, the proctor, or the testing group that gaps were found in security during the test?

There is something really sad and ironic about the title “Countrywide Breach”. But the facts are the facts. There has been a Countrywide Breach in America. Two men are accused of conspicuously downloading all the CountryWide customer records over two years and selling them for relatively little ($70K).

The former employee, Rene L. Rebollo Jr., 36, of Pasadena, was charged with exceeding authorized access to the computer of a financial institution, the FBI said in a statement.

[…]

Rebollo would go into work on Sunday afternoons, log onto his company’s network and download the data onto flash drives, the complaint said.

Investigators believe he was selling the information to Siddiqi, who allegedly acted as a middle man for the companies that bought it, the complaint said.

The FBI says this was unauthorized and therefore a criminal act. That makes me wonder. I get notices about privacy practices all the time from CountryWide, (unfortunately) being a (vulnerable) customer of theirs, where they repeatedly warn me that if I do not actively tell them to protect my records they may be sold to other firms. I mean I am tempted to ask whether Rebollo is considered unauthorized only because he did not bother to pay Countrywide a portion of his revenue?

Are you surprised that the accused worked with the subprime mortgages:

Rebollo had access to Countrywide client information when he worked as a senior financial analyst for the subprime mortgage division, known as Full Spectrum Lending, according to the criminal complaint.

The bottom line here is that approximately 2 million records were sold (for $0.025/each, $500 for 20,000) over a 2 year period. The fact that this was done all via a flash drive on Sunday afternoons suggests it could have been detected easily and early. Was it an insider? A contractor? An outsider with inside connections? Who really cares about the perimeter anymore? The data flowed and the access was higher than roles apparently should have allowed over a long period of time.

Also interesting to note that Countrywide claims only 19,000 identities have really been compromised so far…but given 2 million records leaking over 2 years who would trust their own detection and accounting numbers?

Perhaps that’s too much sarcasm for this morning. Need coffee…