Last year I moved to the UK and spend a considerable amount of time in London. Therefore I’m often on 10, 12, 16 or more cameras at any one time. I dislike it intensely, but it was something I knew I’d have to be dealing with when I moved. There’s no evidence that cameras prevent any serious crimes or even less serious ones, and there’s little evidence they’re very useful in catching perpetrators after the fact. They do, however, cause a lot of innocent people to modify their behaviors slightly since they know they’re on camera. It’s a subtle societal shift that most people will never even notice.
But one group has noticed and they’re very actively doing something about it. It’s an anti-surveillance group called Camover that started in Germany and is working its way onto the global scene. I’d never heard of them before yesterday, when Salon wrote a story highlighting their growth into the US. I’m of mixed feelings about this group and their growth; part of me wants to work to change society through lawful means, while another part wants to join in on pulling down the cameras and destroying them where ever they intrude on my ever disappearing privacy. No, I’m not of an anarchist bent at all, am I?
The part that bothers me is that while the members of this group probably see much of what they’re doing as a bit of relatively harmless vandalism, law enforcement probably paints them as felons and terrorists. Yes, terrorists. They’ll be painted as destroying the cameras that protect our freedoms and help catch terrorist. And when they’re caught, they’ll be treated as if they are terrorists, with all the extra-legal, non-judicial treatment that surrounds that designation. It won’t be a fun adventure for them, that much is sure.
I see a need for anarchists like this to rise up and show us that surveillance can be fought. I think we need more people to be aware of exactly how our society is being rapidly turned into a state where our every move is watched and judged. But I don’t think it’s worth risking disappearing into a detention center somewhere, with all of your rights suspended because an agent somewhere decided to label you as a terrorist.
Martin, Rich and Zach are joined tonight by none other than Josh Corman from the 451 Group to talk about the recent RSA breach. Actually, he was on more to talk about the industries reaction to the breach more than the breach itself. The reality is that we still know almost nothing about what happened, though Rich has a little insight that goes beyond the press release, since he’s actually talked to folks at RSA. Which means we know just a little more than nothing, which is not a significant improvement.
Another reason Josh wanted to join us was to talk about one of Rich’s recent articles, called Table Stakes. We clarify what Rich meant in the original post as well as talking about some of the more touchy feely aspects of the industry. Except Zach, who doesn’t do touchy feely so much. And finally we end up with a little rant about those hacks over at the Southern Fried Security Podcast and how they’re always imitating us. They even have they’re own Bizarro Zack, @jsokoly.
Network Security Podcast, Episode 234, March 22, 2011
My friend Adrian Lane, over at Securosis, finds the best toys to play with. This one, called Spokeo, lets you search on a name and see what sort of personal information is out there about that person. Like Adrian, I always search on myself first, wanting to see what sort of information is out there about me. And there’s a lot of it; even someone like myself who wishes they had some privacy leaks a lot of information, even if its just in public records. Luckily I have a father with the same name, so our information is a little mixed up, with a sprinkling of misinformation added in. If I can’t have privacy, having false information available to search engines is a good second.
The funniest part of looking up myself was finding my house in Streetview, which is offered directly in the Spokeo interface, then turning the camera around to see myself getting out of the car. The picture’s about two years old, but it still jogged some memories of seeing the Google car drive by. The picture is blurring and it’d be hard to recognize me from it, but there it is. Being in a public place (the road), I’m not surprised to be photographed, but it does serve as a reminder of how often we’re being photographed in public, even if we are seldom aware of it. That is to say that people who don’t live with a mild form of paranoia are seldom aware of.
Unluckily, the only time I was able to make it down to SF Bsides was for the Great PCI Debate, part 2. Luckily, all the rest of the presentations that went on there are available via Ustream. Of course, I still say the Great PCI debate was the most important presentation, partly because it contains guest spot by me (and several examples of me yelling from the sidelines). There was a momentary glitch where the video stream was lost for a minute or two, which is why it’s in two separate parts. In any case, watch my friends, Jack Daniel, Josh Corman, Andy Ellis, Michele Klinger and Anton Chuvakin discuss compliance in general, not just PCI.