Emergent Chaos
Hackaday posts pictures in "defcon day 2 - don’t use the atm." I don't trust the ATMs at any Defcon haunt anymore, and was surprised to see a fellow I respect stick his ATM card into the machine at Hamburger Mary's.
I do wonder if any of the well-dressed guys using the ATMs were adding honeytokens to the system. I sure hope so.
Bookmark this post:
Kudos to McCarran International Airport (Las Vegas) for having free wifi. And congrats to my fellow Defcon attendees for stealing the cookie that authenticates me to this blog off that wireless net.
I wonder how the devil is feeling nowadays, since his lair has frozen over. The likes of me, a 29-year law enforcement veteran who spent half his career working organized crime and national security cases, has found common ground with the ACLU. I’m talking about the random police searches of bags conducted in the New York subway system recently implemented as a result of the twin terrorist attacks against the London transit system in July.(The Counterterrorism group blog is fascinating to me. Much of what they write is great, and some, like "Michael Cutler: Don't privatize federal aviation screeners," just misses the boat. My question is not how dedicated the screeners are; its how effective they are. And evidence is, Federal screeners are no better than private screeners.)...mass intrusion, for security, into our individual liberties by government, even if it’s slow and subtle, that should concern all of us. We do live in the 21st century, and the founders of our country never envisioned the possibility of mass destruction, but this is still America and we live under that remarkable document known as the Constitution.
Experian would be proud: Think of all the fingers that won't be cut off to demonstrate the seriousness of the kidnappers.
Bookmark this post:
I'm at Black Hat and Defcon through Sunday, and blogging will be light, and slightly error-prone.
In comments, Izar asks why we feel that having policemen check up on us is an affront to our liberty. He also asks that we call him a "serf of the totalitarian state machine," so I shall.
I suppose I might feel differently if, regularly, people around me were being murdered by terrorists. But the happy truth is that both attempted and successful terrorism are incredibly rare events in the United States. I am far more likely to be killed by an idiot yacking on his cell phone while changing lanes than I am to be killed by a bomb. Given the ease of access to guns, explosives and the like, this is probably due to effective action by police and intelligence agencies. I do wonder where the court cases are. Further, the effectiveness of random, limited bag searches is highly questionable.
My concerns center around the cost of surveillance. I mean more than the fiscal costs--also spiritual and societal.
The fiscal costs of checking bags everywhere is huge. In Israel, it makes sense because of the imminent threat, and also because if you don't check bags, people will feel insecure (scared) and shop elsewhere. So if we're not voting substantially more money to the police, I'd prefer to see them enforcing traffic laws over checking bags. Also, the rarity of bombings in the US will drive the checkers to look for other things (drugs, evolution textbooks, pictures of Mohammed Atta being carried by a professor doing research into terrorism.) They'll find things to find to make themselves feel useful.
This isn't intended as a slam against those doing the job. Dedicated people hate feeling useless, and so they'll look for things, other than bombs, to find, so that at the end of the year, they will not have found nothing. As I understand things, had you searched every single bag of every rider of every metro system in the United States last year, you would have found exactly no bombs. It's very hard to do a job like that.
The spiritual and societal costs come when people are being watched constantly. Rather than doing things that people expect will make them happy, people will filter and color their decisions based on what a cop might think. To resist social pressure in making decisions is very difficult. To resist that pressure when it is literally embodied in an armed officer of the state is even harder. When those officers are trained to exploit the natural obedience to authority that Milgram demonstrated, it is even harder.
And so, the intrusive presence of the police creates an aggressive pressure to confirm. To not do certain things. What things? I don't know. I suspect that Steve Mann is having lots of problems today. Enough to discourage anyone else from exploring that space. But what I do know is that all ideas are born new. They are experimented with, and explored. A prime value of liberty is that free societies invent and create more new faster than centrally planned or controlled societies. That's been a strength. And no, police checking bags will not, by itself, change that. But liberty is easy to erode, and hard to rebuild.
So can I say what the cost of searching a bag will be? Yes. It will be some clever inventor who can't bring his invention to a critical meeting because he's stopped and searched by the police. We'll never know what that invention is, because bad luck has prevented us from seeing it. Maybe its a new bomb detector. A way to clean up pollution. A cure for cancer. The pages of the great American novel scattered accidentally to the winds.
All to prevent the zero metro bombings that occurred last year in the United States. Of course, no one had ever crashed an airplane into a building before, either. But the actions that we take must be consummate with the risks, effective, and cost-effective.
PS to Izar: is a Totalitarian State Machine like a finite state machine, only without any decision points?
Bookmark this post:
My friend and colleague Scott Blake is looking for smart people:
I have openings for 5 information security analysts. Level of seniority is negotiable, but I prefer senior-level folks. I'm looking for the following specialties: security awareness training/communications, secure application development, risk assessment, network architecture, and security policy development.A lot of my thinking about security and its relation to the business has been shaped in conversations with Scott over the years, and I expect that the folks who get these jobs will find them a good career move.I also have an opening for a process facilitator/administrator type (Security Project Administrator is the title). This is a nearly-entry level position for someone technically savvy, but not necessarily a security specialist. Should be ambitious.
If interested, go to www.libertymutual.com and click on Careers. Though there you can find the jobs. Search for security in Portsmouth, NH (all positions are here, though it may be possible to negotiate office space in Boston, Indianapolis, Kansas City, Wausau, and a few others). Liberty is a rock solid company that's great to work for. Relo assistance available for most positions. If now isn't a good time for you, check back after the first of the new year. I expect to be opening another 6+ positions then.
Bookmark this post:
A few weeks ago, it came out that the MTA wasn't spending their security budget:
In December 2002, the Metropolitan Transportation Authority announced it had completed a lengthy assessment of potential threats to the city's transportation infrastructure, from subway lines to major bridges. The authority, which had begun the study in the weeks after the Sept. 11 attacks, said it was committing nearly $600 million to improve the security of the sprawling transportation network.Slate has some commentary as well, in "Planning Gridlock."But to date, two and a half years after that announcement and nearly four years after Sept. 11, only a small fraction - about $30 million as of March - has been spent, and nearly all of that on consultants and additional study.
My take is that the number one way they should be spending the money is real training for the real first responders: the people of New York. Teach them how to spot a bomber. Teach them what to do. Teach them first aid and CPR. Because the people of New York will always be the first ones present at a terrorist attack in New York, and their response will make a difference.
Bookmark this post:
Michael Geist has the scoop at "Telus Blocks Subscriber Access to Union Website." Short version: Telus and their union are fighting. Telus has chosen to prevent their customers from reaching "Voices for Change, the union website.
I urge Telus customers to call and customer support and ask what's up. Repeatedly. Voices for change also suggests that Telus customers "TELUS customers can pass this proxy URL to TWU members they know who uses TELUS as their ISP: http://vfc.proxy.pfak.org/." I'll also suggest that TOR would be a fine way to bypass Telus censorship until you can get a decent ISP.
Bookmark this post:
David Cowan tells a sad story about his experience with unauthorized data collection and use in "Freshman Week." Speaking of unauthorized data collection and use, Jonathan Krim reports that "License-Screening Measure Could Benefit Data Brokers:"
Jason King, spokesman for the American Association of Motor Vehicle Administrators, said commercial data brokers are notorious for refusing to correct their databases if they contain erroneous information.Even folks at AAMVA, who have never met a privacy invasion they didn't like, don't like this one. (Oh, and Choicepoint says they didn't lobby for it. So who did?)"We worry that it's garbage in, garbage out," King said. By contrast, he said, states verify Social Security numbers directly with the Social Security Administration and are developing a system to authenticate birth certificates.
The bill would be a form of corporate welfare, where the data broker selected would be able to use the data, collected under threat of criminal penalties, to "correct" and "update" their other data. This is the same thing that the national change of address forms do; give your new address to every marketer in the country, under color of "updating" their records.
Why should we give these unregulated, irresponsible companies like Lexis-Nexis this bit of help?
(Thanks to Alice of Presto Vivace for the pointer, and the corporate welfare angle.)
Bookmark this post:
In "Behind-the-Scenes Battle on Tracking Data Mining," the New York Times reports that the Department of Justice really does care about privacy, and really doesn't want those nosy Congressional committees poking about how the government operates. So, why should they care? Are they hiding something?
Of course, this being a New York Times article, there's a small error or two...:
The government's use of vast public and private databases to mine for leads has produced several damaging episodes for the Bush administration, most notably in connection with the Total Information Awareness system developed by the Pentagon for tracking terror suspects and the Capps program of the Department of Homeland Security for screening airline passengers. Both programs were ultimately scrapped after public outcries over possible threats to privacy and civil liberties, and some Republicans and Democrats in Congress say they want to keep closer tabs on such computer operations to guard against abuse. (Emphasis added.)As another paper reported yesterday, "Flight Database Found to Violate Privacy Law." No, wait. That wasn't another paper at all. That was the New York Times, reporting on a program that's been scrapped! Or perhaps it wasn't so scrapped. I guess renaming it from "CAPPS" to "CAPPS II" to "Secure Flight" to "Free Wheelchairs for paraplegic children" actually worked!
Hat tip D "Something to hide" M for the pointer.
Bookmark this post:
It's going to be 105 (or so) in Las Vegas for Blackhat, and, as always, a little hotter for Defcon. Tickets for the DC702 Summit/EFF Benefit are for sale online through Monday. As a smaller, private event, I expect the AC will work. So you should be there, instead of say, lolling about by the pool.
Bookmark this post:
Carl Ellison has a blog. There's other bloggers listed, but no recent posts by them.
The title, of course, is a reference to Carl's long-used signature file, of "Officer, arrest that man, he's whistling a dirty tune!"
Bookmark this post:
Ryan Singel has the scoop. The GAO report to Congress is also covered in the New York Times, "Flight Database Found to Violate Privacy Law:"
"Careless missteps such as this jeopardize the public trust and D.H.S.' ability to deploy a much-needed, new system," Senator Susan Collins, Republican of Maine, wrote on Friday to Secretary Michael Chertoff of the Department of Homeland Security.Three times is not 'careless missteps,' Senator. It's TSA learning that they can get away with it. They're the result of small violations going unpunished. So my question is not really "What do you have to do to get fired here," but "How many laws do you need to break to get fired here?"
Bookmark this post:
Kip Esquire has a good post, "On 'Consenting' versus 'Submitting' to a Search." The upshot is:
If you happen to be stopped for a search such as this, you should not say "Yes I consent" or "Sure, go ahead." Rather try saying something like "I consent to nothing, but if you are requiring me to submit to a search, then I will comply." That may sound a little too "Borg drone," but it should preserve your Fourth Amendment rights.I got this wrong in a comment, and I want to discuss that a little.
I don't believe that our Constitutional rights were intended to, or ought to, turn on a turn of phrase, or slip of tongue. They ought to be more robust than that. This brings to mind a good post at Prawfsblog, where Hillel Levin discusses missing the forest for the trees, and ends, "Missing the Quarter-Pounder for the French Fry," which ends:
If this analysis sounds familiar to you, it is probably because I have applied the same reasoning in the past. Sometimes we lawyers are so locked into doctrinal minutia and the role of the court that we lose sight of the quarter-pounder for the french fry.I think that Thomas' comment in Kelo sums it up best: "Something has gone seriously awry with this court's interpretation of the Constitution."
Bookmark this post:
The Iowa State University is sending out a warning to alumni Wednesday after a hacker had access to the alumnae association Web site.From The Iowa Channel, "Hacker Gets Access To ISU Alumni Information."A computer at Iowa State University's Alumni Association was hacked into, allowing outside access to thousands of Social Security numbers and pages of credit card information.
...By tapping into the computer, the hacker had access to 2,031 student and volunteer Social Security numbers and 2,379 credit card numbers.
...Those who did not receive an e-mail from the association should be OK, NewsChannel 8 reported.
Bookmark this post:
Police will begin randomly beating people entering city subways, officials announced Thursday after a new series of bomb attacks in London.More seriously, they're "only" abandoning the idea that the police can't search you without a reason, and "only" as you enter the subway. (Try getting around New York without using the subway.) See "Police to Check Bags on NYC Subways," or "Backpacks that Go Bloom(berg)." Apparently, you'll be "free" to leave the subway and enter at another station, which means that you'll either be followed, or the measure is not only unconstitutional, its entirely worthless as a security measure."We just live in a world where, sadly, these kinds of security measures are necessary," Mayor Michael Bloomberg said. "Are they intrusive? Yes, a little bit. But we are trying to find that right balance."
The right balance involves celebrating our values and our commitment to liberty. It may involve training people in New York how to distinguish between a suicide bomber and a 'character.' But it sure doesn't involve random searches.
My readers have provided great commentary about profiling and security in the comments on Homegrown Bombers, ID Cards, Intelligence Activity, and Profiling," and "'Israeli Style Profiling'."
Bookmark this post:
So says SteveC, and he's right: Its a relatively small group of criminals. At the same time, I can't agree with his feeling that "These bombings occured in all probability because of our unprovoked invasion." The United States was attacked before we invaded Iraq or Afghanistan. People who will kill civilians on the tube are evil, and will look for excuses for their evil. We ought to challenge those reasons, and not accept their evil, or the twisted logic they put forth to justify it.
[update: In a comment, Jim Horning pointed out that Iraq did not attack the United States. And while I could bobble and weave, I'll simply say "thanks Jim!" and my apologies for the inaccuracy.]
Bookmark this post:
Moreover, the Commissioner canvassed other banks and found that at least two others did allow their customers to opt-out of such marketing. Now if only the Commissioner would reveal which banks respected their customers’ privacy and which decided to fight its customer in order to continue to market to them against their wishes.
Bookmark this post:
With London being attacked again, I am heartened to see that the attacks were (apparently) less effective, and otherwise defer to the wisdom of Sir Winston Churchill:
These cruel, wanton, indiscriminate bombings of London are, of course, a part of Hitler's invasion plans. He hopes by killing a large number of civilians, women and children, that he will terrorize and cow the people of this mighty imperial city and make them a burden and an anxiety to the government and thus distract our attention unduly from the ferocious onslaught he is preparing.Winston Churchill, Sept 11, 1941Little does he know the spirit of the British nation or tough fibre of the Londoners whose forebears played a leading part in the establishment of the parliamentary institutions and who have been bred to value freedom far above their lives.
This wicked man, the repository and embodiment of many forms of soul-destroying hatred, this monstrous product of former wrongs and shame, has now resolved to try to break our famous Island race by a process of indiscriminate slaughter and destruction.
What he has done is to kindle a fire in British hearts, here and all over the world, which will glow long after all traces of the conflagration he has caused in London have been removed.
He has lighted a fire which will burn with a steady and consuming flame until the last vestiges of Nazi tyranny have been burnt out of Europe, until the Old World - and the New - can join hands to rebuild the temples of man's freedom and man's honour, upon foundations which will not soon or easily be overthrown.
(The version above is taken from Mike Campbell.net, and is the most complete version I can find.)
36 years ago today, two Americans landed on the moon before returning safely to Earth.
It's a feat worth celebrating.
Elizabeth Blodgett Hall, 95, founder of Simon's Rock College, died July 18 at Geer Nursing and Rehabilitation Center in Canaan, Conn.(From the Berkshire Eagle obituary. In closely related news, Saturday's New York Times had a story, "Students Say High Schools Let Them Down.")In 1964, with 200 acres of her family's land and a grant of $3 million from the Margaret Kendrick Blodgett Foundation -- a charitable educational trust established by her mother -- she founded America's first "early college."
The idea for Simon's Rock grew out of her conviction that the American secondary school was failing to adapt to the changing nature of adolescents, who were maturing earlier and who were anxious to accept academic and personal challenges and responsibilities that their high schools did not provide.
She believed that many bright young people can do college work before the normal age of high school graduation, and she defined the mission of her college as providing such students with the opportunity to begin college after the 10th or 11th grade. The college was chartered by the state in 1964.
David Cowan has a nice post on technologies he won't fund, and why. It's a great post. More investors should be up front about what they're not interested in.
Bessemer has funded 16 security startups--more than any other traditional VC firm--but there are some areas of security that even we have never funded, despite the large number of these projects getting funded elsewhere. These opportunities fall into my Anti Road Map (without which I could never focus on my real road map)...
Bookmark this post:
"CardSystems has not corrected, and cannot at this point correct, the failure to provide proper data security for those accounts," said Tim Murphy, Visa's senior vice president for operations in a memorandum sent to several banks. "Visa USA has decided that CardSystems should not continue to participate as an agent in the Visa system."So reports the New York Times in "Visa to Bar Transactions by Processor," via ISN.
This is sad for Cardsystems, and annoying for their customers, but an extreme response every now and then can help focus the mind wonderfully.
Bookmark this post:
Over at Volokh, Orin Kerr writes "The New York Times ACLU Story Begins to Look A Bit Fishy." The essence of Kerr's argument is that with the ACLU's request for any document mentioning the ACLU, of course they're going to get a lot of documents:
I should point out that it is at least theoretically possible that all of the documents that "refer" to the ACLU are actually "on" the ACLU. At the same time, my tentative sense is that Lichtblau's story may have a significant error.So this seems to be plausible. The way that Federal agencies interpret Freedom of Information Acts compel citizens to make broad requests. Naturally, the FBI has lots of documents that mention the ACLU. There's doubtless over 1200 pages of lawsuit memoranda.
But if this is the case, why are there over twice as many documents about Greenpeace? (2,383 Greenpeace, 1,173 ACLU.) It would seem reasonable that the ACLU would be mentioned all over the place. So, for now, I'll stay with the "on" hypothesis: That whatever spin may be in the press release, the FBI has been compiling dossiers on the ACLU.
Also, Daniel Solove has a good update to his article discussing the trust aspects of the FBI and the ACLU.
Bookmark this post:
Last week, I asked,
Now, if Evan Kohlmann can get to this gathering, and if John Walker-Lindh can meet bin Ladin, why haven't we penetrated and shut down more groups which are openly calling for murder?Today's New York Times has the answer in "Large Volume of F.B.I. Files Alarms U.S. Activist Groups:"
WASHINGTON, July 17 - The Federal Bureau of Investigation has collected at least 3,500 pages of internal documents in the last several years on a handful of civil rights and antiwar protest groups in what the groups charge is an attempt to stifle political opposition to the Bush administration.Way to allocate resources, guys. As the Economist once said, "we now accept unreservedly that we should have always known the Bureau was bound to cock it up in the end."The F.B.I. has in its files 1,173 pages of internal documents on the American Civil Liberties Union, the leading critic of the Bush administration's antiterrorism policies, and 2,383 pages on Greenpeace, an environmental group that has led acts of civil disobedience in protest over the administration's policies, the Justice Department disclosed in a court filing this month in a federal court in Washington.
Bookmark this post:
In "Acxiom's High Tech Hacker," Ryan Singel describes how Scott Levine downloaded 8.2 gb of data that customers had uploaded to an Acxiom FTP server. The server was misconfigured, and anyone could login and see other people's data.
"According to law enforcement, the individual arrested was a known sophisticated hacker. He evidentially gained access through hacking of encrypted passwords.""Evidentially," indeed. Do you really want to let these people decide when a breach is a threat to their customers? What if they'd accidentally configured their IDS with the same password?
Bookmark this post:
The Walt Disney Corporation has started fingerprinting all visitors to their parks. They claim, incorrectly, that the fingerprint scans can't be turned into pictures of fingerprints.
True Americans understand that fingerprinting is for criminals. A presumption of guilt -- of criminality -- underlies a company taking your fingerprints. In "Welcome to Disney World, please let us scan your fingers," Eric Rescorla lays out that Disney's motivation is to "price discriminate." Being at a Disney park for 3 days is $171, 10 days is $208. So a neighborly thing to do is sell or give away the second half of your 10 day ticket. This is very similar to why airlines check your ID: Not for security, but to allow them to maintain high prices on one-way tickets. Closely related is Andrew Odlyzko's work, which I've discussed in "Economics of Price Discrimination."
If I were Disney management, famed for customer service and stinginess, I might realize that the deterrence value of the system is high enough to achieve the effect that I want. Even if I don't turn the system on. I don't need to actually use the fingerprints, deal with the errors (what the biometric industry cutely calls the "insult factor), or worry about speed.
This could be security theater at its most useful. You deploy a bunch of fingerprint readers. Then you watch ticket scalping fall through the floor. It's a cheap way to protect their revenue stream. Too bad about the unfortunate societal side effects.
So let me talk about the societal impact of treating your customers like criminals.
The first impact is that you'll raise a lot of people's blood pressure, and get them to swear they'll never go to Disneyworld again. That's ok, I haven't been in twenty years anyway. So that's probably small.
Second, and more important is the creeping normalization of fingerprinting. We've already seen that such systems, even in tightly controlled conditions, produce some problems. (I'm actually surprised at how few problems are reported, but if a US Visitors' fingerprints don't match the computer, the problem is a large one.) This normalization is probably intended. There are alternate systems, such as hand geometry, which do as well or better, are less stigmatic, and are harder to cheat. So why don't we see more of them?
Some people might ask, what's the problem with using fingerprints?
There are several. The first is that fingerprints carry a mystique and stigma which interferes with reasoning about them. That your fingerprint is unique does not mean that a computerized fingerprint reader will properly and uniquely identify you. You leave your fingerprints everywhere. This is what makes them useful to law enforcement. But it also makes it easy to forge. Fingerprints are also hard to change. And finally, even if fingerprints are easy to steal...well, sometimes a picture is worth a thousand words.
Bookmark this post:
You make a very nice client. But the "Remove Contact" menu item in the Contact menu is fucking broken. It is not clear that "Remove Contact" means "Blow away this entire group of contacts." How about (1) making the item name plural, and (2) adding the list of contacts to be deleted to the warning dialog?
Goddamnit.
Finally, private to a bunch of folks: if I don't IM you for a while, please don't take it personally.
Bookmark this post:
David Cowan (Hi David!) is the partner at Bessemer Ventures who is responsible for their security portfolio. So I'm hoping that he sticks with his new blog, "Who has time for this."
His post about Too Many Security Startups? is fascinating:
The night I closed our investment in my 12th data security deal, Cyota, my wife Nathalie took me to see the Bourne Supremacy in Mountain View. On the way, she asked why I seem to keep investing in what sounds like the same company over and over.His answer goes beyond the obvious "Because people keep buying them!" and explains why that is, and why it will continue to be that way.
(Via Brad Feld.)
Bookmark this post:
The Committee to Protect Bloggers reports that prominent Iraqi blogger Khalid Jarrar has been taken into custody by the Iraqi mokhabarat, or secret service. Jarrar is author of Secrets in Baghdad and is the brother of Raed from Raed in the Middle.B.L. Ochman has the scoop. Raed has more.
If the United States is serious about "building the institutions of a free society, a society based on freedom of speech, freedom of assembly, freedom of religion, and equal justice under law," then the United States will doubtless object, loudly, to secret arrest and detention. (Quote from President Bush, June 28 address.)
I'm with Curt Hopkins, who says "If Khalid is being charged with something, charge him, and do so in the light of day."
Bookmark this post:
The percentage of non-whites in the pro immigration law enforcement movement appears to be only about 10%. I want to encourage more non-whites to join our ranks and at the same time resolve once and for all that the pro immigration law enforcement movement is not about "a bunch of brawny white guys". We have plenty of women in our groups, but we are still a bit lacking in non-white participation.(Via Reason's Hit and Run.)
I nearly said something about 'experimental confirmation' here, because its such a seductive statement, even if its wrong. Good experiments only strengthen a theory when they have the power to disprove it. An increase in 2nd term scandal could be caused by things other than the 22nd Amendment. Campaign finance laws spring to mind.
So it is not an academic matter when I say that what I took to be the basic rationale for the war still strikes me as sound. Iraq was a policy problem that we could evade in words but not escape in reality. But what I did not know then that I do know now is just how incompetent we would be at carrying out that task. And that's what prevents me from answering this question with an unhesitating yes.(Via P "No longer blogging" C.)
Bookmark this post:
You've heard of the tube, of lorries and bobbies, but "cleanskins?"(From "British Bestow Term Of Terror.") Meanwhile, Schneier points out that the London Times reports "Security sources confirmed that none of the bombers was on any MI5 file, although one had links to a person investigated by police."It's a word that has emerged from London after last week's bombings. The English police believe the suspects in the case are "cleanskins" - young operatives with no background of terrorism or crime. It's more difficult to investigate cleanskins because they have no criminal records.
It seems that having a clean record will now be held against you. This reminds me of the DEA profiling criteria: 'Acting nervous, acting calm. Well-dressed, shabbily dressed...'
Kafka would be so proud.
Bookmark this post:
The fine folks at DC702 are going to be hosting a "pre-Defcon Summit" and fundraiser for the EFF. I'm pleased to be a featured guest, and urge you to show up, contribute to the EFF, and hang out.According to email organizers sent, they're fast running out of tickets, so get your tickets now, and support EFF.
Bookmark this post:
The Arizona Republic brings us the news that "Medical firm's files with personal data stolen:"
The personal information of 57,000 Blue Cross Blue Shield of Arizona customers was stolen from a Phoenix-based managed care company."Behaviorial Health," incidentally, is apparently NewSpeak for "drug user we'd like to treat," as evidenced at BHWorld, whose banner reads "One stop center for information on substance abuse and related mental disorders." (Via ISN.)Arizona Biodyne, an affiliate of Magellan Health Services that manages behavioral health for Blue Cross of Arizona, began last Friday notifying customers and providers whose information was lost in the latest theft in which financial, personal or medical records were taken.
The stolen information included policyholders' addresses, phone numbers, Social Security numbers and dates of birth. They also contained partial treatment histories for some patients and certain information about the doctors who provided that care, Biodyne spokeswoman Erin Somers said.
Bookmark this post:
Kim Zetter reports in Wired, Bill Strives to Protect Privacy :
Another bill introduced in the Senate judiciary committee about two weeks ago addresses some of the same issues in a comprehensive way, and several other bills address individual issues, such as notification to consumers. The commerce bill, however, is likely to go the distance because it has bipartisan support and was introduced in the committee that oversees the Federal Trade Commission, which is responsible for monitoring the activities of credit-reporting agencies as well as enforcing fraud legislation and tracking ID theft. The commerce bill could be amended to include wording from other ID-theft bills when it goes to markup next Thursday.No, not because it's better, but because of Senate maneuverings. Oh, and Nelson-Smith gives companies the ability to determine if
Bookmark this post:
Friends, colleagues, and co-conspirators,
It has been 17 long years and now the time is finally here to celebrate at the:
BLIND SIGNATURE PATENT EXPIRATION PARTY
WHY:
U.S. Patent 4,759,063 ("Blind Signature Systems") to David Chaum is the core
invention enabling privacy-protecting electronic payment systems and
credentials. It was a truly ingenious, ground-breaking contribution.
Unfortunately the existence of the corresponding patent, which was
notoriously difficult to license, prevented this great invention from
receiving the wide use that it so very much deserved. For a copy of the
patent, see http://www.pat2pdf.org/pat2pdf/foo.pl?number=4759063
Unlike copyrights these days, patents do expire. The blind signature patent will expire on July 19, 2005, next Tuesday. Since weekends tend to fit better with the schedules of potential party goers than weekdays, we are holding the party this Saturday instead.
The 17 years that this patent has been in effect has been an awfully long time for the many of us that hoped to make use of this technology to help citizens to maintain privacy in the age of the Internet and the patent's expiration is a much overdue reason for celebration.
WHO:
If you know what blind signatures are you are invited.
WHEN:
This Saturday, July 16, starting at 1:00 PM PDT
WHERE:
Since the number of inquiries I received in response to the party
pre-announcement exceed the maximum occupancy limit of my home and since the
weather promises to be excellent, we will hold the party in a beer garden
instead. Drinks are on me!
We will meet at the
Alpine Inn (aka Alpine Beer Garden)
3915 Alpine Road, Portola Valley, CA 94028 USA
AWARDS:
Those that can demonstrate that they have created a full system that makes
significant use of the blind signature patent by 4 PM on Saturday will be
invited to and receive a free dinner at the afterparty. So get coding!
(Pr0duct Cypher, where are you)? A team of judges will determine if a
particular system qualifies for the award.
AFTERPARTY:
A handful of us plan to have dinner at a swanky restaurant on patent-free
Tuesday. Email me or talk with me at the party if you are interested in
joining. Space is limited. You will have to pay for your own food at the
Tuesday dinner unless you qualify for the award above or your name is on the
blind signature patent.
Looking forward to see you all this Saturday,
--Lucky
Bookmark this post:
Frank Work, Alberta’s Information and Privacy Commissioner, released a report on his investigation into missing Health and Wellness computer data storage tape. Work stated the incident is a low risk for potential fraud.(From the Peace River Record Gazette, via the Volubis Infosec blog.)As soon as the incident was reported, Alberta Health and Wellness changed practices and eliminated the related tape transfer business process.
...
The missing computer tape of December 2004 premium billing and registration information contains names, health care numbers, premium rates, family status and some payroll/employee numbers of over 670,000 Albertans.There is no personal medical diagnostic or treatment information, or any financial information on the tape.
The tape went missing while being shipped between IBM and another company contracted by government to convert the data to microfiche for storage. Alberta Health and Wellness contracts with IBM to handle its data.
Bookmark this post:
The folks over at The Counterterrorism Blog have been doing a great job the last week or so. Lots of very high quality posts, good roundups around the London attacks. I wanted to point and comment on several of their recent posts.
First is Where do Homegrown British Suicide Bombers Come From?, a first person account of the spread of hate in Britian by Evan Kohlmann. The entire article is worth reading, but I want to excerpt a little and then comment.
At a local community center not far from the Bethnal Green Underground station, I found exactly the answers I was looking for. After having attended a series of events hosted by the fanatical British Al-Muhajiroun movement and its leader Shaykh Omar Bakri Mohammed, we had finally received an invitation to a more intimate gathering of local militants. [...]Now, if Evan Kohlmann can get to this gathering, and if John Walker-Lindh can meet bin Ladin, why haven't we penetrated and shut down more groups which are openly calling for murder?Needless to say, I was a bit shocked and dismayed when we arrived at the community center that afternoon to discover an audience of approximately twenty young British kids of Bengali origin mostly between the ages of 12 and 20. My heart sank as I realized that any hope of maintaining anonymity in this utterly homogeneous crowd was quickly dashed. In the end, I suspect we were only allowed to stay because the organizers recognized us as recent guests of Shaykh Omar Bakri Mohammed and thought us fairly harmless.
Related, if there are so many of these misguided people who are British, or American citizens, what good will a national ID card do? (Related, Privacy.org points to another DMV official arrested.)
Bookmark this post:
Less useful is another call for "Israeli style profiling," in Bill West's Bolstering Transit Security the Old Fashioned Way:
The more such officers there are, and the better trained they are, especially if they are trained in behavioral profiling techniques like the Israeli security services have used for decades, the better protected these transportation systems will be. Having a lot of well-trained officers who know what and who they are looking for, with the authority to stop, question and when legally appropriate search people acting suspiciously, can make the difference.There are two issues that I'd like to discuss here. First is that Israeli profiling is the very last line of defense. The first line of defense is a well-run intelligence service that has been penetrating Palestinian militant groups for years. Second is a series of checkpoints, roadblocks, and a wall. Finally, there's a broad set of people trained to look for suicide bombers.
The second comparison that must be made is that in Israel, those attacks are common. That frequency has an unfortunate benefit, which is that the techniques of the attackers and defenders can be studied and learned from. Did a bus driver miss something that in hindsight was obvious? Did the mall guard not notice the way a bomber was acting? In the US or Britian, such attacks are rare enough that if the training is wrong, or the implementation is wrong, it will be a long time before there are enough incidents to demonstrate that.
So, lots of well trained officers might make a difference, but much more likely, they'll be harassing the wrong people most of the time. For example, the TSA is no better at finding weapons than private screeners were. It was an expensive shift.
Far better to spend our resources on intelligence officers who can speak Arabic. On talking to people. On training the public what to look for. (I shudder every time I get on the local train system, which still has "luggage spaces" where riders are encouraged to leave their bags, and go take a seat. A few hundred thousand dollars to fix that would go a long way.
I can think of many ways to spend money on counter-terror in the West which don't impact the lives of the average American at all. If we were more concerned with security than security theater, we'd be pursuing them.
Bookmark this post:
Item: OCC Guidance on Phishing Websites, Ethan Preston writes about
The Office of the Comptroller of the Currency provided guidance for banks on appropriate countermeasures against phishing websites. The guidance provides fairly common sense advice: designate employees to respond to phishing threats, cultivate contacts with the FBI to expedite law enforcement's response, prepare to identify early warning signs of phishing attacks, gather information about phishing attacks, and prepare to take countermeasures to mitigate the risk phishing attacks.Item: Last night over beer, B mentioned getting a real copy of a real email being sent to innocent customers. (B works in anti-fraud at an ISP.) The email said "Dear ISP customer, we need you to click this link and reset your password."
Regular readers will be unsurprised to learn that B needed much beer.
With apologies to Ms. Truss, I would like to propose the number one rule of anti-phishing: "Don't use email like a stupid person."
Someone please ask the OCC to add this to their list. Companies invite phishing by sending big complex branded HTML email. Customers should not be asked to make complex decision about email. Which means, "don't use email like a stupid person."
Bookmark this post:
Err, no.
But I was reading a post at TaoSecurity, "How to Misuse an Intrusion Detection System:" I was dismayed to see the following thread in the bleeding-sigs mailing list recently. Essentially someone suggested using PCRE to look for this content on Web pages and email:
(jihad |al Qaida|allah|destroy|kill americans|death|attack|infidels) (washington|london|new york)But such rules would trigger when I read Richard's page, or when you read mine. Way to add to your
And thats not even considering that Al Qaeda uses simple codewords, like marriage, package, and transaction to discuss their activities. [Update: Then again, maybe they don't. Read "Letters of the 1993 World Trade Center Bombers at the Counterterrorism blog. Not that that means looking for the word "jihad" in English is likely to be helpful.]
Bookmark this post:
The latest critic of Sarbanes-Oxley?
Michael Oxley told the International Corporate Governance Network (ICGN) annual conference yesterday that, 'if I had another crack at it, I would have provided a bit more flexibility for small- and medium-sized companies.'Always nice to see a fellow own up to his mistakes.
From Accountancy Age, via Volubis Infosec News Blog
Bookmark this post:
Bookmark this post:
In justifying Microsoft's filtering of politically sensitive Chinese words on MSN spaces, Microsoft's uber-blogger Robert Scoble writes: "I have ABSOLUTELY NO BUSINESS forcing the Chinese into a position they don't believe in." He continues...Except
The fine folks at DC702 are going to be hosting a "pre-Defcon Summit" and fundraiser for the EFF. I'm pleased to be a featured guest, and urge you to show up, contribute to the EFF, and hang out.
Hmmm, this needs some extra text to balance the icon. Dumb stylesheet. Who the heck wrote that thing, anyway?
Someone needs to teach me him, yeah, teach him CSS.
Ok, some small bits to fill the space:
DadaMail! Not just a web based e-mail list manager, but a conceptual art project! Thanks, Purple One!
Or maybe "US consumers want companies fined for security breaches:"
A large majority - 87% - of respondents also feel that companies that fail that to protect confidential data should be required by law to pay to restore consumers' credit ratings. The survey found 40% of respondents think it would cost $1000 or more to clear their credit record.
Bookmark this post:
Senators Specter and Leahy have proposed a new law on identity theft and privacy. Some thoughts as I read it. But first, what the hell are they doing preventing me from copying sections? Frigging DRM. Quotes shall be shorter than they otherwise would.
But how is an individual to know that a new data broker exists, or is gathering records about them?
Bookmark this post:
There's a new feed, of posts + comments, available here: RSS. (It's also on in the little "blog tech stuff" list, if you want to come back to see it later.) Thanks to Lisa for setting this up!
Bookmark this post:
More than 27,000 students were informed by e-mail on Tuesday that their Social Security numbers could have been compromised by an attack on the College of Education's server.Way to lock the barn after the horse escapes, baby. Full story is at "Hacker attacks college server." I think MSU is Michigan, but I'm not positive.The server housed information that included student names, addresses, student courses and personal identification numbers. After the intrusion was discovered at the beginning of April, the server was taken off-line and a computer forensic investigation on the incident was started, said College of Education Assistant Dean Gail Nutter. Now, the college no longer maintains student Social Security numbers on its server.
(Via ISN.)
In other breach news, The New York Times reports that the USC breach was 8 years of applicant data.
I bet they wanted to do research on the relationship between applicant SSNs, their horoscopes, and when to lock the barn door.
Bookmark this post:
We learned that about one-third of subjects believed that the notification was truthful. Another 41% believed that the notice they received failed to communicate all the facts. The remaining 26% were unsure about the integrity or honesty of the message being conveyed.Its chock-full of good advice on the new rules of responding to a breach.
Bookmark this post:
So reports the LA Times (Bugmenot) in "Pot ID Card Program Shelved:"
California health officials Friday suspended a pilot program that issues photo identification to medical marijuana users out of concern that a recent U.S. Supreme Court ruling could make the state and ID holders targets for federal prosecution.
Bookmark this post:
In December 2002, the Metropolitan Transportation Authority announced it had completed a lengthy assessment of potential threats to the city's transportation infrastructure, from subway lines to major bridges. The authority, which had begun the study in the weeks after the Sept. 11 attacks, said it was committing nearly $600 million to improve the security of the sprawling transportation network.Study and planning are all good, but there comes a time for action.But to date, two and a half years after that announcement and nearly four years after Sept. 11, only a small fraction - about $30 million as of March - has been spent, and nearly all of that on consultants and additional study.
So Mr. Russo educated Mr. Alberico about Medicaid planning, a series of techniques for disposing of assets in order to meet the standard of poverty required since the program's creation in 1965 - before anybody anticipated today's exploding nursing home population. Nationwide spending on long-term care, most of it in nursing homes, has grown to $183 billion annually, nearly half paid by Medicaid, and many techniques for sheltering assets are likely to be restricted within a year.
If there's a fellow who understands what the words "government restrictions" means, it's Bill Scannell, who tirelessly takes the TSA to task for their ineffectiveness, lies, and failure to perform. Bill looked particularly Strangelovian when he visited the Berkman Center, and blogged about it.
Nothing of the sort applies in this case. We know very well what the "grievances" of the jihadists are.The grievance of seeing unveiled women. The grievance of the existence, not of the State of Israel, but of the Jewish people. The grievance of the heresy of democracy, which impedes the imposition of sharia law. The grievance of a work of fiction written by an Indian living in London. The grievance of the existence of black African Muslim farmers, who won't abandon lands in Darfur. The grievance of the existence of homosexuals. The grievance of music, and of most representational art. The grievance of the existence of Hinduism. The grievance of East Timor's liberation from Indonesian rule. All of these have been proclaimed as a licence to kill infidels or apostates, or anyone who just gets in the way.
FOR a few moments yesterday, Londoners received a taste of what life is like for the people of Iraq and Afghanistan, whose Muslim faith does not protect them from slaughter at the hands of those who think they are not Muslim enough, or are the wrong Muslim.
It is a big mistake to believe this is an assault on "our" values or "our" way of life. It is, rather, an assault on all civilisation. I know perfectly well there are people thinking, and even saying, that Tony Blair brought this upon us by his alliance with George Bush.
Dave Belfer-Shevett points to a Declaration Of Repudiation by Will Frank.
It starts out pretty well, but then degenerates into complaining about gay rights, abortion, sex ed and Kyoto. Yes, I say degenerates, even if I might agree with some of these, because they're a distraction. Reagan and Bush Sr. were opposed to abortion rights and gay rights. Kyoto is an awful treaty that won't affect global warming but will cost us the US economy billions. They are not unique crimes of the Bush administration.
But more importantly, there are a set of natural allies that Frank alienates by going there. If you're going to complain about torture, government abuses of power, officialdom lying, nepotism, incompetence, and a naked power grab, then you have natural allies across the spectrum.
Not every concern needs airing in every post. Now let me tell you about Choicepoint...
At the end of a long, thoughtful post, Thurston writes:
One final thought. Four bombings in London are front-page, stop-the-presses news for two days straight. If that was Baghdad, only four bombings would have been a slow day. What message does that send the the Third World?
Bookmark this post:
Allan Friedman asks for comments on Lauren Weinstein's post to Interesting People:
First, on how hard is it to encrypt backups? There was a long thread on this exact question on the cryptography mailing list. (Here and here.) I think the answer was the crypto is easy, good key management is hard, and good key management may not be needed. Even bad key management would move the attack from "find a tape and read it" to "find a tape, figure out whose it was, find the key, and decrypt." Figuring out whose it is may be easy, "Citibank Confidential Data. Reward if returned," or hard, "Tape 79709884324234234238546. No questions asked reward via law offices of Dewey, Cheatem and Howe."(Lauren W) Ironically, it's true that the probability of lost backup tapes being used opportunistically for ID theft is probably fairly low, at least in comparison to all the "ID theft supermarkets" that are out there -- crooked commercial and government employees willing to sell access to their files, Internet-based ID theft rings, and so on.(Allan F) Also, I don't know enough about enterprise storage to know whether encrypting all data files that leave "a secure facility" adds a significant cost component. (All the papers I've seen on total-system encryption with good key management and auditing seem pretty complex, and thus, I'm assuming, costly).
As to the question of how useful it is, I don't think we have enough data. We have less than a year's operation of SB 1386 bringing us data. Backup tape losses are big, rare losses. What are the odds that the tape falls into the hands of a dishonest person who is able to sell it to fraudsters? As Lauren says, pretty low. But low odds multiplied by huge data sets leads to mathematical falacies. Is that worse than a steady trickle? I don't know.
Bookmark this post:
(This entire post is by my friend Shimrit, an Israeli living in London, and is posted with permission.)
I felt the need to write down my thoughts about today so I did. Seeing as I have nowhere to publish them, I am sending them round instead.
Once again, it seems my terrorist attack luck has made me miss the whole area by many many miles. The attacks in London were somewhat close to my work (Old Street being relatively near) but I was working from home today. Also, I don't usually get on my bus till nine o'clock so would have been stuck in traffic, rather than blown up anyway. I switched on the news after a friend told me there was an "incident" at Liverpool street station. Then I watched the whole thing on TV. I couldn't beat the feelings that these are familiar scenes to me. Sitting at home, watching the media fill long minutes with idle banter, pointless interviews and careful speculations, while the facts pour in slowly. Like being in a dream, I realised I already knew all the signs, all the tricks of the trade the media were using to deal with what we all knew was a terrorist attack from the start. It was déja vu.
So I clicked into terrorist attack aftermath mode.
The first thing to do is to locate the best news channel. There is usually one news channel that's managed to get on top of the situation more than any of the others. During the first Gulf War, when we were all sat in sealed rooms in our houses in Israel, it was CNN who provided the best footage. This time, CNN sort of sucked. Even the newsreaders sounded like they've just been woken up. BBC News 24 were the last ones to say it was a terrorist attack. They spent half the morning telling us we were dealing with a "power surge". I never liked them anyway. During the war in Iraq they were always filming the CNN crews from behind. About a 100 metres behind.
To my great surprise, it was Sky News who gave us the best news reporting today. They were ahead of everyone else in the breaking news department, even though they had far too many people who sounded like someone's friend who happened to live 3 blocks down from a blast site trying to give their expert opinion about international terrorism.
I am accustomed to the way Israelis pull together in times of crisis such as the Gulf War or the assassination of Rabin. The media likes to help this whole process along.
I can spot the little sound bytes and the bits of information that the audience demands and the media readily provides after a major attack. There are certain phrases, iconic scenes and interviews favoured by Israelis that are brought out time and time again. After 9/11 the Americans got their own media iconography and now the UK, as well, is building up its own.
Here, I was particularly interested in how the news reports kept including comments made by religious figures and how they kept referring to matters relating to the royal family. You don't get that sort of stuff in Israel. Messages flashed across the screen, telling us the flag at Buckingham palace was at half-mast. The Queen was said to be "deeply shocked" and I think I may have overheard Prince Harry being quoted as saying how terrible it was that so many commuters will be inconvenienced by these acts for a long time.
I wonder what part of the population finds these little titbits of information heart-warming and reassuring.
In Israel after an attack, the media reassures the nation by complimenting the great job done by the emergency services and by interviewing politicians and experts who discuss retaliation plans. Apparently the Israeli public need to know they are being avenged, as well as protected and treated. As the population becomes more jaded, these sedatives become less essential, occupying less airtime.
In Israel, we know our emergency services are doing their job properly and we know our government is going to retaliate in some way. All we need is a little reminder and we can turn over and go back to bed. In London, the emergency services have been getting a constant and massive pat on the back, not just for their benefit (although it sounds like they may actually deserve it) but also for ours. The people need to know their emergency services are ready to take care of them in situations like this one; otherwise they'll panic. After all, it was only a matter of time till we got hit. As an Israeli, I shudder every time I go on the tube or a bus and happen to think of how easy it would be to sneak a bomb onto it. I suddenly find myself grateful for the fact that in Israel so many people carry guns around and are military trained, grateful for the fact that cops carry guns in Israel. It almost makes me feel homesick I don't like it when I think like that but I can't help it. In London, the police are not geared for this sort of terrorism. They are not ready for it in the way that they should be: they cannot even begin to stop these things from happening.
The thing that stood out for me the most in all of this was the fact that everyone kept repeating the line "there were no warnings". After years of dealing with the IRA and then years of calmness, it seems the British are as shocked about the lack of warnings at they are about the bombs themselves. It's almost as if they are offended by the fact that the terrorists decided not to phone ahead. Here's a newsflash -- the Irish are about as nice as terrorists could possibly be. Normal terrorists, like the ones we get in Israel on a regular basis, don't call ahead. They strap explosives to themselves and go for a ride on buses full of children or to shopping centres or to nightclubs. You can't really hang around and wait for them to call you up before they jump on the tube. You really want to start making sure they don't get on it in the first place.
It'll be a laugh seeing the authorities here try and implement that kind of security system in London. A laugh, that is, until they use this as a boost for their hideous ID card plan and for the loss of just about every possible civil liberty we still have in this country.
I really don't want to hear this government discussing retaliation plans and hearing people who should know better say that's a good thing. That would just be too much like home.
In between the phone network crashes, I reasserted the size of the network of friends I have here. In Israel, making that round of calls is almost like a popularity contest. Even when we were getting bombed, during the first Gulf War, having people to phone and discuss the last round of scuds made me feel excited. It was an adventure my friends and I all shared. That was probably the last time I still had a network of local people to ring when something bad happened in Israel. Today I was actually worried about some people before clicking back into my Israeli self. It was a weird feeling. I had people phoning and texting me from Israel to see how I was. That was even weirder. It looks as if everyone I know is fine and everyone they know is fine. In general, it could have been much much worse for London. Somehow I don't find that as reassuring as I probably should.
Shimrit
First, let me say that the response from not only Blair, but all of London is inspiring. They are refusing to panic after these attacks. The underground is open and running this morning (with some nervousness). At Balkanization, Kim Lane Scheppele makes an interesting point about "Britain's State of Emergency, and the anti-terrror laws in Britian failing to prevent these this.
Yesterday, I said that those responsible for the London bombings should be brought to justice. That generated response from Izar (in comments) that "sometimes it is better to have justice brought to them," and from Steve C that "I don't think they really care."
Bringing terrorists to justice is not about them, its about us, and about those who support them. We could just as easily find them and kill them. We could capture them and bring them to secret detention centers, where we beat them to death. And while those both serve the preventative purpose of ensuring that those particular people don't engage in further acts of terror, they are tactically part of a losing strategy. JihadWatch also gets it very wrong, and I'd been meaning to write this essay before London:
People often email me listing the alleged crimes of the Bush Administration and/or the United States in general as if such a list constitutes a sufficient riposte to the stories we post here daily. But in fact such lists are irrelevant. We are not interested in defending one Administration, but the American republic in general. We are not here to shill for one ephemeral policy or another, but to defend the West and the civilization it has inspired.The first and most important differentiator between justice and vigilantism, or justice and terrorism is that justice is administered by a government, with a set of rules and regulations, laid down in advance. In the American conception, we are all equal before the law. No group of 10 or 20 people may decide that you're a criminal and hang you. 50 random people in London are not asked to answer for the "sins" of Britian.
When we lose sight of the importance of process, and the visibility of process, we lose the perception of fairness. That perception of fairness, the goal of fairness, and the freedom from the arbitrary impulses of the police are key to our justice system. (That we don't always reach that ideal does not mean the ideal is not important.)
When we are fighting against an orientation that seeks to restore and extend a caliphate over all lands Islam once controlled, we must respond not only, not primarily with military strength, but first from the position that our system is more desirable than that. We have to define and hold a moral high ground which causes the other side to waver. The American system can do that. At its best, the American system inspired and inspires people around the world.
But we are not doing our best. We are far from our best. Abuses at Abu Grahib, the images of Guantanamo with its beatings, the secret arrests, detentions, and deportations after 9/11 have come to define the United States. We went from Le Monde declaring "We are all Americans," to polls that show Europeans considering us a greater threat than terrorists. Why? Its not because the Europeans are stupid, its because they see us using power without justice, without control, without reason. They see us as having lied about Iraq, and as willing to invade anywhere we see fit, then unable to pick up the pieces.
The wrong things have become symbols of the United States, not because of who we are in the main, but because America is seen as abandoning and betraying its ideals.
Bookmark this post:
Over at Usable Security, Ping is blogging about the SOUPS conference, which I'm unfortunately missing. Alan Schiffman is also blogging a little.
However, Ping is posting so much that his first posts today have already scrolled off the top of his blog. Who knew he'd invent a new denial of service attack?
Bookmark this post:
My sympathies to the people of London, and all those around the world who are worried about their loved ones in London. Wikipedia has a clear summary of what's happened, along with this translation from the pigs responsible:
We continue to warn the governments of Denmark and Italy and all the crusader governments that they will be punished in the same way if they do not withdraw their troops from Iraq and Afghanistan. He who warns is excused.No, you are not excused. You will be hunted down and brought to justice.
Bookmark this post:
In the San Francisco Chronicle, David Lazurus reports "Personal data lost -- again:"
Today I bring news of yet another security breach involving potentially thousands of people's personal info, and this is the first anyone's hearing of it.The latest company to drop the data ball is City National Bank, based in Los Angeles and one of the largest independent financial institutions in California.
City National, which specializes in high-end clients, became a player in Northern California when it acquired San Francisco's Pacific Bank in 2000. It has 52 offices statewide and about $14 billion in assets.
...When I told [Citi National Spokeswoman Linda Mueller] what I'd learned about the case from my own digging, Mueller confirmed that the incident happened in late April and that the data- storage firm involved is Iron Mountain.
Because Citi National declines to answer questions, I see no reason not to assume the worst. The unencrypted tapes contained all the account information of all of Citi National's customers.
Citi National describes their market as "the people whose identities you really, really want to steal." No, wait, that's not it. That's how I describe their market. They say:
City National Bank delivers banking, trust and investment services through more than 50 offices in Southern California and the San Francisco Bay Area. The bank also has an office in New York City. The company provides complete financial solutions for individuals with $1 million or more of investable assets – a market of nearly 450,000 California households – and small and mid-sized companies with annual revenues of between $5 million and $250 million.Between their tight-lipped refusal to speak, the nature of their clientelle, and the delay in reporting the problem, I predict this one will get nearly as much media play as Cardsystems.
(Via Farber's IP list.)
Bookmark this post:
So reports Rob Lemos in "Flawed USC admissions site allowed access to applicant data," at SecurityFocus.A programming error in the University of Southern California's online system for accepting applications from prospective students left the personal information of as many as 320,000 users publicly accessible, school officials confirmed on Tuesday.
"Sap," discoverer of the vulnerability in USC's Web application The flaw could have allowed an attacker to send commands to the database that powered the site by using the user name and password text boxes. USC's Information Services Division confirmed the problem and shuttered the site this week as a precaution. The university believes only a handful of records were actually accessed and plans to contact each person.
...The vulnerability in USC's online Web application system is a relatively common and well-known software bug, known as database injection or SQL injection. A lack of security checks on user input allows a hostile user to submit a database command rather than a log-in name. The command could cause the database to send its information back to the attacker or aid the attacker in compromising the computer system hosting the database.
USC claims that far fewer people were affected, without giving us reason to believe them, like "We were able to find the intrusions in our logs."
Bookmark this post:
Bruce Schneier mysteriously titles a post "Russia'a Black-Market Data Trade." But its not clear to me that this is black-market at all. Does Russia have a data protection law? Quoting from The Globe and Mail:
At the Gorbushka kiosk, sales are so brisk that the vendor excuses himself to help other customers while the foreigner considers his options: $43 for a mobile phone company's list of subscribers? Or $100 for a database of vehicles registered in the Moscow region?Is this so different from Choicepoint's AutoTrackXP? (Sales of which are now "restricted.")The vehicle database proves irresistible. It appears to contain names, birthdays, passport numbers, addresses, telephone numbers, descriptions of vehicles, and vehicle identification (VIN) numbers for every driver in Moscow.
Bookmark this post:
A quirk in how the U.S. government defined terrorism meant that when Chechen rebels blew up two airliners almost simultaneously over Russia last year, only one was counted in an annual tally of terrorist attacks.So reports the Boston Globe.On board one plane were 46 Russians. But the other had 43 Russians and an Israeli citizen -- a foreign national that allowed the explosion to meet the U.S. criteria for international terrorism.
A new database assembled by the National Counterterrorism Center that was to go online early Wednesday has broadened the definition of terrorism to include both bombings. In the process, the center has increased by fivefold the number of attacks it considered terrorism in 2004: 3,192 with 28,433 people killed, wounded or kidnapped.
Using a more stringent definition in April, the State Department and the counterterrorism center had tallied 651 significant international terror attacks last year, with more than 9,000 victims.
Bookmark this post:
On June 30th, Hoder says: "As much as I dislike Ahmadinejad, I don't think the guy in this picture is him. They look similar, but have differenet eyes and eyebrows." The LA Times. I reported on the story in "Iran's New President a "Moderate"."
Bookmark this post:
The survey also found nearly all Americans think identity theft and spyware are serious problems, but only 28 percent think the government is doing enough to address the issues. About 70 percent said new laws are necessary to protect consumer privacy....
he survey reflects people's frustration, Douglas said. "Americans feel helpless. ... People are crying out for Congress to put power back in their hands, but until lawmakers finally decide whose information it is, who has the right to their own information, (frustration) is what we have."Another finding of the survey: The people questioned said they held low opinions towards the Federal Trade Commission, which protects consumers against Internet fraud.
That’s exactly what happened to a man named Steven Calderon. He had a clean record, and had done nothing wrong. His new employer did a routine background check using the services of ChoicePoint. What happened next? The local sheriff came to his office and arrested him for warrants of child molestation and rape.Baseline Mag has a long story, The Rising Threat from Bad Data
You have in the past said that what happened at ChoicePoint was not really a security breach. Then what was it? It all comes down to how you define a breach and how you define an incident. This was fraud. Someone fraudulently provided authentication to the system. It's no different than credit card theft and credit card fraud. Those are never referenced as IT-related issues though they happen millions of times every year. In fraud terms, it's called an account takeover. And that's what occurred. All I was trying to do was educate the press more than anything else that this was not what everyone would call a traditional hack.Well, would you believe a little different? Given that Choicepoint sells services to prevent these things?
On Friday, ChoicePoint spokeswoman Kristen McCaughan said the Alpharetta, Ga.-based data broker has not yet completed the changes. "It is ongoing," she said. McCaughan could not say when ChoicePoint expects to be able to announce that it has completed the process. "I don't think it is going to be anytime in the near future," she said.Read "ChoicePoint overhaul falls behind."
Bookmark this post:
Pittsburgh Mayor Tom Murphy tells the Post Gazette that "Eminent domain 'is a great equalizer when you're having a conversation with people...'" Indeed it is.
Pictured is another "great equalizer."
(Quote via John Tierney in "Your Land Is My Land," in the New York Times.)
Bookmark this post:
Fred, who did graphic design for RECon, is doing a comic book of 1984. (The copyright on 1984 has expired in Canada.) He also had great "Big Brother is Watching You" posters, one of which I bought. Fred (pictured, left) was also good enough to introduce my talk, and provide a hanging banner. You can order your own at 1984comic.com.
That aside, he had with him panels from the comics. To me, the most striking are his renditions of Two Minutes Hate. As you may remember, Two Minutes Hate are a mandatory part of the lives of citizens in 1984. People get together to yell and scream at cartoon straw men.
As Orwell writes:
Goldstein was delivering his usual venomous attack upon the doctrines of the Party--an attack so exaggerated and perverse that a child should have been able to see through it, and yet just plausible enough to fill one with an alarmed feeling that other people, less level-headed than oneself, might be taken in by it. He was abusingRemind you of anything?Big Brother, he was denouncing the dictatorship of the Party, he was demanding the immediate conclusion of peace with Eurasia, he was advocating freedom of speech, freedom of the Press, freedom of assembly, freedom of thought, he was crying hysterically that the revolution had been betrayed--and all this in rapid polysyllabic speech which was a sort of parody of the habitual style of the orators of the Party, and even contained Newspeak words: more Newspeak words, indeed, than any Party member would normally use in real life.
Bookmark this post:
A Swede held hostage in Iraq for 67 days and released a month ago has vowed to take revenge on his captors and has hired bounty hunters to capture them, Swedish media reported on Wednesday.
There seems to be an entire industry devoted to making up more or less fanciful arguments why Europe is really doing better than the US. I want to exemplify and debunk some of those myths. In the process I also hope to convince you that Americans work less and have more free time than Swedes.
Bookmark this post:
The unanimous Declaration of the thirteen united States of America,
When in the Course of human events, it becomes necessary for one people to dissolve the political bands which have connected them with another, and to assume among the powers of the earth, the separate and equal station to which the Laws of Nature and of Nature’s God entitle them, a decent respect to the opinions of mankind requires that they should declare the causes which impel them to the separation.
We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness. –That to secure these rights, Governments are instituted among Men, deriving their just powers from the consent of the governed, –That whenever any Form of Government becomes destructive of these ends, it is the Right of the People to alter or to abolish it, and to institute new Government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their Safety and Happiness. Prudence, indeed, will dictate that Governments long established should not be changed for light and transient causes; and accordingly all experience hath shewn, that mankind are more disposed to suffer, while evils are sufferable, than to right themselves by abolishing the forms to which they are accustomed. But when a long train of abuses and usurpations, pursuing invariably the same Object evinces a design to reduce them under absolute Despotism, it is their right, it is their duty, to throw off such Government, and to provide new Guards for their future security. —Such has been the patient sufferance of these Colonies; and such is now the necessity which constrains them to alter their former Systems of Government. The history of the present King of Great Britain [George III] is a history of repeated injuries and usurpations, all having in direct object the establishment of an absolute Tyranny over these States. To prove this, let Facts be submitted to a candid world.
He has refused his Assent to Laws, the most wholesome and necessary for the public good.
He has forbidden his Governors to pass Laws of immediate and pressing importance, unless suspended in their operation till his Assent should be obtained; and when so suspended, he has utterly neglected to attend to them.
He has refused to pass other Laws for the accommodation of large districts of people, unless those people would relinquish the right of Representation in the Legislature, a right inestimable to them and formidable to tyrants only.
He has called together legislative bodies at places unusual, uncomfortable, and distant from the depository of their public Records, for the sole purpose of fatiguing them into compliance with his measures.
He has dissolved Representative Houses repeatedly, for opposing with manly firmness his invasions on the rights of the people.
He has refused for a long time, after such dissolutions, to cause others to be elected; whereby the Legislative powers, incapable of Annihilation, have returned to the People at large for their exercise; the State remaining in the mean time exposed to all the dangers of invasion from without, and convulsions within.
He has endeavoured to prevent the population of these States; for that purpose obstructing the Laws for Naturalization of Foreigners; refusing to pass others to encourage their migrations hither, and raising the conditions of new Appropriations of Lands.
He has obstructed the Administration of Justice, by refusing his Assent to Laws for establishing Judiciary powers.
He has made Judges dependent on his Will alone, for the tenure of their offices, and the amount and payment of their salaries.
He has erected a multitude of New Offices, and sent hither swarms of Officers to harass our people, and eat out their substance.
He has kept among us, in times of peace, Standing Armies without the consent of our legislatures.
He has affected to render the Military independent of and superior to the Civil power.
He has combined with others to subject us to a jurisdiction foreign to our constitution and unacknowledged by our laws; giving his Assent to their Acts of pretended Legislation:
For Quartering large bodies of armed troops among us:
For protecting them, by a mock Trial, from punishment for any Murders which they should commit on the Inhabitants of these States:
For cutting off our Trade with all parts of the world:
For imposing Taxes on us without our Consent:
For depriving us, in many cases, of the benefits of Trial by Jury:
For transporting us beyond Seas to be tried for pretended offences:
For abolishing the free System of English Laws in a neighbouring Province, establishing therein an Arbitrary government, and enlarging its Boundaries so as to render it at once an example and fit instrument for introducing the same absolute rule into these Colonies:
For taking away our Charters, abolishing our most valuable Laws, and altering fundamentally the Forms of our Governments:
For suspending our own Legislatures, and declaring themselves invested with power to legislate for us in all cases whatsoever.
He has abdicated Government here, by declaring us out of his Protection and waging War against us.
He has plundered our seas, ravaged our Coasts, burnt our towns, and destroyed the lives of our people.
He is at this time transporting large Armies of foreign Mercenaries to compleat the works of death, desolation and tyranny, already begun with circumstances of Cruelty and perfidy scarcely paralleled in the most barbarous ages, and totally unworthy the Head of a civilized nation.
He has constrained our fellow Citizens taken Captive on the high Seas to bear Arms against their Country, to become the executioners of their friends and Brethren, or to fall themselves by their Hands.
He has excited domestic insurrections amongst us, and has endeavoured to bring on the inhabitants of our frontiers, the merciless Indian Savages, whose known rule of warfare, is an undistinguished destruction of all ages, sexes and conditions.
In every stage of these Oppressions We have Petitioned for Redress in the most humble terms: Our repeated Petitions have been answered only by repeated injury. A Prince whose character is thus marked by every act which may define a Tyrant, is unfit to be the ruler of a free people.
Nor have We been wanting in attentions to our British brethren. We have warned them from time to time of attempts by their legislature to extend an unwarrantable jurisdiction over us. We have reminded them of the circumstances of our emigration and settlement here. We have appealed to their native justice and magnanimity, and we have conjured them by the ties of our common kindred to disavow these usurpations, which, would inevitably interrupt our connections and correspondence. They too have been deaf to the voice of justice and of consanguinity. We must, therefore, acquiesce in the necessity, which denounces our Separation, and hold them, as we hold the rest of mankind, Enemies in War, in Peace Friends.
We, therefore, the Representatives of the united States of America, in General Congress, Assembled, appealing to the Supreme Judge of the world for the rectitude of our intentions, do, in the Name, and by the Authority of the good People of these Colonies, solemnly publish and declare, That these United Colonies are, and of Right ought to be Free and Independent States; that they are Absolved from all Allegiance to the British Crown, and that all political connection between them and the State of Great Britain, is and ought to be totally dissolved; and that as Free and Independent States, they have full Power to levy War, conclude Peace, contract Alliances, establish Commerce, and to do all other Acts and Things which Independent States may of right do. And for the support of this Declaration, with a firm reliance on the protection of divine Providence, we mutually pledge to each other our Lives, our Fortunes and our sacred Honor.
The signers of the Declaration represented the new states as follows:
New Hampshire
Josiah Bartlett, William Whipple, Matthew Thornton
Massachusetts
John Hancock, Samual Adams, John Adams, Robert Treat Paine, Elbridge Gerry
Rhode Island
Stephen Hopkins, William Ellery
Connecticut
Roger Sherman, Samuel Huntington, William Williams, Oliver Wolcott
New York
William Floyd, Philip Livingston, Francis Lewis, Lewis Morris
New Jersey
Richard Stockton, John Witherspoon, Francis Hopkinson, John Hart, Abraham Clark
Pennsylvania
Robert Morris, Benjamin Rush, Benjamin Franklin, John Morton, George Clymer, James Smith, George Taylor, James Wilson, George Ross
Delaware
Caesar Rodney, George Read, Thomas McKean
Maryland
Samuel Chase, William Paca, Thomas Stone, Charles Carroll of Carrollton
Virginia
George Wythe, Richard Henry Lee, Thomas Jefferson, Benjamin Harrison, Thomas Nelson, Jr., Francis Lightfoot Lee, Carter Braxton
North Carolina
William Hooper, Joseph Hewes, John Penn
South Carolina
Edward Rutledge, Thomas Heyward, Jr., Thomas Lynch, Jr., Arthur Middleton
Georgia
Button Gwinnett, Lyman Hall, George Walton
Bookmark this post:
We're about 4 hours from Deep Impact making a large hole in Comet Tempel 1. The National Business Review in New Zealand has an excellent links roundup in "Comet impact: See it online."
Bookmark this post:
In a post titled "Why Blog, Anyway, Mark makes a really good point:
And what about the audience? Readers who don't blog may not be aware of how much bloggers want readers. Part (I suspect a very big part for most) of it's an ego thing, like people on soapboxes at the town square with listeners gathered around. We all want the biggest crowd of listeners. If I realized I had no readers, I'd stop writing. I may be eccentric, but I'm not one of those street corner preachers reading from the Bible even when no one's there to listen.It occurs to me that why I blog may be of interest (to me), the more interesting, less navel gazing question is why I read. And so I thought I'd flip around the "why I blog," and discuss what I read, why, and what causes me to unsubscribe to a feed.
I read using both Safari and Netnewswire Lite, which is a great reader. Kudos to Brent for making a free version.
I started talking about what I read, but I realize that what I read is, well, what interests me, and that's often reflected here. There's a lot on security, on liberty, some economists and some businesspeople, some designers, a bunch of friends, some influential folks. I read what interests me, and I'm more liberal about subscribing than unsubscribing.
But why do I unsubscribe? I'll exclude events, like the Ukranian election drama which I followed closely, and then dropped most of the blogs covering it, as they stopped being regularly interesting to me.
The first, cardinal sin is not posting often enough. I don't care how well you cook, or if you're the last practitioner of an ancient religion, if you don't give me a reason to come back, I'm going to stop coming back. There may be good left in you, but I have to see it, not just feel it.
The second is not having an RSS feed. I'm very mixed on this, but there's only so many blogs I can read out of Safari, and Netnewswire gives me a better interface for skimming. At the same time, I appreciate the visual cues and mnemonics as to whose blog I'm reading that individualized blog skins provide. But you're much more likely to be dropped if you have no RSS feed.
The third thing I hate is blogs that are repetitive, either internally or externally. If all you ever talk about is Choicepoint, I'm going to stop reading. I mean, how much is there to say? If all you ever do is post pointers to other people's posts without adding anything, why should I read that?
The final thing that gets to me is consistent disrespect for "the other side." The other side is not stupid. With small, rare exceptions, the other side is not evil. The odds are very good that the people you like to demonize are smart, passionate, and oriented differently than you. If you consistently fail to acknowledge that, if you consistently replace the other side with strawmen, I'm going to fail to read you.
I suppose asking my readers why they read doesn't help me understand those folks who don't read. If you got this far, I'm clearly doing something you consider right, and I'd like to say thank you for your attention.
Bookmark this post:
Imagine lost biometric passports allowing the creation of counterfeit passports with "real" biometric data on them. And further imagine trying to prove that it wasn't you who bombed that plane in Lebanon. "But we logged you going through security...and biometrics are _unique_ and _unforgeable_". *Shiver*"Of course, they don't need such proof. They can just pluck you off the streets and ship you off to be tortured, where you'll confess to it all anyway.
Bookmark this post:
Over at Presto Vivace, Alice suggests that "Security breaches and violations of privacy are going to be the next speciality in crisis communications."
I suspect that she's right, and hope she's wrong. In cases like Cardsystems or Choicepoint, where the organization is violating policy, contract, or law with its data, the impact on the company should be enormous. In cases like BJ's, where there's no reason for the data to be collected, the PR firestorm is the cost of their business model. But in many of the cases, banks, universities, and hospitals have been compelled to collect data by Federal law, and they then overuse it, or treat it carelessly.
As information security companies, we need data from the hundreds of such cases that are taking place to learn more about how information security fails. The Department of Justice collects Crime and Victim Statistics; the FBI has Uniform Crime Reports. Such data allows folks like Adrian Holovaty to create sites like Chicago Crime and integrate the data with Google maps.
We have no such data sources for information security. The best we get is the Secret Service/CERT reports. I'm happy they're doing them, Bruce Schneier isn't. And so, I'm in favor of more disclosure. Of the normalization of such disclosure. Because disclosure is essential to science. So lets hope those PR specialists do their best to normalize the events, so we can get over our shame (and bizarre insistence on companies having more privacy than people) and start improving.
Bookmark this post:
"IRS announces plans to be the butt of three consecutive days of "Daily Show" jokes." So headlines John Paczkowski's post at Good Morning Silicon Valley.
Bookmark this post:
The Internet, with its freedom of communication, scares a lot of people. Some people argue that this is "just political," but its not. Chinese repression includes information about health issues, such as the abuse of antibiotics to control avian flu. (See, for example, "Bird Flu Drug Rendered Useless in the Washington Post.)
The companies that customize their products for repressive governments need to be held accountable for those choices. Those companies include Cisco, covered by Rebecca MacKinnon in posts like "More on Cisco in China" and Secure Computing, covered in "Iranian net censorship powered by....Silicon Valley." (I'm told that Secure sells to the middle east out of their Toronto office, and that at least in the United Arab Emirates, their product is regularly updated.)
I believe companies have an ethical obligation to not ignore how their products are being used, and that to various degrees, Cisco and Secure Computing are shirking that responsibility. Please note I'm not saying that companies shouldn't sell their base products (unless the law prohibits it). I'm objecting to the customization work that these companies do for these governments.
Regardless of your opinion of the value of free speech, you should be concerned that public health officials can't get the information they need, because American companies collaborate to keep us in the dark.
Bookmark this post:
Over at "The Security Samurai," Eric Marvets posts on "How Do I Get My Company To Take Security Seriously? Will Liability Work?" I've posted my thoughts on liability (" Avoiding Liability: An Alternative Route to More Secure Product) and hope to develop those further sometime.
One thing Eric says jumped out at me:
Today I found an article by Marcus Ranum called “Inviting Cockroaches to The Feast” that not only made me stop and think, but completely abandon the idea altogether.This is the perfect opening to a WSJ article that DM pointed out to me, "Once Seen as Risky, One Group Of Doctors Changes Its Ways:"In his article, he asks you to find one instance that cockroaches (lawyers) have made any industry better. Has medical liability made hospitals safer since the 70’s or has it just led to inflated health care costs?
Anesthesiologists pay less for malpractice insurance today, in constant dollars, than they did 20 years ago. That's mainly because some anesthesiologists chose a path many doctors in other specialties did not. Rather than pushing for laws that would protect them against patient lawsuits, these anesthesiologists focused on improving patient safety. Their theory: Less harm to patients would mean fewer lawsuits.So, if medical liability makes patients safer depends on the practitioners. Given that our industry's reaction to laws often resembles a that of a small child told that its bath-time, I suspect laws would do little good. (There's an alternate reaction, which is to see every new law as "COMPELLING" "JUSTIFICATION" for "The same crap" we sold last week. Sometimes, we even add lipstick to it.) But that fault would not lay entirely with the lawmakers.
(The whole article is fascinating, and I've added more excerpts if you read after the break.)
Heal Thyself
Once Seen as Risky, One Group
Of Doctors Changes Its Ways
Anesthesiologists Now Offer
Model of How to Improve
Safety, Lower Premiums
Surgeons Are Following Suit
By JOSEPH T. HALLINAN
Staff Reporter of THE WALL STREET JOURNAL
June 21, 2005; Page A1The rising cost of medical-malpractice insurance has hit many doctors, especially surgeons and obstetricians. But one specialty has largely shielded itself:
Anesthesiologists pay less for malpractice insurance today, in constant dollars, than they did 20 years ago. That's mainly because some anesthesiologists chose a path many doctors in other specialties did not. Rather than pushing for laws that would protect them against patient lawsuits, these anesthesiologists focused on improving patient safety. Their theory: Less harm to patients would mean fewer lawsuits.
Over the past two decades, anesthesiologists have advocated the use of devices that alert doctors to potentially fatal problems in the operating room. They have helped develop computerized mannequins that simulate real-life surgical crises. And they have pressed for procedures that protect unconscious patients from potential carbon-monoxide poisoning.
All this has helped save lives. Over the past two decades, patient deaths due to anesthesia have declined to one death per 200,000 to 300,000 cases from one for every 5,000 cases, according to studies compiled by the Institute of Medicine, an arm of the National Academies, a leading scientific advisory body.
Malpractice payments involving the nation's 30,000 anesthesiologists are down, too, and anesthesiologists typically pay some of the smallest malpractice premiums around. That's a huge change from when they were considered among the riskiest doctors to insure. Nationwide, the average annual premium for anesthesiologists is less than $21,000, according to a survey by the American Society of Anesthesiologists. An obstetrician might pay 10 times that amount, Medical Liability Monitor, an industry newsletter, reports.
In some areas, anesthesiologists can now buy malpractice insurance for as little as $4,300 a year, although premiums ranged as high as more than $56,000, according to the ASA. The ASA survey gave no general explanation for the disparity but did note that premiums were higher for anesthesiologists who had been sued before and for those who perform higher-risk procedures.
A 1999 report by the Institute of Medicine noted that "few professional societies or groups have demonstrated a visible commitment to reducing errors in health care and improving patient safety." It identified one exception: anesthesiologists."If there were any specialty where you said, 'Show me who has done anything right,' I would point to the anesthesiologists," says Neil Kochenour, medical director at the University of Utah Hospitals and Clinics. "They have really made some inroads and some impact."
Medical errors are a leading cause of death in the U.S., killing between 44,000 and 98,000 Americans each year, according to various studies.
Medical-malpractice insurance rates for some specialties, such as obstetrics and general surgery, have risen in some areas, especially in the past few years, as insurers have reported higher paid losses. The insurance industry and many doctors groups have blamed greedy plaintiffs lawyers and capricious juries for those losses. As a remedy, insurers and many medical organizations have pushed for legislation that caps damage awards and lawyers' fees. Most states have enacted some form of tort reform.
Many anesthesiologists also support legislative moves to rein in malpractice suits. "Even though we've controlled costs, it's still a big issue for our membership," says Karen B. Domino, chair of the ASA's committee on professional liability.
But overall, anesthesiologists have put more emphasis on improving safety. And now, some doctors in other fields are praising them for choosing a different response. Noting the success achieved by anesthesiologists, other doctors -- notably surgeons -- have aimed more at improving treatment methods. "There's a lot of room for us to do a better job and decrease liability, not just for patient safety but to reduce liability [premiums]," says F. Dean Griffen, a surgeon in Shreveport, La., who heads the patient-safety and professional-liability committee for the American College of Surgeons. That professional group recently launched a study of cases modeled on one that helped anesthesiologists recognize some of their shortcomings years ago.
For most of its 160-year history, anesthesiology, the practice of rendering a patient unconscious or insensitive to pain, has been fraught with danger. As recently as 30 years ago, doctors in the U.S. still made patients unconscious by administering ether and other flammable gasses. On rare occasions, static electricity sparked explosions. Less rarely, patients asphyxiated during surgery because their breathing tubes mistakenly became disconnected.
In 1982, the ABC news program "20/20" aired a piece on anesthesia-related deaths. "It was a devastating indictment of anesthesia," recalls Ellison C. Pierce Jr., a retired professor of anesthesiology at Harvard Medical School who is considered by many to be the father of the modern anesthesia-safety movement.
Around the same time, anesthesiologists were getting hit by their second wave of big malpractice-insurance premium increases in a decade. The specialty was then considered among the riskiest to insure, and premiums were often two to three times as high as those other doctors paid. Casey Blitt, a 63-year-old Tucson, Ariz., anesthesiologist who has long been active on patient-safety issues, says his insurance soared to $50,000 a year from $20,000 or less. Dr. Pierce says anesthesiologists were "terrified," and anxious to do something.
Dr. Pierce at the time was president of the American Society of Anesthesiologists. In 1985, that group provided $100,000 to launch the Anesthesia Patient Safety Foundation. The new foundation was unusual in medicine: a stand-alone organization solely devoted to patient safety. Working closely with the larger ASA, from which it still receives about $400,000 a year, the foundation galvanized safety research and improvement.
Unlike most other medical groups, the foundation admitted as members not only doctors but nurses, insurers and even companies that make products used by anesthesiologists. Industry's participation initially caused angst over whether the foundation was designed merely to sell machines. But over the years, that concern dissipated, Dr. Pierce says, as company money helped the organization fund important research.
One advance was the development of high-tech mannequins that allow anesthesiologists to practice responses to allergic reactions and other life-threatening situations. Anesthesiologists say the mannequins have also allowed them to become more proficient at performing an emergency procedure akin to a tracheotomy that involves slitting open a clogged airway -- something a doctor can't practice on live patients.
Twenty years ago, little was known about people injured or killed during anesthesia. No U.S. database existed, so anesthesiologists set out to create one. They decided to collect information from insurers on closed malpractice claims, those in which insurers had made a payment or otherwise disposed of the complaint.
Most insurers hesitated to cooperate at first, saying they were worried about patient privacy. One company finally agreed: St. Paul Fire & Marine Insurance Co. in Minnesota said it was concerned about heavy losses it had suffered from anesthesia-related injuries and was eager for anesthesiologists to review claims. Soon, other insurers followed suit.
Anesthesiologists left their practices for days at a time to pore over closed insurance claims. The information they collected was fed into a computer at the University of Washington to create an overall picture of how anesthesia accidents tend to occur. It "was a humbling experience," recalls Russell T. Wall, an anesthesiology professor at Georgetown University School of Medicine in Washington, D.C. To date, more than 6,400 claims have been analyzed.
In part by analyzing claims, the anesthesiologists were able to document the extent to which patients were dying because of a simple mistake: Anesthesiologists were inserting the patient's breathing tube down the wrong pipe. Rather than putting it down the trachea, which leads to the lungs, they were accidentally inserting it down the esophagus, which leads to the stomach. The problem was, there was no way to determine quickly whether the tube was in the right pipe. Patients often simply turned blue or their blood turned dark. By then, it was usually too late to save them.
The research contributed to two innovations that between them would all but eliminate death and injury from "intubation" errors. One, known as pulse oximetry, measures the oxygen level in the patient's blood stream by means of a device that clips onto the patient's finger. The other, capnography, measures carbon dioxide in a patient's expelled breath, which helps doctors determine at a glance that a patient is breathing properly.
At the time, though, the new technologies had a drawback, Dr. Pierce says: "It was very hard to get hospitals to buy pulse oximeters and capnographs," he says. When they were introduced in the 1980s, the two devices together cost about $10,000, according to several anesthesiologists.
That's where the safety foundation came in. In 1986, at the urging of the foundation, anesthesiologists made the use of pulse oximetry part of the ASA's basic standards for anesthesia care. A bit later, they added capnography.
Failing to adhere to ASA recommendations can expose hospitals to malpractice liability. By 1990, says Dr. Pierce, almost all American hospitals had pulse oximeters and capnographs.
That change has been accompanied by other less obvious improvements. During surgery, a patient's body temperature can fall as room-temperature intravenous fluids are infused into the blood. This cooling can cause tissue to die and make the body vulnerable to infection. The safety foundation funded research on the problem in the 1990s, and now care is taken to keep patients warm during surgery, often with specially made blankets that can be heated. Blood and fluid warmers are also used.
Anesthesiologists also have become much better at preventing patient exposure to carbon monoxide. The potentially deadly gas can be an unintended byproduct of the process of cleansing a patient's exhaled breath of carbon dioxide before the air is recycled back to the patient's lungs. One simple way to guard against this problem is to make sure that absorbent material in anesthesia machines that filters the recycled air remains moist.
In 1994, the newsletter of the anesthesiologists foundation documented cases in which patients were exposed to high levels of carbon monoxide during surgery on Mondays, presumably after absorbents had spent the weekend drying out. The organization recommended replacing the absorbent material on Monday mornings and several other changes. These are now standard practice, and rates of carbon-monoxide exposure have fallen dramatically.
Anesthesiologists are now focused on alarm bells. Modern anesthesia machines come equipped with audible alarms that sound when certain thresholds, such as oxygen levels, are crossed. But the alarms irritate many surgeons, so some anesthesiologists have turned them off. The foundation has documented 26 alarm-related malpractice claims between 1970 and 2002, or a little more than one a year. Of those, more than 20 resulted in either death or brain damage.The foundation is pushing to adopt a formal standard that prohibits anesthesiologists from disabling the alarms. "I would not fly on an airplane if the pilot announced all the alarms were being turned off," says Robert K. Stoelting, the foundation's current president. "Our patients deserve the same safety net."
Dr. Stoelting, a retired chair of the anesthesiology department at the Indiana University School of Medicine, runs the foundation from suburban Indianapolis. He has a two-person administrative staff and a relatively modest $1 million annual budget.
As anesthesia fatalities have dropped, so has the percentage of total malpractice suits filed against anesthesiologists. In 1972, according to a recent study by Public Citizen, a consumer-advocacy group in Washington, D.C., anesthesiologists accounted for 7.9% of all medical-malpractice claims, double the proportion of physicians who practiced anesthesiology. Between 1985 and 2001, anesthesiologists accounted for only 3.8% of all claims, roughly comparable to the percentage of doctors who were anesthesiologists.
The size of payments from successful malpractice suits against anesthesiologists also has declined. According to the American Society of Anesthesiologists, the median payment during the 1970s was $332,280. By the 1990s, it had dropped 46%, to $179,010. These amounts are in 2005 dollars and are the most recent figures available.
Claims for serious injuries have become less frequent. In the 1970s, according to the ASA, more than half of anesthesia-malpractice claims involved death or permanent brain injury. In the 1990s, that fell to less than one-third of claims.
Malpractice rates for anesthesiologists have gradually fallen, the ASA says. This year, the average annual premium is $20,572, compared with $32,620 in inflation-adjusted dollars in 1985. That's a decrease of 37% over 20 years. Malpractice rates are generally set at the beginning of the year.
Anesthesiologists still make mistakes and aren't immune to recent moves in insurance rates. Their annual inflation-adjusted premiums have climbed 24% since 2002, when they had dipped to an average of $16,559. Insurers say that overall malpractice rates have risen by that amount or more for other specialties during the same period, but reliable nationwide figures aren't publicly available. As is done in other specialties, anesthesiologists accused of disciplinary problems are referred to state licensing agencies.
Other specialties have noticed how the anesthesiologists have fared. Dr. Griffen of the College of Surgeons says that more surgeons have begun to see a connection between improving patient safety and lowering malpractice premiums. The college's closed-claims study so far involves about 350 cases, and the group hopes it will grow to 500 this year.
At the University of Utah Hospitals and Clinics, Dr. Kochenour says his institution has tried to emulate the anesthesiologists by concentrating more on identifying systemic errors and less on individual blame. But these efforts run headlong into thinking drummed into physicians since medical school, he says. "I don't think physicians are very good systems thinkers, by and large," he says. Many, especially surgeons, prize their independence, he says, and that makes it hard to achieve the kind of cooperation necessary to reduce errors.
Bookmark this post:
