The Pennsylvania school district being sued for allegedly spying on students now claims the feature was only used to recover stolen laptops.
Recovering a stolen laptop is an objective that most people would accept as valid. But at the very least the school district implementation has created a major legal liability. Even if they 'win' the lawsuit they could easily spend a million dollars in legal costs.
What should the school district have done instead?
Disclosure: Any security mechanism that you would not want to disclose to your users is likely to be a bad idea. A mechanism that is kept secret to avoid controversy is a very, very bad idea.
Dual controls: Banks require every important operation to involve at least two people. Its not just to reduce the risk of embezzlement, its to provide protection for the personnel. If one employee could open the safe by themselves they would be a target for kidnappers and if any money did go missing they would be a suspect.
Audit Trail: Every system that could be misused should generate a tamper proof audit trail.
Security people don't just ask 'what is the worst that can happen', they think 'what is the worst that someone could be accused of'.
Adding the necessary controls does not need to create excessive overheads. Simply generate a unique access code for each end point and seal the access codes in tamper-evident bags. Make the custodian of the bags a different person to the one that has the password for the recovery system. Alternatively use a software based mechanism to enforce dual controls.
This problem has been solved for a decade in key recovery systems. There really is no excuse for not applying that technology.
Friday, February 19, 2010
What should the School District have done?
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Tuesday, February 16, 2010
Clueless pundits
What I find most depressing about the state of the Washington Post is the sheer political cluelessness of some of their pundits. Lane argues that Bayh's last minute withdrawal from the race has set himself up for a Presidential run against Obama.
There are many problems here, not least the fact that there really isn't a constituency in the Democratic party base that thinks Obama has failed to be sufficiently open to working with the Republicans.
I suspect that his timing was designed to prevent a big name GOP candidate from entering the race. But most party activists seem to have assumed that his real objective was to ensure that the party apparatus would install a blue dog candidate. That has pretty much made the Bayh brand toxic as far as national politics goes.
Bayh's departure appears to be driven by pique as the loss of the supermajority and the GOP tactics of total obstruction have transformed his role from cloture power-broker to a marginal player in the reconciliation-rules 51 vote game.
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Monday, February 15, 2010
Human Error
According to the Olympic committee it was 'Human Error' that caused the death of luger Kumaritashvili.
I beg to differ. Human error was merely the cause of the crash. The crash was fatal because the luger collided with an unprotected steel support.
Every corner on a Formula One track is protected with walls of rubber tires. The speeds are faster, but the drivers are riding in reinforced chassis designed to withstand high speed impacts. It might be that no amount of protection would have been sufficient, but failure to provide any would seem to be negligent.
But whatever the cause is ultimately determined to be, any judgment made at this point is premature.
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Friday, February 12, 2010
Woods not a good Buic salesman
One of the things I could never understand about GM was why they paid Tiger Woods to be the pitchman for Buick. It always seemed an odd fit, seems that I was right [USA Today].
My impression of Buick was that it was little more than an excuse to charge a slightly higher price for a range of uninspiring sedans made from standard GM parts. That is not an impression that you break by paying a celebrity to drive it when they would obviously be much happier in a Porsche or a Ferrari.
Seeing Woods step out of a Buick was never going to make people think 'hey I want to drive what he drives'. To the extent the brand of the car registered at all most people would think either 'rental' or 'being paid to drive it'.
People understand that Woods is also paid to tout the goods Nike makes in low wage sweatshops of course. But there the idea is that the spokesperson has at least some input into the goods on sale. It is unlikely he would stay with Nike clubs and balls unless they were amongst the best in the industry, there is the expectation that he at least sees the clothing range before it launches.
Arnold Palmer was a very successful spokesperson for Rolex for the simple reason that it was totally believable that a Rolex is what Palmer would choose to wear. It is hard to imagine many spokespersons that that would be true of for Buick, which is probably why the brand is best buried.
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Tuesday, February 09, 2010
Everything you need to know about shooting the news…. « Photo Traveler
All you need to know about news journalism [h/t Bob Krist]
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Friday, February 05, 2010
No Flash on the iPad
The New York Times joins the long list of journals who fail to mention the most likely reason that Apple refuses to implement Flash on the iPad.
Apple has made clear that it's intention is to control both the platform and the applications that run on the platform. Like the Video Game console makers, Apple wants to tax every application provider.
Support for Flash would provide another means of putting applications on the iPhone. And so Apple will refuse to support Flash whatever the status of the specification or the implementation until they abandon the 'application tax' model.
Is there any chance Apple will change? As with every other first generation Apple product, the iPad lacks rather a lot of features that appear essential. It is pretty obvious that the next version will have a camera for doing video conferencing. I think that they are going to find they are forced to support real USB and an SD card as well.
Apple does quite well spinning the fact that obviously essential features are missing. When the first iMac was launched it lacked a floppy drive because the box had originally been made as a 'Network PC' and repurposed as a home PC. Jobs argued that the lack of a floppy or a CDRom was because people would download programs from the Internet. This story has even been repeated this week as evidence for how 'prescient' Jobs has been in the past. Which is rather silly since there was an optical drive on the next iMac and every model since.
When the iPhone came out the big question was not whether it would make a good computer but whether it would be a usable phone. Experience of the HP iPaq range was that computer company phones were to be avoided. Rival phone makers have spent the three years since trying to catch up with the first iPhone. The fact that the iPhone is a vendor locked application platform was not a big deal to me as it was the first phone that you could run a useful application on without the thing crashing (yes, I mean you Palm).
The iPad is a computer and this time Apple is up against the rival computer makes. I don't much care how good Apple's eBook store is, I am going to buy my eBooks from Amazon which lets me read them on my Kindle, my PCs or in the very near future my Macs. The first generation iPad clones will probably be somewhat nasty. But if they have an SD slot and a proper USB port and let me write my own applications they are already looking like a better buy.
Apple is certainly going to try to roll their iPhone/iTouch application tax model onto the iPad but this time its going to fail. And when it does we will probably see the model starting to unwind on the iPhone as well. If Google Android based pad computers beat out the iPad they are going to establish a developer base to make them competitive with iPhone.
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Wednesday, February 03, 2010
Word Stupidity
For years, the defaults for making references to other parts of a document in Microsoft Word have been insane.
First off there is the stupid dialog box.
There are eight default objects that Word lets you link to but the drop down menu only shows the first six. For some reason the options for 'Table' and 'Figure' - i.e. the types of object people are most likely to be adding a cross reference to appear at the bottom so you have to scroll down to see them.
The other bizarre choice is that the default is to insert a reference to the Entire Caption. Does this ever make sense?
The net is that the user has to scroll through two drop down menus every single time they insert a reference. Word does not seem to have an option to add in a shortcut. And the default options are reset each and every time the dialog appears.
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit
Abdulmutallab speaks
So, Abdulmutallab, the 'crotch bomber' has been co-operating with investigators 'despite' the use of standard FBI process [ NY Times].
This should hardly be a surprise. Police are trained to perform interrogations, they have years of experience. CIA agents are not.
Even so, the latest Republican Party talking point is the rather weird claim that reading Abdulmutallab his Miranda rights may have persuaded him to stop talking.
Let us recap the circumstances of Abdulmutallab's arrest. He was taken off the plane he had attempted to bomb. He had severely injured himself in the attempt to detonate the bomb. The passengers and crew had at a minimum removed his trousers and underwear. It seems quite likely that after discovering the bomb in his underpants, the passengers/crew had stripped him completely naked.
Given those circumstances, it seems rather unlikely that Abdulmutallab would have any expectation of a not-guilty verdict.
How could talking to the investigators possibly make Abdulmutallab's case any worse? He can't claim mistaken identity, he can't plausibly deny carrying the bomb, being aware of carrying it or attempting to detonate it.
Abdulmutallab is certain to receive a life sentence regardless of what he says. This is not a difficult case where a confession or an unintended slip is going to make the difference between conviction and acquittal. It is as close to being an open-and-shut case as they come.
The only chance Abdulmutallab has to improve his living conditions during his life sentence or to earn the possibility of parole in the distant future is to co-operate.
Incidentally, the man appears to have burnt away his penis in the attempt. How could torture do anything more than give him something else to think about? If he is being waterboarded he is going to blame his captors for his situation. If he is being being treated as an ordinary criminal he has plenty of time to build up resentment against the group who caused his injury.
At the time of his arrest Abdulmutallab was probably expecting to be taken to Gitmo and subjected to torture. The point at which his Miranda rights were read would be the first point at which the actions of the authorities significantly departed from his expectations.
0 comments Linkworks: FARK del.icio.us StumbleUpon reddit