Monthly Archives: June 2008

Golden Shield – the brave new world of surveillance

Posted on by

The Rolling Stone has a good article (though a bit heavy on the breathless hype at times) about Golden Shield, China’s country-wide surveillance system that is in continuous development. It’s an ambitious project to pull together all sorts of data from HD-CCTV to mobile phone triangulation to Internet monitoring.

But the cameras that Zhang manufactures are only part of the massive experiment in population control that is under way here. “The big picture,” Zhang tells me in his office at the factory, “is integration.” That means linking cameras with other forms of surveillance: the Internet, phones, facial-recognition software and GPS monitoring.

One test that is about to happen (or probably already has happened) is the “10-million faces” test:

Yao is managing director of Pixel Solutions, a Chinese company that specializes in producing the new high-tech national ID cards, as well as selling facial-recognition software to businesses and government agencies. The test, the first phase of which is only weeks away, is being staged by the Ministry of Public Security in Beijing. The idea is to measure the effectiveness of face-recognition software in identifying police suspects. Participants will be given a series of photos, taken in a variety of situations. Their task will be to match the images to other photos of the same people in the government’s massive database. Several biometrics companies, including Yao’s, have been invited to compete. “We have to be able to match a face in a 10 million database in one second,” Yao tells me. “We are preparing for that now.

They can already match a face to multiple pictures of the same person in their internal database of 600,000 records in just over a millisecond.

The point of the test though is not just how bad surveillance is in China, it’s the fact that Western companies are clamouring to be involved, even using loopholes in legislation to avoid prohibitions on selling software for law enforcement use. Worse still is that post-9/11 Western obsession with surveillance has given China a golden opportunity to legitimise their own strategies:

Such efforts have provided China’s rulers with something even more valuable than surveillance technology from Western democracies: the ability to claim that they are just like us. Liu Zhengrong, a senior official dealing with China’s Internet policy, has defended Golden Shield and other repressive measures by invoking the Patriot Act and the FBI’s massive e-mail-mining operations. “It is clear that any country’s legal authorities closely monitor the spread of illegal information,” he said. “We have noted that the U.S. is doing a good job on this front.” Lin Jiang Huai, the head of China Information Security Technology, credits America for giving him the idea to sell biometric IDs and other surveillance tools to the Chinese police. “Bush helped me get my vision,” he has said. Similarly, when challenged on the fact that dome cameras are appearing three to a block in Shenzhen and Guangzhou, Chinese companies respond that their model is not the East German Stasi but modern-day London.

Sounds like a world that Eric Blair would recognise..

The War on Photography

Posted on by

Bruce Schneier has a great blog article on “The War on Photography” that is causing problems for photographers in formerly free countries around the world. If you are into photography (and/or freedom) it’s well worth a read. One part I will reproduce here is a paragraph with some useful links for us photographers (I’ve added the link for “photographers rights” which wasn’t in the original).

This is worth fighting. Search “photographer rights” on Google and download one of the several wallet documents that can help you if you get harassed; I found one for the UK, US, and Australia. Don’t cede your right to photograph in public. Don’t propagate the terrorist photographer story. Remind them that prohibiting photography was something we used to ridicule about the USSR. Eventually sanity will be restored, but it may take a while.

The Aussie version is already printed and in my camera bag, and remember that:

The 9/11 terrorists didn’t photograph anything. Nor did the London transport bombers, the Madrid subway bombers, or the liquid bombers arrested in 2006. Timothy McVeigh didn’t photograph the Oklahoma City Federal Building. The Unabomber didn’t photograph anything; neither did shoe-bomber Richard Reid.

It’s just security theatre..

Links to useful documents:

A new version of “Nobody Nowhere”

Posted on by

New cover of Nobody Nowhere So we’ve just received the revised edition of Donna’s classic autobiography “Nobody Nowhere” from the publishers with an updated forward, some of the quotes about it on the back and one of Donna’s paintings, “Swing“, on the cover!

Donna originally wrote Nobody Nowhere was in 1990 and as it is considered a classic autobiography of a person with autism a lot of folks don’t realise that Donna never meant it to be published.

Nobody Nowhere was written in 4 weeks. I barely ate, washed or slept. I wrote the book as a goodbye and a last hope. My plan was to let just one person read it, then shred it and burn it then jump in front of a train. But life is rarely as simple as our plans. Instead of the confirmation of hopelessness I expected, I was thrown a challenge; to allow the book to help others. Instead of shredding it, it became copied and read by millions of people around the world. Instead of being burned, it spent 15 weeks on the New York times Bestseller list and shot to number 1 in US, Canada, Japan, and Norway and got translated into over 20 languages worldwide.

The book is still in print and still selling almost two decades later!

Indian comments on Microsoft pressure over OOXML

Posted on by

So we have now had a number of appeals from national bodies over the farcical approval of OOXML at the ISO BRM, so hopefully now we’ll get a proper review (and maybe even a final draft) of the standard that not even Microsoft is implementing.

As part of the associated fallout a letter from the Indian refusal to bow to Microsoft pressure to depart from common sense and to vote against OOXML Dr. Deepak B. Phatak has published an open letter to his fellow committee members detailing Microsofts inappropriate behaviour towards Indian organisations, government and individuals which includes the classic line:

My greatest angst against Microsoft is in their arrogance in telling Indian government about Indian ‘national interest’, particularly at the highest levels of the leadership. One really wonders whether they even properly understand what a nation is.

Good on ya!

Designing and Building Parallel Programs available online

Posted on by

Found via Ian Fosters blog on “Free Books“, his paper book “Designing and Building Parallel Programs: Concepts and Tools for Parallel Software Engineering” is available online at ANL for reference for no cost (though you’re not allowed to archive a copy without permission).

This isn’t something new, mind you, it was done 13 years ago in 1995 – quite forward thinking!

Exploiting Network Cards

Posted on by

Now this is a scary (and pretty cool) potential abuse of network card firmware and PCI bus architecture to bypass firewalls described by Arrigo Triulzi (quoted on Ben Laurie’s blog):

3) from 1 & 2 above, after about two years, I’ve reached my goal of writing a totally transparent firewall bypass engine for those firewalls which are PC-based: you simply overwrite the firmware in both NICs and then perform PCI-to-PCI transfers between the two cards for suitably formatted IP packets (modern NICs have IP “offload engines” in hardware and therefore can trigger on incoming and outgoing packets). The resulting “Jedi Packet Trick” (sorry, couldn’t resist) fools, amongst others, CheckPoint FW-1, Linux-based Strongwall, etc. This is of course obvious as none of them check PCI-to-PCI transfers,

Ben reckons it’s possible to do even more:

IMO: because of the nature of the PCI bus, you can use the same technique on any machine with a vulnerable NIC to read all of RAM.

Of course the attacker would need to compromise the card first, either by cracking the box or supplying malicious hardware.