22 results back to index
Nothing to Hide: The False Tradeoff Between Privacy and Security by Daniel J. Solove
Albert Einstein, cloud computing, Columbine, hindsight bias, illegal immigration, invention of the telephone, Marshall McLuhan, national security letter, security theater, the medium is the message, traffic fines, urban planning
Ironically, the subway search program’s primary benefit was alleviating people’s fear (which was 44 The Danger of Deference probably too high), albeit in a deceptive manner (as the program did not add much in the way of security). The security expert Bruce Schneier calls such measures “security theater,” for they constitute an elaborate exercise in playacting to create the appearance of security. Schneier writes: Security theater refers to security measures that make people feel more secure without doing anything to actually improve their security. An example: the photo ID checks that have sprung up in office buildings. No-one has ever explained why verifying that someone has a photo ID provides any actual security, but it looks like security to have a uniformed guard-for-hire looking at ID cards.10 Is security theater legitimate? Calming public fear is certainly a good thing, but the problem is that security theater is a lie. I believe that most people would rather know the truth than feel better through deception.
Even if panic and fear might lead to overstating the gravity of the threat, we should at least ensure that the measures taken to promote security are sufficiently effective to justify the cost. Unfortunately, rarely do discussions about the sacrifice of civil liberties explain why security benefits can’t be achieved in other ways and why such a security measure is the best and most logical one to take. Little scrutiny is given to security measures. They are often just accepted as a given, no matter how ill-conceived or ineffective they might be. Security Theater Some ineffective security measures, such as the New York City subway search program, are largely symbolic. The subway searches are unlikely to catch or deter terrorists because they involve only a minuscule fraction of the millions of daily passengers. Terrorists can easily turn to other targets or attempt the bombing on another day or at another train station where searches aren’t taking place.
Heron & Betty L. Smith, Deaths: Preliminary Data for 2004, Nat’l Vital Stats. Rep., June 28, 2006, at 1, 30 tbl. 7 (2006), available at http://www.cdc.gov/nchs/data/nvsr/nvsr54/ nvsr54_19.pdf. 9. See Jeordan Legon, Survey: “Shark Summer” Bred Fear, Not Facts, CNN.com, Mar. 14, 2003, http://www.cnn.com/2003/TECH/science/03/13/shark. study/ (last visited Aug. 17, 2010). 10. Bruce Schneier, Beyond Security Theater, Schneier on Security, Nov. 13, 2009, http://www.schneier.com/blog/archives/2009/11/beyond_security.html (last visited Aug. 17, 2010). 5. Why Privacy Isn’t Merely an Individual Right 1. Smith v. City of Artesia, 772 P.2d 373, 376 (N.M. Ct. App. 1989). 2. Thomas I. Emerson, The System of Freedom of Expression 545, 549 (1970). 3. Charles Fried, Privacy, 77 Yale L.J. 475, 478 (1968); see also Beate Rössler, The Value of Privacy 117 (R.
Beautiful security by Andy Oram, John Viega
Albert Einstein, Amazon Web Services, business intelligence, business process, call centre, cloud computing, corporate governance, credit crunch, crowdsourcing, defense in depth, Donald Davies, en.wikipedia.org, fault tolerance, Firefox, loose coupling, Marc Andreessen, market design, MITM: man-in-the-middle, Monroe Doctrine, new economy, Nicholas Carr, Nick Leeson, Norbert Wiener, optical character recognition, packet switching, peer-to-peer, performance metric, pirate software, Robert Bork, Search for Extraterrestrial Intelligence, security theater, SETI@home, Silicon Valley, Skype, software as a service, statistical model, Steven Levy, The Wisdom of Crowds, Upton Sinclair, web application, web of trust, zero day, Zimmermann PGP
Sabett 199 CONTENTS 13 14 15 16 Culture Balance Communication Doing the Right Thing 200 202 207 211 BEAUTIFUL LOG HANDLING by Anton Chuvakin 213 Logs in Security Laws and Standards Focus on Logs When Logs Are Invaluable Challenges with Logs Case Study: Behind a Trashed Server Future Logging Conclusions 213 214 215 216 218 221 223 INCIDENT DETECTION: FINDING THE OTHER 68% by Grant Geyer and Brian Dunphy 225 A Common Starting Point Improving Detection with Context Improving Perspective with Host Logging Summary 226 228 232 237 DOING REAL WORK WITHOUT REAL DATA by Peter Wayner 239 How Data Translucency Works A Real-Life Example Personal Data Stored As a Convenience Trade-offs Going Deeper References 240 243 244 244 245 246 CASTING SPELLS: PC SECURITY THEATER by Michael Wood and Fernando Francisco 247 Growing Attacks, Defenses in Retreat The Illusion Revealed Better Practices for Desktop Security Conclusion 248 252 257 258 CONTRIBUTORS 259 INDEX 269 CONTENTS ix Preface I F ONE BELIEVES THAT NEWS HEADLINES REVEAL TRENDS , THESE ARE INTERESTING times for computer security buffs. As Beautiful Security went to press, I read that a piece of software capable of turning on microphones and cameras and stealing data has been discovered on more than 1,200 computers in 103 countries, particularly in embassies and other sensitive government sites.
Nichols Chapter 4, The Underground Economy of Security Breaches, by Chenxi Wang Chapter 5, Beautiful Trade: Rethinking E-Commerce Security, by Ed Bellis Chapter 6, Securing Online Advertising: Rustlers and Sheriffs in the New Wild West, by Benjamin Edelman Chapter 7, The Evolution of PGP’s Web of Trust, by Phil Zimmermann and Jon Callas Chapter 8, Open Source Honeyclient: Proactive Detection of Client-Side Exploits, by Kathy Wang Chapter 9, Tomorrow’s Security Cogs and Levers, by Mark Curphey Chapter 10, Security by Design, by John McManus Chapter 11, Forcing Firms to Focus: Is Secure Software in Your Future?, by James Routh Chapter 12, Oh No, Here Come the Infosecurity Lawyers!, by Randy V. Sabett Chapter 13, Beautiful Log Handling, by Anton Chuvakin Chapter 14, Incident Detection: Finding the Other 68%, by Grant Geyer and Brian Dunphy Chapter 15, Doing Real Work Without Real Data, by Peter Wayner Chapter 16, Casting Spells: PC Security Theater, by Michael Wood and Fernando Francisco Conventions Used in This Book The following typographical conventions are used in this book: Italic Indicates new terms, URLs, filenames, and Unix utilities. Constant width Indicates the contents of computer files and generally anything found in programs. Using Code Examples This book is here to help you get your job done. In general, you may use the code in this book in your programs and documentation.
Calls Release of JetBlue Data Improper,” New York Times. February 21, 2004. Wald, Matthew L. “Randi A.J. v. Long Is. Surgi-Center, No. 2005-04976.” N.Y. App. Div, September 25, 2007. Wayner, Peter. Translucent Databases. Flyzone, 2003. http://www.wayner.org/books/td/. Zeller, Tom Jr. “U.S. Settles With Company on Leak of Consumers’ Data,” New York Times. January 27, 2006. 246 CHAPTER FIFTEEN CHAPTER SIXTEEN Casting Spells: PC Security Theater Michael Wood Fernando Francisco S TORM CLOUDS GATHER AND THERE IS UNREST IN THE LAND ; THIEVES WANDER the highway with impunity, monsters hide in every tree along the road, and wizards cast spells while handing travelers amulets for their protection. Believing in the power of the talismans, our hero strides forth, wrapped in his magical invincibility, confident he will be the master of any threat he encounters.
Getting Things Done for Hackers by Lars Wirzenius
After some experimentation you decide that twelve days after the 17 18 CHAPTER 6. CALENDARS AND OTHER REMINDER SYSTEMS previous time is a good time to cut your nails. Having your computer remind you about it makes it much more likely that you’ll do it when it’s time. However, having your calendar remind you every twelve days may not work so well, because you might be travelling on that 12th day, and the annoying flight security theater made it impossible to take your nail cutter with you. (This is not a hypothetical example.) A better solution would remind you twelve days after the previous time you actually cut the nails, not after the previous reminder. I have a program called “nagger” which does exactly that, but it is not suitable for others to use (unless you dig editing procmailrc files, and probably not even then).
The Signal and the Noise: Why So Many Predictions Fail-But Some Don't by Nate Silver
"Robert Solow", airport security, availability heuristic, Bayesian statistics, Benoit Mandelbrot, Berlin Wall, Bernie Madoff, big-box store, Black Swan, Broken windows theory, business cycle, buy and hold, Carmen Reinhart, Claude Shannon: information theory, Climategate, Climatic Research Unit, cognitive dissonance, collapse of Lehman Brothers, collateralized debt obligation, complexity theory, computer age, correlation does not imply causation, Credit Default Swap, credit default swaps / collateralized debt obligations, cuban missile crisis, Daniel Kahneman / Amos Tversky, diversification, Donald Trump, Edmond Halley, Edward Lorenz: Chaos theory, en.wikipedia.org, equity premium, Eugene Fama: efficient market hypothesis, everywhere but in the productivity statistics, fear of failure, Fellow of the Royal Society, Freestyle chess, fudge factor, George Akerlof, global pandemic, haute cuisine, Henri Poincaré, high batting average, housing crisis, income per capita, index fund, information asymmetry, Intergovernmental Panel on Climate Change (IPCC), Internet Archive, invention of the printing press, invisible hand, Isaac Newton, James Watt: steam engine, John Nash: game theory, John von Neumann, Kenneth Rogoff, knowledge economy, Laplace demon, locking in a profit, Loma Prieta earthquake, market bubble, Mikhail Gorbachev, Moneyball by Michael Lewis explains big data, Monroe Doctrine, mortgage debt, Nate Silver, negative equity, new economy, Norbert Wiener, PageRank, pattern recognition, pets.com, Pierre-Simon Laplace, prediction markets, Productivity paradox, random walk, Richard Thaler, Robert Shiller, Robert Shiller, Rodney Brooks, Ronald Reagan, Saturday Night Live, savings glut, security theater, short selling, Skype, statistical model, Steven Pinker, The Great Moderation, The Market for Lemons, the scientific method, The Signal and the Noise by Nate Silver, The Wisdom of Crowds, Thomas Bayes, Thomas Kuhn: the structure of scientific revolutions, too big to fail, transaction costs, transfer pricing, University of East Anglia, Watson beat the top human players on Jeopardy!, wikimedia commons
It’s much easier to bust a sixteen-year-old kid for smoking a joint than to solve an auto theft or prevent a murder. Everybody likes to live in a cleaner, safer neighborhood. But it’s unclear whether the broken-windows theory is more than window dressing. Likewise, the ever more cumbersome requirements for commercial flights fall into the category of what the security expert Bruce Schneier calls “security theater”75—they are more for show than to actually deter terrorists. It’s by no means completely irrational to be worried about airport security; airplanes have been the subject of a large number of terror attacks in the past, and terrorism can have a copycat element.76 Yet even accounting for crashes that had nothing to do with terrorism, only about one passenger for every twenty-five million was killed on an American commercial airliner during the decade of the 2000s.77 Even if you fly twenty times per year, you are about twice as likely to be struck by lightning.
Kees Keizer, Siegwart Lindenberg, and Linda Steg, “The Spreading of Disorder,” Science, 322, 5908 (December 2008), pp. 1681–1685. http://www.sciencemag.org/content/322/5908/1681.abstract. 74. Bernard E. Harcourt and Jens Ludwig, “Broken Windows: New Evidence from New York City and a Five-City Social Experiment,” University of Chicago Law Review, 73 (2006). http://lawreview.uchicago.edu/sites/lawreview.uchicago.edu/files/uploads/73.1/73_1_Harcourt_Ludwig.pdf. 75. Bruce Schneier, “Beyond Security Theater,” Schneier on Security, November 13, 2009. http://www.schneier.com/blog/archives/2009/11/beyond_security.html. 76. Ibid., Kindle location 1035. 77. Nate Silver, “Crunching the Risk Numbers,” Wall Street Journal, January 8, 2010. http://Online.wsj.com/article/SB10001424052748703481004574646963713065116.html. 78. Russian Authorities: Terrorist Bombing at Moscow Airport Kills 35;” CNN Wire; January 24, 2011. http://articles.cnn.com/2011-01-24/world/russia.airport.explosion_1_suicide-bomber-moscow-police-moscow-during-rush-hour?
“Report of the Select Committee on Intelligence on Postwar Findings About Iraq’s WMD Programs and Links to Terrorism and How They Compare with Prewar Assessments;” U.S. Senate, 109th Congress, 2nd Session; September 8, 2006. http://intelligence.senate.gov/phaseiiaccuracy.pdf. 85. Martin Chulov and Helen Pidd, “Defector Admits to WMD Lies That Triggered Iraq War,” The Guardian, February 15, 2011. http://www.guardian.co.uk/world/2011/feb/15/defector-admits-wmd-lies-iraq-war. 86. Schneier, “Beyond Security Theater,” Kindle locations 1321–1322. 87. Harvey E. Lapan and Todd Sandler, “Terrorism and Signalling,” European Journal of Political Economy, 9, 3 (August 1993), pp. 383–397; 88. The 9/11 Commission Report, Kindle locations 9286–9287. 89. Michael A. Babyak, “What You See May Not Be What You Get: A Brief, Nontechnical Introduction to Overfitting in Regression-Type Models,” Psychosomatic Medicine, 66 (2004), pp. 411–.421; 2004. http://os1.amc.nl/mediawiki/images/Babyak_-_overfitting.pdf.
Infinite Detail by Tim Maughan
3D printing, augmented reality, bitcoin, Buckminster Fuller, Burning Man, cognitive dissonance, friendly fire, global supply chain, Internet of things, Mason jar, off grid, Panamax, post-Panamax, ransomware, RFID, security theater, self-driving car, Skype, smart cities, South China Sea, the built environment, urban decay, urban planning
She smiles, charmed again. “It’s my pleasure.” In the bathroom he realizes that the long window is a two-way mirror, which seems pointless as all the cubicles—sorry, stalls—have doors anyway. Whatever. He’d abandoned the idea of there being any logic to security theater years ago. The idea she’d just hand him his spex like that because of his accent was bullshit too; she probably gives them back to anybody who actually asks. Unofficial policy, for practical sanity, to stop everyone kicking off all the time. It’s no big deal being in here, really. Security theater. Bullshit and ritual. Fear and flag-waving. He shakes his head and ducks into the stall. * * * He thumbs the power on the spex, checks the LED is green for charge, and slips them onto his face. Blinks his PIN. The glasses struggle to find a data connection at first, but then handshake with some unfamiliar U.S. provider.
This Will Make You Smarter: 150 New Scientific Concepts to Improve Your Thinking by John Brockman
23andMe, Albert Einstein, Alfred Russel Wallace, banking crisis, Barry Marshall: ulcers, Benoit Mandelbrot, Berlin Wall, biofilm, Black Swan, butterfly effect, Cass Sunstein, cloud computing, congestion charging, correlation does not imply causation, Daniel Kahneman / Amos Tversky, dark matter, data acquisition, David Brooks, delayed gratification, Emanuel Derman, epigenetics, Exxon Valdez, Flash crash, Flynn Effect, hive mind, impulse control, information retrieval, Intergovernmental Panel on Climate Change (IPCC), Isaac Newton, Jaron Lanier, Johannes Kepler, John von Neumann, Kevin Kelly, lifelogging, mandelbrot fractal, market design, Mars Rover, Marshall McLuhan, microbiome, Murray Gell-Mann, Nicholas Carr, open economy, Pierre-Simon Laplace, place-making, placebo effect, pre–internet, QWERTY keyboard, random walk, randomized controlled trial, rent control, Richard Feynman, Richard Feynman: Challenger O-ring, Richard Thaler, Satyajit Das, Schrödinger's Cat, security theater, selection bias, Silicon Valley, Stanford marshmallow experiment, stem cell, Steve Jobs, Steven Pinker, Stewart Brand, the scientific method, Thorstein Veblen, Turing complete, Turing machine, twin studies, Vilfredo Pareto, Walter Mischel, Whole Earth Catalog, WikiLeaks, zero-sum game
Let’s dare to know—risks and responsibilities are chances to be taken, not avoided. Science Versus Theater Ross Anderson Professor of security engineering, University of Cambridge Computer Laboratory; researcher in the economics and psychology of information security Modern societies waste billions on protective measures whose real aim is to reassure rather than to reduce risk. Those of us who work in security engineering refer to this as “security theater,” and there are examples all around us. We’re searched going into buildings that no terrorist would attack. Social-network operators create the pretense of a small intimate group of “friends,” in order to inveigle users into disclosing personal information that can be sold to advertisers. The users get not privacy but privacy theater. Environmental policy is a third example: Cutting carbon emissions would cost lots of money and votes, so governments go for gesture policies that are highly visible though their effect is negligible.
., 242–45 Randall, Lisa, 192–93 randomness, 105–8 rational unconscious, 146–49 ratios, 186 Read, Leonard, 258 realism, naïve, 214 Reality Club, xxix recursive structure, 246–49 reductionism, 278 Rees, Martin, 1–2 regression, 235 ARISE and, 235–36 relationalism, 223 relativism, 223, 300 relativity, 25, 64, 72, 234, 297 religion, 5, 6, 114 creationism, 268–69 self-transcendence and, 212–13 supernatural beings in, 182–83 and thinking in time vs. outside of time, 222 repetition, in manufacture, 171 replicability, 373–75 Revkin, Andrew, 386–88 Ridley, Matt, 257–58 risk, 56–57, 68–71, 339 security theater and, 262 statistical thinking and, 260 risk aversion, 339 risk literacy, 259–61 Ritchie, Matthew, 237–39 Robertson, Pat, 10 Roman Empire, 128 root-cause analysis, 303–4 Rosen, Jay, 203–5 Rovelli, Carlo, 51–52 Rowan, David, 305–6 Rucker, Rudy, 103–4 Rushkoff, Douglas, 41–42 Russell, Bertrand, 123 Rwanda, 345 Saatchi, Charles, 307–8 safety, proving, 281 Saffo, Paul, 334–35 Sagan, Carl, 273, 282 Sakharov, Andrei, 88 Salcedo-Albarán, Eduardo, 345–48 Sampson, Scott D., 289–91 Sapolsky, Robert, 278–80 Sasselov, Dimitar, 13–14, 292–93 SAT tests, 47, 89 scale analysis, 184–87 scale transitions, 371–72 scaling laws, 162 Schank, Roger, 23–24 Schmidt, Eric, 305 schools, see education Schrödinger’s cat, 28 Schulz, Kathryn, 30–31 science, 192–93 discoveries in, 109–11, 240–41, 257 humanities and, 364–66 method of, 273–74 normal, 242–43, 244 pessimistic meta-induction from history of, 30–31 replicability in, 373–75 statistically significant difference and, 378–80 theater vs., 262–63 scientific concept, 19, 22 scientific lifestyle, 19–22 scientific proof, 51, 52 scuba divers, 40 seconds, 163 security engineering, 262 security in information-sharing, 75–76 Segre, Gino, 28–29 Sehgal, Tino, 119 Seife, Charles, 105–8 Sejnowski, Terrence, 162–64 self, 212 ARISE and, 235–36 consciousness, 217 Other and, 292–93 separateness of, 289–91 subselves and the modular mind, 129–31 transcendence of, 212–13 self-control, 46–48 self-model, 214 self-serving bias, 37–38, 40 Seligman, Martin, 92–93 Semelweiss, Ignaz, 36 senses, 43, 139–42 umwelt and, 143–45 sensory desktop, 135–38 September 11 attacks, 386 serendipity, 101–2 serotonin, 230 sexuality, 78 sexual selection, 228, 353–54 Shamir, Adi, 76 SHAs (shorthand abstractions), xxx, 228, 277, 395–97 graceful, 120–23 Shepherd, Jonathan, 274 Shermer, Michael, 157–59 shifting baseline syndrome, 90–91 Shirky, Clay, xxvii, 198, 338 signal detection theory, 389–93 Signal Detection Theory and Psychophysics (Green and Swets), 391 signals, 228 Simon, Herbert, 48 simplicity, 325–27 skeptical empiricism, 85 skepticism, 242, 243, 336 skydivers, 39 Smallberg, Gerald, 43–45 smell, sense of, 139–42, 143–44 Smith, Adam, 258 Smith, Barry C., 139–42 Smith, Hamilton, 166 Smith, Laurence C., 310–11 Smith, John Maynard, 96 Smolin, Lee, 221–24 social microbialism, 16 social networks, 82, 262, 266 social sciences, 273 Socrates, 340 software, 80, 246 Solomon Islands, 361 something for nothing, 84 specialness, see uniqueness and specialness Sperber, Dan, 180–83 spider bites, 68, 69, 70 spoon bending, 244 stability, 128 Standage, Tom, 281 stars, 7, 128, 301 statistically significant difference, 378–80 statistics, 260, 356 stem-cell research, 56, 69–70 stock market, 59, 60–61, 151, 339 Flash Crash and, 60–61 Pareto distributions and, 199, 200 Stodden, Victoria, 371–72 stomach ulcers, 240 Stone, Linda, 240–41 stress, 68, 70, 71 string theories, 113, 114, 299, 322 subselves and the modular mind, 129–31 success, failure and, 79–80 sun, 1, 7, 11, 164 distance between Earth and, 53–54 sunk-cost trap, 121 sunspots, 110 Superorganism, The (Hölldobler and Wilson), 196–97 superorganisms, 196 contingent, 196–97 supervenience, 276, 363–66 Susskind, Leonard, 297 Swets, John, 391 symbols and images, 152–53 synapses, 164 synesthesia, 136–37 systemic equilibrium, 237–39 Szathmáry, Eörs, 96 Taleb, Nassim, 315 TANSTAAFL (“There ain’t no such thing as a free lunch”), 84 Tapscott, Don, 250–53 taste, 140–42 tautologies, 355–56 Taylor, F.
Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance by Julia Angwin
AltaVista, Ayatollah Khomeini, barriers to entry, bitcoin, Chelsea Manning, Chuck Templeton: OpenTable:, clean water, crowdsourcing, cuban missile crisis, data is the new oil, David Graeber, Debian, Edward Snowden, Filter Bubble, Firefox, GnuPG, Google Chrome, Google Glasses, informal economy, Jacob Appelbaum, John Markoff, Julian Assange, Marc Andreessen, market bubble, market design, medical residency, meta analysis, meta-analysis, mutually assured destruction, Panopticon Jeremy Bentham, prediction markets, price discrimination, randomized controlled trial, RFID, Robert Shiller, Ronald Reagan, security theater, Silicon Valley, Silicon Valley startup, Skype, smart meter, Steven Levy, Upton Sinclair, WikiLeaks, Y2K, zero-sum game, Zimmermann PGP
” * * * The surveillance of Yasir Afifi appears to have started with an innocent question about why deodorant could not pass through an airport screening. On June 24, 2010, a user of the social networking website Reddit.com named “JayClay” posted a question: “So if my deodorant could be a bomb, why are you just chucking it in the bin?” His post generated hundreds of comments. Some Reddit users dubbed the deodorant ban “Security Theater.” Others talked about items they had smuggled onto planes—nail clippers, bamboo needles, razors, knives. One user suggested that bombing a mall would be a “softer target.” On June 25, a user named “Khaledthegypsy” weighed in: “bombing a mall seems so easy to do,” he wrote. “i mean all you really need is a bomb, a regular outfit so you arent the crazy guy in a trench coat trying to blow up a mall and a shopping bag. i mean if terrorism were actually a legitimate threat, think about how many fucking malls would have blown up already.”
Party”) RSA firm Rutgers University Rwanda Safari salting San Francisco Chronicle Satellite Sentinel Project Scheindlin, Shira Schley, Courtney Schmidt, Eric Schneier, Bruce Schneier on Security (Schneier) Schoenberg, Evan schools Schrems, Max Science Scoble, Robert SearchBug.com search engines. See also specific search engines auditing your data on search warrants Secret New York (Rives) secret police Secrets & Lies (Schneier) Secret Service security, privacy vs. Security Engineering (Anderson) security questions Security Theater September 11, 2001, attacks sexual orientation Shahzad, Faisal Shearson, Julia Shilkin, Rob Shiller, Benjamin Reed Shopping.com Shutova, Ekaterina Shutterfly Signal conference Silent Circle Silent Phone Silent Text Sinclair, Upton Singer-Vine, Jeremy Skyhook Skype Slobogin, Christopher smart card Smith, Stephen Smith, Will Snowden, Edward social networking sites. See also specific sites social network mapping social security numbers Soghoian, Christopher Soltani, Ashkan Sonic.net “sousveillance” South Africa Southern District of New York (federal court) Soviet Union spamgourmet.com spam messages SpiderOak Spokeo spoofing Sputnik spy satellites spyware Staas, David stalkers Standard Oil Company Staples Stasi state and local governments stealth wear Stecklow, Steve Steel, Emily Strauchs, John J.
Why We Drive: Toward a Philosophy of the Open Road by Matthew B. Crawford
1960s counterculture, Airbus A320, airport security, augmented reality, autonomous vehicles, Bernie Sanders, Boeing 737 MAX, British Empire, Burning Man, call centre, collective bargaining, crony capitalism, deskilling, digital map, don't be evil, Donald Trump, Elon Musk, en.wikipedia.org, Fellow of the Royal Society, gig economy, Google Earth, hive mind, income inequality, informal economy, Internet of things, Jane Jacobs, labour mobility, Lyft, Network effects, New Journalism, New Urbanism, Nicholas Carr, Ponzi scheme, Ralph Nader, ride hailing / ride sharing, Ronald Reagan, Sam Peltzman, security theater, self-driving car, sharing economy, Shoshana Zuboff, Silicon Valley, smart cities, social graph, social intelligence, Stephen Hawking, technoutopianism, the built environment, The Death and Life of Great American Cities, the High Line, too big to fail, traffic fines, Travis Kalanick, Uber and Lyft, Uber for X, uber lyft, Unsafe at Any Speed, urban planning, Wall-E, Works Progress Administration
The posted speeds make technical violators out of motorists driving at reasonable and safe speeds.”8 One can find parallels in other policy areas where a proliferation of rules provides a sheen of rationality, but it is in the gap between the rules and reasonableness that officialdom feeds.9 Rigid sentencing laws and the “war on drugs” were indispensable to the rise of a massive prison industry. The TSA comes up with rules for a stage production of “security theater” that each of us must perform, while knowing full well the absurdity of most of it. Those machines you step into and receive a big dose of microwaves from? And the wipe-down with a towelette that is then inserted into a black box to detect explosive residue? Largely useless. The military refuses to use them; instead they use dogs if they are looking for explosives. But the machines are big business, and dog training is not.
Just as with mechanized traffic enforcement, this social apparatus has to characterize people as childlike in their vulnerability, and the world as bristling with hazards that need to be regulated. A further parallel is that the system guarantees more collisions, as it were, and hence calls for more intervention. Our social amber time is approaching zero. 10.Jason Chaffetz, former chairman of the House Committee on Oversight and Government Reform, details the absurdities of airport security theater in his book The Deep State. In contemporary America, the role of Congress appears to be mainly that of brokering business deals, using its budgetary oversight of the administrative state (the customer) to take a brokerage fee in the form of campaign contributions from vendors—while distracting voters with culture war. Meanwhile, the substantive political disputes underlying the culture war are settled elsewhere, by the courts and by executive branch fiat. 11.Claire Berlinski wrote in January 2019 that “according to the police, there have so far been 1,700 serious injuries among the protesters, and 1,000 among law-enforcement officers.” 12.As reported by CNN, via Newsweek: Brendan Cole, “Yellow Vest Protesters Vandalized or Destroyed 60 Percent of France’s Speed-Camera Network,” Newsweek, January 11, 2019, https://www.newsweek.com/yellow-vest-protesters-have-vandalized-or-destroyed-60-frances-entire-speed-1287832 (italics added). 13.Matt Labash, “Getting Rear-Ended by the Law,” Weekly Standard, April 3, 2002, https://www.washingtonexaminer.com/weekly-standard/getting-rear-ended-by-the-law. 14.NHTSA, “Traffic Safety Facts, 2016 Data: Speeding,” p. 1, https://crashstats.nhtsa.dot.gov/Api/Public/ViewPublication/812480. 15.One would have to query the data with custom-designed regressions to get at the interactions among these relevant factors.
HTML5 Cookbook by Christopher Schmitt, Kyle Simpson
If you disable autocomplete at the form level, you can re-enable it for an individual form field by setting autocomplete="on". While many security experts suggest applying autocomplete="off" to form fields that contain sensitive data, you should keep in mind that this is not a particularly effective security measure. Some browsers do not yet support autocomplete, and since so many tools exist to circumvent autocomplete="off"—tools that still auto-inject a user’s stored password—it’s often security theater or simply a false security measure. Those browsers that do not support autocomplete simply ignore the attribute altogether. For a browser support reference on autocomplete, see Table 3-11. Table 3-11. Browser support for the autocomplete attribute IE Firefox Chrome Safari Opera iOS Android Yes* 4+ Yes* Yes* 10.0+ Yes* Yes* Note In Table 3-11, “Yes” indicates that the browser has implemented autocomplete in a pre-HTML5, nonstandard way.
How to Speak Money: What the Money People Say--And What It Really Means by John Lanchester
asset allocation, Basel III, Bernie Madoff, Big bang: deregulation of the City of London, bitcoin, Black Swan, blood diamonds, Bretton Woods, BRICs, business cycle, Capital in the Twenty-First Century by Thomas Piketty, Celtic Tiger, central bank independence, collapse of Lehman Brothers, collective bargaining, commoditize, creative destruction, credit crunch, Credit Default Swap, crony capitalism, Dava Sobel, David Graeber, disintermediation, double entry bookkeeping, en.wikipedia.org, estate planning, financial innovation, Flash crash, forward guidance, Gini coefficient, global reserve currency, high net worth, High speed trading, hindsight bias, income inequality, inflation targeting, interest rate swap, Isaac Newton, Jaron Lanier, joint-stock company, joint-stock limited liability company, Kodak vs Instagram, liquidity trap, London Interbank Offered Rate, London Whale, loss aversion, margin call, McJob, means of production, microcredit, money: store of value / unit of account / medium of exchange, moral hazard, Myron Scholes, negative equity, neoliberal agenda, New Urbanism, Nick Leeson, Nikolai Kondratiev, Nixon shock, Northern Rock, offshore financial centre, oil shock, open economy, paradox of thrift, plutocrats, Plutocrats, Ponzi scheme, purchasing power parity, pushing on a string, quantitative easing, random walk, rent-seeking, reserve currency, Richard Feynman, Right to Buy, road to serfdom, Ronald Reagan, Satoshi Nakamoto, security theater, shareholder value, Silicon Valley, six sigma, Social Responsibility of Business Is to Increase Its Profits, South Sea Bubble, sovereign wealth fund, Steve Jobs, survivorship bias, The Chicago School, The Wealth of Nations by Adam Smith, The Wisdom of Crowds, trickle-down economics, Washington Consensus, wealth creators, working poor, yield curve
Look at the example of flying. I’m completely terrified of flying—when I say “terrified,” I mean I can’t get on a plane unless I’m zonked on prescription tranquilizers. But even I can see that that’s an irrational fear, because contemporary commercial aviation is extraordinarily, uncannily safe. The experience of flying is so ghastly—the nasty airports, the multiple queueing, the intelligence-insulting security theater, the cattle-car in-flight conditions—that we tend to forget what an astonishing success the air industry has made of its safety record. Do we even notice? No, not really—what we notice are the crashes. Maybe the story of aid is a bit like that. If 16,438 children died today in a single disaster, it would dominate every news media outlet in the world for weeks. The fact that they aren’t dying isn’t news.
When to Rob a Bank: ...And 131 More Warped Suggestions and Well-Intended Rants by Steven D. Levitt, Stephen J. Dubner
Affordable Care Act / Obamacare, Airbus A320, airport security, augmented reality, barriers to entry, Bernie Madoff, Black Swan, Broken windows theory, Captain Sullenberger Hudson, creative destruction, Daniel Kahneman / Amos Tversky, deliberate practice, feminist movement, food miles, George Akerlof, global pandemic, information asymmetry, invisible hand, loss aversion, mental accounting, Netflix Prize, obamacare, oil shale / tar sands, Pareto efficiency, peak oil, pre–internet, price anchoring, price discrimination, principal–agent problem, profit maximization, Richard Thaler, Sam Peltzman, security theater, Ted Kaczynski, the built environment, The Chicago School, the High Line, Thorstein Veblen, transaction costs, US Airways Flight 1549
After exploring all these issues, let’s figure out the truth, and let’s use it to guide public policy. And if Secretary LaHood has any interest in pursuing any of these avenues, I stand at the ready to offer whatever help that I can. Update: Secretary LaHood never did take me up on my offer to help. Security Overkill, Diaper-Changing Edition (SJD) I’ve been thinking a bit lately about security overkill. This includes not just the notion of “security theater,” but the many instances in which someone places a layer of security between me and my everyday activities with no apparent benefit. My bank, for instance, would surely argue that its many and various anti-fraud measures are valuable. But in truth, they are a) meant to protect the bank, not me; and b) cumbersome to the point of ridiculous. It’s gotten to where I can predict which credit-card charge will trigger the bank’s idiot algorithm and freeze my account because it didn’t like the zip code where I used the card.
The Complacent Class: The Self-Defeating Quest for the American Dream by Tyler Cowen
affirmative action, Affordable Care Act / Obamacare, Airbnb, Alvin Roth, assortative mating, Bernie Sanders, Black Swan, business climate, business cycle, circulation of elites, clean water, David Graeber, declining real wages, deindustrialization, desegregation, Donald Trump, drone strike, East Village, Elon Musk, Ferguson, Missouri, Francis Fukuyama: the end of history, gig economy, Google Glasses, Hyman Minsky, Hyperloop, income inequality, intangible asset, Internet of things, inventory management, knowledge worker, labor-force participation, low skilled workers, Marc Andreessen, Mark Zuckerberg, medical residency, meta analysis, meta-analysis, obamacare, offshore financial centre, Paul Samuelson, Peter Thiel, purchasing power parity, Richard Florida, security theater, sharing economy, Silicon Valley, Silicon Valley ideology, Skype, South China Sea, Steven Pinker, Stuxnet, The Great Moderation, The Rise and Fall of American Growth, total factor productivity, Tyler Cowen: Great Stagnation, upwardly mobile, Vilfredo Pareto, working-age population, World Values Survey
Even though most of these did not involve fatalities, it boggles the mind to think of the number of people who dared to build or buy a bomb, plant it, and be prepared to live with the consequences of that choice. The most famous source of these bombings was the radical group the Weather Underground, but other bombers included anti–Vietnam War groups, student radicals, fighters for racial justice, and Puerto Rican independence groups, with plenty of amateur, homemade bombs circulating at the time. Yet it’s today, and not back then, when the “security theater” to protect against bombs is so intense.1 And don’t forget the riots. Starting with the 1965 Watts clashes in Los Angeles, the country faced a wave of intensely violent and often out-of-control social unrest. A police chief from the time remarked: “This situation is very much like fighting the Viet Cong … We haven’t the slightest idea when this can be brought under control.” A local CBS radio station reported: “This was not a riot.
How Music Got Free: The End of an Industry, the Turn of the Century, and the Patient Zero of Piracy by Stephen Witt
4chan, barriers to entry, Berlin Wall, big-box store, cloud computing, collaborative economy, crowdsourcing, game design, Internet Archive, invention of movable type, inventory management, iterative process, Jason Scott: textfiles.com, job automation, late fees, mental accounting, moral panic, packet switching, pattern recognition, peer-to-peer, pirate software, Ronald Reagan, security theater, sharing economy, side project, Silicon Valley, software patent, Steve Jobs, zero day
The guard asked Glover if the boots had steel toes, and Glover confirmed that they did. And then, without further inspection, the guard just waved him through. They hadn’t made him take off his boots. They hadn’t patted him down or asked him any difficult questions. He had set off the wand, and there were no consequences. At that moment, Glover realized that the wandings were performatory. This wasn’t security, but security theater, a pantomime intended to intimidate would-be thieves rather than catch actual smugglers. And the low-wage security guards who ran the daily showings were just as bored of them as everybody else. If Glover could somehow fit the compact discs inside of his boots, he could finally get them out on his own. But they wouldn’t fit. The discs were just a little bit too big. Still, the seed of the idea was planted, and over the next few months, as he patiently waited in line each day to leave the plant at the end of his shift, he gradually came to see it: belt buckles.
Fuller Memorandum by Stross, Charles
Any sufficiently advanced technology is indistinguishable from magic, Beeching cuts, British Empire, cognitive dissonance, complexity theory, congestion charging, dumpster diving, finite state, Firefox, HyperCard, invisible hand, land reform, linear programming, MITM: man-in-the-middle, peak oil, post-work, security theater, sensible shoes, side project, Sloane Ranger, telemarketer, Turing machine
It was easy enough to close down the cemetery--police roadblocks, reports about an illegal rave and graveyard vandalism, a handful of D-notices to gag the more annoying local reporters--but then they had to do something with the bodies. The feeders raised just about everything that wasn't totally dismembered and disarticulated. In the end, they had to bring in bulldozers and dig trenches. They identified some of the cultists--but not Jonquil the Sloane Ranger, or her boyfriend Julian. I don't think Brookwood will reopen for a long time. Brains has been given a good talking-to, and is being subjected to the Security Theater Special Variety Show for breaching about sixteen different regulations by installing beta software on an employee's personal phone. Reminding Oscar-Oscar that if he hadn't done so they'd have lost the Eater of Souls to a cultist infiltrator appears to be futile. Right now, everyone in Admin has joined in the world's biggest arse-kicking circle dance, except possibly for Angleton, who is shielding me from the worst of it.
Wireless by Charles Stross
anthropic principle, back-to-the-land, Benoit Mandelbrot, Buckminster Fuller, Cepheid variable, cognitive dissonance, colonial exploitation, cosmic microwave background, epigenetics, finite state, Georg Cantor, gravity well, hive mind, jitney, Khyber Pass, lifelogging, Magellanic Cloud, mandelbrot fractal, MITM: man-in-the-middle, peak oil, phenotype, Pluto: dwarf planet, security theater, sensible shoes, Turing machine, undersea cable
It’s not as if thinking about it is a crime: the problems start when an agent far gone in solipsism starts thinking they can do it for real. Or worse, when the Opposition raise their snouts.” “But I—” Pierce stopped, collected his thoughts, and continued. “I thought that never happened? That the self-policing thing was a, an adequate safeguard?” “Lad.” Kafka shook his head. “You clearly mean well. And self-policing does indeed work adequately most of the time. But don’t let the security theater at your graduation deceive you: there are failure modes. We set you a large number of surveillance assignments to muddy the water—palimpsests all, of course, we overwrite them once they deliver their reports so that future-you retains no memory of them—but you can’t watch yourself all the time. And there are administrative errors. You’re not only the best monitor of your own behavior, but the best-placed individual to know how best to corrupt you.
Culture & Empire: Digital Revolution by Pieter Hintjens
4chan, airport security, AltaVista, anti-communist, anti-pattern, barriers to entry, Bill Duvall, bitcoin, blockchain, business climate, business intelligence, business process, Chelsea Manning, clean water, commoditize, congestion charging, Corn Laws, correlation does not imply causation, cryptocurrency, Debian, Edward Snowden, failed state, financial independence, Firefox, full text search, German hyperinflation, global village, GnuPG, Google Chrome, greed is good, Hernando de Soto, hiring and firing, informal economy, intangible asset, invisible hand, James Watt: steam engine, Jeff Rulifson, Julian Assange, Kickstarter, M-Pesa, mass immigration, mass incarceration, mega-rich, MITM: man-in-the-middle, mutually assured destruction, Naomi Klein, national security letter, Nelson Mandela, new economy, New Urbanism, Occupy movement, offshore financial centre, packet switching, patent troll, peak oil, pre–internet, private military company, race to the bottom, rent-seeking, reserve currency, RFC: Request For Comment, Richard Feynman, Richard Stallman, Ross Ulbricht, Satoshi Nakamoto, security theater, selection bias, Skype, slashdot, software patent, spectrum auction, Steve Crocker, Steve Jobs, Steven Pinker, Stuxnet, The Wealth of Nations by Adam Smith, The Wisdom of Crowds, trade route, transaction costs, twin studies, union organizing, wealth creators, web application, WikiLeaks, Y2K, zero day, Zipf's Law
Sure, websites track us with cookies. Oh look, pretty pictures! We enjoy the attention. Most people are pretty lonely, and the idea that someone is watching isn't half as scary as the alternative -- that no one cares. This is why many people enjoy getting some spam. It may be junk, yet at least it's coming to us, personally. We calculate that it doesn't really matter. We tolerate the cameras and spying because we know it's security theater, and we're not really that dumb to take it seriously, even if we like to pretend we are. TV taught us that privacy is a bauble to be traded for a few drops of fame. Tell the world your most intimate details, and become a star for 15 seconds. Famous people don't have privacy. Why should the rest of us need it? The bogeyman will get us if we argue. This still works with many people, though fewer than before.
Click Here to Kill Everybody: Security and Survival in a Hyper-Connected World by Bruce Schneier
23andMe, 3D printing, autonomous vehicles, barriers to entry, bitcoin, blockchain, Brian Krebs, business process, cloud computing, cognitive bias, computer vision, connected car, corporate governance, crowdsourcing, cryptocurrency, cuban missile crisis, Daniel Kahneman / Amos Tversky, David Heinemeier Hansson, Donald Trump, drone strike, Edward Snowden, Elon Musk, fault tolerance, Firefox, Flash crash, George Akerlof, industrial robot, information asymmetry, Internet of things, invention of radio, job automation, job satisfaction, John Markoff, Kevin Kelly, license plate recognition, loose coupling, market design, medical malpractice, Minecraft, MITM: man-in-the-middle, move fast and break things, move fast and break things, national security letter, Network effects, pattern recognition, profit maximization, Ralph Nader, RAND corporation, ransomware, Rodney Brooks, Ross Ulbricht, security theater, self-driving car, Shoshana Zuboff, Silicon Valley, smart cities, smart transportation, Snapchat, Stanislav Petrov, Stephen Hawking, Stuxnet, The Market for Lemons, too big to fail, Uber for X, Unsafe at Any Speed, uranium enrichment, Valery Gerasimov, web application, WikiLeaks, zero day
Bruce Schneier (13 Jun 2008), “The psychology of security,” AfricaCrypt 2008, https://www.schneier.com/academic/archives/2008/01/the_psychology_of_se.html. 96I coined the term in 2005: Bruce Schneier (8 Sep 2005), “Terrorists don’t do movie plots,” Wired, http://www.wired.com/2005/09/terrorists-dont-do-movie-plots. 96One: we are a species of storytellers: Bruce Schneier (31 Jul 2012), “Drawing the wrong lessons from horrific events,” CNN, http://www.cnn.com/2012/07/31/opinion/schneier-aurora-aftermath/index.html. 96And two: it makes no sense: Bruce Schneier (Nov 2009), “Beyond security theater,” New Internationalist, https://www.schneier.com/essays/archives/2009/11/beyond_security_thea.html. PART II: THE SOLUTIONS 100Today, spam still constitutes: Statista (Oct 2017), “Global spam volume as percentage of total e-mail traffic from January 2014 to September 2017, by month,” https://www.statista.com/statistics/420391/spam-email-traffic-share. 100but 99.99% of it is blocked: Jordan Robertson (19 Jan 2016), “E-mail spam goes artisanal,” Bloomberg, https://www.bloomberg.com/news/articles/2016-01-19/e-mail-spam-goes-artisanal. 100The EU’s Payment Services Directives: Steven J.
Liars and Outliers: How Security Holds Society Together by Bruce Schneier
airport security, barriers to entry, Berlin Wall, Bernie Madoff, Bernie Sanders, Brian Krebs, Broken windows theory, carried interest, Cass Sunstein, Chelsea Manning, commoditize, corporate governance, crack epidemic, credit crunch, crowdsourcing, cuban missile crisis, Daniel Kahneman / Amos Tversky, David Graeber, desegregation, don't be evil, Double Irish / Dutch Sandwich, Douglas Hofstadter, experimental economics, Fall of the Berlin Wall, financial deregulation, George Akerlof, hydraulic fracturing, impulse control, income inequality, invention of agriculture, invention of gunpowder, iterative process, Jean Tirole, John Nash: game theory, joint-stock company, Julian Assange, longitudinal study, mass incarceration, meta analysis, meta-analysis, microcredit, moral hazard, mutually assured destruction, Nate Silver, Network effects, Nick Leeson, offshore financial centre, patent troll, phenotype, pre–internet, principal–agent problem, prisoner's dilemma, profit maximization, profit motive, race to the bottom, Ralph Waldo Emerson, RAND corporation, rent-seeking, RFID, Richard Thaler, risk tolerance, Ronald Coase, security theater, shareholder value, slashdot, statistical model, Steven Pinker, Stuxnet, technological singularity, The Market for Lemons, The Nature of the Firm, The Spirit Level, The Wealth of Nations by Adam Smith, The Wisdom of Crowds, theory of mind, too big to fail, traffic fines, transaction costs, ultimatum game, UNCLOS, union organizing, Vernor Vinge, WikiLeaks, World Values Survey, Y2K, zero-sum game
Horst Rittel and Melvin Webber (1973), “Dilemmas in a General Theory of Planning,” Policy Sciences, 4:155–69. E. Jeffrey Conklin (2006), Dialog Mapping: Building a Shared Understanding of Wicked Problems, John Wiley & Sons. ubiquity of data Charles Stross (2011), “Network Security in the Medium Term, 2061–2561 AD,” paper presented at USENIX Security. better off spending Bruce Schneier (2009), “Beyond Security Theater,” New Internationalist, 427:10–13. Yochai Benkler Yochai Benkler (2011), The Penguin and the Leviathan: How Cooperation Trumphs Over Self-Interest, Crown Business, 25–6. security is a process Bruce Schneier (2000), Secrets and Lies: Digital Security in a Networked World, John Wiley & Sons, 273, 395. Chapter 17 Trust in things Bart Nooteboom (2002), Trust: Forms, Foundations, Functions, Failures and Figures, Edward Elgar, 45.
A Gentleman in Moscow by Amor Towles
(The officers also endeavored to speak with the hotel’s manager, only to find that he had not yet reported to work—a fact that was duly noted in his file!) At one o’clock, two additional KGB men were summoned so that a more thorough search could be made of the hotel. At two, the senior officer conducting the investigation was encouraged to speak with Vasily, the concierge. Finding him at his desk in the lobby (where he was in the midst of securing theater tickets for a guest), the officer did not beat about the bush. He put his question to the concierge unambiguously: “Do you know the whereabouts of Alexander Rostov?” To which the concierge replied: “I haven’t the slightest idea.” Having learned that both Manager Leplevsky and Headwaiter Rostov had gone missing, Chef Zhukovsky and Maître d’ Duras convened at 2:15 for their daily meeting in the chef’s office, where they immediately engaged in close conversation.
Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It by Marc Goodman
23andMe, 3D printing, active measures, additive manufacturing, Affordable Care Act / Obamacare, Airbnb, airport security, Albert Einstein, algorithmic trading, artificial general intelligence, Asilomar, Asilomar Conference on Recombinant DNA, augmented reality, autonomous vehicles, Baxter: Rethink Robotics, Bill Joy: nanobots, bitcoin, Black Swan, blockchain, borderless world, Brian Krebs, business process, butterfly effect, call centre, Charles Lindbergh, Chelsea Manning, cloud computing, cognitive dissonance, computer vision, connected car, corporate governance, crowdsourcing, cryptocurrency, data acquisition, data is the new oil, Dean Kamen, disintermediation, don't be evil, double helix, Downton Abbey, drone strike, Edward Snowden, Elon Musk, Erik Brynjolfsson, Filter Bubble, Firefox, Flash crash, future of work, game design, global pandemic, Google Chrome, Google Earth, Google Glasses, Gordon Gekko, high net worth, High speed trading, hive mind, Howard Rheingold, hypertext link, illegal immigration, impulse control, industrial robot, Intergovernmental Panel on Climate Change (IPCC), Internet of things, Jaron Lanier, Jeff Bezos, job automation, John Harrison: Longitude, John Markoff, Joi Ito, Jony Ive, Julian Assange, Kevin Kelly, Khan Academy, Kickstarter, knowledge worker, Kuwabatake Sanjuro: assassination market, Law of Accelerating Returns, Lean Startup, license plate recognition, lifelogging, litecoin, low earth orbit, M-Pesa, Mark Zuckerberg, Marshall McLuhan, Menlo Park, Metcalfe’s law, MITM: man-in-the-middle, mobile money, more computing power than Apollo, move fast and break things, move fast and break things, Nate Silver, national security letter, natural language processing, obamacare, Occupy movement, Oculus Rift, off grid, offshore financial centre, optical character recognition, Parag Khanna, pattern recognition, peer-to-peer, personalized medicine, Peter H. Diamandis: Planetary Resources, Peter Thiel, pre–internet, RAND corporation, ransomware, Ray Kurzweil, refrigerator car, RFID, ride hailing / ride sharing, Rodney Brooks, Ross Ulbricht, Satoshi Nakamoto, Second Machine Age, security theater, self-driving car, shareholder value, Silicon Valley, Silicon Valley startup, Skype, smart cities, smart grid, smart meter, Snapchat, social graph, software as a service, speech recognition, stealth mode startup, Stephen Hawking, Steve Jobs, Steve Wozniak, strong AI, Stuxnet, supply-chain management, technological singularity, telepresence, telepresence robot, Tesla Model S, The Future of Employment, The Wisdom of Crowds, Tim Cook: Apple, trade route, uranium enrichment, Wall-E, Watson beat the top human players on Jeopardy!, Wave and Pay, We are Anonymous. We are Legion, web application, Westphalian system, WikiLeaks, Y Combinator, zero day
The lack of innovation in government permeates not only our legislatures but the organs of our national security and law enforcement apparatus as well. In response to the creativity (albeit diabolical) demonstrated by the terrorists who carried out the 9/11 plot, the government spent billions of dollars and came up with such “innovations” as the Transportation Security Administration. Though frisking four-year-olds and little old ladies in wheelchairs makes for fine “security theater,” we’re going to have to significantly up our game if we hope to prevent future terrorist attacks. Given the pace of technological change, tomorrow’s security threats will not look like those of today—one of the reasons government is struggling mightily in the face of our common cyber insecurity. Of course this is not meant to suggest there is no innovation in government. It was government that brought us the Internet and space travel and served as the catalyst to finally decode the human genome.
Engineering Security by Peter Gutmann
active measures, algorithmic trading, Amazon Web Services, Asperger Syndrome, bank run, barriers to entry, bitcoin, Brian Krebs, business process, call centre, card file, cloud computing, cognitive bias, cognitive dissonance, combinatorial explosion, Credit Default Swap, crowdsourcing, cryptocurrency, Daniel Kahneman / Amos Tversky, Debian, domain-specific language, Donald Davies, Donald Knuth, double helix, en.wikipedia.org, endowment effect, fault tolerance, Firefox, fundamental attribution error, George Akerlof, glass ceiling, GnuPG, Google Chrome, iterative process, Jacob Appelbaum, Jane Jacobs, Jeff Bezos, John Conway, John Markoff, John von Neumann, Kickstarter, lake wobegon effect, Laplace demon, linear programming, litecoin, load shedding, MITM: man-in-the-middle, Network effects, Parkinson's law, pattern recognition, peer-to-peer, Pierre-Simon Laplace, place-making, post-materialism, QR code, race to the bottom, random walk, recommendation engine, RFID, risk tolerance, Robert Metcalfe, Ruby on Rails, Sapir-Whorf hypothesis, Satoshi Nakamoto, security theater, semantic web, Skype, slashdot, smart meter, social intelligence, speech recognition, statistical model, Steve Jobs, Steven Pinker, Stuxnet, telemarketer, text mining, the built environment, The Death and Life of Great American Cities, The Market for Lemons, the payments system, Therac-25, too big to fail, Turing complete, Turing machine, Turing test, web application, web of trust, x509 certificate, Y2K, zero day, Zimmermann PGP
“Learning More About the Underground Economy: A Case-Study of Keyloggers and Dropzones”, Thorsten Holz, Markus Engelberth and Felix Freiling, University of Mannheim Laboratory for Dependable Distributed Systems technical report TR-2008-006, http://honeyblog.org/junkyard/reports/impersonation-attacksTR.pdf.       “The Myths of Security: What the Computer Security Industry Doesn’t Want You to Know”, John Viega, O’Reilly, 2009. “Security Theater on the Wells Fargo Website”, Don Bixby, 13 March 2013, discussion thread at http://www.schneier.com/blog/archives/2013/03/security_theate_8.html#c1213990. “So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users”, Cormac Herley, Proceedings of the 2009 New Security Paradigms Workshop (NSPW’09), September 2009, p.133. “A Usability Study of OTPs on Cell Phones”, Nick Nikiforakis, Debra Cook and Sotiris Ioannidis, Proceedings of the Symposium on Usable Security and Privacy (SOUPS’09), July 2009, to appear.
“A Deceit-Augmented Man In The Middle Attack Against Bank of America's SiteKey Service”, Christopher Soghoian and Markus Jakobsson, 10 April 802 Testing                        2007, http://paranoia.dubfire.net/2007/04/deceit-augmented-man-inmiddle-attack.html. “Defeating Sitekey 101 — A School Project”, PhishCops, 2007, http://www.phishcops.com/sitekeyMITM.asp. “Safe2Login Frequently Asked Questions”, https://safe2login.com/htm/int_004.html. “Locks, Safes and Security: An International Police Reference (2 nd ed)”, Marc Tobias, Charles C Thomas Publisher Ltd, 2000”. “Security theater?”, Peter Fairbrother, posting to the firstname.lastname@example.org mailing list, message-ID 4C877EDD.email@example.com, 8 September 2010. “Gozi Trojan”, Don Jackson, 20 March 2007, http://www.secureworks.com/research/threats/gozi. “Re: [phishing] what’s the deal?”, Gary Warner, posting to the firstname.lastname@example.org list, 18 January 2007. “Battle.net Authenticator FAQ”, undated, http://us.blizzard.com/support/article.xml?
The Better Angels of Our Nature: Why Violence Has Declined by Steven Pinker
1960s counterculture, affirmative action, Alan Turing: On Computable Numbers, with an Application to the Entscheidungsproblem, Albert Einstein, availability heuristic, Berlin Wall, Bonfire of the Vanities, British Empire, Broken windows theory, business cycle, California gold rush, Cass Sunstein, citation needed, clean water, cognitive dissonance, colonial rule, Columbine, computer age, conceptual framework, correlation coefficient, correlation does not imply causation, crack epidemic, cuban missile crisis, Daniel Kahneman / Amos Tversky, David Brooks, delayed gratification, demographic transition, desegregation, Doomsday Clock, Douglas Hofstadter, Edward Glaeser, en.wikipedia.org, European colonialism, experimental subject, facts on the ground, failed state, first-past-the-post, Flynn Effect, food miles, Francis Fukuyama: the end of history, fudge factor, full employment, George Santayana, ghettoisation, Gini coefficient, global village, Henri Poincaré, Hobbesian trap, humanitarian revolution, impulse control, income inequality, informal economy, Intergovernmental Panel on Climate Change (IPCC), invention of the printing press, Isaac Newton, lake wobegon effect, libertarian paternalism, long peace, longitudinal study, loss aversion, Marshall McLuhan, mass incarceration, McMansion, means of production, mental accounting, meta analysis, meta-analysis, Mikhail Gorbachev, moral panic, mutually assured destruction, Nelson Mandela, open economy, Peace of Westphalia, Peter Singer: altruism, QWERTY keyboard, race to the bottom, Ralph Waldo Emerson, random walk, Republic of Letters, Richard Thaler, Ronald Reagan, Rosa Parks, Saturday Night Live, security theater, Skype, Slavoj Žižek, South China Sea, Stanford marshmallow experiment, Stanford prison experiment, statistical model, stem cell, Steven Levy, Steven Pinker, The Bell Curve by Richard Herrnstein and Charles Murray, The Wealth of Nations by Adam Smith, theory of mind, transatlantic slave trade, Turing machine, twin studies, ultimatum game, uranium enrichment, Vilfredo Pareto, Walter Mischel, WikiLeaks, women in the workforce, zero-sum game
Experts proclaimed that terrorism made the United States “vulnerable” and “fragile,” and that it threatened to do away with the “ascendancy of the modern state,” “our way of life,” or “civilization itself.”179 In a 2005 essay in The Atlantic, for example, a former White House counterterrorism official confidently prophesied that by the tenth anniversary of the 9/11 attacks the American economy would be shut down by chronic bombings of casinos, subways, and shopping malls, the regular downing of commercial airliners by shoulder-launched missiles, and acts of cataclysmic sabotage at chemical plants.180 The massive bureaucracy of the Department of Homeland Security was created overnight to reassure the nation with such security theater as color-coded terrorist alerts, advisories to stock up on plastic sheeting and duct tape, obsessive checking of identification cards (despite fakes being so plentiful that George W. Bush’s own daughter was arrested for using one to order a margarita), the confiscation of nail clippers at airports, the girding of rural post offices with concrete barriers, and the designation of eighty thousand locations as “potential terrorist targets,” including Weeki Wachee Springs, a Florida tourist trap in which comely women dressed as mermaids swim around in large glass tanks.