I can barely imagine the panic with a non-responding -- can it respond when it's not there? -- plane in the sky, at least by the time a visual confirmation reveals the truth. In the post 9/11 world, airports were among the first strategic targets to get the funding necessary to protect against the threats fabricated in a think-tank somewhere. Money are wasted in this very same fashion on a daily basis, with no clear ROI, just established social responsibility and common sense security. Disinformation can always happen in sky, as "Flaw may lead to air chaos". From the article :
"Hackers armed with little more than a laptop could conjure up phantom planes on the screens of Australia's air traffic controllers using new radar technology, warns Dick Smith. The prominent businessman and aviator claims to have found another serious security flaw in the new software being introduced into the air traffic control system. He has challenged Transport Minister Warren Truss to allow him to set up a demonstration of the problem at a test of the technology in Queensland to show how hackers could exploit the automatic dependent surveillance broadcasting (ASD-B) system to create false readings on an air traffic controller's screen. The air space activist says he was told of the flaw by US Federal Aviation Administration staff."
Compared to a speculation I described in a previous post "Why's that radar screen not blinking over there?", these practices are highly natural to ELINT planes/warfare, and in the capabilities of experienced staff members as pointed out in the article. Everything is buggy, and so is the ASD-B system for sure, but the problem from my point of view, is the possibility for a "talkative leakage", and the procedures, if any, to internally report bugs like these, and get them fixed of course.
Phantom Warhawk image courtesy of Les Patterson.
Tuesday, June 06, 2006
Phantom Planes in the Skies
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Where's my Fingerprint, Dude?
Personal data security breaches continue occurring, and with the trend towards evolving to a digital economy, it's inevitably going to get ever worse. In a recently revealed case "Lost IRS laptop stored employee fingerprints", from the article :
"A laptop computer containing fingerprints of Internal Revenue Service employees is missing, MSNBC.com has learned. The computer was lost during transit on an airline flight in the western United States, IRS spokesman Terry Lemon said. No taxpayer information was on the lost laptop, Lemon said. In all, the IRS believes the computer contained information on 291 employees and job applicants, including fingerprints, names, Social Security numbers, and dates of birth."
For the time being the largest accommodator of fingerprints in the world is the U.S.A, and this fact affects anyone that enters the U.S. My point is that, given the unregulated ways of classifying, storing, transfering and processing such type of information would result in its inavitable loss -- bad in-transfer security practices or plain simple negligence.
As we're also heading to a biometrics driven society, the impact of future data security breaches will go way beyond identity theft the way we know it -- lost and stolen voice patterns, DNAs, and iris snapshots would make the headlines. You might also be interested in knowing how close that type of "future scenario" really is given the modest genetic database of 3 million Americans already in existence.
Things are going to get very ugly, and it's not the privacy issue that bothers me, but the aggregation of such type of data at the first place, and who will get to steal it. It's perhaps the perfect market timing moment to start a portable security solution provider, or resell ones know-how under license, of course.
"A laptop computer containing fingerprints of Internal Revenue Service employees is missing, MSNBC.com has learned. The computer was lost during transit on an airline flight in the western United States, IRS spokesman Terry Lemon said. No taxpayer information was on the lost laptop, Lemon said. In all, the IRS believes the computer contained information on 291 employees and job applicants, including fingerprints, names, Social Security numbers, and dates of birth."
For the time being the largest accommodator of fingerprints in the world is the U.S.A, and this fact affects anyone that enters the U.S. My point is that, given the unregulated ways of classifying, storing, transfering and processing such type of information would result in its inavitable loss -- bad in-transfer security practices or plain simple negligence.
As we're also heading to a biometrics driven society, the impact of future data security breaches will go way beyond identity theft the way we know it -- lost and stolen voice patterns, DNAs, and iris snapshots would make the headlines. You might also be interested in knowing how close that type of "future scenario" really is given the modest genetic database of 3 million Americans already in existence.
Things are going to get very ugly, and it's not the privacy issue that bothers me, but the aggregation of such type of data at the first place, and who will get to steal it. It's perhaps the perfect market timing moment to start a portable security solution provider, or resell ones know-how under license, of course.
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Posts (Atom)