HottestFiles.Com

I’m in the middle of writing a long essay on the psychology of security. One of the things I’m writing about is the “availability heuristic,” which basically says that the human brain tends to assess the frequency of a class of events based on how easy it is to bring an instance of that class to mind. It explains why people tend to be afraid of the risks that are discussed in the media, or why people are afraid to fly but not afraid to drive.

One of the effects of this heuristic is that people are more persuaded by a vivid example than they are by statistics. The latter might be more useful, but the former is easier to remember.

That’s the context in which I want you to think about this very gripping story about a cold-blooded killer caught by city-wide surveillance cameras.

Federal agents showed Peterman the recordings from that morning. One camera captured McDermott, 48, getting off the bus. A man wearing a light jacket and dark pants got off the same bus, and followed a few steps behind her.

Another camera caught them as they rounded the corner. McDermott didn’t seem to notice the man following her. Halfway down the block, the man suddenly raised his arm and shot her once in the back of the head.

“I’ve seen shootings incidents on video before,” Peterman said, “but the suddenness, and that he did it for no reason at all, was really scary.”

I can write essay after essay about the inefficacy of security cameras. I can talk about trade-offs, and the better ways to spend the money. I can cite statistics and experts and whatever I want. But — used correctly — stories like this one will do more to move public opinion than anything I can do.

Sounds like security theater to me:

But he added that one of the difficult questions was what people should do about the information when they receive it: “There’s not necessarily that much information on the website about how you should act and how you should respond other than being vigilant and calling a hotline if you see anything suspicious.”

The first, called Threat Level Only, will inform the recipient if the nationwide terror threat level changes. The condition is currently listed as severe.

The second more inclusive service is called What’s New, and will be a digest of the latest information from MI5, including speeches made by the director general and links to relevant websites.

I’ve written about terror threat alerts in the UK before.

Is this a good idea or not?

For the first time, the giant software maker is acknowledging the help of the secretive agency, better known for eavesdropping on foreign officials and, more recently, U.S. citizens as part of the Bush administration’s effort to combat terrorism. The agency said it has helped in the development of the security of Microsoft’s new operating system — the brains of a computer — to protect it from worms, Trojan horses and other insidious computer attackers.

[...]

The NSA declined to comment on its security work with other software firms, but Sager said Microsoft is the only one “with this kind of relationship at this point where there’s an acknowledgment publicly.”

The NSA, which provided its service free, said it was Microsoft’s idea to acknowledge the spy agency’s role.

It’s called the “equities issue.” Basically, the NSA has two roles: eavesdrop on their stuff, and protect our stuff. When both sides use the same stuff — Windows Vista, for example — the agency has to decide whether to exploit vulnerabilities to eavesdrop on their stuff or close the same vulnerabilities to protect our stuff. In its partnership with Microsoft, it could have decided to go either way: to deliberately introduce vulnerabilities that it could exploit, or deliberately harden the OS to protect its own interests.

A few years ago I was ready to believe the NSA recognized we’re all safer with more secure general-purpose computers and networks, but in the post-9/11 take-the-gloves-off eavesdrop-on-everybody environment, I simply don’t trust the NSA to do the right thing.

“I kind of call it a Good Housekeeping seal” of approval, said Michael Cherry, a former Windows program manager who now analyzes the product for Directions on Microsoft, a firm that tracks the software maker.

Cherry says the NSA’s involvement can help counter the perception that Windows is not entirely secure and help create a perception that Microsoft has solved the security problems that have plagued it in the past. “Microsoft also wants to make the case that [the new Windows] more secure than its earlier versions,” he said.

For some of us, the result is the exact opposite.

Interesting.

Discussion here.

Funny clip.

New York Times blog post on how easy it is to eavesdrop on an open Wi-Fi session:

Turns out there was absolutely nothing to it. John sat a few feet away with his PowerBook; I fired up my Fujitsu laptop and began doing some e-mail and Web surfing.

That’s all it took. He turned his laptop around to reveal all of this:

* Every copy of every e-mail message I sent *and* received.

* A list of the Web sites I visited.

* Even, incredibly, the graphics that had appeared on the Web sites I had visited.

None of this took any particular effort, hacker skill or fancy software. Anyone could do it. You could do it.

Nice to see this getting some popular attention.

Another will try:

Marine biologist Peter Batson says he plans to try photographing giant squid at a depth of 3000m off the coast of New Zealand.

Mr Batson, who runs a New Zealand company, Explore The Abyss Ltd, with his father, told the Courier-Mail newspaper in Brisbane that he will use a remote-controlled camera to snap the squid.

“Strangers on my Flight.”

Impressive:

…a group of scientists at the Weizmann Institute of Science in Rehovat, Israel have crafted a molecule-sized “keypad lock” that “only activates when exposed to the correct password, a sequence of chemicals and light.

The U.S. Coast Guard is talking about licensing boaters. It’s being talked about as an antiterrorism measure, in typical incoherent ways:

The United States already has endured terrorism using small civilian craft, albeit overseas: In 2000, suicide bombers in the port of Aden, Yemen, used an inflatable boat to blow themselves up next to the U.S. Navy destroyer USS Cole, killing 17 sailors and wounding 39 others.

Terrorism experts point to other ways small boats potentially could assist in attacks ­ for example, a speedboat could deposit saboteurs at the outlet pipes of a nuclear power plant, or hijackers aboard a cruise ship. In a nightmare scenario, suicide bombers in a crowded harbor could use small watercraft to detonate a tanker carrying ultra-volatile liquefied natural gas, causing a powerful explosion that could kill thousands.

And how exactly is licensing watercraft supposed to help?

There are lots of good reasons to license boats and boaters, just as there are to license cars and drivers. But counterterrorism is not one of them.