Machines took over control

A few month ago, I flew to London Stansted and queued up for the custom control. There was a large group of people ahead of me and took about 20 min to reach to the customs officer, who was, to my surprise, a machine. A few  humans helped to properly fill the waiting lines. Only a small minority with an old, machine unreadable passport or technical problems could talk to a person.  This seems to be a common practice in the UK, but for me it was spooky, that machines took over such an  important security field.

Currently this border robots are able to scan my passport and compare my face with the saved electronic photo. I assume they are checking, if my name is listed at the National Crime Agency.

I was wondering, what might happen, if I was an illegal immigrant or a criminal. Will these machines arrest me? What measures are the machines able to take? Lock me up until the police arrive?

Since these machines are getting more and more intelligent and powerful, how might a future of automated security look like?

After being arrested, they might bring me to an police station run by machines. They could have lie detectors and body scanner. The police questioning is probably much easier and more efficient with a computer. A protocol is stored in the cloud and before I realize what is going on, a silicon judge will send me to prison, where I am watched by robots, which take care of my physical well-being.

After years in prison, when I served my sentence, they might release me at the border, in order to let me leave the country.

Who has to take the responsibility for software bugs or other possible errors in my scenario? Is the British police and politicians willing and able to extend the duties of border control robots? What are the technical limitations?

In science fiction the idea of machines supporting police work is already more than 30 years old: RoboCop was good enough for a successful movie, but does not meet the reality well. I like more the depressing atmosphere in the Matrix, when fighting against superior, violent, flying robots.

Since 2012 a South Korean prison has already some robotic help. The British police uses drones to observe its inhabitants, while the US kills thousands with drones. Even the NATO takes this issue serious and mentions ethical doubts.

A free society does not need machines for security. I vote for disarmament.

Turnkey Tyranny

When Edward Snowden used the term “turnkey tyranny” (at the end of the linked video) in 2013, I did not see the governmental surveillance systems as the key feature to replace democracy with despotism. Without underestimating Edward’s big achievements and the importance of pointing out the spying on communication systems, I classified the broad surveillance still as a dangerous and illegal way undermining our privacy, but I obviously underestimated the power of the spying system, built up by the NSA and other secret services like the BND in Germany.

Everybody is under the control of the watchers. If you don’t want certain parties to record and file your online activities, e.g. from diseases you are suffering from while consulting Dr. Google over websites you are reading to internet services you are consuming. (The Black Mirror episode “Shut up and dance” shows that in a shocking way. Even though the online activities of the main characters are reprehensible and illegal, it is striking, how people could be controlled.)

Now we are facing the inauguration of the next US president, who is lacking many important personal properties for such an powerful position. You don’t need to be a conspiracy blog author to feel a mild shiver together with serious worries about worldwide safety and global economy. Not to mention the decreasing level of political debates.

Like with global warming it is probably already too late and we are under his control: Here are my suggestions to make it at least more difficult to continue intruding into our lives:

  1. Use encryption: I don’t write many private emails and I hardly find partners for PGP. Similar to Filippo Valsorda, I am also struggling with encryption of my communication. Search for end-to-end encryption apps. I like for example Wickr and it’s nerdy image after its appearance in Mr. Robot.
  2. Try to point out privacy violations in your surroundings, discuss it with the violator and write letters to the editor of established media to increase public pressure.
  3. Don’t use a smartphone. Google play and iTunes App store are market places for intruding into your life. The smartphone producer are even worse: My wife’s Chinese cell phone showed the medal table of the Olympic games 2016. It was even impossible to delete this unrequested delivery.
  4. Get rid of your internet of things devices (like web-cams): Security is not in the producer’s top 50 list. In addition, the IoT devices might be abused as part of a bot-net.

It is an irony, that both secret services named in the first paragraph use encrypted websites. The blog entry “10 Reasons To Use HTTPS” considers the first and foremost reason to use https, to protect your users privacy.

Popular outrage

Why we should not tolerate US remote executions by drones.

The drone papers were already published three month ago. They describe how American drones kill more than a thousand people in Afghanistan, Yemen, and Somalia. The victims and their friends and relatives had no voice to make this terrible injustice public, until the brave journalists of the intercept got the respective files from a whistle-blower and published them. But nobody cares. After a few lines on several important news channels, the whole story was forgotten. Why such a scandal does not lead to popular outrage?

“One man’s terrorist is another man’s freedom fighter” wrote Gerald Seymour 40 years ago. These crimes were mainly committed to protect American interests and officially to defend values of western civilization, which are democracy, freedom and civic rights.

drone with missiles
MQ-9 Reaper, Source Wikipedia

By killing so many mostly innocent people by drones or by shooting a missile into a wedding party we spurn the achievements of western civilization. One important corner stone of civic rights is a transparent legal system, which gives everybody the opportunity to defend himself in front of a court. Independent judges or juries come to fair court orders. If we let politicians and armies circumvent legislative authority, we risk to loose this right for ourselves and indirectly support tremendous injustice. In addition we maintain a ridiculous and immoral image, which we already have in many parts of the world.

Even for the US and their NATO partners difficult times are ahead. The army of enemies of the western world is ready to commit terror attacks. The secret services around the word are spending billions to observe everybody. As a result freedom and privacy are sacrificed as a global collateral damage. The eerie feeling, that soon the whole world is falling apart is getting stronger.

Here is my action plan:

  • Push the president and government of your country to stand up against the described double-moral. (When the Austrian president visits a dictatorship, the question weather he should mention human-rights in the respective country is always discussed. Strange enough, the double moral question is never mentioned, when one of the powerful western countries is being visited)
  • Express your opposition against breaking the international law.
  • Get inspired by “Time for outrage” by Stéphane Hessel.

I am part of the western civilization’s mind-set. I really like to live in Austria. It’s a nice and save place. Please help to restore our common ethics and morality.

Knowledge is key

In the last couple of days I attended a clinical cancer conference. I learned a lot about the clinical practice for this terrible disease and also about careless data protection habits. As we learned from our tweeting hero, the connection data are the low hanging fruits. And this is not different in conference business.

When entering the meeting-room of every scientific session of the conference, all participant’s conference badges were scanned (there was a convenient barcode on every id). Officially this measure was taken to print a list of attended lectures on everybody’s certificate of participation. (Who needs such a document?)

There was no conference booklet with a list of talks but an unstable android (and iOS) app available. Fortunately I selected most of my sessions beforehand by using a web-browser in my office. I assume this sounds paranoid, when I mention the easier tracking of my scientific interests, when I use an electronic device.

However, the interesting part was a little USB stick with presumably all abstracts (short summaries) of the conference presentations including scientific posters. It became a habit that sponsors are mentioned for a specific conference service like WiFi or public transport. In this case  every attendant got a little voucher for a USB stick to pick up at the booth of a pharma company. It’s a nice little, blue device with an USB plug, which looks like a memory stick.

I tried this USB stick with my private Linux laptop. Apparently nothing happened. No pop-up window appeared, informing me about a new storage device. When I looked into the list of USB devices, I made an interesting discovery: The new device identified itself as an Apple, Inc. Pro Keyboard [Mitsumi, A1048/US layout] (ID 05ac:020b).

An old article on heise security about keyboard emulation to crack a computer came to my mind. Even though I spend a couple of hours (using Wireshark on my USB hub), I could not find out all about my new blue friend. I just realized that the stick, dependent on the operating system of the computer, types some commands. One of these commands starts a web browser and connects to this link. (It works at least, if you are using an English keyboard layout). I could not find any data on this device but a lot of warnings (e.g. 1, 2) on the internet.

I feel a little uncomfortable when I let somebody type on my computer and open all opportunities to do nasty or intruding things. I assume this USB device is harmless and just connects me to the conference poster download page. Instead of the expected memory stick I got a hidden keyboard, I am supposed to plug into my computer. And I doubt, that this terrible data security image fits to the pharma company, which provided the device.

The conference posters are hosted on a web-site called poster-submission.com. The domain name is registered by Johann Woringer, the CEO of Wiz-Team and Co-Founder of Além Labs, a company that provides “Accommodation, transportation, accreditations and ticketing data management systems for the International Olympic Committee” for the last six Olympic games (from Athens 2004 until Sotchi 2014).

The rest are just speculations: Connection data from health-care and pharmaceutical companies e.g. who is interested in which drug or drug target is a valuable data set, helping to discover the hot topics in cancer research and research pipelines of participating (billion-Euro/Francs/Dollar) companies a bit earlier. Mr. Woringer is probably well connected to politics and industry.