That's fucking stupid

Posts Tagged ‘security’

I have always wondered what would happen to a gorilla if it was trained to use an AK47 assault rifle. I guess some modifications would need to be made to the trigger guard and training a gorilla, especially one holding an AK47, might be a little difficult but they can be trained to communicate with sign language so it’s likely to be possible in terms of intelligence.

I expect that the gorilla would do what any animal would do once it has been given a competitive advantage over its peers, it would use the advantage to kill male gorillas and mate with female gorillas; as they have been genetically programmed to do. With no concept of our bizarre rules of society, or rather with their own rules that are quite different, surely the outcome would be very different from that which would happen when a human gets hold of firearms.

Now let’s imagine what would happen if that gorilla ruled a particular area of territory. With finite resources it might get greedy and want to expand its territory in order to expand the base of power that it controls. An area that is rich in resources might look rather attractive but if it means killing the dominant gorilla in that area then with no social rules to prevent it, what’s to stop it?

Now imagine that the gorilla is stripped of its AK47 (no volunteers for that job) and is removed from its position of power and status. Put it in a cage and feed it regularly while providing visual stimulus and what would happen? With no need to go out hunting and foraging the gorilla would become lazy and rather than spending its days looking after its young would become idle and let its captors provide for its young. With no need to provide for all the baby gorillas I would expect our gorilla to spend its time playing, eating and fucking female gorillas in order to make more baby gorillas. With very little investment in the baby gorillas I would not expect our gorilla to care much about them.

I absolutely love the idea of civilisation as a way to improve the position of the western white nations, making them also look all benevolent and lovely, while simultaneously crushing the development of other parts of the world. It takes a delightfully nasty self-serving streak to come up with an idea like the UN, democracy and international war crimes tribunals because it all has this greasy veneer of respectability.

Take the concept of war crimes, an oxymoron in itself because in a war the concept of crimes are a little blurred. It’s not a war crime for the US to drop a bomb on Japan that kills or injures many hundreds of thousands of people, it’s not a war crime for the imperialistic British to use guns against tribes with spears, it’s not a war crime for the coalition forces to invade a country and force its leader to endure a humiliating show trial before being hung on live TV; yet if any other nation did this sort of thing it would probably be considered a war crime.

War is an ugly and dirty thing, the idea of it is for one group to kill or capture as many of the opposition as possible while sustaining as few losses as possible. The winner is the one to inflict the most damage, or to persuade the loser that they should surrender. In order to make war more palatable to western voters the ideas of rules of engagement have been introduced to keep the losses down for western nations while allowing them to continue to bully the smaller nations. Iraq was an immoral war but it wasn’t illegal because historically the rules of war have been made by the winners.

Nuclear armament is also an area of incredible arrogance, the US and UK were responsible for creating and using the most ridiculously powerful weapon ever devised. Hundreds of thousands of people were killed but now we claim to have learned from our mistakes and only those countries which already have the power of nuclear weapons or the plentiful energy of nuclear power can keep it; all the other, less developed, countries are prevented from taking the same developmental steps. Many of the human rights and ‘Geneva convention’ standards which western nations have devised are pretty self serving because they are standards which we did not adhere to during our own development yet treaties such as Kyoto which had the potential to stifle the growth of developed nations were swiftly ignored with no repercussions.

Now don’t get me wrong here, I am not saying that this is the wrong way for things to be as I am a westerner and benefit directly from this arrangement, but let’s be honest about it. The US invaded Iraq because they could, with no strong opposition (such as that provided by the USSR during the cold war) they were free to go bully some little middle eastern nation. No UN mandate exists to try Bush for war crimes because the US is still the dominant force in the world, so let’s just be honest about what we did. The mandate of all these trivial little war crimes tribunals comes directly from the dominant groups and they can change the goalposts at any time by creating installations such as Camp X-Ray which operate under a whole new set of rules made up for the occasion.

The time is drawing to a close for Gary McKinnon who is waiting for the final final final final decision on if he will be extradited to the US to face charges for hacking into government computers and causing substantial damages. He stands to be extradited under the 2003 Extradition Act which formed into law the treaty made between the US and the UK in that year.

While the facts of the case are sketchy, and will remain so until a trial has been conducted, a few things that are known about this case raise concern. First of all the perception from his supporters is that he is being used as a political scapegoat and will not receive a fair trial, this stems from the fact that the US is stating that McKinnon caused damage to the computer systems amounting to $800,000 worth.

Once you rule out physical, or hardware damage (something that is not really possible using the remote access technology that McKinnon claims to have used) the software damage is limited to undoing the changes to the software that McKinnon made while infiltrating the systems. Even with an inadequate system in place for recovering systems to previous backups or resetting them to a known good state, $8,247 per computer is a lot of money to pay a consultant to undo the damage to each of the 97 computers that he accessed. I work for a major hardware vendor and have worked in the banking industry where security is taken considerably more seriously than in the military and in government*, the figures talked about here are more in line with the cost of work to improve the security after the discovery of obvious shortcomings. Some CIO type figure has gone to his boss and explained that $800,000 worth of damage was done while quietly spending most of that money on bringing the security up to the standard which it should have been at in order to prevent the attacks.

The second part is down to the extradition treaty itself. The treaty was not ratified in the US immediately, some sources will tell you that it has not been ratified at all, because the US wanted to remain a safe haven for terrorists. Irish Americans lobbied extensively to prevent the treaty being ratified for fear of facing extradition to the UK for supporting the Provisional IRA and several members of the PIRA fled to the US in the 80s to escape justice. The US likes to forget that it was a major source of funding for the terrorists who did stuff like this:

Since the treaty was ratified in the US this inequality has been relieved a little although the UK does not require the US (or Canada, Australia and New Zealand) to provide a case or body of evidence whereas the US is not required to allow their own citizens to be extradited unless the UK can provide a sufficient body of evidence against that person.

Yes, let’s just get that straight; the UK will extradite one of their own citizens to a country that still imposes the death penalty and has a recent record of using torture and all this without the need for that country to provide any evidence that the citizen in question is guilty of anything.

So what next for Gary? He’s currently trying to get the case tried in the UK because he will face a far lower sentence than he could expect in a political show trial abroad. He has confessed to the hack itself and if he is found guilty in the UK could be protected by the double jeopardy rules which prevent people being tried for the same crime twice. The question of jurisdiction comes into play here though and it’s not on his side. Although he was in the UK when he committed the crimes, the crimes took place in the US. His only real hope is for the new administration in the US to quietly forget this and let it go away because the people who were embarrased by the original hack probably moved on with the last administration. I don’t really care that much though, I met him at infosec a few years ago and he’s a bit of a dick.

*No really, it is. There have numerous leaks of sensitive information which have had no repercussions other than a little bit of blame skirting in the military and government but those that take place in Banking are often high profile and costly both financially and in terms of reputation. Some military organisations base their systems and controls on those used by the banking industry.

Shortly after Sensibly Common posted this article, our pet troll posted the following comments. He still seems unable to realise that we are not publishing his comments any more but I thought I would share this comedy genius with you all because it is an almost perfect example of the stupidity that smart people face.

I’m sure that if the security forces had been given the choice between causing you mental anguish by expecting you to endure a short-haul flight without trimming “the old goatee”, and acting on specific intelligence about the types of weapons terrorists were planning on using to HIJACK/DESTROY A PASSENGER PLANE, they would have gone the other route.

 I suggest you avoid all this heartbreak, by not flying again untill they change their minds.

Oh where do I start? Could I start with the Daily Mail style capitalisation which he has used to add drama to the comments? Should I start with the insight that this uneducated fucktard brings to us from the inner thoughts of MI5? I think I shall start with the fact that the item specifically mentioned was a grooming kit and a bottle of water and these are, according to our pet troll, highly volatile weapons and likely to be used by terrorists at any time to destroy democracy as we know it.

Airside you can purchase a bottle of water and take it on the plane so clearly water is safe, the offending item which he must be talking about must be a simple grooming kit.

I am quite an inventive sort of person but I can’t quite work out why I would choose these items to destroy or hijack a plane. I think I would probably go a stabbing and slashing instrument as pictured below which can be made using items easily available from the duty free shop.

Combine this with the fact that the doors to the cockpit are now locked and cannot be opened except by the pilots (whose duty is to protect the plane rather than individual passengers) and it’s pretty much impossible to hijack a plane in these post 11/9 times. The work of the people on 11/9 relied on the passengers thinking they would survive if they stayed sat down and kept quiet. It would not take a hero of Hollywood proportions to realise that a group of a handful of hijackers armed with nail clippers or even real weapons are unlikely to last long against a group of passengers who are motivated by a desire to see their loved ones again (even if they get a nasty scratch from a nail clipper in the process).

Yet another flight where my time has been wasted and I’ve been put out because I can’t take a bottle of water with me or even my grooming kit to clip my nails and trim the old goatee while waiting for take-off. OH NO, These are the TOOLS OF TERRORISTS and therefore I am a criminal for wanting to have a bit of convenience while I fly.

Newsflash: these rules are not “security”. They are “security theatre”.

Security is an effective way of stopping people doing bad stuff (like stealing money from a bank). Security theatre is for showing the public that you’re doing something to protect them without actually affording them any extra protection.

So here for you as my winter festival gift for 2008, is the That’s Fucking Stupid Terrorist Training Manual:

1. One passenger may take up to five 100ml bottles. Two people travelling together may therefore take up to 1 litre of liquids between them and as many empty vessels as they like.

2. Airside restaurants (the bit after “security”) give you nice big metal knives. So don’t worry about your nail clippers being confiscated.

3. Perimeter fences have nice big holes that you can pass anything through to a friendly airside employee.

4. Hint for wannabe airside employees: background checks mean nothing if you’ve done nothing wrong yet.

5. Not every member of every “terrorist cell” is going to be on the no-fly list (see point 4). Just send all your guys on dirt cheap no-frills flights – you’ll soon work out which of your members are on the list and which aren’t.

…or any of a million other possibilities.

This is my point: bad people will do bad things, no matter what. Air transport is only one of many targets (and let’s face it, there are far easier targets). None of the extra “security” silliness we’re subjected to today will do anything to prevent any terrorist attacks.

For more common sense, read Bruce Schneier’s excellent blog.