- The Moral Dilemma of Leaving Iraq
- COIN and Irregular Warfare in a Tribal Society
- National Security for the Twenty-first Century
- TrueSpeak Responds   Work-a-day glossary of Arabic and Islamic terms.
- Video of Sleeping Guards Shakes Nuclear Industry
- Iraq's foreign militants 'come from US allies'
- Terrorism: A Brief for Americans
- Secrecy Report Card 2007: Indicators of Secrecy in the Federal Government
- Meet Abu Abed: the US's new ally against al-Qaida  ... Ouch!
- Inside the Surge   The American military finds new allies, but at what cost?
- The Polygraph and Lie detection   Report from the 'Committee to Review the Scientific Evidence on the Polygraph, Board on Behavioral, Cognitive, and Sensory Sciences', and the Committee on National Statistics. Conclusion - "... overall, the evidence is scanty and scientifically weak..."
- FM 3-24 Counterinsurgency   The U.S. Army's recently completed new manual (large pdf) presenting military doctrine on counterinsurgency.
- Another Inexplicable Silence on Guantanamo   "But you don't have to rely on the UN to know that we aren't getting the full story of what is happening at Guantanamo Bay. Two new reports that both involved extensive data analysis give us an interesting picture of the 500 detainees now behind the barbed wire. Alas, a Lexis-Nexis search reveals that neither report managed to produce even a single article in any national newspaper." The two reports referenced (both studies of official U.S. documents, both appalling") are linked below. An article re the absurdities of the process - For Guantánamo Review Boards, Limits Abound:  
- The Iraq Study Group
- Iraq Coalition Casualty Count   - by Iraqi province...
- Terrorism & Counterterrorism - An Annotated Bibliography>   (PDF file)
- National Strategy for Combating Terrorism   September 2006.
- MIPT Terrorism database   From the site - "Developed by the Memorial Institute for the Prevention of Terrorism (MIPT), the Terrorism Knowledge Base offers in-depth information on terrorist incidents, groups, and trials."
- Email from Iraq
- BRITAIN: The mysterious case of the disappearing 'terror' plots   British baloney... Also Media Hypes Nutcase Scribblings as "Terror Plot Admission"
- Pictures of Hezbollah tunnels   from the Counterterrorism Blog. Not quite "... tunnels high enough to walk in, with ventilation and lighting systems, bathrooms,painted walls and reinforced ceilings..." but very interesting.
- Preliminary "Lessons" Of the Israeli-Hezbollah War   from CSIS/Anthony Cordesman
- Zogby International Poll of Iranians Reveals a Society in Flux
- Drowning in data - complexity's threat to terror investigations
- Protection of National Security Information - CRS report.
- When "Off" Doesn't Mean Off
- A Simple Fix For RFID Privacy
- Spreadsheet Errors Public reports of (significant) spreadsheet errors collated by the European Spreadsheet Risks Interest Group (EuSpRIG).
- Countering terrorism – for real
A noted political psychologist outlines the elements of an effective counterterrorism program.
- The Box O' Truth #5 - The Locks O' Truth In the movies the good guys casually shoot the locks off to get in... Someonce decided to see how realistic this is..
- How to make an RFID blocking wallet .. out of duct tape and tin foil...
- Submarine found 7,500 feet above sea level Police in Colombia say they have found a half-built submarine in a warehouse in a suburb of the capital Bogota (2,250 metres (7,500 ft) above sea level,)
- Assessing Iraq's Sunni Arab Insurgency ".. Michael Eisenstadt and Jeffrey White argue that the best means of assessing the insurgency is by tackling its complexity head-on, examining its operational environment, evolving structure, various tactics, and the degree to which it has penetrated private and public institutions and won over "hearts and minds" in the Sunni Triangle.."
- Al-Zarqawi’s Rise to Power: Analyzing Tactics and Targets A two-part series tracing Zarqawi’s rising influence in the jihadist movement...
- The Sociology and Psychology of Terrorism: Who Becomes a Terrorist and Why? (PDF file)
- Muslim Female Fighters: An Emerging Trend
- WiFi world record
- Can Spies Decipher Keyboard Clicks?
Researchers 'eavesdrop' and transcribe, warning of security risks.
- GAO: Federal agencies lack basic wireless security
- Got a match? U.S. Visit system may not   Two Stanford University specialists in biometrics and game theory published an article, “Using Fingerprint Image Quality to Improve the Identification Performance of the U.S. Visitor and Immigrant Status Indicator Technology Program,” in the Proceedings of the National Academy of Science’s current issue. they found that the U.S. Visit program’s image matching system would reach a detection probability of only about 53 percent for poor-quality fingerprints. Go here for the paper.
- The Emergence Of A Global Infrastructure For Mass Registration And Surveillance - report from The International Campaign Against Mass Surveillance, that assesses current international trends towards global surveillance. It concludes that "The global surveillance initiatives that governments have embarked upon do not make us more secure. They create only the illusion of security. Sifting through an ocean of information with a net of bias and faulty logic, they yield outrageous numbers of false positives and false negatives. The dragnet approach might make the public feel that something is being done, but the dragnet is easily circumvented by determined terrorists who are either not known to authorities, or who use identity theft to evade them." & "The global surveillance dragnet diverts crucial resources and efforts away from the kind of investments that would make people safer. What is required is good information about specific threats, not crude racial profiling and useless information on the nearly 100 percent of the population that poses no threat whatsoever."
- Not Issuing Driver's Licenses to Illegal Aliens is Bad for National Security   Nice summary of the wrongheadedness (from a security standpoint) of denying driver licenses to illegal aliens, from the Center for Advanced Studies in Science and Technology Policy
- Government Should Not Rush to Massive ID Surveillance System from the Center for Advanced Studies in Science and Technology Policy
- Why the ISS (International Space Station) Almost Ran Out Of Food   May not seem security related, but think about it a bit.
- Border Screening for SARS   Study published in the Journal of Emerging Infectious Disease, which looked at SARS screening in Canada. The study showed that CDN 7.5 million was spent on the screening, which did not detect any cases of SARS. A big reason "SARS has an extremely low prevalence, and the positive predictive value of screening is essentially zero." Remember the base rate fallacy.
- Total Security - The Animal and Insect Act
- Some interesting RAND publications:
- An OODA Loop Writ Large - 4GW and the Iraq War   An application of Boyd's theory to the situation in Iraq. Also has a very interesting accompanying Powerpoint presentation
- Problem of Redundancy: Why More Nuclear Security Forces May Produce Less Nuclear Security   Article on how adding redundancy does not necessarily improve security. Speaks to general issues with respect to redundant systems, then specifically applies it to nuclear power plant security.
- Bruce Schneier blog on The Problem with Electronic Voting Machines   along with numerous comments on relevant issues. Also Getting Out the Vote: Why is it so hard to run an honest election?
- A critical internal account prepared for the U.S. Army (not formally released) on the invasion of Iraq which represents an official U.S. Army perspective.
- 12/19/04 -   Toppling Saddam: Iraq and American Military Transformation   by Dr. Stephen Biddle, et al, Strategic Studies Institute, April 2004 (46 pages, 4.7 MB PDF file)
-
- 12/19/04 -   Terrorist 'Dirty Bombs': A Brief Primer   by the CRS.
- A report issued by the House Government Reform Committee minority, provides a critique of executive branch secrecy. Secrecy in the Bush Administration
- Two recent reports of the Congressional Research Service provide an updated, in-depth review of the Foreign Intelligence Surveillance Act, the statute that authorizes domestic search and surveillance for counterintelligence and counterterrorism purposes.     The FISA: An Overview of the Statutory Framework and Recent Judicial Decisions &   FISA: Selected Legislation from the 108th Congress
- A CRS (Congressional Research Service) report "reviews allegations of Saudi involvement in terrorist financing together with Saudi rebuttals, discusses the question of Saudi support for religious charities and schools (madrasas) abroad, discusses recent steps taken by Saudi Arabia to counter terrorist financing (many in conjunction with the United States), and suggests some implications of recent Saudi actions for the war on terrorism."   Saudi Arabia: Terrorist Financing Issues, October 4, 2004
- NIST Computer Security Incident Handling Guide   Guide re what to do if a victim of a computer security incident.
- Microsoft Word password-protection bypass
- Big Brother On Board - Apparently GM's OnStar allows the passengers' conversations to be eavesdropped on.
- Fingerprinting Visitors Won't Offer Security   -   Homeland Insecurity   -   Terror Profiles by Computers Are Ineffective    Opinion by Bruce Schneier.
- Law Enforcement and Intelligence Access to Information   Information on the rules governing access to personal information...
- CD copy protection trumped by Shift key
. Another example of circumventing music copy protection.. First magic markers (see below), and now the Shift key. See the paper that caused the furore here. The company in question first threatened a DCMA prosecution, but has subsequently backed off.
- Big Brother Gets a Brain from the Village Voice. Article about how the DoD is funding the development of computer software to tie together all the cameras that exist to form "Combat Zones That See" or CTS.
- Policy Analysis Market - mirror of the now defunct 'Policy Analysis Market' site, which caused an uproar and Adm. John Poindexter's exit from the administration...
- An Exceptional Espionage Operation:
Tolkachev, A Worthy Successor to Penkovsky - unusually open CIA article on a Soviet "asset" in the '80's.
-   Letter from the Office of the Attorney General shows that for 2002 (as in almost all previous years) almost every application for a FISA wiretap was approved by the special FISA court. Note that the two that were not granted one hundred percent were appealed, and the FISA Court of Review approved the government's side on those two...
- Office workers give away passwords for a cheap pen - By John Leyden   People remain the weak point of any system!
- EWeek reviewed a beta version of Six/Four by Hacktivismo, a peer-to-peer application designed to allow folks to use the Internet securely and anonymously. Conclusion: the software (named Six/Four from the Tiananmen Square massacre that occurred June 4th, 1989) is useful but is too complicated for beginners to set up and use, and the peer network is too small to handle a lot of traffic.
- March 6th police in Tokyo arrested 2 men on suspicion of stealing $136,000. Apparently they installed keystroke logging software on about 100 computers in 13 Internet cafes. These harvested the logon IDs and passwords of a large number of people using on-line banking services. They then used these to transfer money out of their victims' bank accounts into another bank account, which they then withdrew as cash. To caveat emptor we could add "caveat computitor"
- After the debacle during the last presidential elections ("butterfly" ballot, hanging chads, etc.) people are moving towards electronic, computerized voting machines. However these have risks too, and a number of technology-savvy folks are signing a petition Voting machines must provide a voter-verifiable audit trail
- What should you do when the Homeland Security Advisory System Recommendation changes? The American Red Cross has recommendations
- Master-Keyed Lock Vulnerability   Paper by Matt Blaze about weaknesses in master-keyed lock systems.
- Identity Theft Complaints Double in '02
- Two examples of secondary "downstream" effects of security measures: Guidance for Industry: Recommendations for Deferral of Donorsand Quarantine and Retrieval of Blood and Blood Products in Recent Recipients of Smallpox Vaccine    since the risk of vaccinia (smallpox vaccine) transmission by blood and blood products is uncertain, it is probable that a new question will be added to list asked of folks before they donate blood... - Police Detainment of a Patient Following Treatment With Radioactive Iodine, a patient who was treated for Graves disease with radioactive iodine apparently set off (twice) radiation detectors installed in the New York City subway...
- Movies often treat security very poorly. Recent examples include The Sum Of All Fears    in which Ben Affleck (playing the Jack Ryan character) gets his hands on Morgan Freeman's (playing the CIA Director) PDA, which allows him to IM with an unknown CIA mole in the upper reaches of the Russian government - No passwords, no security..... Another example is in Minority Report    in which The Tom Cruise character (playing Detective John Anderton) uses his "old" eyes to access restricted areas in the Department of Precrime. Hmm, obviously the access system's biometric identification could not distinguish non-living tissue... Worse, his wife does the same much later (after he has been caught and put into a deep freeze), which makes you wonder why his access was still in the system and hadn't been immediately removed when the law was after him.... These were just the most glaring examples of poor (actually nonexistent) security...
- Illustrative Risks to the Public
in the Use of Computer Systems and Related Technology    List summarizing items that have appeared in the Internet Risks Forum Digest (RISKS)
- Models of mayhem
The government wants to simulate the ripple effects of critical infrastructure attacks   Mock disasters are a readiness evaluation tool, but they may not take into account interdependencies between sectors...
- Biometrics, seen as a future cornerstone of security, proves more difficult than feds anticipated
- Biometric Access Protection Devices and their Programs Put to the Test   The German group c't put several biometric devices to the test...
- Cracking CDs with magic markers   Low tech way to defeat Sony Music's disc copy-protection technology.
- Scanners can mistake chocolate for bombs   Miami Herald article on how the current generation of bomb-detection scanners can fail - they measure the density of objects and not their chemical composition...
- 9/11 Exposed Deadly Flaws in Rescue Plan   NY Times article on analysis of the police and firefighter response at the WTC says that problems with communications hindered efforts and possibly contributed to the number of deaths.
- Active Denial Technology
- War On Error: Live Pictures Taken by U.S. Planes Were Freely Available     -   Enthusiast watches NATO spy pictures    US aerial/satellite recon in the Balkans transmitted by satellite is unencrypted, allowing anyone with a satellite dish to pick up and view the signal.
- 2001 Wiretap Report   Total number of wiretaps sought in 2001 1,491 / total number of wiretaps authorized 1,491
- Article on mapping terrorist networks - Mapping Networks Of Terorist Cells  (pdf file)
- Article about the "science" of fingerprints.   Do Fingerprints Lie?. See also INT2 on Sites/Stories of Interest  page
- The Transportation Security Administration came out with guidelines to help passengers through security. Nail clippers and nail files are OK, toy "transformers" are not...
- Link to the Crypto-Gram Newsletters  at counterpane.com
- Impact of Artificial "Gummy" Fingers on Fingerprint Systems     A researcher used artificial fingers made from gelatin using residual fingerprints to test eleven commercial systems. Using $10 of gelatin and hobby supplies he was able to "fool" the sensor most of the time....
- Facial recognition system problems at Palm Beach Intl.
© SNi 03/21/08