Politician makes elementary schoolboy error

Verily, you couldn’t make this up.

A Conservative councillor is being urged to resign after he branded coffee shop staff ‘bone idle bitches’ who ‘needed a good beating’.

Peter Chapman took to social networking site Facebook to complain after he received slow service in a Costa Coffee.

He posted a message slating the members of staff at the branch in Dorchester, Dorset.

His message read: ‘Terminally slow (and bad) service from the bone idle bitches at Costa Dorchester today, they all need a good beating.’

Visitors to his personal Facebook page were horrified by his remarks and are now urging Mr Chapman to resign from Weymouth and Portland Borough Council.

Mr Chapman, who has been a councillor for five years, has since tried to back-track from his comments which he said were made in jest.

He said: ‘My Facebook status is private and that comment was not made in public.’

Repeat after me: anything published on a social network is public, no matter what your settings say.

Cloud computing’s dark lining

Cheerful UK users of iCloud, Google Drive and other US-based services might do well to ponder this.

Cloud computing has exploded in recent years as a flexible, cheap way for individuals, companies and government bodies to remotely store documents and data. According to some estimates, 35 per cent of UK firms use some sort of cloud system – with Google Drive, Apple iCloud and Amazon Cloud Drive the major players.

But it has now emerged that all documents uploaded onto cloud systems based in the US or falling under Washington’s jurisdiction can be accessed and analysed without a warrant by American security agencies.

The Foreign Intelligence Surveillance Act, known as FISA, allows US government agencies open access to any electronic information stored by non-American citizens by US-based companies. Quietly introduced during the dying days of President George W Bush’s administration in 2008, it was renewed over Christmas 2012.

But only now are privacy campaigners and legal experts waking up to the extent of the intrusion.

Time for UK-based cloud services?

The spy in your pocket

Intriguing (and scary) research paper entitled “PlaceRaider: Virtual Theft in Physical Spaces with Smartphones”. Abstract reads:

As smartphones become more pervasive, they are increasingly targeted by malware. At the same time, each new generation of smartphone features increasingly powerful onboard sensor suites. A new strain of sensor malware has been developing that leverages these sensors to steal information from the physical environment (e.g., researchers have recently demonstrated how malware can listen for spoken credit card numbers through the microphone, or feel keystroke vibrations using the accelerometer). Yet the possibilities of what malware can see through a camera have been understudied. This paper introduces a novel visual malware called PlaceRaider, which allows remote attackers to engage in remote reconnaissance and what we call virtual theft. Through completely opportunistic use of the camera on the phone and other sensors, PlaceRaider constructs rich, three dimensional models of indoor environments. Remote burglars can thus download the physical space, study the environment carefully, and steal virtual objects from the environment (such as financial documents, information on computer monitors, and personally identifiable information). Through two human subject studies we demonstrate the effectiveness of using mobile devices as powerful surveillance and virtual theft platforms, and we suggest several possible defenses against visual malware.

PetaPixel has a useful summary of the essence of the idea:

The app, designed by Robert Templeman of the US Naval Surface Warfare Center and scientists at Indiana University, can run secretly in the background of any smartphone running Android 2.3 (after an unsuspecting “victim” launches the app, of course). It makes decisions on when to surreptitiously snap photos based on things like time, location, and orientation.

Useless images (ones that are too blurry or dark) are filtered out, while the rest are beamed to a central server, which creates virtual 3D spaces based on the content of the images. These 3D spaces can then be browsed by the person behind the malicious “hack”.

The whole thing isn’t just conceptual: the scientists actually gave infected phones to 20 oblivious test subjects, who were asked to use the devices like they normally would in office environments. The results were pretty crazy: 3D models were successfully obtained from every one of the 20 subjects, and it was easier to glean sensitive information from the 3D models than from the original photos.

Dear Delegate…

An excerpt from my Open Letter about the Communications data Bill to LibDem delegates at their Annual Conference.

The draft bill is riddled with flaws. Look at the commentaries by experts such as Professor Robin Mansell of LSE, or the evidence given to the joint committee by Professors Ross Anderson and Peter Sommer.

Your political masters will tell you that it’s all very complicated, which it is. They will also assure that “the devil is in the detail” and if we can get the details right, then all will be well.

Well, actually, in this case the devil isn’t in the detail – it’s in the principles underpinning the bill. And they aren’t complicated at all. If you wanted to put it in everyday terms, the CDB is the equivalent of a proposal that all household waste should be accumulated and kept for at least a year because somewhere in that Himalaya of trash there’s bound to be evidence of wrongdoing.

Why am I telling you this? Because unlike the delegates to other party conferences, you have the ability to make party policy. And when the issue of the CDB comes up, ask yourself a simple question: is this what you came into politics to do — to facilitate the mission creep of the National Security State?

Osama bin Laden meets Thomas Hobbes

This morning’s Observer column.

Every time I go through airport security nowadays the thought that comes to mind – as I take off my shoes and belt, unpack my laptop and display my toothpaste in a transparent plastic bag – is that Osama bin Laden won hands down. The same thought pops up when taking a photograph outside the London Stock Exchange – or inside an airport or a railway station – and a uniformed jobsworth appears from nowhere to inform me that photography is “not allowed, sir”. And it also comes to mind whenever the home secretary opens her mouth on the subject of the draft communications data bill, aka the snoopers charter. Terrorism – or the perceived threat of it – has turned democracies into paranoid armed camps in which the state feels justified in assuming that every citizen is a potential terrorist.

The intrusiveness and ubiquity of state surveillance is already shocking. But we ain’t seen nothing yet – the technology is just getting into its stride…

Facebook and your phone’s address book

Interesting report in The Register:

It has emerged that Facebook’s war on competing services now extends beyond the manipulated Timeline and into punters’ pockets. The social network’s mobile app appears to be altering address book entries to direct messages to Facebook mail accounts. A user composing an email on his or her phone will send the missive to a Facebook inbox the recipient has probably never looked at, and as the original email address is overwritten there’s no alternative.According to reports, address books on iOS and Android devices are being updated by the Facebook app whenever there’s an entry in the address book linked to a Facebook account. In some cases it seems the @facebook.com address is being appended to the contact details, but other users are reporting that it’s being overwritten too.

With most companies one would assume that this is a bug. But with Facebook…..?

The truth about Facebook

My take on the Facebook IPO. From this morning’s Observer

There are two classes of share – A and B. Each class B share carries 10 times the voting rights of its class A counterpart. Zuck owns 27.1% of the class B shares outright and the company’s pre-IPO filings to the Securities and Exchange Commission revealed agreements with other owners of class B shares to assign their voting rights to him. The net result is that he has voting control over at least 57.1% of the class B shares. In other words, he’s omnipotent.

This would be a problem even if Zuck had the brains of Einstein and the wisdom of Solomon. But, alas, he doesn’t. He is undoubtedly a smart and talented guy, but he also happens to have a megalomaniacal obsession – that everything has to be social, ie public. And if you’re a Facebook user and don’t like that – well, tough.

So we now have another powerful media company with a shareholding structure that renders its charismatic, single-minded founder immune from shareholder pressure. Remind you of anyone? Hint: it begins with “News”.

Snooping and state power

This morning’s Observer column:

The basic scenario hasn’t changed. Because of technological changes, we are told, criminals and terrorists are using internet technologies on an increasing scale. Some of these technologies (eg Skype) make it difficult for the authorities to monitor these evil communications. So we need sweeping new powers to enable the government to defend us against these baddies. These powers are as yet unspecified but will probably include “deep packet inspection” as a minimum. And, yes, these new measures will be costly and intrusive, but there will be “safeguards”.

The fierce public reaction to these proposals seems to have taken the government by surprise, which suggests ministers have been asleep at the wheel. My hunch is that the proposals were an attempt by the security services to slip one over politicians by selling them to senior officials in the Home Office, who, like their counterparts across the civil service, know sweet FA about technology and are liable to believe 10 implausible assertions before breakfast. In that sense, the Home Office has been “captured” by GCHQ and MI5 much as the health department has been captured by consultancy companies flogging ludicrous ICT projects….