RE: [Brinworld] Car's data recorder convicts driver
Googling on (event data recorders automobiles) will give a lot of hits. For example: http://wpoplin.com/EventDataRecordersAutomotiveBlackBoxes.pdf These devices are a byproduct of the introduction of airbags - the airbag processor stores the data which led it to deploy the bag. This can include delta v vehicle speed engine speed brake use throttle position driver seatbelt use The cited report claims they only store the most recent 5 seconds of data, snapshotted at 1 second intervals. It notes that the data can thus be confusing - for example, if a wheel leaves the ground the speed reported can be way off, and if the driver pumps the brakes, the 'brake use' data is ambiguous. It's not clear whether they store data continuously, or just when the airbag deploys. OTOH, I seem to remember reports of drivers of high-end cars (Audis? BMWs?) getting their warranties invalidated because the main car computer noted that they had exceeded certain speeds during the break-in period. Its not just the airbag computer that can narc you out Peter
Re: [Brinworld] Car's data recorder convicts driver
On Wednesday, June 18, 2003, at 05:17 AM, Adam Shostack wrote: I wasn't arguing, I was quipping. I find the many meanings of the word privacy to be fascinating. So when someone commented that the car's tattle-box is or isn't a privacy invasion, I thought I'd offer up a definition under which it is. Its a definition that lots of people use, as John points out. Perhaps better than 'right' would be 'ability,' 'The ability to lie and get away with it.' I wasn't picking on you or your points, that's for sure. In fact, I barely noticed whose message I was replying to. My point was a larger one, that nearly all such debates about privacy eventually come round to issues of what have you got to hide? and issues of truth and lies. This is why I like the Congresss shall make no law and shall not be infringed absoluteness of the original Constitution. The language does not natter about truthful speaking shall not be infringed. And this is why more recent legislation allowing government to regulate commercial speech or to decide which speech is true and which is false (as in advertising claims) is so corrosive to liberty. --Tim May The great object is that every man be armed and everyone who is able may have a gun. --Patrick Henry The best we can hope for concerning the people at large is that they be properly armed. --Alexander Hamilton
Re: [Brinworld] Car's data recorder convicts driver
On Wed, 18 Jun 2003, Steve Schear wrote: Indeed 'privacy' and 'secrecy' are often confused and their meanings overlap in many a mind. I think that most, at least in the West, accept that privacy ..is based on rules and trust, for example, records kept on us by our doctors. Because exposure of various aspects of our private lives can do lasting damage, privacy is only effective when controlled by the party seeking it, who may disclose it or not as they see fit and can only be guaranteed when those who would sell you out don't possess the possibly damaging information. For that reason among others, I am really only interested in privacy mediated by personal secrecy and technologies I trust and/or control. I agree with you. Being anonymous is very important here. Privacy is something alluded to by the famous Gentlemen do not read other gentlemen's mail. Secrecy is what other people cannot find out. Anonymity (strong or not) is vastly important to secrecy. Medical data is a great example of this. It may be private, for some (weak) values of private, right now. Being John Doe at the doctor's office and paying cash, though, is vastly better in terms of assurance, at least until the doctor's business-cam interfaces with other databases. Too bad that works so poorly with insurance, but then worker insurance in the US is nearly a government program, anyway. -j -- Jamie Lawrence[EMAIL PROTECTED] A computer without a Microsoft operating system is like a dog without bricks tied to its head.
Re: [Brinworld] Car's data recorder convicts driver
At 11:45 2003-06-18 -0500, Jamie Lawrence wrote: Anonymity (strong or not) is vastly important to secrecy. Medical data is a great example of this. It may be private, for some (weak) values of private, right now. Being John Doe at the doctor's office and paying cash, though, is vastly better in terms of assurance, at least until the doctor's business-cam interfaces with other databases. Too bad that works so poorly with insurance, but then worker insurance in the US is nearly a government program, anyway. There may be a viable opportunity for an off-shore private medical insurance carrier which does not use your social security number as your identifier to the medical service provider. Due to excessive U.S. fed and state insurance regulations many/most doctors might refuse to accept it (at least initially) it may be necessary for this insurance to operate off network so that subscribers would have to pay the care giver and be reimbursed. steve
Re: [Brinworld] Car's data recorder convicts driver
On Wed, Jun 18, 2003 at 09:11:58AM -0700, Tim May wrote: | On Wednesday, June 18, 2003, at 05:17 AM, Adam Shostack wrote: | | I wasn't arguing, I was quipping. | | I find the many meanings of the word privacy to be fascinating. So | when someone commented that the car's tattle-box is or isn't a privacy | invasion, I thought I'd offer up a definition under which it is. | Its a definition that lots of people use, as John points out. | | Perhaps better than 'right' would be 'ability,' 'The ability to lie | and get away with it.' | | I wasn't picking on you or your points, that's for sure. In fact, I | barely noticed whose message I was replying to. Gives new meaning to anonymous postings. ;) | My point was a larger one, that nearly all such debates about privacy | eventually come round to issues of what have you got to hide? and | issues of truth and lies. | | This is why I like the Congresss shall make no law and shall not be | infringed absoluteness of the original Constitution. The language does | not natter about truthful speaking shall not be infringed. | | And this is why more recent legislation allowing government to regulate | commercial speech or to decide which speech is true and which is | false (as in advertising claims) is so corrosive to liberty. Indeed. The European data protection laws are fundamentally unamerican. Unfortunately, Congress has made laws, numbering each of us, and then tries to regulate the abuse of that (free, freely usable, legally enforced) numbering scheme. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume
Re: [Brinworld] Car's data recorder convicts driver
On Tue, 17 Jun 2003, Tim May wrote: Unlikely. Getting juice into the innards of a box in a way so as to overwrite data is not nearly so simply as applying sparky things to the outside of the box. Lots of reasons for this. The idea wasn't about overwriting the data. The idea was about frying the chip with the data inside (and if all the other chips inside the box become a collateral damage, let's that be so). As long as it is outside the technological abilities of the given adversary to retrieve the data from the fried chip, the objective is reached. The idea also wasn't about the outside of the box, I thought rather disconnecting the power leads and blasting the spark into the power-GND pair, or into the (disconnected, we don't want to kill the entire car electronics) data bus. With a bit of luck, the spark could get through the filters and into the Vcc pins of the chips.
Re: [Brinworld] Car's data recorder convicts driver
On Wed, 18 Jun 2003, jburnes wrote: Why go to all that trouble. Just take it out of circuit. Cut the printed circuit board leads and disable it or if its in an inaccessible black box, cut the leads to the box. Easy enough. Works very nicely. :) Problem: leaves evidence, and takes time. The main advantage of electric shock is that the fried chip looks for the naked eye exactly the same way as a non-fried chip. The only difference could be found with a scanning electron microscope on the chip itself, which is something nobody is likely to bother with. Especially in harsh environments (cars classify) chips tend to die, so its death could look as natural enough to not be suspicious. If I am wrong, please tell me where and why. :)
Re: [Brinworld] Car's data recorder convicts driver
Now, I don't know how subpeoned phone or other electronic records are handled ---has anyone ever questioned Telco's or paging company recordkeeping? Any readers know more? I work as a programmer at a company that writes software to handle switch functions and bill cellular and gsm customers. (I work in the billing part) It is a simple matter to get access to the files that store these records. To my knowledge there is no direct audit trail, though I don't know what records the switch itself keeps, if any. The security is rather silly. It is a simple matter to write a few lines of code to dump the name, address, phone number, social security number, mother's maiden name and credit card number of millions of cell phone users. I imagine adding or removing a call record would be simple, as well.
Re: [Brinworld] Car's data recorder convicts driver
On Mon, Jun 16, 2003 at 05:11:57PM -0400, John Kelsey wrote: ... It seems intuitively like the EDR ought to be about as valuable to the defense as the prosecution, right? E.g., the prosecutor says this guy was driving 120 miles an hour down the road while being pursued by the police, but the EDR says he'd never topped 70. There are creepy privacy implications in there somewhere, but the basic technology seems no more inherently Orwellian than, say, DNA testing--which seems to be a pretty good way of actually locking up the right guy now and then, rather than someone who looks kind-of like the guy who did it, and was seen in the area by an eyewitness and picked out of a police lineup. The types of problems with DNA testing such as state's refusal to allow testing of convicts when it might prove their innocence, and testing lab errors, would also apply to EDR boxes. I.e. states will contrive to use EDR records only when it proves their case, and data recovered will be subject to interpretation. You can bet that when EDRs become important as evidence, citizens won't be allowed to posess the means to read their own EDRs let alone write to them. Eric
Re: [Brinworld] Car's data recorder convicts driver
At 11:16 AM 6/16/03 -0500, Shawn K. Quinn wrote: .. I personally find the privacy implications of EDRs rather unsettling. This story doesn't change that one bit. However, in this particular case, I don't think what the EDR said really matters. The three paragraphs from the story say a lot about what happened here: .. It seems intuitively like the EDR ought to be about as valuable to the defense as the prosecution, right? E.g., the prosecutor says this guy was driving 120 miles an hour down the road while being pursued by the police, but the EDR says he'd never topped 70. There are creepy privacy implications in there somewhere, but the basic technology seems no more inherently Orwellian than, say, DNA testing--which seems to be a pretty good way of actually locking up the right guy now and then, rather than someone who looks kind-of like the guy who did it, and was seen in the area by an eyewitness and picked out of a police lineup. .. Shawn K. Quinn --John Kelsey, [EMAIL PROTECTED] PGP: FA48 3237 9AD5 30AC EEDD BBC8 2A80 6948 4CAA F259