Andrew Patrick

A military supplier has been making lots of money selling dowsing-like devices to troops in Iraq that are supposed to detect explosives and other nasty materials. They devices come equipped with different programming cards to customize the substances they search for.

There has been speculation that the devices are fake and the programming cards don’t do anything. Now comes an analysis of the cards by careful dis-assembly, and the results are predictable…

There is no way in which this device could be programmed to distinguish the many different substances that the ADE651 manufacturer claimed it could, not to mention that any useful interaction with such an LC circuit would require a transmitter antenna, a power source, and lots of other components that the ADE651 appears to lack.

My new employer, The Office of the Privacy Commissioner of Canada, is again calling for research and public education proposals for its contributions programs.

Research into the privacy implications of information technologies is one of the four priority areas for funding support under this year’s program. Emerging information technologies can threaten the privacy of Canadians or enhance it – and sometimes both simultaneously. For that reason, the Office is especially interested in receiving funding applications from researchers examining, from a scientific or technical standpoint, the impact of information technologies on privacy.

Not-for-profit organizations, including education institutions, industry and trade associations, consumer, voluntary and advocacy organizations are all eligible under the program. Up to $50,000 is available for successful projects. The deadline for submitting applications is February 26, 2010.

More information is available at:

http://www.priv.gc.ca/resource/cp/p_index_e.cfm

You have probably seen a variety of “traffic calming measures” when you drive down roads. These range from speed bumps to pavement markings to deliberate narrowing of the roads.

Here is an article reporting results from pavement markings designed to produce an optical illusion that makes it appear that you are driving faster than you actually are. The markings are being used at the approach to a corner with a bad accident record, and they seem to we working quite well.

Traffic calming results

A new report from Trusteer has shown that phishing attacks are rarely successful, but still worth millions of dollars to the attackers.

Trusteer makes a browser plugin called Rapport which is given away for free to customers of certain banks (including some Canadian banks). The plugin monitors for phishing attacks and can detect when someone is submitting login information to a false banking site. Rapport has been installed on about 3 million computers in Europe and North America, and data collected by the plugin provides a valuable look into the damage caused by phishing attacks.

In the recent study, Trusteer monitored the data from the Rapport plugin during a three month period, and in that time it analyzed phishing attacks against 10 large banks in the US and Europe. The key findings were:

• each bank was targeted by an average of 16 phishing attacks per week (or about 832 attacks per year)
• out of every million bank customers, about 12 (0.00125%) are lured into visiting each false web site that was studied. This is a very low success rate, but…
• given that a bank experiences many phishing attacks in a year, about 1.04% of it customers were lured to one of the false web sites each year
• once people were lured to a false web site, about 50% of the time they entered and submitted their login information
• doing the math, this means that about 0.47% of a banks customers revealed their login information to criminals each year
• if the losses from stolen login information total $2,000 per case, then a bank with a million customers lost about $9.4 million per year
• …and that money is going to criminals

Whoever said that crime does not pay did not try phishing.

A Chinese woman managed to enter Japan illegally by having plastic surgery to alter her fingerprints, thus fooling immigration controls, police claim.

This is a case of a woman who underwent surgery to alter her fingerprints in order to get past Japanese immigration procedures. Apparently, the measures worked and she was only found out when arrested on an unrelated charge.

The surgery switched the fingerprints of the thumbs and index fingers between the two hands, presumably to allow the person to present the original or modified fingerprint when given the option of which hand to present to a scanner.

It makes me wonder if fingerprint transplants between people are also a viable threat. It is also not clear how 10-print systems that record fingerprints from all the fingers, such as those now used by US immigration, who handle such finger swapping.

There have been significant advances recently in understanding the biological basis of human behavior. Brain imaging technologies, such as Functional MRI (fMRI), allow researchers to study brain processes during complex thought processes. fMRI can be used to study a variety of behaviors, and some people have proposed that the scans can be used to detect lying, although it has never been accepted in court.

In this case, a murder trial, the fMRI evidence was used at the sentencing stage in an attempt to show that the defendant suffered from a brain disorder and should be spared the death penalty. The jury did not agree and the man was sentenced to death, although there may have been some doubts raised.

fMRI Evidence Used in Murder Sentencing

For what may be the first time, fMRI scans of brain activity have been used as evidence in the sentencing phase of a murder trial. Defense lawyers for an Illinois man convicted of raping and killing a 10-year-old girl used the scans to argue that their client should be spared the death penalty because he has a brain disorder.

Studying the behavior of people in crowded conditions has always been interesting. This article from Slate describes the history of Social Psychology research in subway systems areound the world.

Psychologists have been watching us on the subway. Here’s what they’ve learned.

“About 4,450 men and women who traveled on the 8th Avenue IND in New York City, weekdays between the hours of 11:00 A.M. and 3:00 P.M. during the period from April 15 to June 26, 1968, were the unsolicited participants in this study.”

Why most suicide bombers are Muslim, beautiful people have more daughters, humans are naturally polygamous, sexual harassment isn’t sexist, and blonds are more attractive.

When I was an undergraduate, my first mentor was an expert on the psychology of categorization — how we make sense of the world by deciding what belongs with what. This professor was the most eccentric one I had in a long university career, and probably the most brilliant. One of his many lines, which I will never forget, was: “stereotypes develop for a reason”.

A stereotype is a generalization or commonly-held belief about a group of people, and stereotypes are often considered to be politically incorrect. But, in the absence of any information about a particular individual, information about a stereotype for the group is often quite valuable. Just as in statistics, in the absence of specific information about all the data, information about central tendency and variance can be very useful. Stereotype are not always negative, although we tend to only use the word when referring to negative characteristics

By rejecting stereotypes because they are often used negatively, we are forgetting the valuable role that they can play in making sense of the world. An older Psychology Today article from 2007 reviews some of the stereotypes we have about human behavior, and the truth behind them.

Today I am launching NetSafetyGuide.com, an ad-supported site offering practical, up-to-date news and tips about Internet safety and security.

I believe that there is very little down-to-earth, practical information available for individuals and small businesses who want to stay secure on the Internet, but don’t know how to do it. My intention with this site is to provide current, direct advice and news that people will find useful.

Drop by and check it out.

It seems that the military in Iraq has discovered a magical way to detect bombs, and they are spending millions of dollars to deploy it a checkpoints around the country.

The technology, however, is well known to be the equivalent of a dowsing rod and it is completely useless. Making fun of other people’s stupid beliefs can be fun, but when lives are on the line you have to be concerned.

More from the NY Times:

Iraq Swears by Bomb Detector U.S. Sees as Useless

Despite major bombings that have rattled the nation, and fears of rising violence as American troops withdraw, Iraq’s security forces have been relying on a device to detect bombs and weapons that the United States military and technical experts say is useless.

The small hand-held wand, with a telescopic antenna on a swivel, is being used at hundreds of checkpoints in Iraq. But the device works “on the same principle as a Ouija board” — the power of suggestion — said a retired United States Air Force officer, Lt. Col. Hal Bidlack, who described the wand as nothing more than an explosives divining rod.