Bruce Schneier is a well-known security expert, and he recently deemed something "very scary".
Eek! What was it?
It's this research out of the University of Washington's Computer Science Department; it looks at Apple Computer's Nike + iPod Sport Kit, which consists of a small transmitting sensor placed in one of your Nike shoes, and an equally small receiver you plug into your iPod nano. As you run or walk, the shoe sensor transmits information on your steps to the iPod, which displays time, distance, pace, etc. Essentially, it's a very expensive (but very cool) pedometer.
Expensive but cool, that's Apple in a nutshell. So what's the scary part?
The UW researchers claim:
… our research shows that the wireless capabilities in this new gadget can negatively impact a consumer's personal privacy and safety.Whoa! How does that happen?
The UW researchers found that the in-shoe transmitter sends out a unique identifier, so that (presumably), when in use, the receiver won't be confused by other transmitters in the vicinity. They demonstrated that the signal can be picked up from about 60 feet away. They built receivers and wrote software that can "identify" transmitters as their owners walk or run near them.
Oh. So, um, really, what's the scary part?
Well, that's where it helps to have a very active imagination. From the UW page:
Since the unique identifier doesn't change over time, someone could use the sensor's broadcast messages to track which locations you visit, and when you visit them. A bad person could use this information to compromise your personal privacy and safety. We describe specific example scenarios, like stalking, in our paper.Their paper is here (in PDF), and it does go into more detail. For example:
Marvin is a jealous boyfriend who suspects that his girlfriend, Alice, is cheating on him with his best friend Bob. Alice wears Nike+ shoes and uses a Nike+iPod Sport Kit. We assume that Marvin knows the UID of the Nike+iPod sensor in Alice's shoe; Marvin could easily learn this UID by, for example, shaking Alice's shoe in front of a Nike+iPod detector or by turning his Nike+iPod detector on while walking Alice to her car. Alternately, suppose that, unbeknownst to Alice, Marvin maliciously implants a Nike+iPod sensor in one of Alice's shoes, or hides a sensor in Alice's jacket or purse.The UW researchers then imagine that Marvin installs a receiver near Bob's house, so he can detect when Alice visits, and for how long. He can do the same thing to Bob. He can install a transmitter near Alice's jogging path and see if Bob is also jogging by there at the same time.
But … but … why is Marvin going to all that trouble? If he's that suspicious, and he doesn't respect Alice's privacy, why doesn't he just follow her?
Well, exactly. The UW researchers have (indeed) come up with a neat hack. But their attempts to expand it into something more than a neat hack don't really pass cursory skepticism. Their scenarios posit "attackers" who are doggedly intent on using their Nike+iPod detectors to carry out their nefarious activities. But, in all cases, those nefarious activities could (and in the real world, would) be accomplished more effectively with either no technology or (in some cases) more appropriate technology, like cheap video cameras.
[For example, if you want to get fancy, planting something like this doodad on the person you want to track would seem to be much more effective than any imagined Nike+iPod-based attack.]
But what's really ironic about this is Bruce Schneier's "very scary" pronouncement. His most recent book is titled Beyond Fear, in which he makes the case against reflexive and reactionary "defenses" against terrorism. He memorably railed against imaginining movie-plot threats, even sponsoring a contest where he invited his readers to submit their scariest terrorist scenarios. If he'd been a little more critical in reviewing the UW research, he'd have seen that their "scary" conclusions are based largely on movie-plot threats. And not even very good movies: at best, we're talking the ones that premiere on the Lifetime channel.
One can't help but suspect that Schneier's lack of skepticism is caused by the fact that he can hype the UW research to support a conclusion he's previously reached:
Unless we enact some sort of broad law requiring companies to add security into these sorts of systems, companies will continue to produce devices that erode our privacy through new technologies.Fear-mongering is OK, seemingly, when it's deployed in support of causes he agrees with, in this case legislation and regulation. Disappointing.