Sky’s Blog @ The Dalai Lama Foundation — Spreading the word in a networked world

I was amused and delighted by the topic, but a schedule conflict prevented me from attending a meeting at the Institute For The Future (IFTF) about “the quantified self” a month ago. The topic, however, is completely intriguing to me as I find my life increasingly digitized - as if it weren’t already. (See The Quantified Self Group.)

I picked up an iPhone app called EveryTrail, and have been testing it against measured walking/running courses all weekend, and also tried to use it to measure a walk from my house to the Ferry Building and back on Sunday (it was way off due to GPS inaccuracies in the skyscraper canyons of downtown San Francisco, but it’s spot-on when the GPS satellites are unobstructed, such as on the waterfront).

Here’s (below) a Saturday hike I did from Crissy Field to the Golden Gate Bridge, then back along the Embarcadero to Pier 23, with a return to Crissy Field - a little more than 10 miles. You can double-click to zoom in on the map, and you can drag it to see the kind of detail this app records. The iPhone has to remain on (not sleeping) the entire time in order to record the GPS data, and I ran the battery down below 20% over the course of almost 4 hours. I was also wearing new shoes, and I can hardly walk today my feet are so raw. But it was a lot of fun.

Crissy Field, Marina, Embarcadero

Widget powered by EveryTrail: GPS Geotagging

The Clear program at San Francisco International Airport (SFO) has suffered an almost-predictable blow - a stolen laptop computer containing confidential records.

Clear is the program that pre-screens travelers, collects biometric data, puts this on a smart-card (embedded processor+memory, not RFID) and then allows travelers at a few high-traffic airports to go thru a quick-screen line (including a retinal scan to verify ID) rather than stand in lines with un-pre-screened passengers. They still get screened, but they “jump line,” sometimes skipping ahead of a hundred or more who are waiting in the regular lines.

Almost predictably, a laptop containing the data of 33,000 applicants (not participants) was stolen from a secured room at SFO. A spokesperson says “it [the laptop] was protected by two passwords” - but that doesn’t tell us whether the information was encrypted, how secure the encryption was, nor why sensitive information would be on a computer that is portable (and thus easy to steal) computer. (It is pretty easy to bypass password security unless the data is also encrypted - I’ve done it myself more than once on client computers where they’ve forgotted a password - takes about 10 minutes.) And we don’t know what other types of information might be on this computer.

Clear is run by an independent contractor under TSA oversight.

One interesting outcome was the comments ABC7 (San Francisco TV) collected - for instance “Clear customers say the sooner the changes are made the better, although no one seemed too worried about the security breach. ‘You’re information is everywhere and people volunteer their information on places like Facebook, on Twitter, on MySpace and stuff,’ … a traveler.” I don’t actually think they understand the breadth of information that was reported to be on that computer - this is information that is to be used in a security screening, not just social security numbers (though those may not have been present), and presumably known only to the applicant - a far broader range of confidential information than most other systems would hold. It just shows that people are resigned to living in a transparent world - probably until they are directly affected, of course.

KTVU reportage on this same story. KTVU also reports “The TSA requires RT service providers and sponsoring entities to encrypt all files containing participants’ sensitive personal information. Noncompliance with such requirements can result in actions including suspension of a program and possible civil penalties.” I have not verified this, and we don’t know the type of encryption that’s required - for instance a password on a ZIP file is probably not very secure, while encryption with a 2048-bit RSA key would be a lot harder to crack.

I earlier reported on “odd” scanning of my driver’s license at a regional airport, to which TSA replied (in comments on my blog) that it was (probably) an ultraviolet light (blacklight) being passed over the license to be sure it was genuine (this process reveals the “holographic” images in the license’s plastic layers). As I said, I was concerned that any scanned information that passed into a laptop computer allowed potential theft of this confidential information. Well, I guess this Clear incident further emphasizes that security information has no business being stored on a computer that can be physically stolen.

I got there through several levels of indirection, but a post in LINUX JOURNAL by Doc Searls entitled What’s Next for Open Source and Public Media? got me thinking about the impending doom of analog “terrestrial” television in the US and how it may well kill off, as collateral damage, the broadcasting model for TV here in the US. Yes, he gets close to saying this in his post, but I hadn’t thought about it so directly before.

The FCC regulates the airwaves in the US and next year they’re taking back the portions of the RF spectrum that have been devoted to analog television (broadly-separated frequency bands for VHF in the 1950s with a UHF band of frequencies added to that later on), and the broadcast digital television that’s been “under construction” since 1998 will be what’s left. The new technology can carry more channels and information, and much of that in high-definition, but old television receivers will be unable to decode it.

I’d guess that many people simply won’t convert. Cable and satellite TV users won’t be affected and their old TV sets will work, but millions of old analog sets around the US - those who depends on rooftop antennas and rabbit ears - will receive nothing but “snow.”

And where will Mom and Pop Public go?

(more…)