what I think is an important little piece via Aaronland today: Peter G. Neumann notes that where there is no authorized access control (i.e., proper security in place), there can be no breach of authority when someone gets in to a system. I’ve probably just butchered the precise meaning, but the concept is important. It cannot be enough to just enact legislation making certain things illegal. Adequate measures to prevent access have also to be put in place. Whether it’s DVDs, eBooks, or whole systems – there is a responsibility to protect your system beyond just stating ‘don’t touch’. Which is what most seem to want to do, rather than dealing with security more thoroughly.
In Montreal, you can get a ticket if you haven’t locked your car door while it’s parked on the street. The principle is that by not taking such a simple measure to keep one’s car secure, one is a drag on society as a whole, by contributing to rising insurance rates via increased theft etc. It’s the same idea.
Before Genoa, before Quebec City
, before Seattle there was the APEC meeting in Vancouver. Today, the report of the RCMP’s Commission for Public Complaints was leaked. It found that, “Federal officials played an ‘improper role’ in security arrangements at the 1997 APEC summit, occasionally bullying RCMP officials who were poorly prepared for the melee officers should have known was coming, says a long-awaited report into the incident.”
I should be noted, however, that the Commission for Public Complaints is pretty much toothless, and efforts by protesters to get a higher-level inquiry going were rebuffed all the way to the Supreme Court of Canada.
Wired News
is also covering the new SirCam virus/worm, as one would expect. It’s a very interesting issue considering that Mac OS X is now out in the world, and, as many have noted, Apple will soon be the largest volume Unix vendor in the world. Their rollout of OS X is happening in a very different context than earlier releases of consumer- and business-friendly operating systems, and it could be a huge opportunity for Apple. If they were to develop an open, fast, and highly professional security infrastructure I think a lot of people might sit up and take notice.
It has been an odd weekend
. A great old friend is visiting, and enough old-timers were out at this one bar Friday night it was like a time warp had openened up – it was 1997 again. And then there’s the big event just down the highway and me not there. Wondering if friends are safe. At the bar last night a friend took a call from her boyfriend who’s inside the security perimeter – he called his girlfriend to say goodnight. Our three other friends (his colleagues) are outside the perimeter, but safe as well. It’s also the first no-jacket weekend here – beautiful warm weather. A good time to clean the windows and hose down my back deck, but also for coffee or beer on the sidewalk.
A couple of weeks ago
, Tom Tomorrow’s This Modern World was about the OAS/FTAA Summit, being held in Quebec City in a couple of weeks. Large protests are expected, and Federal, provincial, and local forces have been in a frenzy preparing for the huge event.
One of the tactics being employed to [keep the peace | stifle public debate] is to build a huge fence surrounding the core of Quebec City – you can see Blinky the Dog standing by the fence in the cartoon. On Saturday, the Gazette published more info about the fence and the other so-called security measures being taken.
But not so fast. A Montreal-based lawyer has gone to court to bring the fence down, calling it a violation of Canada’s Charter of Rights and Freedoms – specifically, that it limits the ability of law-abiding citizens to freely assemble. I’m with him – and more to the point, I think that if the organizers had gone out of their way to accomodate and work with the protesters, a great deal of the potential for trouble could have been avoided. Alas, I think it’s too late now. And, yet again, the maxim that “the police cause riots” will be proven true in Quebec.
