links open in new window

Wednesday, September 08, 2004

Appearances of security...


"The more they overthink the plumbing, the easier it is to stop up the drain." - Cmdr. Montgomery Scott
A couple of interesting notes to follow-up on the RNC in New York last week:
In and around Midtown Manhattan, convention-goers got a taste of life in a society where the overriding goal is to stop attacks at all costs. It was the bitter taste of losing one's freedoms, albeit in this case for the short duration of this national convention.

It was Fortress New York.
{...}
After experiencing the goings-on at the convention center and all around the city, I am left with a sobering conclusion: I would rather live unprotected from terrorist attacks than in a society that resembled New York City during convention week.

Everywhere I went, scores of police officers in riot gear, gun-toting military officials, blue-suited secret-service officials with their ears wired and assorted private security guards were on call, watching us. Metal cattle gates prodded us to the proper place. Streets were cordoned off, sidewalks open only to those who show the right ID.
[LINK]
All that visible security on the streets looked mighty fine for the media and the right-wing scuttlefish, but what was security like, out of sight, in the electronic undergrowth? Bloody awful, it would appear:
While physical security was tightened to unprecedented levels here last week for the Republican National Convention, IT security researchers uncovered an unsettling number of unencrypted wireless devices that they said created a potential information security nightmare for convention organizers and delegates.

During a two-hour "war drive" around the site of the RNC as well as Manhattan's financial district, security researchers from Boston-based Newbury Networks Inc. discovered more than 7,000 wireless devices, 1,123 of which were located within blocks of Madison Square Garden, including a network named "Wireless for Kerry." More important, 67% of those devices were access points that didn't have any built-in encryption protection.
[LINK]