Foiled Again ?

May 24, 2009

This past week, authorities in New York announced the arrest of four men, who were charged with a plot to bomb two synagogues in the Riverdale section of the Bronx, and to shoot down Air National Guard planes in Newburgh, NY.  According to the press reports, this “terrorist cell” had been under surveillance for about a year.  Although they allegedly planted car bombs outside the two synagogues before they were arrested, the “bombs” contained only dummy explosives, which were supplied by an FBI informant.   Speaking of dummies, the alleged plotters were not exactly the brightest bulbs in the chandelier:

But they were amateurs every step of the way. They had trouble finding guns and bought cameras at Wal-Mart to photograph their targets. One was a convicted purse snatcher, another smoked marijuana the day the plot was to be carried out.

There is no record of the plotters having any weapons except for the dummy explosives and a dummy surface-to-air missile, all supplied by the informant.   The members of the cell, although they are doubtless not very nice people, hardly fit the profile of criminal or terrorist masterminds: one had done time for purse snatching, and the others for various drug offenses.

There are aspects of this case that are reminiscent of the so-called “Liberty City 7” plot, in which seven down-and-outs, living in a warehouse, were arrested in Miami in 2006, and charged with plotting to blow up the Sears Tower in Chicago.  In that case, too, the alleged plotters seemed pretty incompetent.  The only weapons and money they got came from — you guessed it — another FBI informant.  Some of the details of the alleged plot were just ludicrous:

At one point during the Liberty City investigation, Batiste suggested to the informant that they could blow up the Sears Tower so that it would fall into Lake Michigan and create a tsunami. “Where did you get this idea?” Batiste’s attorney later asked him on the stand. His answer was believable: “Just from watching the movies.”

(Just for the record, according to its Web site, the Sears Tower is 1450 feet tall.  It is approximately 5000 feet from the nearest point of Lake Michigan shoreline.  How the tower was supposed to be moved 3000+ feet horizontally in order to fall into the lake  was not explained.)  The case ended with one defendant being acquitted, and the other six cases ending in a mistrial.

It’s noteworthy, in both these cases, that the plot, such as it was, was uncovered by old-fashioned, ordinary police work.  No warrantless wiretaps or other devices of questionable legality were involved.

I suppose that one can look on the bright side, and say that, if these are representative terrorist plots, we don’t have all that much to worry about, because the plotters all seem to be idiots.  But one has to wonder whether we are wasting resources catching people who were probably more likely to blow themselves up than anyone else.  An old cynic like me also wonders how much of this is related to the FBI and other security agencies looking for more funding.

Bruce Schneier had an excellent essay on this, “Portrait of the Modern Terrorist as an Idiot“, which was originally published in Wired back in 2007; it’s still timely.

Data safety

May 24, 2009

In his “Fast Forward” column in the Business section of today’s Washington Post, Rob Pegoraro discusses the Google service interruption that I wrote about here earlier.  He points out, quite correctly in my view, that people can become fixated on outages of Web-based services (such as Google Mail, or Amazon’s S3), but that there is another danger to the health and well-being of users’ data, stored on their own PCs,  that they often don’t think about.

That risk is  having your data stored in an undocumented, proprietary file format, such as the format used by Microsoft Outlook to store E-mail:

Using a format that one company keeps to itself, at worst, can prevent you from ever taking your business elsewhere. More often, you’ll have to sit through prolonged and complicated file-export procedures to get your data into another program.

Being “locked in” to a particular company’s  proprietary software is bad enough.  As Pegoraro points out, even if it’s possible to move your data to another format or program, it is usually a painful process.  Even worse, the vendor of the software you are using might discontinue support for the product, discontinue the product altogether, or just go out of business.  (How are those old XyWrite files working out for you?)  I have seen this happen with both individuals and businesses.  In one case, the vendor of the accounting software that the organization was using went out of existence on a few days notice.  One could say that the users should have been paying attention to the health of their suppliers, but that is to some extent beside the point.  The only alternative they had was to get someone to reverse-engineer the proprietary file formats, and then manually fix up any errors from their paper archives — which they fortunately still had.  In a follow-up post to the column on his “Faster Forward” blog, Rob Pegoraro says he has concluded that this is a bigger risk than the risk of outages of Web-based services:

On reflection, I decided that the second problem is worse. Companies that don’t have death wishes usually get their Web services back up after an outage pretty quickly, but some of the closed formats I mention in the story have been around for a decade or more and show no signs of being opened.

I agree, although he is surely right, too, that each user has to evaluate these risks in light of his or her own situation,.

There’s another aspect of using Web services, such as Google Mail, that I’d like to introduce to the discussion.  And, for a change, there is actually some good news on offer.  Google Mail can, of course, be used entirely as a Web-based E-mail service, accessed via your browser on Google’s servers.  But it is also possible, at no extra charge from Google, to use Google Mail in conjunction with a PC- ot Mac-based E-mail client (such as Mozilla Thunderbird).  Assuming that the client you use stores mail in an open, documented format, you avoid lock-in, and still have your E-mail history available to you if the Web service is temporarily unavailable.  This kind of setup also gives you one important benefit, compared to the PC-client-only solution, where all data is stored on your PC: you automatically have an off-site backup of your E-mail history, sitting on Google’s servers.  And if I am reporting honestly, I have to say that I have seen far more data loss attributable to a lack of a sensible (or any) backup procedure than to failure of a Web-based service.

%d bloggers like this: