Slashdot Mirror
Rand Report Says Geospatial Data Not Big Threat
scupper writes "An article in Federal Computer Week came out Monday that announced The Rand Corporation has published a report (sponsored by the National Geospatial-Intelligence Agency) concerning the threat that publicly available geospatial data on US Government web sites might pose in the hands of terrorists that 'found that less than one percent of the 629 federal data sets they studied appeared to have notable value to would-be attackers', according to the report titled: Mapping the Risks:Assessing the Homeland Security Implications of Publicly Available Geospatial Information. A curious 'finding' from page xxv of the summary not mentioned in the article states: 'However, we cannot conclude that publicly accessible federal geospatial information provides no special benefit to the attacker. Neither can we conclude that it would benefit the attacker.' The release of this report reminded me strangly of the Washington Post news story about a George Mason University graduate student, whose dissertation mapped critical fiber optic network infrastructure."
As in: the Rand Corporation, in conjunction with with the saucer people, under the supervision of reverse vampires, are forcing our parents to go to bed early in a fiendish plot to eliminate the meal of dinner.
Holy Shit!!! We're through the looking glass here, people..
The big problem with terrorists is that they cause terror.
In this case, we're falling for it. We're having an unrational fear of the unknown. We're worried that in everything we publish, there's a terrorist reading it and trying to use it to their advantage.
On 9-11-01, they did something we didn't expect. They hijacked planes and brought their on minimally trained pilots to fly them into buildings. We didn't think that was likely to happen... at that time, standard policy during a hijacking was to let the hijacker into the cockpit. We're never going to make that mistake again.
But think about that, in all of our past dealings with hijackers, we assumed the hijackers wanted to live, and therefore would not crash the plane, nevermind know how to crash the plane into something else. In every case prior to 9-11-01, that was a correct decision. In most cases, we were able to get a majority of the passengers and crew members off the plane alive.
If a hijacker were to take over a plane today, there'd be much more opposition given to them by the passengers and flight crews. However, if a hijacking team were ever to succeed... now the default response would not be to attempt to reason with them but instead shoot the plane down. 100% of the innocent passengers would be lost, but we would be relieved that the plane didn't crash into a building.
Hey, wait a second... we're playing the game not to get the maximum lives returned, but instead to avoid the worst-case senario that has only struck once. That's somewhat a broken logic.
And that's really the culture that's taking over the nation. We've gotten so risk-adverse at doing things that when there's a possiblity of information being used negatively, we're ignoring all of the more-likely probablities that the infromation could also be used for good causes that we'd want to support. It's easier to point at the fear of what could go wrong than the dream of what could go right.
When a player is at a casino, the lure of the possibilty of a big jackpot convinces them to play games where the probabity of coming out positive just isn't there. Again, it's a case of possibility of an positve extreme case causing the ignorance of a probablity of a negative result.
Somehow, the concept of multiplying odds by result values is something average people just can't comprehend because emotions get in the way of cold logic... we act based on the possible emotional outcome rather than more likely outcome that logic would lead us to look for.
What kind of mumbo jumbo is that? Are they trying to hide something? How the hell am I going to find page xxv?
but not one that is easily addressed. There's a balance that has to be maintained, and hopefully we're going in the right direction.
HOW'S MY POSTING? CALL 1-800-POSTING
Information is power... and the terrorists are of course trying to overpower existing governments that they don't like. It's a natural connection that they're going to try to use information along with any other tools available.
Which puts us in a messy situation... just how do we keep information away from them in a culture based on the free flow of information?
found that less than one percent of the 629 federal data sets they studied appeared to have notable value to would-be attackers
Less than one percent of 629 is still 6. Granted, six isn't a large number when one considers it's relative relation, but it's still a number greater than zero.
(I'm not being paranoid, right?)
An effective signature identifies a particular user amongst a base of thousands.
Nick Berg's Head (779033)
--
Watch me be decapitated! [freecache.org]
Now that's just cold.
But it has become a public interest problem.
Not long ago, you could finally get information from the government without spending several days and gobs of cash. It was brought to you via an innovative system called the Internet. If you were living next to a toxic waste dump, you could do a search on the 'web' and literally dozens of published reports were at your finger tips. At long last, public interest groups and individuals could see the reports the government was publishing about these sites, but were largely unavailable unless you lived near a library that qualified as a federal repository.
In short, there were damn few access points for information about what the government was doing with your money and the Internet made the barriers disappear.
Along came 911 and now everything is back to the old days. I publish scads of documents about cleaning up nuclear waste dumps and no one will see them unless they can convince the government that they are not a threat. You can pump your arms all over the place and tell me how "newclear stuff should be off the web 'cause its dangerous", but I'm not buying it. The stuff we are not allowed to discuss is so difficult to extract that even the US government is wondering what they are going to do with it. How the hell do you clean tritium out of groundwater?
What my colleages and I report on is soooo not a terrorist target that it is laughable. But the information is in geospatial coverages that are now considered off-limits (official use only) to the public. The 911 tragedy has been a coup for those who want to obstruct the public's access to information related to their own health and safety.
The government just uses terrorism as an excuse.
"Rocky Rococo, at your cervix!"
Which puts us in a messy situation... just how do we keep information away from them in a culture based on the free flow of information?
The quick answer is: you don't... you can't... don't try.
The question to ask instead is this: Given that terrorists have full access to information, how do we prevent them from doing anything with it?
This is the same as computer security. Give everybody the source code so that everybody has full information and is on the same level playing field. Okay, now that we all know the full details, how to we prevent people from taking advantage of the situation? In a computer, you have security setup so that a would-be attacker is never given sufficient privelege to take down anything but their own processes.
In the real world, everybody has the same information so how do you prevent people from getting their hands on a sufficient quantity of: uranium, fertilizer, etc. Figure out all the possible attack vectors and work out the best strategy to defend against it. It's a real-life game of chess. You won't prevent all possible attacks (eg: sacrificing a bishop to take your knight) but if you're good you can play sufficiently well to not end up in a checkmate.
.
Read my journal and s
Not usually... but when they publish information that can be used against the current far-right interest in not pubishing various government data in the name of security, that's a far right group going against the present further-to-the-right position. Kinda indicates where the balance point on this issue seems to be....
Buy Steampunk Clothing Online!
Sean Gorman mapped and correlated data about a whole lot more than just fiber optic lines. Data, electric, transportation and god knows what more, wrapped up in a nice little program that makes the data quite easy to get at. Incredibly useful, but quite potentially dangerous in the wrong hands. Now what I wouldn't give to have that thing in MY hands...pretty...
Wrong "Rand". You're thinking of the objectivist creator Ayn Rand which is similar to the classic liberal (now called libertarian) political party. RAND Corp. is a defense organization and RAND is short for "Research and Development".
:)
Libertarians aren't "FAR right" by the way, but that's off topic.
If we spread our attention and resources too thinly, though, any target becomes accessible.
Terrorists have to have large-scale loss of life to generate the headlines they need for fundraising. I wouldn't worry about infrastructure (even vital infrastructure), since it's too hard to explain to uneducated fundamentalists why snarling up internet traffic is a victory for Allah.
I'm familiar with Ayn Rand and her followers. I was referencing the RAND Corporation, which is considered to be (or have? I'm sure they do a good bit more than just release papers) a right-wing think tank.
HOW'S MY POSTING? CALL 1-800-POSTING
I mean, look at the success of the public education system! How could they even think about privatizing it! Think of the children...
Your reality is lies and balderdash and I'm delighted to say that I have no grasp of it whatsoever. - Baron Munchausen
It is by now.
Could it do worse than our current education system? I mean the QA sucks, just look at the large % of grads that can not read at grade level and who do not know basic math.
So is the rape, torture and murder of Iraqi prisoners...
Congrats to the terrorists/freedom fighters on this one
If I point out that you are incorrect, making me a foe does not make you any more correct.
What lenghths have they gone through to hide their IP addresses to thwart would-be terrorists from performing dDOS attacks?
RAND hasa bit of an uneven history. I wouldn't even call the right wing so much as establishment/pol/mil/industrial complex wing. This is probably on honest report on the part of the person who made it, but it does smell odd from this distance.
:), the targets terrorists want to and may actually try to hit are pretty well known and not at all hard to find. Stuff in the middle of nowhere is pretty low on their list.
Fundamentally, I think they're right on this (and privatizing schools
It's also pretty unlikely that the punks will get their hands on a launchable ICBM or suchlike.
That being said, I'm trying to think of why I would need GPS coords for cabinet offices or suchlike. It's a pretty limited use, I'm not sure it would be worth doing, especially with My Tax Dollars (I know, pennies, but it's the principle).
Obviously if you have a sensitive (NSA, Weather mountain, Federal Brocolli Pricing Board, etc) site, don't put GPS coords on your website. Duh.
I can't afford to learn how to read!
HOW'S MY POSTING? CALL 1-800-POSTING
I find your lack of reading comprehension disturbing.
Wow you mods totally dropped the ball on this nice Simpsons quote. The episode is at http://www.snpp.com/episodes/2F07.html. The quote is right near the end.
unzip; strip; touch; finger; mount; fsck; more; yes; unmount; sleep
it's too hard to explain to uneducated fundamentalists why snarling up internet traffic is a victory for Allah.
As difficult as explaining to the equally uneducated fundamentalist Americans that bombing the fuck out of people then complaining when some of them retaliate is hypocritical?
If I recall, one of their studies tried to argue that the Toyota system would benefit schools more than the restrictions of the "No Child Left Behind" Act, as it would set different goals for different schools, accounting for factors beyond the hands of the schools.
But then again, maybe they did advocate privatizing education somewhere and I missed it.
Milhouse: [steps up to blackboard] Ahem. OK, here's what we've got: the Rand Corporation, in conjunction with the saucer people --
Bart: Thank you.
Milhouse: -- under the supervision of the reverse vampires --
Lisa: [sighs]
Milhouse: -- are forcing our parents to go to bed early in a fiendish plot to eliminate the meal of dinner. [sotto voce] We're through the looking glass, here, people...
My first knee-jerk reaction upon reading the Slashdot summary was:
"We find that this information isn't really important to terrorists"
>boom
"oops. uh... guess we were wrong..."
But after reading the article it sounds like they're making a perfectly valid statement. Sure, some information like large military bases off the beaten path shouldn't have their details published. But it makes no sense to remove maps of public utility Nuclear Reactors because that information is commonly available from about a dozen other sources. Like, street maps! So removing it from the federal records doesn't make it "secure". Or from the example in the article where the feds removed offshore oil sites from their public records. Turns out Scuba diving maps sold to divers were showing where those were ANYWAY. Rand is calling for the government to redefine what needs to be "secret" and it it does, work with local companies to have all sources removed.
Where is planet Kamino, anyway?
I mean... I'm still getting my brain up to the proper caffiene levels, so maybe this will make sense to me later. But that hell is this article even about? Geospatial time continuum anamoly. Am I in the Expanse or something? Where is Archer... wait.. to hell with him.. where is T'Pol???
What is their definition of a data set? A data set for the NSA/CIA/FBI may have attributes for military locations, population density, etc.
Now, if they get their hands on a data set by the Parks Commisioner, indicating locations of forests with attributes relating to the trees, I highly doubt that would be threatening.
So a 1% possibility that a data set may be useful to terrorists is subjective, as it depends on their objective.
In the right hands, any data set can potentialy enhance the ability of terrorists. And of course, don't forget. Private companies are the ones that sell most of the data to the government (see US Census for example). Why bother going after government publication of data and not control to whom a company sells the data?
As for the fiber optic map... It was useful not because you can cut cables (redundancy does exist), but because you know the ends of cables are to where corporations are (that is why the dissertation did get credit in the first place). Also, you know that where the biggest bandwidth cable go to is a prime target, as it promises a network depended coproration/entity that could be damaged by loss of communications.
Bad bad bad. I think you're going to hell for that. I think that I'm going to sign up as John Wayne Bobbit's Penis.
privatizing, thats a wonderful idea.
So is the rape, torture and murder of Iraqi prisoners...
i understand where you're coming from, the only problem is, that wasn't nick berg.
perhaps you would be willing to have your head cut off as revenge for those crimes? same logic.
" So is the rape, torture and murder of Iraqi prisoners...
Congrats to the terrorists/freedom fighters on this one"
Truly a simple mind wrote this. An eye for an eye will just leave the entire world blind. The only reason that you think this is an acceptable solution is that you obviously think the world is a simpler place than it is and motivations are the same.
Truly antisocial behavior. Not a suprise, this is slashdot after all.
Sounds like we have the making of another Hitler here.
If I was over there trying to make money out of a country invading another sovereign nation, then yes I would be willing to take the risk.
Parent doesn't believe anything he types. He's just a troll out to get karma. Later we'll see peoples primary links, goatse, last measure and all sorts of degenerate filth. DON'T GIVE HIM THE TIME OF DAY, MODS!
Simple answer: elect Dubyah! No more information gets out. Just meaningless gibberish and insultingly stupid generalisations.
DROS - Open-Source Robot Software
The above post, while the truth, is basically a summary of the first few chapters of Bruce Schneier's book, "Beyond Fear".
The Internet's nature is peer to peer - 20050301_cs_profs.pdf
firstly, according to his family, he wasn't just concerned with money. he felt he was helping iraqis by being part of rebuilding iraq. facts seem to back this up; he was THERE, by himself, taking the risk.
but secondly, your reply has completely ignored my response.
your o.g. post says what happened to nick berg is justifiable.
i'm not asking whether you would take the risk of having your head cut off, i'm asking you, are you willing to have your head cut off as revenge/retalliation for something YOU yourself did not have ANYTHING to do with?
if your answer is yes, then presumably you're off to iraq.
Lets just leave him alone. Its not helping. If you have any questions why, refer to Formosa's Law.
At least Hitler was honest about his intentions when he invaded Poland, France and Austria...
Bush and his boys couldn't even get a believable story going.
If my country commited those acts on those prisoners, then yeah I would wear it.
I remember when the story about mapping the fibreoptic infrastructure broke.
I also remember several months later, massive power grid failures in the US and UK among others, all within a reasonably short timeframe.
I thought even back then, while the two aren't directly related, that there was a possibility that someone had figured out the electrical grid chokepoints sufficiently to do a test run of sorts, to see if it worked or not, possibly inspired by the fibreoptic story.
My point is this - if you were a terrorist and wanted to hit hard again, why not follow standard military doctrine and cut off the enemy's power grid first? After all, we do it, so why wouldn't they do it as well? In all the confusion, that's when you conduct your real strike.
Thankfully, since the information is public, we too can look for potential chokepoints and demand of governments that they fix them or mitigate the risk by building in redundancy. If we don't keep this information public, we will not be able to hold governments accountable when they don't make the effort and the system fails when it's most needed. And if you can no longer hold your government accountable when they screw up, because you don't have access to the information you need to do it, then you are no longer in control, and they are ruling you, not governing on behalf of you.
Visceral Psyche Films
Of a similar report compliled by the RAND Co's subsidiary the BLAND Corporation, completely discounting the efficacy of a doomsday device in the war on terror.
Oh dear, we have a revisionist historian here. Honesty was not a virtue that Hitler ever had. If you think so, please give me a reference to when he said "that he was invading Poland, France, and Austria... so that he could control Europe and kill all non-Aryans".
While Bush and his boys may not be the most virtuous of people, comparing them to Hitler really only shows how small your mind is.
You laugh, but to detect criminal activity, circumstantial suggestions are pretty effective. There are signals that are not by any means conclusive about anything, but which nevertheless mean that some minor checking-up on the individual or situation would be worthwhile.
For example, some advice to cashiers and clerks from an interesting website:
Watch for Suspicious Behaviour
* Keep an eye out for signs of potential credit card fraud. Watch for customers who:
o Make rapid purchases without regard to size, style, color, or price.
o Are overly talkative during a transaction.
o Attempt to rush transactions, especially at closing time.
o Purchase many of the same items in different colors or sizes.
o Make purchases, leave the store, and return to make more purchases.
o Are unsure of their credit limit, then ask you to split the sale into two or more transactions.
o Pull credit cards out of a pocket, not a wallet.
Now, none of these things is worthy of a major intervention. They can be perfectly innocent behavior. But the point is, if a cashier sees someone displaying a few of these actions in a transaction, then it would be a good idea to have a good look at the credit card, the signature...
Christ! Will someone just mod this fucker to -1 so we don't have to see his anti-American propaganda. The link is totally distateful. Look at his history, he's just a karma whore.
ok, but i just want you to know that i was and still am STRONGLY opposed to the american invasion of iraq, and i agree that the abuse of iraqi prisoners is absolutely appalling, disgraceful, inhumane and deserves the severist of punishments for all concerned.
my point simply is, nick berg was not directly concerned with it.
http://www.rootstrikers.org/
What an organization researches is very different than bias towards the establishment. RAND advocates relaxing drug policy, especially for marijuana. They were the original group who said (and with evidence) that Vietnam was a bad idea. They said this even before we got involved in any significant way. Finally, RAND recommends a moderate Islamic state for middle eastern states we "liberate," which doesn't jive with the religious right's plans. Just because RAND researches for the military doesn't mean it's obligated to make things sound good to warmongers and Republicans (are they different?). RAND is damn objective for the politically sensitive work they perform.
Any information is really only valuable when you have enough creativity and common sense to make something of it. People aren't trained to think "outside of the box", but given enough time and motivation, things will happen.
I'm not saying that we should keep all of this info under lock and key(among dozens of other safeguards), but we should at least make a few more independent analysies(sp?) of the threat the data poses.
The thing that I think would be alot more interesting is to take the layouts of some of these buildings; turn them into maps for some FPS games (UT2k4 is my fav) and figure out the best way to attack/defend them. (I've been wanting to do this for my college campus for awhile now.... let players spawn in their dorm rooms... consider it preparation for the giant paintball war we're planning for halloween)
yeah, just my 2 cents..
"Operating systems suck: you're better off using only the BIOS" --trainsaw.com
BOO!
Terrorists are everywhere!!
BOO!
If I want to calculate exact location of the white house, I don't need any goverment spatial data. I just calculate 3 different points in Washington DC using pocket GPS device and from that values and city-plan I can find exact coordinates. This whole thing is really yet another way to keep various informations away from peaople, while hiding behind "war on terrorism". Also, today on CNN.com: all Iraqee prison pictures wan't be released. Never.
http://www2.jpl.nasa.gov/srtm/
http://grass.ibiblio.org
STRM is new, so get the CVS version if you want access to the latest auto-load & clean scripts. View with NVIZ.
cool stuff.
~.~
I'm a peripheral visionary.
Unfortunately, the US seems to believe in technology so strongly that they have abandoned this way of gathering information, thinking instead that satellites and UAVs will do the job. For some reason, the American society prefers technological solutions over sociological ones.
Did you know you can fertilize your lawn with used motor oil?
Speaking as a GIS tech/programmer, and geologist ... holding back geospatial data from free public use will hurt the enonomy far more than any of those imagined threats. If a terrorist really wants to know where a target is, he can just wander on past with a GPS.
If the US government really cared, they wouldn't have turned of the 'selective availability' distortion that used to reduce the accuracy of common GPS units from a nice 10m accuracy down to an annoying 100m.
I think history has proven that at least so far terrorists attacking the US have preferred large symbolic targets, the kind that you can't hide, where openly available geospatial data is irrelevant.
And consider that having as much data available as possible to the public enables all kinds of value added / data mining uses to crop up that the data owners might never think of themselves. There are many business models out there working right now, feeding families.
Open free exchange and full interoperability if geospatial data is the future. It is happening now through the Open GIS Consortium, GML, and through free open source programs such as Grass, and MapServer. Good things happen when the right people have easy access to your spatial data.
Do your part! set up a MapServer WMS server today, make your spatial data available to the world yet still maintain control (the server passes out raster map layers that become part of a user's raster map, no one gets your valuable vectors)
George Bush + Linux = "I will not let information get in the way of the fight against Windows"
A subsequent Rand Report found that information available in the Yellow pages posed a potential security threat. In an attempt to staunch the flow of information to would be terrorists, all people in or arriving in the United States will soon be fitted with a mask that covers eyes, ears, and mouth... so that we might hear no evil, speak no evil, and say no evil...
Your tax dollars ar work...
Genda
You can't change the rules in the middle of the game. If we knew we would have to pay for these kids, we never would have had them.
Maybe they don't think the data is a threat because they've already had their way with it before it's made publicly available. Take this TerraServer shot of of the US Capital using the new .25 meters / pixel USGS natural color data set. The Capital and Senate / Congressional office buildings are mosaic'd out!
I mean, seriously... call these terrorists what you want, they're definitely smart and resourceful. They knew enough about American society and culture to select very traumatizing targets.
We should assume that they will find whatever is of interest to them, and that security through obscurity is bound to fail. Given that, geospatial information should be free so citizens can point out weaknesses to the government.
In terms of cost for security... I recently asked for geospatial information from my city, and they would not give it to me for free (councillor district maps- not exactly a privacy or terrorism risk!). States where they have a more liberal policy towards sharing this information have often developed thriving GIS sectors. The cost of secrecy will be reduced competitiveness, as another country could take over in the lucrative GIS market.
Information: "I want to be anthropomorphized"
And we are no doubt going back in the direction of more spies being used. But it takes a long time to infiltrate a paranoid organization. Especially when the other lads aren't restricted to proving your spy is a spy - suspicion is enough to get him dumped into a shallow grave somewhere.
So, what do we do in the meantime?
PS. Security through obscurity: as recently as WW2, that was a useful technique. One of the contributing factors to the failure of the German invasion of the USSR was the lack of adequate maps of the USSR. Specifically, the available maps showed a highway leading into Moscow from the west that was integral to the German logisitics effort. Turns out the highway wasn't actually there.
We tend to look at a world where all information can be ferreted out easily, one way or another. Spy satellites and such help to foster that image, as does the US tendency to make everything publically available. But it is not always true that the other fellows can find out something you wish to conceal by obscurity.
And the internet security model is not terribly useful as an analogy. Consider the standard technique of restricting privileges so as to limit the bad guys capabilities once they penetrate your system. Would you consider a similar technique in the real world? For instance, limiting the rights of everyone not part of the military/government during the period of the threat? The number of people here who (rightly) are opposed to such is legion, and I don't think you're an unusual subset of the US population.
If you wish to model real world security with the internet model, consider an internet model where EVERYONE has admin privileges everywhere. Or at least poweruser privileges (for the windows types out there). THEN you can come up with a security model that might mirror the real world (tm)....
"I do not agree with what you say, but I will defend to the death your right to say it"
Does anybody remember the story of the GPS units and how the 9/11 terrorists used them? To summarize, they drove to NYC on September 10th with their GPS units. They stood b/t the 2 WTC towers and marked a waypoint. The next day, they flew airplanes towards this waypoint.
OK, OK, So what??? Well, they could have just read a USGS topo sheet to get those Lat/Long coordinates. Or they could have used any GIS package.
This is really scary to think about b/c almost every county has GIS data on their website, including land ownership, soil type, lat/long, impervious surfaces, building outlines, drainage, and more.
This is all free, easily accessible, and pretty accurate.
Being early in the morning and only on my second cup of coffee, I threw my slashdot goggles on and in my quick skimming thought it said "sponsored by the National Gestapo-Intelligence Agency". I saw the .mil link, and began pondering a DHS conspiracy.
>This is the same as computer security.
It's worse than that. Instead of users with system accounts, democratic countries have this:
# useradd -g root terrorist
And permissions are lax; maybe not everyone can execute malicious shell script, but they can read all scripts used by the sys admin.
>It's a real-life game of chess.
On the country level, it's chess, but for people/victims it's jackpot - if it hits you, you're going out forever.
It's hard to restrict flow of information when on the one side people enjoy certain freedoms and on the other the media and others are constantly looking for bad publicity and bad news.
One of most effective ways to prevent possible terrorist attacks is involvement and alertness by ordinary citizens.
But seriously, the (US) governments totally gets the mind-set of these people wrong. They don't download multi-gigabyte maps from the net before they attack, they simply and effectively pick so-called postcard targets, because they seek to attract media attention and these targets stand for what they resent.
Most terrorists are surprisingly low-tech, but that's actually why they can be difficult to track down: if you never use Web browsers, phones and credit cards you leave few traces.
If you read the recent intelligence 'success story' where they tracked some people because they used a Swiss pre-paid mobile phone SIM-card from somewhere in Pakistan, apparently swapping mobile phones and not SIM-cards instead of the other way round, this gives you an idea of what to expect.
Why is this scary?
So getting coordinates from some GIS software will be easier...yet I'm somehow forced to think that if someone is really determined to make an event happen, taking away that simple convenience won't stop them.
Terrorists hope to induce shock and fear in as many people as possible...I really doubt that this is going to occur by driving a bus into your Town Hall or Baptist Church.
Just meaningless gibberish and insultingly stupid generalisations.
Damn straight! Unlike $POLITITION who really speaks for the people[1]! $POLITITION has been for $POPULAR_ISSUE since the beginning and will continue to fight for what's right[2]!
$POLITITION won't make alll the mistakes the other guy has[3]!
[1] The people who give him/her money that is.
[2] Since (s)he found out it was a popular issue at least.
[3] Though (s)he's bound to make all new ones.
"Ignorance more frequently begets confidence than does knowledge"
- Charles Darwin
OT I know, but I don't care.
Nick Berg's Head (779033)
But what kind of a sadistic moron do you have to be to make 'sport' of some poor guy being decapicated slowly with a knife? I can't even imagine what in the world is wrong with you (and I'm happy I can't).
You sir, are an asshole.
"Ignorance more frequently begets confidence than does knowledge"
- Charles Darwin
The availability of information has nothing to do with who is president. The data from NGA (formerly NIMA), National GeoSpatial Data Warehouse, USGS, etc... has been availble for many many years and will continue to be available. Removing access to the data now will only ensure that people won't be able to get it from the "authoritative" sources. Anyone who wants it will either already have it or they'll find another source. Consider that removing the information would be similar to banning the sale of guns - terrorist/criminals will still find a way to get it and the innocent will be the only ones without.
The reason geospacial data is no threat is because nobody can make GRASS work. The data is easy to get, but GRASS won't show you any of it.
Really, if you and a buddy put on orange vests and hard hats, and spent your days peering through survey instruments and jotting notes, how many weeks would you have to do this before anyone bothered to speak to you at all? Okay, you'd be nabbed quickly if you surveyed the Pentagon or ORNL, but there are *supposed* to be people checking over those thousands of bridges and dams and whatnot -- who would stop you?
"It's worse than that. Instead of users with system accounts, democratic countries have this:
# useradd -g root terrorist"
Oh, really. Try walking into SAC headquarters without a security clearance. Wasn't there a big flap the other day about someone who only asked for a map of the service tunnels under his school?
We hire a handful of stewards to hold the root passwords for us.
Restriction of privileges is exactly what we already do in the Real World. You cannot just stroll into a military base and demand to be let into the armory or the files of the CO's planning staff without causing yourself a whole lotta trouble. You can't expect to walk into the control room of a power plant without a badge. It's awfully hard to get onto the workroom floor of *any* manufacturing business if nobody recognizes you.
This is exactly the network security model. Assuming that the bad guys have useful knowledge, make it hard for them to gain the access necessary to use it. Locking up a network by hiding information has been derided, not because of some ivory-tower theory, but because it's a deviation from what's known to work well in the physical world. We've known all along that secrets are fleeting, and that active measures have the best chance of foiling a determined attacker.
Apparently, GDT Inc. is the provider of street network for all major GIS Software corporations (including MapInfo, Intergraph and others) and government entities. Perhaps the most important information on this company is the Department of Commerce publication CB96-194 of 1996, which announces that the US Census Bureau would acquire data from GDT Inc. in a long term cooperation effort to have an up-to-date TIGER database.
o po.html), therefore the original sponsor of the data was the US Government itself.
The question from where GDT Inc. acquired their data is further hidden, appart from the fact that the used USGS data. A hint towards the answer is found in meta data from the USGS (specifically http://minerals.usgs.gov/sddp/doc/roads.txt), clearly indicating that the data were derived from TIGER/Line files. This means that GDT Inc. did not provide the data for the US Census, rather, it provided updates to the existing data. Therefore the source goes back to the US Census Bureau, that actually provides information on their data in a more straightforward way.
To compile the TIGER data, 1:100,000 USGS topographic maps were digitized by USGS on behalf of the Census Bureau. For urban regions, GBF/DIME files created in the 70's were used, that were updated in 1981 and 1985. Therefore one of the originating sources has been traced back to the Census Bureau (the urban area data). The other originator, USGS has a longer history. The attempts to map the USA started in 1879, on a scale of 1:24,000. Therefore the 1:100,000 maps used to create the US Census maps are derivations of 1:24,000 maps that started being compiled in 1879 and update since then by planetable surveying. After the 1930's, aerial photographs were used. The original purpose on creating these very first maps was a mandate by Congress to "classify public lands" (http://mac.usgs.gov/mac/isb/pubs/booklets/topo/t
I feel safer now...
The Keyhole viewer is very impressive. They have the whole planet available. Resolution varies; for much of the world it's low-res satellite imagery. But for most urban areas in the developed world, the imagery is quite good. The imagery is overlaid on height data, so you can get a 3D view from any angle. The height data is too coarse to show buildings.
Or at least the current crop of terrorists don't. This is information that would be useful when waging war against the US. ie. In an attempt to cause massive damage and disruption through strategic strikes. One could argue that terrorism has the same goals and in some cases it might, but I don't think that's what interests the current crop of middle-eastern terrorists. To them it's about making bold political and moral statements.
The strike on the WTC was a strike against the symbol of American prosperity. That it caused as much damage as it did was an accident. And I suppose there's some irony in the fact that the WTC was a hub for tourism and international business. The collapse of the towers probably killed as many foreigners as it did US citizens. And as many poor folks as rich ones. The underside of the WTC contained a shopping mall and was a large subway transport hub, after all. Not to mention the daycare service(s) based there, so more than a few small children were killed as well.
But it should be pointed out that the current crop of terrorists have not proven themselves to be nearly as capable as we seem to think they someday will be. The WTC attack was a hack job done by a few fanatics with box cutters. It required no resources and almost no skill to execute. But since 9/11 the government has been mostly talking about organized attacks. BioChem and atomic devices, etc. I won't deny that such things are definately within the reach of some, but this remains pure speculation.
As a recently graduated, and thankfully, gainfully employed GIS type I suppose I can answer your questions:
1. Continue with the GIS/Remote Sensing classes. Learn to program C++ or Java.
Also learn SQL and at least one major datbase (SQL Server, ORACLE, or one of the OSS ones).
Then start in on PHP, and especially PYTHON (ESRI is including Python as a scripting language in ArcGIS 9.0, and I believe there is a PYTHON Mapscript for Mapserver.
The GIS basics will get you in the door. The ability to tie a companies GIS data to their existing coorperate databases and spit it all out in a inter/intranet web application will make you priceless.
2. There are a few books on GRASS, but not much on Mapserver, its all in the mailing list archives. Check out www.openosx.com for the name of the GRASS book.
3. The job market has been pretty steady. The bubble burst didn't really effect the geo-spatial world too much. If anything there is a lack of good talent right now because many GIS folks are Guard/Reserve that have been called up, or are being lured away by defence contractors trying to sort through a mountain of geospatial intelligence.
-btw don't ever stop asking "may I help you". GIS is a customer service driven profession. If people don't use your services there is no reason for your existance. Your bosses boss will never understand what you do and you will constantly have to remind them why you are there.
You have the nut of an important point. This study merely looked at data sources and considered "could this be useful to an attacker". But that is a poor measure of vulnerability, because it doesn't theorize what an attacker would do. A better measure would be, once you've identified some allegedly exploitable geospatial information, to go back out the front door and try to come up with a credible plan of attack - credible in terms of goals, resources, methods, and available skillsets - that uses this piece of information. But the alarmist thinking in this report results in bad security.
For example: who can get on planes without being searched? Airline pilots. So we should search the airplane pilots being searched for weapons. I saw this happen this week, and it's retarded fake-ass security: if you can't trust the pilots, with or without weapons, you are already fucked, and searching them just diverts resources from real risks. Thinking from the point of view of the attacker can come up with more interesting hypotheses like "professional sports venues are well protected, but college venues may be poorly protected with targets of comparable size and impact".
Speaking of which, in today's climate, I wouldn't be caught analyzing good ways to attack campus buildings if I were you.
Expanding a vast wasteland since 1996.
Hi, I thought in the context of the thread that folks might find our new website on mapping infrastructure with publicly available data interesting: http://policy.gmu.edu/imp The gallery has some low res macro images of our analysis of the data the Post article talks about. Also the research page has some of papers avaialable for download. I think the one big thing the RAND report misses is that it looks at geospatial databases in isolation. It is only when that information is combined with other data and intel that it becomes dangerous. It is in the aggregation, integration and analysis that valuable information comes to light. best, sean GMU school of public policy
You're right about that.
I was referring to watter supplies, hospitals and most public infrastructure.
Seems pretty strang to me... [typo in original story] G
oregonnerd...a nerd in Oregon, of course