Hacking Cars, Chipping Kids, and Fingerprinting at Disney (Friday Links Roundup)

A disgruntled worker at a Texas auto dealership hacked into a vehicle-immobilization system and disabled more than 100 vehicles. Our automobiles are getting more and more computerized, so the threat of hacking vehicles is being taken increasingly seriously, according to this interesting article in CIO Magazine. And as computerization proceeds, with cars tied in to GPS, social networks, and who knows what else, the threat will increasingly be not just to security but also to privacy. Already today’s cars contain as many as 70 independent computers with up to 100 megabytes of code. And, vehicles—perhaps we should start calling them “transportation computers”—are increasingly being plugged into various networks, which greatly increases their vulnerability. Already, the job description “car thief” has come to take on some of the qualities of “hacker,” with today’s thieves plugging into vehicles’ data ports, replicating RFID key fobs, and otherwise manipulating data rather than hardware. It’s always seemed to me that one way to increase the security in cars and other publicly important software, is to require that their code be open source.

Speaking of RFID chips, Wired has an article by David Kravets on the Texas school district that is tagging its kids with RFIDs, which I posted about in June. Kravets reports that the primary motivation for chipping students is money—schools’ budgets are tied to attendance, so they are seeking more accurate attendance records in order to get more money from the state. The ACLU recently endorsed a position paper laying out the problems with deploying RFIDs in school. Students at the school are “rebelling” against the radio chip deployment—showing that resistance to authority is not dead yet in America. Wired also notes that the RFIDs used by the school contain no encryption, so they could be easily read and cloned by anyone with the (easily obtained) equipment. Aside from the privacy problems, the security problems that could arise from tracking not actual children, but computer chips (which the school simply assumes are connected to human bodies) are legion, as the position paper points out. Separate the child from the chip and the school will be fooled into thinking the child is somewhere he or she is not.

On the subject of socializing a generation of children to accept surveillance technologies, Disney World is installing a new biometric fingerprint tracking system, and is interested in deploying face recognition, Medill reports. The company’s involvement in the technology is so extensive that a Disney executive provided expertise on biometrics to the government after 9/11, and several Disney employees have left the company to take jobs at the NSA or elsewhere in the intelligence community, according to the article. In some ways it’s surprising that Disney would embrace such a technology, so seemingly at odds with the innocence and nostalgia that the company sells. On the other hand, the “simpler times” that the company appeals to are of course completely illusory—devoid of political, economic or ethnic conflict, protest, and social change—and maintaining that illusion at its theme parks has often prompted the company to lean towards policies of order and control, with which fingerprinting fits right in.

Finally, don’t miss this hilarious Juice Rap News piece on surveillance. We are VERY offended by the stereotypical portrayal of a wacky privacy advocate in the piece, but the rest of it is funny.