Traffic Light Scam II

By | November 22, 2011
1 Comment

More on the Italian traffic light scam. I wrote to Mr. Arrighetti asking for comment, and received this from Silvia Guelpa, who says she is a consultant to the company. In summary, she’s arguing that the company, and its founder Stefano Arrighetti, haven’t done anything wrong and that if anyone has broken the law it’s the companies and police who have been responsible for changing the settings which created the huge volume of tickets.

She makes the points that

  • KRIA is a manufacturer and does not sell to the City Councils but to Companies who rent the T-RED to the Police with contracts based on the number of ticket (about 30%).
  • T-RED—the system–does not actually control the traffic lights, which are managed by a controller.
  • T-RED can be configured to detect immediately after the red phase begins or after a configured delay (0-10.000ms). Local Police and Companies renting the systems set the yellow on the controller for as short a period as possible and reset to zero the above mentioned delay, in order to increase the number of tickets.

This, she says, is what is causing the abnormal number of tickets.

She also says there has already been one investigation, by Milan’s attorney, which concluded after one year that KRIA is “absolutely innocent and out of any private interest.” That investigation, she says, resulted in the arrest of “bosses of the companies buying and renting T-RED and they admitted that they forced and won many tenders incorrectly.”

But with public outcry still strong—three million tickets still had to be paid—Verona’s attorney started investigating KRIA’s certification—whether or not its system had all the right paperwork. The idea, she says, was to find an excuse to cancel all the tickets.

KRIA believes it has all the right certification, arguing that the only parts which need to be certified are “the fixed, immutable components of the device”–cameras, lighting systems, PC and PCI board. But Ms Guelpa says the attorney’s power “is unlimited during the investigation phase. They can even arrest people.”

Her argument is basically that Mr. Arrighetti is being made a scapegoat on a technicality.

Lesson from this? I guess I’m still reeling from the idea that police forces would fiddle the system to fill their coffers, not just in Italy but elsewhere. But I guess the bigger point is that all kinds of technology are susceptible to this kind of manipulation, which raises the question: Quis custodiet ipsos custodes?

The Traffic Light Scam

By | November 22, 2011
1 Comment

image

If true, this is a scam that is going to fuel the conspiracy theories of every driver who feels they were fined unfairly for crossing a red light. Police in Italy have arrested the inventor of a smart traffic light system, and are investigating another 108 people, on suspicion of tampering with the software to speed up the transition from amber to to red, netting the local police and others in on the scam millions of dollars of extra fines.

The question is: Is this kind of thing limited only to Italy?

The Independent writes:

Stefano Arrighetti, 45, an engineering graduate from Genoa who created the “T-Redspeed” system, is under house arrest, and 108 other people are under investigation after it was alleged that his intelligent lights were programmed to turn from amber to red in half the regulation time. The technology, which was adopted all over Italy, employs three cameras designed to assess the three-dimensional placement of vehicles passing a red light and store their number plates on a connected computer system.

Those now under investigation include 63 municipal police commanders, 39 local government officials and the managers of seven private companies.

The fraud, The Independent says, was uncovered by Roberto Franzini, police chief of Lerici, on the Ligurian coast, who – in February 2007 – noticed the abnormal number of fines being issued for jumping red lights. “There were 1,439 for the previous two months,” he said. “It seemed too much: at the most our patrols catch 15 per day.” He went to check the lights and found that they were changing to red after three seconds instead of the five seconds that had been normal.

Unanswered, of course, is why it’s taken two years for the fraud to be stopped and investigated. The inventor’s lawyer has said he is innocent. Mr Arrighetti’s LinkedIn page is here. He is described as the owner of Kria, a Milan-based company which sells the T-Redspeed and other traffic monitoring systems.

image

Image of Arrighetti from Insight24 webcast

The T-Redspeed system is described in the company literature as “the newest and most innovative digital system for vehicle speed and red light violation detection. Based on special video cameras, it doesn’t require additional sensors (inductive loops, radars or lasers). It measures the speed of the vehicles (instantaneous and average) up to 300 km/h.”

Some forum posters have suggested a system used by British authorities, RedSpeed, is the same, but on first glance it doesn’t look like it. That said, reducing the amber phase seems to be a widespread source of extra revenue: The National Motorists Association of America has found six cities that have shortened the amber phase beyond the legal amount, apparently as a way to increase revenue.

Illustration from Kria brochure (PDF)

The End of the Reply All Button

By | November 22, 2011
2 Comments

I did a piece for the BBC World Service on the Reply All button the other day (MP3 to follow). I’m not saying there’s a causal link, but now Nielsen have issued a memo: 

We have noticed that the “Reply to All” functionality results in unnecessary inbox clutter. Beginning Thursday we will eliminate this function, allowing you to reply only to the sender. Responders who want to copy all can do so by selecting the names or using a distribution list.

Apparently they’re not the first to do this: Standard Chartered have done it some time back, according to comments on Techcrunch.

There’s a lot of people who don’t like this; they think it’s a dumb move. I’d tend to agree, but for maybe different reasons. Why not try to understand why the Reply All button is there, and try to find another way for staff to disseminate information?

All I can imagine from this is the time wasted as employees add email addresses one by one for fear they leave someone out of a message. There’s got to be a better way. Wikis, blogs, RSS, twitter, Yammer, anyone?

Dunder Mifflin Alert! Nielsen to Disable Employees’ ‘Reply to All’ E-mail Functionality – Dylan Stableford – Blogs B2B @ FolioMag.com

The Hazards of Recommending

By | November 22, 2011
0 Comment

image

Think twice before you agree to recommend someone on LinkedIn. They may be a logic bomber.

You may have already read about the fired Fannie Mae sysadmin who allegedly placed a virus in the mortgage giant’s software. The virus was a bad one: it

was set to execute at 9 a.m. Jan. 31, first disabling Fannie Mae’s computer monitoring system and then cutting all access to the company’s 4,000 servers, Nye wrote. Anyone trying to log in would receive a message saying “Server Graveyard.”

From there, the virus would wipe out all Fannie Mae data, replacing it with zeros, Nye wrote. Finally, the virus would shut down the servers.

Luckily the virus was found and removed. But what has yet to be removed is the suspect’s LinkedIn page which shows that since he was fired he has been working at Bank of America, something I’ve not seen mentioned in news covering the alleged incident.

(Apparently this piece mentions this fact but the information has since been removed. This raises other interesting points: What way is there for a company to police claims by people on networks like LinkedIn that they indeed worked at that company? Why was this information removed from the story or comments?)

image

What must also be a bit awkward is that the suspect, Rajendrasinh Makwana, has a recommendation on his LinkedIn profile from a project manager at AT&T, who says that

he was much more knowledgable at the subject matter than I was. He demonstrated leadership at times of crisis. He helped me learn the ropes. I would love to work with Raj again.

The recommendation is a mutual one; the person in question gets a recommendation from Makwana as well. But what adds to the awkwardness is that the recommendation was posted on October 25, 2008, which was, according to an affidavit filed by FBI Special Agent Jessica Nye, the day after Makwana’s last day of work—which was when he allegedly planted the virus:

“On October 24, 2008, at 2:53 pm, a successful SSH (secure shell) login from IP address 172.17.38.29, with user ID s9urbm, assigned to Makwana, gained root access to dsysadmin01, the development server. … IP address 172.17.38.29 was last assigned to the computer named rs12h-Lap22, which was [a Fannie Mae] laptop assigned to Makwana. … The laptop and Unix workstation where Makwana was able to gain root access and create the malicious script were located in his cubicle.”

Ouch. If the FBI is right, the suspect was buffing his CV, seeking recommendations from former colleagues right after planting a script that could have deleted all of Fannie Mae’s data.

Lesson: Think hard before you recommend someone on LinkedIn. How well do you know this person?

The Problem With Memory Sticks

By | November 22, 2011
1 Comment

image

… is that you forget you have them in your pocket. According to Credant Technologies, a Texas-based security company, about 9,000 USB sticks have been left in people’s pockets in the UK when they take their clothes to the dry cleaners.

This is based on a survey (no link available; sorry) of 500 dry cleaners across the UK who, on average, had found 2 USB sticks during the course of a year. There are, according to the Textile Services Association, some 4,500 dry cleaners in the UK. A survey by the company of taxi drivers in London and New York last September showed that over 12,500 handheld devices such as laptops, iPods and memory sticks were left in the back of cabs every 6 months.

Taking these figures with the caution they deserve—two? Is that ‘We find on average two thumb drives each year’ or ‘yeah I suppose you could say a couple’?—it doesn’t sound surprising. Indeed, you’d think it would be higher, and, indeed, in the centre of London, it is: One dry cleaner in the heart of the City of London said he is getting an average of 1 USB stick every 2 weeks, another said he had found at least 80 in the past year.

Credant want to remind us that data on thumb drives is probably going to be valuable, and there could be a lot of it. With most drives now at least 2GB in capacity, that’s a lot of files that some bad guy could have access to. Encrypt, they say (using their software, presumably.)

They have a point. Though maybe encryption isn’t so much the answer as asking whether there’s perhaps a better way to carry sensitive data around with you? Like not?

Illustration from Computer Zeitung used with permission