In this episode of the Security Ledger Podcast (#188), sponsored* by LastPass, we take a look at the fast-expanding world of crowdsourced surveillance by doing a deep dive on Flock Safety, a start up that sells inexpensive license plate scanners to homeowners and police departments. Also: users know that password security is important…but they can’t seem to change their insecure behavior. In our second segment, We talk about why with Katie Petrillo of LogMeIn and LastPass.
Flying in Surveillance’s Gray Zone
Like many technology entrepreneurs, Garret Langley’s company started with a question that he just couldn’t answer. The solve rate for property crime in his community outside Atlanta was pitifully low. Just one in six property crimes like break ins and car thefts nationally was ever solved.
The problem, Langley came to understand, is a lack of hard evidence: without a clear way to tie criminals to a crime scene, it is difficult for local law enforcement to even make arrests, let alone win convictions.
More license plate readers would help, the police told him. But licensing so called Automated License Plate Reader (ALPR) technology is prohibitively expensive.
Like many entrepreneurs before him Langley found salvation in his pocket: his iPhone. Consumer smart phones, Langley realized, have all the components needed to function as capable ALPR cameras. All they needed was some weather proofing, an Internet connection and the software to manage the video feeds captured by the phones.
The company that grew out of that revelation was Flock Safety, a start up in the surveillance market that sells inexpensive Automated License Plate Reader (ALPR) cameras to law enforcement, home owners associations and individuals. But the growing use of ALPRs, including by individuals raises a host of privacy and civil liberties concerns.
In our first segment of this week’s podcast, we do a deep dive on Flock. First, we interview Garrett about how Flock got started, how its inexpensive ALPR technology works and how the company is trying to navigate the “gray zone” of public safety, civil liberties and privacy that its technology inhabits.
For a better understanding of those tensions, we also invited Dave Maass, a senior investigative researcher at The Electronic Frontier Foundation (EFF), into the studio. In our conversation, Dave says that the growth of consumer surveillance gear like Flock and the Ring smart doorbell raise serious privacy and civil liberties concerns for U.S. citizens, who increasingly inhabit a world saturated with private and publicly owned surveillance technology.
Password Security: Consistently Bad
In our second segment this week, we have some good news: Internet users are well aware of the danger posed by weak or re-used passwords. Now the bad news: for more than three years, surveys conducted by LogMeIn’s LastPass division suggest recognizing passwords risks hasn’t changed users’; insecure password behavior.
Why? We talk with Katie Petrillo of the firm LogMeIn and LastPass about why so many people can’t seem to bring themselves to care about password security.
Attacks on authentication are a common thread in pretty much every major data breach and cyber attack. Weak passwords, shared passwords and password reuse between corporate and personal accounts are all major vulnerabilities in corporate defenses.
So why don’t users seem to care? Katie talks about the findings of LogMeIn/LastPass’s most recent password survey, which shows that insecure password behavior hasn’t changed much in recent years, despite the increased awareness of password risk.
Katie talks about the challenges facing companies, including the tendency of employees to devalue corporate data and accounts. She says there are some things that companies can do to move the needle on password security.
(*) Disclosure: This podcast was sponsored by LastPass, a LogMeIn brand. For more information on how Security Ledger works with its sponsors and sponsored content on Security Ledger, check out our About Security Ledger page on sponsorships and sponsor relations.
As always, you can check our full conversation in our latest Security Ledger podcast at Blubrry. You can also listen to it on iTunes and check us out on SoundCloud, Stitcher, Radio Public and more. Also: if you enjoy this podcast, consider signing up to receive it in your email. Just point your web browser to securityledger.com/subscribe to get notified whenever a new podcast is posted.