Until the police and government deploy a proper cure for kettling we will have to make do with defences. It requires a lot of police to seal an area, especially given the size of crowds that we have seen at recent protests. This means that there are a limited number of locations where kettles can be imposed. In an area as geographically complicated as a major city the best defence against the kettle is avoiding it in the first place and there is now an app for that. Whilst there are questions about whether a technological solution is appropriate, in the short term Sukey is going to help protestors know which way direction to head in to avoid the kettles.
The objectives laid out in the Sukey executive summary are as follows:To keep peaceful protesters informed with live protest information that will assist them in avoiding injury, in keeping clear of trouble spots and in avoiding unnecessary detention. The application suite gives maximum information to those participating in a demonstration so that they can make informed decisions, as well as to those following externally who may be concerned about friends and family. It should make full use of the crowd in gathering information which is then analysed and handed back to the crowd.
From the security perspective it looks as though the developers have at least sought advice and thought about defending both themselves and the crowds supplying data. Without details though and a thorough code review it is hard to be certain. Whilst generally the advice has been that open systems can be more secure, the developers of Sukey are taking a hybrid approach. Source code will be released after each protest at which point the current codebase can be worked on by third parties and the developers will fork and work on the next version. This will maintain the longer term openness of the project whilst attempting to minimise the equivalent of a zero-day exploit that could be used by the police during a protest.
So, given that any protestors who are kettled are likely to be identified anyway, what are the defenses against Sukey? I can't imagine that the police will be shutting down mobile phone networks during protests or jamming wifi for that matter. One potential weaknesses is in the source of input data. Amongst the crowds providing data will doubtless be police acting as saboteurs or provocateurs so input data could be spoofed. Perhaps there will be a sufficient density of non police sourced data that police-originated spoofing will be lost in the genuine data. An alternative weakness may lie in the reliance on web services and non-distributed nature of the system. If there is a single, or sufficiently critical, point of failure then the police could target that on protest day. My last, and admittedly most far-fetched initial thought is of infiltration, if the police are able to take control of the system on protest day, rather than just breaking or shutting it down, then they could direct protestors towards kettles rather than away. Which would be bad.To be honest I think it is sad that protestors have to come up with a solution like this to defend themselves against those whose sworn duty is to protect them and maintain safety. That said it is a really cool piece of code and an exemplar of what smart-phones (iPhone), crowd-sourcing (the protestors and interested by standers), and mash-ups (swiftly, Google Maps) can achieve.
No comments:
Post a Comment