Joe's Jottings

Since the recent case in which a teenage girl was groomed and murdered by a paedophile via the Facebook site, there has been a lot of pressure from the UK Government for Facebook to put a ‘Panic Button’ style link on the site – a move supported by the CEOP organisation.  Facebook have commented that they have no objection in principle to making it easier to report abuse on the site, but that they feel that the CEOP supported option is not necessarily the best way.

Facebook are far from perfect in the way that they treat their users; I think all of us who use the site would have our own grumbles about privacy and the attitude of Facebook as a whole towards individual users now that they’ve got big.  But to be honest I think I would rather central Government stayed out of issues like this – especially New Labour, who seem to have spent the last decade dismantling our civil liberties bit by bit.  For a previous broader comment on this issue, I direct you to this item from a year ago, in which author Phillip Pullman commented on the behaviour of New Labour.

Since then we’ve had the Digital Economy Bill – even without the Lib Dem Peers’ Amendments it was a pretty poor piece of legislation.  With the amendments it offers a wonderful means of stifling debate by simply shutting down access to any site that breaches copyright.  Under the Bill, as it stands, and if it were strictly applied, YouTube could be blocked to UK ISPs because of material that breaches copyright. 

Part of the problem with New Labour is their amazing ability to put together piss-poor legislation on a ‘knee jerk’ basis.  A lone gun nut leads to a total handgun ban – which doesn’t affect criminals as they tend to disobey the law anyway.   Despite massive increases in the legislation aimed at child protection, the very basic laws that were there all along fail to be implemented and children keep getting killed.  And there are many more examples.  One interpretation of this repeated series of cock-ups is that they’re just incompetent; my own interpretation is that New Labour are just incredibly keen on reducing our civil liberties as much as they can to have a nicely compliant and obedient citizenry.

The issue for me here is not just the Facebook reporting mechanism; I’m afraid I regard that as something of a ‘thin end of the wedge’, by which Government could influence and impact the policies of web sites not even based in Britain.  It’s not far from that sort of thing to the  censorship policies adopted by China and, more recently, but to a lesser degree, Australia.  Protesting about this sort of Government activity, which initially starts with child protection, is a little bit like trying to answer the question ‘Have you stopped beating your wife?’ in a way that doesn’t make you guilty.  But given this Governments record on civil liberties I’m afraid I do not and cannot trust them. 

As  Rousseau said “Free people, remember this maxim: we may acquire liberty, but it is never recovered if it is once lost. ”

And we’re losing it bit by bit.

Or…yet another reason to watch who you befriend….

Facebook attempts to be what’s known in the online world as a ‘Closed Garden’ – interactions with the rest of the Internet are restricted somewhat to make the user experience better…or to keep you in the loving arms of Facebook, depending on how cynical you are.  One of the tools in this process is the Facebook API – a set of programming tools that Facebook produce to make it possible for programmers to write software that works within the Facebook framework.  Indeed, Facebook get very peeved if you try automating any aspect of the site’s behaviour without using the API.

One thing that the API enforces is the privacy controls; and one thing that you cannot get through the API is an email address.  Which is cool – it prevents less scrupulous people who’ve written games and such from harvesting email addresses from their users to use for other purposes.  It also ensures that all mass communications are done through Facebook.

Of course, if you’re determined enough you could go to every Friend’s profile page and copy the email address from there…or there are scripts that people have written to do the task by simply automating a browser.  The former is tedious, the latter is likely to get you thrown off of Facebook.

However, a method documented hereshows how this can be done through the auspices of a Yahoo mail account.   It is apparently a legitimate application available within Yahoo Mail for the benefit of subscribers.  How long Facebook will allow this loophole to be exploited is anyone’s idea, but given that I have a number of Facebook friends I felt it worthwhile warning folks.

The problem is not you, my trusted and good and wonderful reader, who would only use the tool for what it’s intended for – added convenience in contact management.  The problem lies with people who are a bit free and easy about who they make friends with.  If you do end up befriending a less than trustworthy individual, they could quite happily get your email address through this method, and soon enough you’ll be receiving all those wonderful offers for life enhancing medication and get rich quick schemes.

So…watch who you befriend.  Today might be a good day to prune out those folks that you’re not one hundred percent sure about!

A short while ago I wrote a couple of posts about the issues around Real time Search (How important is Real Time Search and Google and the Dead Past) – that is, Internet based searches that include Internet content that has been generated in the few minutes (or even less!) prior to the search.  Those of us who’ve been around the Internet for long enough will remember the days when you could wait days or weeks for stuff to show up in a Google search; nowadays Tweets can turn up in search results almost immediately.

There are many reasons – most expressed in the two posts above – that I have for feeling rather uneasy about the whole idea of real time search, particularly around personal privacy.  I think the main mistake I made when I wrote those two posts last year was to underestimate the speed with which things would move.  Recent developments in geolocation based systems – that record the location from which a post is made – such as FourSquare and the geocoding side of Twitter have made it easy for Tweets and similar online posts to locate people in the real world.  A particularly fine example of this phenomena is the suitably named ‘Please Rob Me’ - this site uses some clever coding to detect when people Tweet that they’re away from home. 

The publication of ‘exploits’ for web browsers and other software could also become a hot topic.  At the moment, a hacker may determine how to ‘poison’ a website with a specially manufactured piece of code that can infect an unprotected PC with a virus or Trojan Horse program.  The hacker can then publicise the fact via various means, hoping that others will get the chance to use it before the manufacturer of the browser relaeses a ‘patch’ for the bug that the code exploits.  Real time search could very much help hackers – by releasing details of an exploit, then linking to it from a few sites, then tweeting it, it’s quite possible that details of such exploits could be showing up in search results within minutes or hours of the exploit being identified.  Unless the search results are sanitised in some way to prevent this happening – highly unlikely – then this will surely lead to decreasing online safety.

A related problem might be in the creation of online Pop-up Shops’ for ‘warez’ or other illegal content.  For those who’ve never come across a ‘Pop-up Shop’ these are shops that take out a very short lease on a retail property – typically a month or so around Christmas or some other busy event that will guarantee good local footfall.  They then sell cheap goods, Christmas cards, etc. and then shut up shop and disappear – whilst these shops are totally legit business, the Internet equivalents are frequently not.  Given real time search, a suitably optimised ‘instant site’ with an arbitrary URL could be put on a server, show up in search engine indexes / Tweet indexes within the hour , make material available and be gone before the authorities even know it was there.

Real time search is here – faster and probably more effective than I feared.  And it’s not going to be pretty.

The Press Complaints Commissionshas decided not to uphold complaints about an article by Jan Moir about the circumstances surrounding Stephen Gately’s death.  I’m not going to rehash the details of the case – a quick Google will allow you to find the original article, but my main interest is in some of the comments that I’ve heard floated up on Twitter and other web sites about the findings of the PCC.  The PCC did indeed receive a record number of complaints – 25,000 – about the column, and there was a fairly hefty campaign mounted over social networks such as Twitter to encourage people who felt strongly to complain.  The newspaper concerned, The Mail on Sunday, dodged censure:

PCC chairwoman Baroness Buscombe said the commission found the article “in many areas extremely distasteful” but that the Mail had escaped censure because it “just failed to cross the line”.

The PCC had considered context and “the extent to which newspaper columnists should be free to publish what many will see as unpalatable and unpleasant stories”.

and two complaints to the Metropolitan police that were passed to the Crown Prosecution Service were also rejected as grounds for prosecution because of insufficient evidence that the piece breached the law.

Jan Moir’s piece was ill-timed, and some of her comments were hurtful to some people.  I guess that there were those who found the piece upsetting who didn’t complain, and that there were probably quite a few people who wholeheartedly agreed with what she had to say; after all, complaints procedures rarely get support.  But, as they say, process has been carried out and judgement bought in by the PCC and the CPS, and in many ways that should be the end of it – whether you agree with the outcome or not. 

Having said that, I wasn’t surprised today when I saw a fair amount of blather on Twitter from the ‘chattering classes’ referring to the PCC judgement, starting off by saying that as the editor of the Mail on Sunday is on the PCC, the verdict is immediately biased.  I guess that’s to be expected.  We then went in to slightly disturbing territory, with a Tweet that I came across along the lines taht the Tweeter didn’t want to censor comment but felt that something to rein in columnists from claiming authority they didn’t have.  There’s also this debate on the BBC’s own web site.  Now, why do I find that tweet rather disturbing? 

It’s all in the wording.  Where does ‘claiming authority’ start and end?  Do we apply it across the board?  Do you have to be a political scientist to talk about politics?  A GP to write medical articles?  A physicist to comment on the LHC?  And what about us bloggers?  Do we have to ‘in with the in crowd’ before we can comment on the activities of celebrities?  Do I have to have a degree in economics before I can comment on the parlous state of the UK economy?  Should we have license to comment?

I’m sorry – but a good columnist SHOULD occasionally say something that pisses people off; one shouldn’t b personally offesnive or abusive, but the sacred cows of modern society should be up for comment. Once you start down the road of ‘reining in’ columnists it’s the thin end of the wedge towards full blown censorship.  Would there have been so much fuss from the media and liberal intelligentsia were the column about the death of a young ‘smack rat’ in similar circumstances?  I very much doubt it; I fear that a lot of the reaction here has been about the death of  ’one of their own’ in what must be described as unusual circumstances – unusual in my experience, any way.

 There’s an old saying that someone stays liberal on law and order until they get mugged or burgled; perhaps we might expand that to suggest that some people stay liberal on freedom of speech until someone dares to use it to say something they disagree with.

Many years ago there was a joke in techy circles that likened Microsoft to the Star Trek aliens ‘The Borg’.  It appeared at the time (mid 1990s) that Microosft were indeed determined to assimilate everything they encountered and absorb the technology of other companies in to their own.  Well, like the Borg in Trek, Microsoft finally found that they couldn’t assimilate everything.  But today there’s a new Borg Queen on the block, in teh form of Google.

Google Buzz was launched as an adjunct to Gmail, and Google got themselves in to hot water at the launch by having the system automatically follow everyone in your Gmail contacts list.  This was regarded as pretty heavy handed on Google’s part – and Google obviously concurred to some degree as they introduced changes to this part of the system.  The problem for Google is that they have a lousy history of handling privacy issues in both their Search tools and Gmail, and I guess starting a new product off with a similar disregard for the perceptions of their users was not a sound move.

So, how relevant is this move by Google?  I have to say that I’m not convinced that Google will actually represent major competition to Facebook or Twitter with Buzz (or, for that matter, with Wave).  The lock in to Google’s infrastructure of Buzz is something that Facebook doesn’t have, for instance.  I don’t have to have a Facebook email account, and I don’t do my searching through Facebook.  And therein lies the problem for me – and it all comes back to Google’s database of intentions that I’ve mentioned before in this blog.  The more Google can derive about the way in which people use Search, who they interact with, what ‘clusters’ of interests people have – even anonymously – the more value Google’s database of intention is.  You might want to take a look at some of my previous articles about Google – Google and The Dead Past, The importance of Real Time Search and Google seeks browser dominance - to get a feel for my views on Google.   Google’s strategic moves have been consistently to get Google’s search into everything we do.  Gmail was their first crack at this with personal communications, and now with Wave and Buzz they have the tools to map social networks, and the search behaviours of people on those social networks, especially if people remain logged in to Google accounts whilst the do their searching.

Let’s pretend…..you are logged in to your Buzz account and you search for something.  Google can link your search interests to those of the people in your social network, and vice versa.  They can thus add the collective behaviour of your searches to their database of intentions – remember what I said about the Borg?   And we’re not even thinking about the additional data provided by Google Apps…

 Google are also purchasing a ‘Social Search’ tool that allows people to ask questions of their social groups; I think we can safely assume that the responses will be squirreled away somewhere for future use.

Even when anonymised, this sort of information builds in to a very valuable commodity that Google can sell to future ‘partners’.  Google’s behaviour at the moment seems to be to develop or acquire a series of discrete elements of Social Networking technology that they’re bringing together under the existing account system of Gmail / Google Accounts, which makes perfect sense.  At one time Microsoft filled in some of the gaps in their various offerings in a similar way to allow them access to market segments that they were still trying to penetrate.  Perhaps Google have learnt from the software behemoth.

But they have a way to go – here are what I consider Google’s biggest challenges.

1. The attitude of the public towards Google is not entirely positive, and whilst Facebook have had numerous privacy problems their defined market presence in Social Networking and not in Social Networking, Search, Email, Productivity tools, kitchen sink manufacture, etc.  
2. Facebook may easily lose market share to a good competing service; their constant re-vamping of User Interface and buggy code upsets users but at the moment there is no viable competation for most people as Facebook is where their social network is.  Google would have to get people to migrate en-masse and over a short period of time to get the sort of success FB show.
3. Wave is certainly buggy; Gmail and Buzz are designed to not run on IE6 and it’s debatable how long Google will support other Microsoft Browsers – I wonder how many people would want themselves tied in to Google at the level of software as well as applications?  Like I said earlier – Facebook doesn’t require me to have a Facebook email address.
4. What’s Google’s target market; Wave seemed to be a solution looking for a problem; Buzz seems to be a similar ‘half way house’ affair that in some ways would have been best placed in Wave. Twitter and Facebook tend to provide specific groups of users with a defined user experience and functionality.  Quite what Buzz and Wave and Gmail together provide that isn’t available elsewhere is not clear to me.

So….my thoughts?  If this is Google’s attempt to park their tanks on Facebook’s lawn, then they’ve invoked the ‘Fail Whale’.

I’m not overly paranoid about people knowing where I’ve been on the Internet; I’m aware that it’s pretty easy for a website to feed your browser ‘tracking cookies’ that can be used for marketing and advertising purposes, and these can then be picked up on other sites, thus providing a path of footsteps that you have followed online.

Which is why I clear my cookies regularly, and set my browsers to only accept cookies from sites that I want to accept cookies from.  But I can see that in some parts of the world, your browsing history might be of great interest to Government and Law Enforcement, and I’m sure that many of the larger online retailers would love to get their paws on a good, reliable and hard to circumvent method of looking at what common interests people have.  For example, even if you’re anonymous, it can be of great use to companies to know what sorts of sites you visit, because you can then use data mining techniques to derive information on what other sites or products you might be interested in.  For example, if you’re an Amazon user, you’ll be aware of the fact you get recommendations of the ‘We see you’re interested in x.  Other people interested in x also bought y and z’. 

Now…let’s take this a little further.  I was browsing around the other afternoon and came across this site.  Give it a try – it’s under the auspices of the Electronic Frontier Foundation.  I don’t know what it came back with for you, but my ‘fingerprint’ was pretty darn rare – I guess it’s inevitable because of the various things I have installed on this  computer for work.  The site looks at the information sent by your browser to the site, and uses it to derive a ‘uniqueness’ factor – a sort of tag.  For an out of the box installation of an Operating System then I’d expect that there would be quite a few people whose finger prints are essentially the same.  But the more you tweak and configure and install stuff on your PC, the more unique it gets….to a point at which it can identify your PC uniquely, with very few errors.

And all this without it ever putting a cookie anywhere near your PC.  Now, there are ways around this – there always are – but they’re not the sort of approaches that the average man or woman in the street would take.

So what sort of ‘advantage’ would such a technology offer online companies, Government and the Security Services?

Now, this is pure supposition – I have absolutely no evidence at all that this is happening or is likely to happen…but let’s pretend.  We’ll assume that a number of large online companies have collaborated on sharing this fingerprint data – basically you visit a site or even a page – or maybe even do searches for certain subjects – and your electronic fingerprint is tagged on to that fact.

Scenario 1.  You do a search for information on equipment to help you avoid speed cameras.  Later that day you go to buy car insurance.  The insurer does a quick check on your ‘fingerprint’ against topics of interest to it – including sites offering legal advice for people caught speeding and also sites that inform or advise on speed traps.  You show up – you’re declined.

Scenario 2.  You’re interested in computer hacking – maybe even researching a book.  You visit a number of sites of interest, look at books on Amazon and such.  A few weeks later a major ‘hack’ happens and the authorities look at the electronic fingerprints of everyone who may have researched the topic.  You will show up.  This fingerprint is then circulated around ISPs who note that it is one that is associated with your Internet account.

Scenario 3. You’re gay in a country run by a repressive regime.  You visit web sites where the fingerprinting is being done for commercial marketing reasons.  The security services of your country get hold of this data, either by buying it or stealing it, and run a check of those fingerprints against the ones that are on file with the ISPs of that country.  You will find yourself in major trouble.

There are ways around this technique – it’s easy to go through proxies, and possible to strip all this sort of identifying data off of the packets that go to web sites.  And people who’re genuinely worried (or have reason to avoid this sort of inspection) will no doubt be doing this.  But for the vast majority of people this simply would be yet another means of intrusion in to our private lives.

A few days ago I came acrossthis item in Google’s blog – looking at what they call ‘Social Search.  This is a set of applications being developed by Google to allow image content that you and your social circle (as set up through your Google account) have posted on image sharing sites such as Flickr in searches returned by Google Images.    So the idea is that you do a search on particular images using Google Images, and prominently featured in the results set would be images that your friends have posted up on these other sites.  I assume that eventually this sort of thing will spread out to encompass other sites of user generated content – Facebook, MySpace, personal blogs, etc.  Of course, this would require some cooperation between the companies running these sites and clearly there would be financial issues involved, but technically it’s not that difficult.

At first glance social search looks like a very cool concept.  After all, we tend to ask our friends and colleagues for advice and guidance on where to buy things or find them online.  We take their advice on what web sites are reliable, we are likely to at least look at films or books recommended by people who know our tastes, and so on.  If it did become possible to pull together information about searches carried out by groups of friends, and include information posted or recommended by our friends in search results in a prioritised manner, then the results would probably be more immediately relevant to us, and would also be at least partially validated – rather than the results being the equivalent of a cold call, they’d be closer to a personal introduction.

However, it struck me that there’s a potential downside to this approach, especially the more integrated in to the overall search results the ‘personally linked’ social search results become.  There is a phenomenon well known in management consultancy circles called ‘Groupthink’.  It’s what happens when you get a group of people who’re closely linked in some way – members of the same close knit team or department, for example.  What can happen during decision making and problem solving sessions is that the group may come to decisions based upon internal politics and ‘norms’, rather than objective facts that are presented to them.  This effect has been seen to be responsible for poor decision making in a wide range of situations.  It struck me that there is a good chance of this effect becoming evident in search results should the ‘Social Search’ really take off. 

For example, if someone in a social grouping is particularly ‘active’ online then their comments and recommendations might turn out to have a larger impact than other folks who’re less active online but possibly more informed about issues.  The overall effect would therefore to bias such social network search results towards the people with the largest online profile rather than those results that are possibly more accurate.  Such individuals would thus become opinion leaders and formers in particular social groups, and advertisers could easily seek out these higher profile individuals to sell directly to them, working on the principle that they will sell to their circle of contacts either directly by recommendation or indirectly through the results of social search.

Slightly disturbing.  Whilst influencing small groups of people it’s not the end of the world, but how long before we get a situation similar to that in the Phillip Dick short story ‘The Mold of Yancy’, where the behaviour of a whole civilisation was influenced by the tastes and preferences of one man?  Far fetched?  Perhaps not.

Have you heard of ACTA?  How about the Anti-Counterfeiting Trade Agreement?  No?  Well, you’re probably not alone.  After all, here in the UK the Government won’t even put documents regarding the Agreement in to the House of Commons Library.   Of course, our New Labour defenders of freedom have lots of reasons for not doing this, most of them playing the ‘National Interest’ card, but one has to wonder whether that’s all there is to it.

To give you a little background, take a look at this brief outline of the provisions and process of ACTA.  Like most things that trans-national bodies come up with, they sound bland and almost useful to start with but the Devil is, as always, buried in the details.  And not buried deeply here.  The Horns and the tip of Old Nick’s tail are definitely visible!  Nominally, ACTA was put together to prevent counterfeiting and piracy of branded goods; immediately you can see that it’s beneficiaries are likely to be big corporations.  Whilst you might immediately think of dodgy Guffi handbags on the flea-market, or pirated DVDs, it also extends to less obvious things like machine parts, electronic components, drugs, etc.  In fact any copyrighted goods.  So far, sort of so good – but it also throws in sections dealing with piracy across the Internet and other aspects related to what might loosely be described as ‘means of piracy’, which is where the fun starts.

This BBC item from last yearindicates some of the concerns.  Some of the aggressive policies put forward last year against Internet pirates (or suspected pirates) here in the UK were almost certainly a product of ACTA, and the current Deep Packet Inspection trial by Virgin (whilst hitting a few legal issues) would no doubt warm the cockles of ACTA’s stony heart.  ACTA will allow for a great deal more intrusive observation by ISPs, Governmental bodies and other interested parties of our Internet traffic, will support fairly swinging penalties and because it’s a very broad-based, international agreement will have the stench of globalisation about it.  And it’s not just your Internet connection that’s of interest.  If you take your computer across international borders – in principle, ANY form of digital storage – then ACTA would permit it to be searched.  And this might easily include the SD cards in your camera, your Blackberry, your iPod.

Concerned yet?  Lots of fuss has been made about the ‘three strikes and you’re off the Net’ laws being developed in a number of countries that are likely to be signatory to ACTA when it’s finally agreed and ratified.  But that’s just the end of the process.  ACTA is the issue of concern as it legalises nothing more than wholesale invasion of privacy by private companies in to our personal lives.

It’s not just the UK Government keeping this business sub-rosa.  Here’s a Canadian take.  Fortunately, some British MPs (bless ‘em) are attempting to get an Early Day motion in place to raise the issue. 

Perhaps we shouldn’t be too surprised; ACTA will benefit global business first and foremost – the acolytes of massive globalisation will love it.  And such agreements are often used to bring in laws that individual Governments would probably lose power over if they tried to do it themselves.  National sovereignty and local governance once more yields to the faceless centre.

Perhaps it’s time to act up on ACTA?

I recently commented on whether Web 2.0 had ‘jumped the shark’ in terms of strange applications, and also remarked on whether the biggest threat to online privacy was ourselves.  However, I don’t think I was prepared for Blippy - a web site that allows you to share details of products and services that you’ve bought via different routes- Amazon, iTunes, Mastercard, Visa, etc.  Now this I find very weird and, dare I say it, slightly compelling viewing.  The system was on an invite only basis until late last year, but now seems to be open to all comers.

It’s sort of like the online version of being in the check out at the local Morrisons Supermarket and peering in to the basket of the person next in the queue.  I took a look on the site and randomly selected a user.  From 5 minutes looking at their recent transactions I was able to work out that they either lived in San Francisco and had recently traveled to New York (or vice versa), that they had a baby / toddler, that they’d done some DiY recently and various other aspects of their lives based on the purchasing records that they were willing to share.

Now, there’s nothing here that falls in to the ‘blackmail’ category, and I’m quite sure that people using Blippy would keep their ‘special’ purchases off of the system, but to be honest I do find it a rather strange thing for someone to want to do.  Maybe I’m just old.  It wasn’t long ago that people were protesting about the use of RFID tags in goods to track our shopping behaviour in shopping malls; now we seem to be falling over ourselves to give the information away for free, along with the amounts spent!

The Blippy owners said last December that they weren’t yet sure how to monetise the project.  Well, I think they were being rather disingenuous because it appears that Blippy have joined forces with the people who bought you the (now scrubbed) Facebook Beacon project.  And then there’s the very direct link between the data that Blippy collects and what has been called the ‘database of intentions’ - data that allows the prediction of buying activity based on past behaviours.  You have a large collection of data on buying habits; you have an individual with a recent history of purchases; it’s a relatively trivial software process to take the individual’s list and use the collection of data to predict what other items might be of interest.  You can then contact businesses in those market sectors with what is at least a warm prospect for a sale.

Blippy is again an interesting example of how people are willing to put lots of information in to this ‘database of intentions’.  Their lack of concern about their own privacy impacts upon us all by making it easier to predict our behaviour even if we only ‘leak’ small amounts of data. 

The recent arrest of 2 men on an Emirates Airlines flight for making a verbal bomb threat and for being drunk and disorderly is really nothing new; it’s happened a few times since 9/11.  Up until about 1999, I was one of those smart alecs who would make the witty comment about being careful with my bag because I had an atom-bomb in it, but around the end of the last century (even before 9/11) everyone was getting jumpy so I just started being sensible.

Obviously, after the Christmas Day bomb attempt people are naturally ‘twitchy’, but is it really that difficult to tell the difference between a bunch of drunks and a genuine bomber?  Bombers tend not to joke about their bombs.  Bombers tend to wait until the plane is in the air.  Bombers do not tend to be middle aged white men in Western clothes – especially DRUNKEN middle aged white men.  This doesn’t detract from the absolute feckin’ stupidity of the individuals concerned – after all, they could have easily been shot by the security services.  However, it did set me thinking as to whether this case, and our whole reaction to the threat of suicide bombers on our air routes, has been met by over-reaction or appropriate response by the authorities.

I think in this particular case, given the proximity of the Christmas Day attack, I’d go on the side of slightly hysterical appropriate response.  Over-reaction would have involved the men being shot and killed on the spot rather than arrested.  However, the wider picture is much more worrying.  Let’s take a step back and look at the situation.

Profiling – we’re told that our intelligence service profile travellers and put bombers on watch lists.  The Christmas Day bomber got on to such a list and still managed to get on the place.  these fellows would never have been on such a list.  So…profiling is ignored in the Heathrow case – these men didn’t fit the profile but were still treated as bombers – and the result of accurate intelligence profiling and listing was ignored due to error on Christmas Day.  Perhaps we need to be told just how many bombers profiling / no flight lists have prevented boarding with explosives?

Acceptable Risk – if you want to avoid any risk of bombers downing an aircraft, easy.  Don’t fly.  If you want to fly, then everybody goes on board in paper pyjamas and is strapped in to their seat – or maybe anaesthetised for the fight?  And your baggage is either flown in unmanned drones or separate cargo aircraft.  Daft, isn’t it?  But by introducing new measures all the time whilst existing measures are either not being followed through or are being ignored, this sort of daftness is becoming more likely. 

Privacy – forget it if you wish to fly.  You will now be scanned at a level of intrusion that have raised fears of images of children being regarded as child pornography by some legislation.  Your travelling history is already reviewed.  You may be interviewed based on your race, creed, religious beliefs, the book you’re reading.

Basically, the reaction to the authorities to the threats of terrorist bombers on civilian airliners increasingly seems to lack common sense and ‘follow through’ of existing policies and procedures, with repeated attempts to improve security after any incident by a combination of technological fix (Gigahertz Scanners, for example) and sociological / procedural changes (no hand baggage, profiling, etc.)  Whilst any deaths from terrorism are unacceptable, just what price do we intend to pay within our society to try and meet the unreachable target of zero risk?

Because it’s unlikely that there will ever be zero risk when you fly on a plane that it won’t be downed by terrorism.  It’s a dangerous world, and we need to realise that, and ascertain what are reasonable risks that we can deal with against increasingly intrusive and authoritarian powers invoked by the State to try and meet the nonsensical target of ‘zero risk’.

In his ‘Art of War’, Sun Tzu states : “Hence to fight and conquer in all your battles is not supreme excellence; supreme excellence consists in breaking the enemy’s resistance without fighting.”  Our Governments spend a lot of time, effort and money and very little judgement and common sense on trying to win every battle, and are effectively doing the work of the terrorists for them by reducing the freedom of citizens inch by inch.