Detective Munch was RIGHT!!!!

By Annalee Newitz| Also by this reporter
02:00 AM Nov, 30, 2006

If you enhance your workout with the new Nike+ iPod Sport Kit, you may be making yourself a surveillance target.

A report from four University of Washington researchers to be released Thursday reveals that security flaws in the new RFID-powered device from Nike and Apple make it easy for tech-savvy stalkers, thieves and corporations to track your movements. With just a few hundred dollars and a little know-how, someone could even plot your running routes on a Google map without your knowledge.

The Nike+ iPod gives runners real-time updates about the speed and length of their workouts via a small RFID device that fits into the soles of Nike shoes, and broadcasts workout data to a small receiver plugged into an iPod Nano.

While this setup sounds convenient and cool, it didn't sit well with Scott Saponas, a computer science graduate student at the University of Washington in Seattle. After enjoying his Nike+ iPod for a few months, Saponas began to suspect there might be other, more nefarious uses for the gear.

He brought his concerns to University of Washington computer science professor Yoshi Kohno and fellow graduate students Carl Hartung and Jonathan Lester. After just a few weeks of tinkering, the four researchers discovered that the Nike+ iPod is, as Kohno put it, "an easy surveillance device."

The first problem is that the RFID in the shoe sensor contains its own on-board power source, essentially turning your running shoe into a small radio station capable of being received from up to 60 feet away, with a signal powerful enough to be picked up from a passing car.

Compare this with the roughly 3-centimeter to 10-inch read range of a typical consumer-grade RFID, such as the kind you find in smart tags in Gap clothing or in credit cards, which is passively powered by the reader.

Additionally, the sensor will reveal its unique ID to any Nike+ iPod receiver. With a quick hardware hack that Kohno said "any high school student could do in the garage," the researchers hooked a Nike+ iPod receiver up to a Linux-based "gumstix" -- a tiny, $79 computer that could easily be hidden in door frames, in trees next to jogging trails or in a pocket.

In their report, the researchers detail a scenario in which a stalker who wants to know when his ex-girlfriend is at home taps into her Nike+ iPod system. He simply hides the gumstix device next to her door, and it registers her presence as she passes by in her Nike shoes. If he adds a small "wifistix" antenna to the device, it can transmit this information to any nearby Wi-Fi access point and alert him to her presence via SMS or by plotting her location on Google Maps.

A thief could use a similar set-up to case several houses at once, figuring out when Nike-wearing owners are at home and when they aren't.

Neither Apple nor Nike had comments at press time.

Electronic Frontier Foundation staff attorney Lee Tien says the Nike+ iPod is a harbinger of things to come. "We're going to see more devices like this in the next few years," he said. "This isn't just a problem with the Nike+ iPod per se -- it's a cautionary tale about what happens when companies unwittingly build a surveillance capacity into their products."

UC Berkeley RFID researcher David Molnar agreed with Tien, adding, "This shows a need for independent oversight and investigation of these technologies before they go to market. These things happen because the people building devices don't think about privacy implications."

Molnar also speculated about how easy it would be for a company to build their own tiny readers and deploy them in a large environment, selling the data stream to those who would track spouses or teens, or collect information about how many people wearing Nikes visit malls or movie theaters. "Given that there are no laws about skimming data in California right now, it would be perfectly legal to do it there," he said.

The researchers, for their part, just want to see Apple, Nike and other manufacturers fix the problem. They offer a simple solution in their report, which is to build the sensors to speak to only one reader.

"Using relatively standard cryptographic techniques, you could make it very difficult to listen to broadcasts from somebody else's sensor," said Kohno. He hastened to add that he doesn't believe Apple and Nike purposefully designed the sensors to be surveillance-friendly. "I just think companies should be as aware of privacy issues as they are of safety issues," he said. "Too often, they aren't."

It's always cool when your friends get their own radio show

Date: Fri, 24 Nov 2006 14:43:17 -0800 (PST)
From: "E.Mandisa"
Subject: E.Mandisa/MiMi Radio talk show host

Dear Friends, Family, Colleagues:

This is E. Mandisa aka Mi MI...... I have some extremely exciting news. I have just become the associate producer and on air personality for the afragenesis network, a one hour talk radio show broadcast live on 1150 AM KKNW here in Seattle, and worldwide via the internet on . Please tune in and listen, Monday-Friday 1-2pm pst, and 3-4pm est.

You can get a better understanding of our show format by visiting us at , please join our online community. We will be dealing with issues directly affecting the African and African American people of the world. We have sections on news, culture, metaphysics/ spiritual growth, the arts, hip hop and more!!!

Please feel free to hit me up with show ideas, or to be a guest on our show. Also if you'd like to advertise with us, or have us do a PSA for your organization or event.

I had almost given up on my dream of a broadcasting career, due to the lack of integrity in the media these days, but afragenesis provides us with a platform where we just state the facts, and let the audience make up their own minds.

Please feel free to call in during our broadcast hour, our phone numbers will change in the near future, but for now u can call in on the following lines. In the Seattle area: 425-373-5527 or toll free at 888-298-kknw (5569)

Hope that you all become a part of this wonderful project!!!

The softer side of LAPD

> -------- Original Message --------
> Subject: New E-Policing Strategy
> From: E-Police Newsletter <>
> Date: Mon, November 20, 2006 11:05 am
> Dear Community Member,
> In an effort to better open the lines of communication between each of
> you and the Central Area station of the LAPD, we are now utilizing
> this electronic form of communication to alert you to information
> about our community here in the downtown Los Angeles Area.
> From time to time we will be sending out alerts on possible crime
> trends and asking for your help in solving these crimes. All
> information that we receive back is helpful and we look forward to
> using this new technology to improve the communication between us.
> Please spread the word and have your neighbors and business associates
> in the downtown area log onto the LAPD website and register to use the
> new e-policing tool so they can be included in our e-mail list
> Thanks for your support,
> Lieutenant Raymond Garvin
> Central Area

If you are in Florida anyways...

I called this three years ago as THE way to do community-based long-rang planning.

The Knight Program in Community Building at the University of Miami School of Architecture's next executive education course is the National Charrette Institute Charrette Planner Certificate and takes place on the University of Miami's Coral Gables campus February 14-16, 2007. Charrettes capable of tranformative community change require careful planning and execution. The National Charrette Institute Charrette Planner certificate course provides the framework and hand-on skills to successfully utilize the powerful Dynamic Planning Process.

Information and a registration form is attached and further information is available on the Knight Program website:

The lure of coffee

I recently completed a trip where I didn't get a real coffee for a couple of days. I've told the story of finding cockroaches in the coffee maker, and I have to admit...I became afraid of the coffee maker.

Much like the time I suddenly became afraid of sitting on the toilet, because the last time I sat down on the toilet that day, we had a small earthquake.

Anyway, today was one of those days were you would look at your computer screen, rip off a million emails, realize that it's lunch time (and you'd been there since 7:30). Then, lunch time came and went, and now all the sudden it's 5 after 5, boss man has gone home, and I'm trying to get out the door.

However, someone left a message on my website. Someone who I've always admired as a friend, and I can't stop thinking about how things are going with them! And, I wasn't going to be able to get on with my evening until I posted something, because I know they would be looking. HA HA!

So - M.'s it?

My Trip to Florida

So, traveling again to meet with Clients. Met with three of the four groups I intended to meet with. I woke up on Thursday morning to a big storm, and there was just no way I was able to get out of the hotel. I'm just not used to rain anymore. Funny to hear me say that.

Anyway, Florida has been fun. I left the sunroof open on Thursday. So, all the rain not only got the pavement, building, and grass wet, but I also have about 1/2 an inch of standing water in the rental car. Big Whoops on that one.

Usually, I think that I'm pretty put together. However, now...I know...I've been knocked off my high horse, and my new sweatshirt is damp. Couldn't eat at a nice place last night because I sit in the car for 5 minutes and it looks like I pee'd my pants and water went down my back.

It is really funny.