Risk
8/20/2012
12:23 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

NYPD, Microsoft Push Big Data Policing Into Spotlight

Domain Awareness System poses a force to be reckoned with for NYC criminals; surveillance system likely coming soon to other cities.

A recent study by the Urban Institute found that camera-based systems effectively reduce crime rates, though it claims that not all geographies or offenses are impacted equally.

Many enterprises outside the law enforcement arena are interested in the tech found in surveillance tools. It's hard to say, for instance, who has more interest in facial recognition and biometrics--the FBI, or Facebook. DAS is likely to join the group of tools that appeal to both public and private concerns. Vexcel VP Mosher said that "DAS was built with enterprises in mind." He noted that multiple Microsoft technologies are part of the system, including SQL Server, FAST Search, SharePoint, Virtual Earth Server, and some .NET framework code--underlying capabilities that provide "the built-in ability to instrument almost all aspects of data and sensor feeds for data integrity or other types of operational events and to automatically send alerts."

Mosher claimed that the NYPD's DAS implementation was customer-specific and that the system can be modified to suit the needs of other jurisdictions or enterprises. Facial recognition, for example, is not supported in the NYPD model, but "this is less of a technology capability issue," wrote Mosher, "and more of a customer requirement issue in accordance with [the buyer's] policies." He also said that scalability is not an issue: "We already have a capability that scales down for bandwidth constrained environments where live video feeds are not feasible--and the intent is to have several 'off the shelf' versions with differing data feeds or sensor inputs that are tailored to smaller justice and public safety customers," he wrote.

Mosher said that DAS costs will depend on the level of customization required, with base products similar to the NYPD system being available at somewhat reduced costs. However, "we are talking about millions [of dollars] for a full-blown system," he wrote.

DAS implementation will likely face some legal challenges. Robert Weissberg, a law professor at Stanford, said in a phone interview that he believes DAS is legal but that alerts from its extremely sensitive radiation sensors might inadvertently reveal otherwise undetectable medical conditions of patients undergoing certain procedures--a potential Fourth Amendment violation.

The issue of tracking citizens, meanwhile, is already moving through the courts. United States v. Jones saw the Supreme Court rule earlier this year that authorities cannot place GPS devices on vehicles without first obtaining a warrant. A decision last week from the U.S. Court of Appeals, however, determined that police do not need a warrant to track suspect locations via pay-as-you-go-cellphones. Tracking individuals of interest is markedly different from tracking all motorists in a geographic area, of course, but these cases demonstrate the ongoing legal seesaw surrounding the use of emerging technologies.

Notwithstanding putative legal hurdles, the future of police work almost certainly involves big data tools. "The bad guys have everything that we do, too," said Bloomberg during the press conference. "And if you really want to worry about security and freedoms, that's the first thing."

InformationWeek is conducting a survey on big data. Take our now. Survey ends Aug. 31.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Xira
50%
50%
Xira,
User Rank: Apprentice
11/13/2012 | 9:36:34 PM
re: NYPD, Microsoft Push Big Data Policing Into Spotlight
This will catch, what, one terrorist? What's the total on that, anyway, 3 people dumb enough to think that someone would give them a working bomb?

This will be used to catch millions of pot-heads and other 'lifestyle' criminals.

Think very carefully about who you are voting for, because what they decide in the next 10 years determines how all of us are treated; because with a million laws on the books, all of us are criminals.
Nattu
50%
50%
Nattu,
User Rank: Apprentice
8/27/2012 | 4:03:47 PM
re: NYPD, Microsoft Push Big Data Policing Into Spotlight
It is interesting that the DAS can be deployed to anyone and can be customized to greater extent as far as the information goes,
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-1449
Published: 2014-12-25
The Maxthon Cloud Browser application before 4.1.6.2000 for Android allows remote attackers to spoof the address bar via crafted JavaScript code that uses the history API.

CVE-2014-2217
Published: 2014-12-25
Absolute path traversal vulnerability in the RadAsyncUpload control in the RadControls in Telerik UI for ASP.NET AJAX before Q3 2012 SP2 allows remote attackers to write to arbitrary files, and consequently execute arbitrary code, via a full pathname in the UploadID metadata value.

CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2014-7300
Published: 2014-12-25
GNOME Shell 3.14.x before 3.14.1, when the Screen Lock feature is used, does not limit the aggregate memory consumption of all active PrtSc requests, which allows physically proximate attackers to execute arbitrary commands on an unattended workstation by making many PrtSc requests and leveraging a ...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.