The scanner in question was not used for air travel. Perhaps even more ironic, it was in a courthouse. Gizmodo took a cue from an EPIC lawsuit (PDF of complaint to the US DoJ) and filed a Freedom of Information Act (FOIA) request for 35,000 images saved by this one scanner under odd circumstances.

Their report shows quite clearly how hard it will be to trust anyone running these systems; it is called “One Hundred Naked Citizens: One Hundred Leaked Body Scans”

A Gizmodo investigation has revealed 100 of the photographs saved by the Gen 2 millimeter wave scanner from Brijot Imaging Systems, Inc., obtained by a FOIA request after it was recently revealed that U.S. Marshals operating the machine in the Orlando, Florida courthouse had improperly-perhaps illegally-saved images of the scans of public servants and private citizens.

Reminds me of when I worked many years ago to protect Radiology images and detect leaks by staff. Anyone working in health care should hold the safety and welfare of the patient in highest regard, and yet there is a nearly constant risk of breaches and leaks to the media. The celebrity, Farah Fawcet and Octomom etc., cases may be the most known but there are many many others. Any image that was remotely interesting (imagine things swallowed, for example) quickly became a very high-value asset. You know what will happen when a professional sees something really interesting or funny and wants to show just one really close friend…and so information security again becomes the key to whether a product can survive.

I stopped going through body scanners a couple months ago and so far so good. It has actually been without incident. Then again, I was not trying to taunt TSA staff and see how they can handle passenger resistance.

A day after launch the BBC quoted the engineering manager in charge of the messages product. He was not optimistic:

I think we will have a little bit of an adoption problem…We’ve noticed that even for us, it takes a week or two before you really grab on and get this system.

What really happens in the cloud of data? How private and protected (confidential) is your data and how well is it protected from manual processes that could corrupt it (affect the integrity)?

Every time we turn on a new set of users we have to move their data from the old system to the new system – so one by one we have to run that process. Right now we are moving the first set of users over.

That does not sound well designed. He says it was really started as a way to copy the iPhone SMS interface to their site:

We were also frustrated about how SMS works. And we were fascinated by how the iPhone works. How those things funnel into Facebook. We wanted to do the same things for people without iPhones as well. We really wanted to pull those communication channels together and the rest kind of fell into place

That certainly explains why there are no subject lines. They, of course, are calling it the next generation and a big change, etc. but I have yet to see any discussion of the security features in the system. Subject lines do more than just add overhead. They create segmentation. Where do users need segmentation most to protect their information? In the cloud, on Facebook, and in communication.

What do I mean by segmentation? Remember when you could tell that a message was spam because of the subject? It provides an additional data point that separates the wheat from the chaff, the Alices from the other Alices. The cost of SMS makes spamming on it prohibitive (or so I’ve been told endlessly by the carriers). What is proposed for the control framework on Facebook Messages, given they have adopted the iPhone SMS user interface (which, to be fair, was an adaptation of the Google Mail user interface) but removed the controls that are inherent to SMS and email?

Today the President of the US will award the Medal of Honor to Staff Sgt. Salvatore Giunta. The Stars and Stripes has a book excerpt that describes the details of his heroism.

He saved a Platoon from certain death by reacting so quickly under heavy fire he was able counterattack. Despite facing an L-shaped flood of bullets and rockets Giunta took only a few seconds to gauge the situation and then lead a response, which rescued a captive soldier, as detailed on the Army site.

Intelligence and training are credited for these actions; bravery is cited as well, but the book seems to suggest bravery is really in the eye of the beholder:

One of the most puzzling things about fear is that it is only loosely related to the level of danger. During World War II, several airborne units that experienced some of the fiercest fighting of the war also reported some of the lowest psychiatric casualty rates in the U.S. military. Combat units typically suffer one psychiatric casualty for every physical one, and during Israel’s Yom Kippur War of 1973, frontline casualty rates were roughly consistent with that ratio. But Israeli logistics units, which were subject to far less danger, suffered three psychiatric cases for every physical one. And even frontline troops showed enormous variation in their rate of psychological breakdown. Because many Israeli officers literally led from the front, they were four times more likely to be killed or wounded than their men were — and yet they suffered one-fifth the rate of psychological collapse. The primary factor determining breakdown in combat does not appear to be the objective level of danger so much as the feeling — even the illusion — of control. Highly trained men in extraordinarily dangerous circumstances are less likely to break down than untrained men in little danger.

Why do we ignore the danger of driving at 65 mph even though only a few generations ago it was considered suicide? We build a feeling of normalcy, otherwise known as control, through training. The training affects our perception of risks, which makes danger a relative condition.

It is dangerous to drive down a twisty, steep hill, but training builds up a sense of control from practice that changes our perception as well as ability. While in control, intelligence can have room to make decisions. The danger may actually increase yet we may also operate with less fear and thus with more reason.

With this in mind, what really stands out for me in this story is a split-second when Giunta was shot and his mind immediately factored ballistic geometry.

Giunta gets hit in his front plate and in his assault pack and he barely notices except that the rounds came from a strange direction. Sheets of tracers are coming from his left, but the rounds that hit him seemed to come from dead ahead. He’s down in a small washout along the trail where the lip of packed earth should have protected him, but it didn’t. “That’s when I kind of noticed something was wrong,” Giunta said. “The rounds came right down the draw and there are three people — all friends — in the same vicinity. It happened so fast, you don’t think too hard about it, but it’s something to keep in mind.”

That fraction of a second — in control of the situation (thanks in part to a technical control called a front plate) — was apparently the instant when he grasped the situation enough to react; he launched forward with a response that saved the Platoon and rejoined him with the men ahead, saving them from capture.

Updated to add: Several people have asked me about the name Giunta. I do not think this story is about differences or heritage. The book excerpt emphasizes that his Platoon worked together best as a unit; individuals were not far from others in purpose, like close friends or a well-oiled machine. That being said, there is a region in Sicily called Giunta. Given his first name is Salvatore, that would be my best guess. His heritage, like his personality, may add flavor to the story but it should not detract from the message that training generated a unity that overcame great adversity.