responding to ShotSpotter's AI alerts rarely find evidence of gun crime
Cops responding to ShotSpotter's AI alerts rarely find evidence of gun crime, says Chicago watchdog
It may hurt community policing, too
Police responding to ShotSpotter's AI-generated alerts of gunfire find evidence of actual gun-related crime about one time in ten, a Chicago public watchdog has found.
The California biz uses machine-learning algorithms to determine whether loud bangs caught by microphones deployed across more than 100 US cities are gunshots or not. If a shot is identified, the location of the noise is triangulated and sent to the police as an immediate, real-time alert, and reports are later compiled for prosecutors for use in court cases.
ShotSpotter is under the microscope right now because a 65-year-old man spent almost a year behind bars awaiting trial for murder – and the primary evidence against him was a disputed ShotSpotter report of a gunshot.
Michael Williams was last year accused of shooting and killing 25-year-old Safarian Herring, and denied any wrongdoing. Prosecutors said ShotSpotter picked up the sound of gunfire right where and when Williams was seen in his car, in Chicago, giving Herring a ride. Williams said Herring was hit in a drive-by shooting.
Crucially, Williams' lawyers asked the trial judge to probe the ShotSpotter evidence after it emerged the AI software actually picked up a firework a mile away and this information was later revised for the courts by ShotSpotter staff. In response, the prosecution withdrew the ShotSpotter report, and last month asked for the case to be dismissed as it no longer had sufficient evidence. The judge agreed, and Williams was released as a free man.
Don't worry, someone did a probe
The City of Chicago's Office of Inspector General (OIG) decided to dig into the alerts ShotSpotter sends to the Chicago Police Dept (CPD) and the city's Office of Emergency Management. The city had a $33m three-year contract with ShotSpotter that was due to run out in August 2021, and in December last year, that contract was extended ahead of its expiry to mid-2023.
The watchdog said 50,176 alerts generated by ShotSpotter in Chicago between January 2020 and May this year probably were the result of gunfire, and were assigned unique IDs and had officers show up. Of those alerts, 41,830 resulted in some kind of police action, known as a disposition. And of those dispositions, only 4,556 indicated that "evidence of a gun-related criminal offense was found," the auditors said.
Thus, only 9.1 per cent of ShotSpotter alerts led to the police finding evidence of an actual gun crime. This did not go down well with the auditors, given that the ShotSpotter contract has been renewed.
“The CPD data examined by OIG does not support a conclusion that ShotSpotter is an effective tool in developing evidence of gun-related crime,” the watchdog said this week.
- A man spent a year in jail on a murder charge that hinged on disputed AI evidence. Now the case has been dropped
- British Army develops AI shotgun drone with machine vision for indoor use
- Apple's bright idea for CSAM scanning could start 'persecution on a global basis' – 90+ civil rights groups
- Cop drone crashes into flight instructor's airplane
The police, meanwhile, defended their use of the service.
“In order to reduce gun violence, knowing where it occurs is crucial,” a Chicago police spokesperson told The Register. “ShotSpotter has detected hundreds of shootings that would have otherwise gone unreported. ShotSpotter is among a host of tools used by the CPD to keep the public safe and ultimately save lives.
“Using ShotSpotter, CPD receives real-time alerts of detected gunfire enabling patrol officers to arrive at a precise location of a shooting event quickly. Instead of relying on the historically low rate of 911 calls, law enforcement can respond more quickly to locate and aid victims, identify witnesses, and collect forensic evidence.
"The system gives police the opportunity to reassure communities that law enforcement is there to serve and protect them and helps to build bridges with residents who wish to remain anonymous.”
ShotSpotter has detected hundreds of shootings that would have otherwise gone unreported
Chicago’s OIG isn’t convinced. In a 30-page report [PDF], the watchdog said the technology may lead to over-policing by sending officers into communities in search of serious crimes that never happened.
“Our study of ShotSpotter data is not about technological accuracy, it’s about operational value,” said Deputy Inspector General for Public Safety Deborah Witzburg.
“If the Department is to continue to invest in technology which sends CPD members into potentially dangerous situations with little information – and about which there are important community concerns – it should be able to demonstrate the benefit of its use in combatting violent crime.
“The data we analyzed plainly doesn’t do that. Meanwhile, the very presence of this technology is changing the way CPD members interact with members of Chicago’s communities.”
ShotSpotter’s software and hardware is proprietary, and hasn’t been publicly audited for its accuracy. The company, however, says its algorithms are 97 per cent accurate. “It is important to point out that the CPD continually describes ShotSpotter as an important part of their operations,” a ShotSpotter spokesperson told The Register.
“The OIG report does not negatively reflect on ShotSpotter’s accuracy which has been independently audited at 97 percent based on feedback from more than 120 customers. Nor does the OIG propose that ShotSpotter alerts are not indicative of actual gunfire whether or not physical evidence is recovered.”
The Register has asked Chicago’s OIG for further comment. ®
ProxyLogon flaw, evil emails, SQL injections used to open backdoors on Windows boxes
ESET and TrendMicro have identified a novel and sophisticated backdoor tool that miscreants have slipped onto compromised Windows computers in companies mostly in Asia but also in North America.
As usual in the infosec world, the pair of security outfits can't agree on a name for this remote-access module. ESET refers to the malware as SideWalk and to the group responsible as SparklingGoblin; TrendMicro prefers ScrambleCross and calls the threat actor Earth Baku, even as it acknowledges that the miscreants are better known as APT41.
TrendMicro's researchers speculate that the design of the malware indicates that at least one member of the group is familiar with the tools and techniques of security red teams while the SideWalk/ScrambleCross backdoor suggests personnel with deep knowledge of low-level programming and advanced software development.
Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit
A denial-of-service vulnerability affecting SDKs for Realtek chipsets used in 65 vendors' IoT devices has been incorporated into a son-of-Mirai botnet, according to new research.
The remote code execution flaw, CVE-2021-35395, was seen in Mirai malware binaries by threat intel firm Radware, which "found that new malware binaries were published on both loaders leveraged in the campaign."
Warning that the vuln had been included in Dark.IoT's botnet "less than a week" after it was publicly disclosed, Radware said: "This vulnerability was recently disclosed by IoT Inspectors Research Lab on August 16th and impacts IoT devices manufactured by 65 vendors relying on the Realtek chipsets and SDK."
What's the top programming language? It's not JavaScript but Python, says IEEE survey
Python is the "de facto platform for new technologies," according to research by the IEEE in its Spectrum publication.
The new survey places Python, Java, C, and C++ as the top four programming languages. JavaScript, which typically tops such surveys, is in fifth place.
By contrast, StackOverflow reported earlier this month that JavaScript was the most used language by some margin, with 65 per cent followed by Python at 48.2 per cent and Java at 35.35 per cent. Redmonk analysts also placed JavaScript top, as does developer tools company JetBrains in its State of the Developer Ecosystem survey.
Looks like people now pay for Trello, meaning 'ripper' fourth quarter at Atlassian
Atlassian has fiddled with its Trello pricing tiers and added a new one for customers who found the leap from Free to Business Class a jump too far.
Disappointingly called "Standard", the new tier is aimed at small teams and costs $5 per user per month (if you pay for a year up front) or $6 per user per month on a monthly basis.
"Standard" slots nicely between the freebie offering and "Business Class." The latter will henceforth be known as "Premium." The price, at $10 per user per month for a 12-month commitment, remains unchanged.
IBM tossed £20m to keep the Trace side of NHS Test and Trace services running
IBM has been awarded a contract extension to provide its Strategic Trace Solution to the NHS Test and Trace service for England, securing additional fees of around £20m on the deal signed last year.
In a tender document published this week, the government revealed it has agreed to pay Big Blue £47.7m including the £25m fee agreed to work on the controversial Test and Trace service. The extension takes the supplier's expected time on the project until November 2023.
This follows an extension until September 2023, as per a contract announcement in July, which provides an IBM-built system based on the Salesforce platform.
Junking orbital junk? The mind behind ASTRIAGraph database project hopes to 'make space transparent'
Forty-five years after the United States entered into the Convention on Registration of Objects Launched into Outer Space, one of its citizens has some doubts about the way it's working out.
The convention, administered by the United Nations Office for Outer Space Affairs (UNOOSA), might not be capturing all the information it should do about human-made objects escaping from the Earth's atmosphere, Professor Moriba Jah, an aerospace engineer at the University of Texas at Austin, told The Register.
"The treaty says countries should register your object as soon as practicable and some countries interpret that as registering five years after the thing has been launched, and that makes no sense," Professor Jah said.
GitHub's Copilot may steer you into dangerous waters about 40% of the time – study
Academics have put GitHub's Copilot to the test on the security front, and said they found that roughly 40 per cent of the time, code generated by the programming assistant is, at best, buggy, and at worst, potentially vulnerable to attack.
Copilot arrived with several caveats, such as its tendency to generate incorrect code, its proclivity for exposing secrets, and its problems judging software licenses. But the AI programming helper, based on OpenAI's Codex neural network, also has another shortcoming: just like humans, it may produce flimsy code.
That's perhaps unsurprising given that Copilot was trained on source code from GitHub and ingested all the bugs therein. Nonetheless, five boffins affiliated with New York University's Tandon School of Engineering felt it necessary to quantify the extent to which Copilot fulfills the dictum "garbage in, garbage out."
30 years of Linux: OS was successful because of how it was licensed, says Red Hat
On the 30th anniversary of the announcement of Linux by Linus Torvalds, Red Hat has said that it worked because of the way the OS was licensed.
In a post today celebrating the anniversary, Red Hat said: "The reason that Linux has been arguably the most successful operating system of all time is due to the fact that its license allowed copying, improvement, distribution and required sharing of changes. (Note that the license does not require collaboration, but the reciprocal nature of Linux strongly encourages it.)"
Lost in IKEA? So, it seems, is Windows
Bork!Bork!Bork! Microsoft Windows flaunts itself upon the screens of IKEA as the not-at-all creepy setup screens pose an unanswerable question – can we use your location?
The problem, as any visitor to the retail giant will attest, is actually knowing where one is in the temple of flatpacked furniture. We've certainly spent many an hour toiling around the Croydon branch in search of an exit and instead come away with several sacks of tea lights that remain unopened to this day.
So if we're not too sure of our in-store location, we're also not sure what Microsoft plans to do with the information. "It looks like you're about to have a relationship-ending row. Would you like some help with that?" is just the sort of perky advice we could do without.
Samsung testing memory with built-in processing for AI-centric servers
Samsung has advanced its plans to relieve devices of the tedious chore that is moving data out of memory and into a processor – by putting more processing power into memory. It's already running in servers and should become a standard of sorts next year.
The Korean giant's efforts use its very fast Aquabolt high-bandwidth memory (HBM) architecture – tech to which the company added processing-in-memory (PIM) capabilities in February 2021. Samsung hasn't revealed a lot of detail about its PIM implementation, but The Register understands it involves placing a processing unit with unspecified specs alongside each cell array inside memory.
In early 2021 Samsung announced it had HBM and PIM working together in the same piece of silicon. Yesterday it announced it's made the two work inside a Xilinx Virtex Ultrascale+ (Alveo) AI accelerator, and also advanced HBM-PIM to a point at which it is ready for deployment inside DIMMS and mobile memory.
Singapore is the only nation with a dedicated 'net link to China. And they've just agreed to expand its use
Four regions and provinces in China have announced they are joining an existing dedicated internet connectivity facility linking the Middle Kingdom and Singapore.
Launched in September 2019, the China-Singapore (Chongqing) International Dedicated Connectivity (IDC) is the first point-to-point internet connectivity between China and a foreign country and links Singapore with seven districts across Chongqing.
The project provides high-speed and low-latency connections through Singapore and Western China through Chongqing, supporting bandwidth-intensive industries like video games, media and conferencing services.
Comments
Post a Comment