( Story Blogged by Bruce Schneier)

So zitiert Schneier unter anderem Berichte aus der Flugzeugindustrie und des Nachrichtensenders ABC, laut denen ein "übereifriger TSA-Mitarbeiter" um ein parkendes Flugzeug zu kontrollieren an Bauteilen herumgeklettert ist, die "unabdingbar für die Funktion der Bordcomputer" sind und durch diesen Stunt ernsthaft beschädigt hätten werden können. Es dürfte nicht allzu schwierig sein, diese Aktion vom Sicherheitsaspekt her zu beurteilen. Wer, um das rechnerisch gesehen ohnehin verschwindend geringe Risiko eines Terroranschlages zu verringern, technische Probleme an Bord des betroffenen Flugzeugs riskiert, die unter ungünstigen Umständen ebenso fatal für Passagiere und Crew sein können (aber ungleich wahrscheinlicher sein dürften) würde wahrscheinlich auch Fliegen in seiner Wohnung mit einem Raketenwerfer bekämpfen. Was jemand mit einer solchen Risikoeinschätzung bei einer staatlichen Sicherheitsbehörde zu suchen hat, wird wohl ewig ein Rätsel bleiben.

Auch der Umgangston der TSA-Angehörigen wird von Schneier kritisiert. Endgültig absurd wird das Ganze aber, wenn man einen Blick auf die zunehmend ins unermessliche wachsenden und nach hoffnungslos untauglichen Kriterien gefüllten "No-Fly-Lists" wirft, auf denen, wie man weiß, bereits tote Terroristen ebenso zu finden sind wie (ebenso unbescholtene wie hochdekorierte) amerikanische Kriegsveteranen, US-Senatoren und Grundschulkinder. Es dürfte so gut wie ausgeschlossen sein, dass eine derartige Liste bestimmungsgemäß bei einer effektiven Terrorismusbekämpfung hilft- umso mehr, als es für Betroffene relativ trivial ist, zu fliegen, obwohl sie auf der "No-Fly-List" stehen. So berichtet Denise Robinson, die Mutter eines achtjährigen Jungen, der seit seinem fünften Lebensjahr die zweifelhafte Ehre hat, von der TSA für einen mutmaßlichen Terroristen gehalten zu werden, dass sie "den Verantwortlichen sagt, dass ihr Sohn auf der Liste ist, ein hohes Trinkgeld gibt und Bordkarten bekommt" oder das Ticket für ihren Sohn einfach unter dem Namen "J. Pierce Robinson" statt "James Robinson" kauft.

Wir haben es hier also offenbar mit einer Behörde zu tun, die Unschuldigen das Leben schwermacht, dafür aber oft genug jede Form von Effektivität vermissen lässt und teilweise sogar das Sicherheitsniveau im Luftverkehr durch Übereifer und mangelnde Fachkompetenz verringert. Ein besseres Beispiel dafür, dass Maßnahmen, die vorgeblich unsere Sicherheit erhöhen, oft genug irgendwas zwischen "gar nichts" und "dem genau gegenteiligen Effekt" erreichen, kann es kaum geben. Es wird Zeit, dass die Verantwortungsträger sowohl in den USA als auch im Rest der von Terrorhysterie befallenen "westlichen Welt" endlich den Unterschied zwischen Sicherheit und Sicherheitstheater lernen und auf dieser Basis effektive, sozialverträgliche Konzepte entwickeln.

A presentation at this year's Black Hat Conference elaborates on these public-private partnership challenges.  From darkreading.com:

Government agencies are wrestling with many of the same problems as the private sector, because so many of their systems and communications rely on private-sector infrastructure, the officials said...We work with the power companies to come up with sound backup plans, and we work with the other entities that operate our critical infrastructure. But if you're operating systems for a profit, and making money from them, then it's not government's responsibility alone to protect them."

I think all participants in outsourced and privatized government IT initiatives would agree in principle that it is everyone's responsibility to protect our nation's digital infrastructure.  However privatization brings to the table so many more managers and IT staff, physical locations with logistical challenges, budgets with slightly different interests, et al.  If we are serious about national cyber-security, the Federal government should consider keeping as many IT services in house as possible.

There are other advantages to keeping IT services in house.  Bruce Schneier, an information security guru, states that the government is one of the largest customers of IT software and hardware.  If the Feds were serious about software and hardware security and if the bulk of IT services were still owned and controlled by the Feds, they could leverage their purchasing power to demand software and hardware vendors develop secure products. 

That's not to say all privatization is bad and public-private partnerships should be avoided.  It just shouldn't be the de facto solution, particularly in IT.

I know Jacob already wrote on this book several months ago, but it was so good, I couldn't resist talking about it again. It's been hanging around on my hard drive while I've been rushing around doing other things (but with Pi-Con coming up this weekend, an event at which Cory Doctorow will be in attendance) I just had to start reading. I read it in a two several-hour sittings, and I really didn't even want to split it up that much. I just wanted to keep reading and reading until it was done.

I know that if I start I could go on for hours about the book and never get on to the rest of the post, so I'm going to try to control myself, so I can turn some of the energy that this book gave me into other projects that don't involve blogging. So all I will say is that this book is important. I want everyone in the world to read it. Everyone.

A concept has been coming to me in pieces over the past couple years, well probably over the whole span of my life, through books, movies, conversations, and news stories. Most recently Little Brother, Carl Sagan's The Demon Haunted World, Kenneth Bower's The Starship and the Canoe (a biography of Freeman Dyson), and Bruce Schneier's Beyond Fear.

The concept is simple. The more people know, the more their quality of life improves. People who have proper access to the understanding that humans know possess are healthier, happier, and more secure. This all happens on a sliding scale, of course. "Developed" nations are certainly ahead of "developing" nations in quality of life, but almost no one in America is as healthy, happy and secure as they could be.

I was trying to figure out why people are generally content with their level of scientific and security-oriented understanding (which, when it comes down to it, is really the same thing). The answer is simple, people are worrying about other things. Most kids in America are worrying about getting through a school day without getting beat up, made fun of, looked at the wrong way, scrutinized or punished by well-meaning and misguided adults. They are blameless. Most adults are worrying about getting to work, getting a paycheck, getting food on the table, caring for children or family members, finding time to relax, party, and have sex. They are also blameless.

I think most people living in America today grew up with this concept of science as a force (for good or evil, or both) which operates outside their sphere of living. It's something that other people are doing. This is dangerous in several ways. When scientists are those uncaring people steering us toward oblivion on a wasted Earth or in the event horizon of a black hole, they are remote sources of anxiety which paralyze us into a willful indifference. We escape into the palpable mundane of day to day life. Conversely, but no less dangerous, is the concept of scientists as those heroes out there somewhere thinking about all the things we can't be bothered to think about, solving all our future problems. They divert asteroids and invent green technologies. This way of life lulls us into a false sense of security. The comforting thought that we don't need to pay attention because things will sort themselves out in time. This is a way of thinking that has much in common with age-old human tendencies toward religion. It elevates scientists to gods and angels who have the power to divert any disaster as long as we put our faith in them.

I think the truth is that all these aspects of science coexist. There is the danger, the mind-numbing fear of uncertainty, and there is the hope. The combined efforts of Sagan, Schneier and Doctorow have revealed to me is that even the most well-funded science programs in the world, with full support from public and private institutions (which is far from the reality) would be useless if the general public did not concern itself with science. Many, perhaps most, of our politicians don't fully understand the scientific issues that our society is grappling with. It would be irresponsible of us to expect them to. They are politicians. They know politics. But they are public servants and they (theoretically) represent us. If we don't take the time to understand the scientific issues that confront us, and demand that they pursue courses of action that represent our needs and rights, then we can hardly be surprised when things go foul.

This is the beginning of a much larger discussion, but I'm running out of steam and attention span, so for now, I will end.

Do yourself a favor, read Little Brother. You don't have to know anything about crypto or science. You just have to be someone who cares about freedom.

But there's one problem: James Robinson, the pilot, has difficulty even getting to his plane because his name is on the government's terrorist "watch list."

That means he can't use an airport kiosk to check in; he can't do it online; he can't do it curbside. Instead, like thousands of Americans whose names match a name or alias used by a suspected terrorist on the list, he must go to the ticket counter and have an agent verify that he is James Robinson, the pilot, and not James Robinson, the terrorist.

"Shocking's a good word; frustrating," Robinson -- the pilot -- said. "I'm carrying a weapon, flying a multimillion-dollar jet with passengers, but I'm still screened as, you know, on the terrorist watch list."

Along with about a million other people.

OK, that's good, but this is even better:

Commuter Flights Grounded Thanks To Bumbling TSA Inspector

They're the government... and remember, they're here to help. A bumbling inspector with the Transportation Safety Administration apparently has some explaining to do, after nine American Eagle regional jets were grounded at Chicago's O'Hare International Airport on Tuesday.

Citing sources within the aviation industry, ABC News reports an overzealous TSA employee attempted to gain access to the parked aircraft by climbing up the fuselage... reportedly using the Total Air Temperature (TAT) probes mounted to the planes' noses as handholds.

"The brilliant employees used an instrument located just below the cockpit window that is critical to the operation of the onboard computers," one pilot wrote on an American Eagle internet forum. "They decided this instrument, the TAT probe, would be adequate to use as a ladder."

Sweet! As noted in a further comment on ANN:

E-I-C Note: This was an extraordinarily dangerous incident, folks. The TSA has neither the mandate nor the knowledge to inspect any aircraft for any reason. The stupidity of this matter is nearly unbelievable... until you hear that the TSA is involved... then it becomes understandable, though still tragic. And I can not tell you how frustrating it is, to see them continue to hurt an indsutry that they were created to protect.

The TSA has NO BUSINESS putting untrained personnel in a position to damage aircraft. Their bizarre games, in the name of security, do NOTHING to enhance security and do much to inhibit safety. Aviation personnel -- pilots, A&P's, ground personnel -- are all either licensed or supervised by licensed personnel and this kind of tampering, had it been accomplished by anyone else, would have subjected that person to criminal charges.

But hey, they can do what they want. They're the TSA.

Well, *maybe* there's a chance to fight back, at least on some things:

Court: Passengers can challenge no-fly list

Critics of the government's secret no-fly list scored a potentially important victory Monday when a federal appeals court ruled that would-be passengers can ask a judge and jury to decide whether their inclusion on the list violates their rights.

In a 2-1 ruling, the Ninth U.S. Circuit Court of Appeals in San Francisco reinstated a suit by a former Stanford University student who was detained and handcuffed in 2005 as she was about to board a plane to her native Malaysia.

The ruling is apparently the first to allow a challenge to the no-fly list to proceed in a federal trial court, said the plaintiff's lawyer, Marwa Elzankaly.

The decision would allow individuals to demand information from the government, present evidence on why they should not have been on the list, and take the case to a jury, Elzankaly said.

Of course, it'd take time, money, and the willingness to suffer further hassle from the TSA, for standing up for your rights. Because, you know, that'd mark you as a troublemaker. Hell, just writing about these issues has probably flagged my name - we'll see what happens the next time I need to fly somewhere, coming up in about two months.

I swear, just about the biggest thing a presidential candidate could do in my book would be to promise to get rid of the whole security theater nonsense, to reconsider whether we need the TSA as it currently exists, to revamp the Department of Homeland Security, and to return us some semblance of our rights under the Constitution. Sheesh.

Jim Downey

(Via MeFi and ML, cross posted to UTI and Daily Kos.)

Das war nicht immer so: Blaise Pascal, Robert Boyle, Gottfried Leibniz, Isaac Newton, Carolus Linnaeus, Leonhard Euler, Michael Faraday, James Clark Maxwell, Lord Kelvin, Sir Robert Boyd, C. F. von Weizsäcker, usw. (um nicht noch die umstrittenen Galileo, Darwin, Einstein zu erwähnen) hatten einen lebendigen Glauben an Gott.

Mich - (ehemaliger) Physiker und Naturliebhaber - spornt mein Glaube an Gott eher an, die fantastische Komplexität und Vielfalt des Geschaffenen zu erforschen. Was meinen andere?

Schneier legt dabei drei grundlegende "Forderungen" fest. Die erste ist, die "immense Kaufkraft" der Regierung zu nutzen, um "die Sicherheit" kommerzieller Produkte und Dienstleistungen zu verbessern" indem für staatliche Verwendung nur Software gekauft wird, bei der explizite Sicherheitanforderungen erfüllt werden. Die zu diesem Zweck entwickelten Verbesserungen, so Schneier, würden danach auch kommerziell erhältlich sein und somit der Allgemeinheit zugute kommen. Dies wird um so wichtiger, je größer die Rolle ist, die Computer in unserem Leben spielen- und diese Rolle ist bereits jetzt groß genug, um die Absicherung von Computern unverzichtbar zu machen für sowohl gesellschaftliche Abläufe als auch die Wahrung individueller Rechte. Wenn der Staat hier Einfluss nimmt, ohne zu überreglementieren, einfach indem er sinnvolle Sicherheitsstandards für Software wirtschaftlich attraktiv macht, können wir davon alle nur profitieren. Wie so viele Vorschläge von Bruce Schneier hört sich auch dieser täuschend einfach und selbstverständlich an- wenn man einmal darauf gekommen ist. Sicherheit ist eben oft nicht kompliziert und unverständlich, sondern eine Frage des Blickwinkels und des Gespürs für Zusammenhänge und mögliche Beeinflussungswege.

Schneiers zweiter Grundsatz ist, von staatlicher Seite Ergebnisse, aber keine Methoden vorzugeben. So wird die genaue Umsetzung den Experten überlassen, die in der Regel eher auf sinnvolle Lösungswege kommen als Politiker, für die IT-Sicherheit nur ein Thema unter vielen ist. Zuviel "Micromanagement" von Seiten der Regierung trägt nicht dazu bei, die Kreativität der Fachleute zu fördern- teilweise kann sie diese sogar ernsthaft behindern, trotz wahrscheinlich bester Absichten der Verantwortlichen. "Ein schlechtes Gesetz ist schlimmer als gar kein Gesetz," betont Schneier- vor dem Hintergrund meiner Erfahrungen mit einigen Perlen der IT-Gesetzgebung (insbesondere §202c StGb) kann ich nur sagen: "Der Mann hat sowas von recht!" Angetreten mit dem lobenswerten Ziel, die wachsende Cyberkriminalität zu bekämpfen, schafft dieser Paragraph (beziehungsweise seine mögliche, bisher nicht verlässlich auszuschließende Auslegung als Komplettverbot bestimmter Software) es statt dessen, die professionelle Arbeit, die Forschung Nachwuchsgewinnung der "White Hats", der konstruktiv arbeitenden Sicherheitsexperten, zu erschweren, ohne die Kriminellen nennenswert zu beeindrucken. Auch hier wird statt eines Zieles ("Einschränkung bestimmter Formen der Cyberkriminalität") eine genaue Methode ("Verbot bestimmter Tools") vorgegeben.

Last but not least fordert Schneier als dritten Teil seines "Katalogs", dass der Staat in Forschung, insbesondere die wirtschaftlich oft eher unattraktive und daher von kommerziellen Unternehmen vernachlässigte Grundlagenforschung, investiert. Dabei plädiert er (neben einer erneuten Betonung der Wichtigkeit wissenschaftlicher Freiheit) für eine möglichst breit angelegte Verteilung der Gelder, da man "nie vorhersehen kann, was einmal wofür nützlich sein wird"- eine Aussage, die gut zu Schneiers häufigen Plädoyers für die Einbeziehung von weit mehr verschiedenen Disziplinen und Blickwinkel in die Sicherheitsforschung passt und vor dem Hintergrund oft kontraproduktiver Animositäten und/oder Kommunikationsstörungen zwischen den Experten für verschiedene Themen und Fachbereiche wichtig bis überfällig ist. Allerdings erscheint es momentan doch etwas sehr optimistisch, auf mehr Gelder für Forschungsprojekte, insbesondere solche mit Bezug zum oft misstrauisch beäugten IT-Sicherheits-Bereich, zu hoffen. Schneiers Rat erscheint sinnvoll genug- ob irgendwer in der Politik darauf hören wird, steht leider auf einem anderen Blatt, auch weil, wie Schneier selbst im abschließenden Statement schreibt, effektive Sicherheitsmaßnahmen oft unpopulär sind und sich daher bei Politikern keiner allzu großen Beliebtheit erfreuen (insbesondere wenn sie Geld kosten).

Insgesamt hat Bruce Schneier hier einen sehr sinnvoll erscheinenden Maßnahmenkatalog zusammengestellt, über den wohl nicht nur amerikanische Politiker einmal ernsthaft nachdenken sollten. So könnte der Schritt vom durch Panikmache gerechtfertigten Sicherheitstheater hin zu sinnvolleren Maßnahmen gemacht werden- wenn das Interesse und die nötige Einsicht bestünden, das zu erreichen.

If you're not familiar with The World's weekly Technology Podcast, put out by Clark Boyd, check it out.

Crossing Borders with Laptops and PDAs

Last month a US court ruled that border agents can search your laptop, or any other electronic device, when you're entering the country. They can take your computer and download its entire contents, or keep it for several days. Customs and Border Patrol has not published any rules regarding this practice, and I and others have written a letter to Congress urging it to investigate and regulate this practice.

Well, we now know the response:

Travelers' Laptops May Be Detained At Border
No Suspicion Required Under DHS Policies

Federal agents may take a traveler's laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.

Basically, they can take any electronic or other device capable of storing data for as long as they want, for no reason at all. Yes, I said "other device". From the Washington Post article cited above:

The policies cover "any device capable of storing information in digital or analog form," including hard drives, flash drives, cellphones, iPods, pagers, beepers, and video and audio tapes. They also cover "all papers and other written documentation," including books, pamphlets and "written materials commonly referred to as 'pocket trash' or 'pocket litter.' "

Think about that for just a moment. They have to right to take anything of yours which could contain data, and keep it for as long as they think they need it. Furthermore, they can share it with others as they see fit. Will the data be secure? Will it be destroyed if not needed? Will your laptop (etc) be returned to you unmolested and intact, or will it have some spyware installed to record your keystrokes? (This last item plays a pivotal plot point in Communion of Dreams, so I tend to think of such things).

What to do?

Accept that the authorities will do this, and not worry about it? Don't cross the boarder? Try and hide your data? Simply don't take any such devices with you?

We're going to Patagonia in about 10 weeks. My wife has been considering taking her laptop, since she is part of the organizing team for the tour we'll be on. I told her that I don't recommend it. But it's her call. At the very least, I hope that she - and anyone else who has to do this - will take the time to consider Schneier's advice on how to do so safely. Here's a bit:

So your best defence is to clean up your laptop. A customs agent can't read what you don't have. You don't need five years' worth of email and client data. You don't need your old love letters and those photos (you know the ones I'm talking about). Delete everything you don't absolutely need. And use a secure file erasure program to do it. While you're at it, delete your browser's cookies, cache and browsing history. It's nobody's business what websites you've visited. And turn your computer off - don't just put it to sleep - before you go through customs; that deletes other things. Think of all this as the last thing to do before you stow your electronic devices for landing. Some companies now give their employees forensically clean laptops for travel, and have them download any sensitive data over a virtual private network once they've entered the country. They send any work back the same way, and delete everything again before crossing the border to go home. This is a good idea if you can do it.

If you can't, consider putting your sensitive data on a USB drive or even a camera memory card: even 16GB cards are reasonably priced these days. Encrypt it, of course, because it's easy to lose something that small. Slip it in your pocket, and it's likely to remain unnoticed even if the customs agent pokes through your laptop. If someone does discover it, you can try saying: "I don't know what's on there. My boss told me to give it to the head of the New York office." If you've chosen a strong encryption password, you won't care if he confiscates it.

There's also advice (and links) in that essay on how to partition your hard drive to include hidden material, how to encrypt your data safely, and so forth. Use according to how valuable your data is. But keep in mind that showing up at the boarder (or Customs) with such encryption evident is a sure way to attract attention and make your day more difficult. Not fun.

What I find astonishing, and extremely insightful, is this quote from that WaPo piece:

Homeland Security Secretary Michael Chertoff wrote in an opinion piece published last month in USA Today that "the most dangerous contraband is often contained in laptop computers or other electronic devices." Searches have uncovered "violent jihadist materials" as well as images of child pornography, he wrote.

With about 400 million travelers entering the country each year, "as a practical matter, travelers only go to secondary [for a more thorough examination] when there is some level of suspicion," Chertoff wrote. "Yet legislation locking in a particular standard for searches would have a dangerous, chilling effect as officers' often split-second assessments are second-guessed."

A "chilling effect", Mr. Chertoff? Funny, that term is more commonly used and understood in how government can infringe on the civil rights of law-abiding Americans. To make the claim that the government's agents are the ones suffering such an infringement in their duties is to turn the entire notion of governmental authority coming *from* the people on its head, and says rather that those public employees are something more akin to our rulers than servants.

But I suppose that this is hardly surprising in this day and age.

Jim Downey

(Cross posted to UTI. Also see further discussion at MetaFilter, Daily Kos, and BoingBoing.)

O Grande criptografo, Bruce Schneier escreveu em seu blog que é muito facil acusar Dan Kaminsky de ser o culpado pelo actual panico na Internet em volta das falhas do protocolo DNS, mas lembra ele que vao mais de 6 meses que Dan se mostrou disponivel a trabalhar com empresas como Microsoft e Cisco para resolverem o problema e até hoje nada foi resolvido pelas mesmas.

Segundo Schneier o grande problema reside no facto da falha descoberta segundo ele acidentalmente por Kaminsky nao representar propriamente uma novidade, já que era discutida durante algum tempo a forma fraca como o DNS realizava a randomização das portas de origem, solução proposta pelo especialista em Criptografia Daniel Bernstein que aliás escreveu ele mesmo um servidor DNS que usando criptografia forte no citado acima, nao se encontra hoje vulneravel a esta falha.

Schneier recomenda segurança, desde a fundação, nao para eliminar riscos porque isso nunca se sucederá, mas pelo menos para mitigar/diminui-los.

You may be in denial if you think a Deniable File System (DFS) will fully secure your data.  So says Byte and Switch today, based on a study by British Telecom's Bruce Schneier and a team of researchers from the University of Washington.  They were able to expose DFS-hidden data with Microsoft Vista, Word, and Google desktop.  

Fully ecrypted hard drives are not affected

Don't worry -  this chink in data security does not apply to drives using Full Disk Encryption (FDE) .

– Frågan kräver ett rejält omtag. Regeringen måste vara beredd att riva upp beslutet och ta diskussionen från noll, säger Sverker Thorén, ordförande i Kalmar.

Samtidigt kan man undra om denna omsvängning mer handlar om utsikterna att bli omvald än insikt i hur fel FRA-lagen är. Personligen tror jag det handlar om båda sakerna. Självklart vill alliansens riksdagsledamöter bli omvalda. Vid tidpunkten för omröstningen i riksdagen var det största hotet mot deras omval partipiskan och hotet om att inte hamna på valbar plats i nästa val. Nu har det gått upp för dessa personer att det kanske inte kommer att finnas en valbar plats vid nästa val eftersom partierna har kört förtroendet i botten. När dom då ser tillbaka på lagen med klara ögon så börjar det gå upp för dom hur fel lagen är!

Det är inget fel på eftertanke, men det är inte det vi ser. Det är inte insikterna som har förändrats - det är utsikterna. Utsikterna att bli omvald, att höra till vinnarna, att bli populär.

Vill riksdagsledamöterna bli tagna på allvar, bör de börja med att ta sig själva på allvar. Och det gör man inte genom att opponera på sina egna beslut.

Även om jag anser att det är bra att riksdagsledamöterna nu svänger i sin syn på lagen så tycker jag det är skrämmande att vissa hävdar att dom inte visste vad dom röstade igenom. Är det inte makthavarnas skyldighet att veta vad dom röstar om? Att i efterhand ducka och säga att man inte visste vad man röstade duger inte!

Samtidigt klagar allianspartiernas ungdomsförbund över att riksdagsledamöterna och partiledningarna inte förstår unga som lever stora delar av sitt liv på nätet.

Ungas världsbild skiljer sig markant från regeringens 40-talistperspektiv. Istället för att värna ett fritt och öppet internet ska fildelare jagas och allas kommunikation ska skickas för avlyssning till FRA.

I en tid när vi unga läser tidningar, skickar foton till kompisar, flirt-sms:ar och gör nästan allt via nätet är förslag som FRA-lagen och fildelarjakten frontalangrepp mot oss.

Johan Norberg undrar i Expressen om allianspartierna någonsin varit liberala.

Men innan vi utanför dömer alliansen för hårt är det värt att notera bjälken i det egna ögat. Politiker lever trots allt på väljarmarknaden. Som den liberale bloggaren Mattias Svensson har konstaterat var det inte många av de opinionsbildare som nu klagar över regeringens svek mot principer som protesterade när de övergavs. Det var inte bara Reinfeldt som längtade väldigt mycket efter regeringsmakt.

Bruce Schneier uppmärksammar att USA terrorlista nu har nått en miljon (1 000 000) namn.

Why, there are only twice as many burglars in the U.S. And fifteen times more terrorists than arsonists.

Is this idiotic, or what?

Listan ökar med 20 000 namn i månaden. Schneier har helt rätt i att detta är helt idiotiskt. Vem tror på allvar att det finns 1000000 terrorister? Nelson Mandela avfördes för bara någon vecka sedan från terrorlistan! Condoleezza Rice tyckte det var pinsamt med Mandelas namn på listan. Vad händer med alla andra på listan som inte har kontakter med USA:s utrikesminister och som inte har fått Nobels fredspris?

Some people are saying fix it, but there seems to be no motivation to do so. I'm sure the career incentives aren't aligned that way. You probably get promoted by putting people on the list. But taking someone off the list...if you're wrong, no matter how remote that possibility is, you can probably lose your career. This is why in civilized societies we have a judicial system, to be an impartial arbiter between law enforcement and the accused. But that system doesn't apply here. Kafka would be proud.

En anledning till att så många namn finns på listan är förmodligen avlyssning i stil med den FRA ska få utföra. Detta visar återigen hur fel massavlyssning är. Den hjälper inte till att fånga terrorister. Istället drunknar underrättelsetjänsten i arbete med att kolla upp alla falska träffar. Detta bidrog bland annat till att man inte lyckades stoppa terrorattentaten i New York 2001 trots att man blivit varnad att något var på gång.

"Terrorism is perceived to be a major threat to society. Yet the actual damage done by terrorist attacks is dwarfed by the secondary effects as target societies overreact. There are many topics here, from the manipulation of risk perception to the anthropology of religion."
(Bruce Schneier, security expert)

"Terrorism is perceived to be a major threat to society. Yet the actual damage done by terrorist attacks is dwarfed by the secondary effects as target societies overreact. There are many topics here, from the manipulation of risk perception to the anthropology of religion."
(Bruce Schneier, Sicherheitsexperte)

There should have been many more settings, not just kill and stun.  Kill, stun, limp: that's the next one down, isn't it?  ...or maybe on "bit of a cough" setting, even lower than that.

Some devices already have a remotely enabled kill switch, such as corporate Blackberries with remote wipe cabability (intended to protect sensitive company data should it be lost or stolen), and others will soon follow, like reports that OnStar is adding the ability to remotely stop the engine of a connected car (again, marketed as an anti-theft system).

Microsoft, however, is looking to set its phasers on stun, limp, or even "bit of a cough."  They've filed a patent application for something they call Device Manners Policies (DMP), another Minitrue-style name and acronym, which, like Digital Rights Management is less about manners (or rights) and more about restrictions.  Schneier calls it Selective Device Jamming.  Essentially, under this scheme, locations will be outfitted with hardware to broadcast to your devices the rules of the land, such as "vibrate only" for cell phones, or "no photography" for cameras.  Hospitals or airplanes where critical equipment can be subject to interference from wireless devces would be able to force your devices into sleep mode until you leave the area (how will such wireless transmissions be guaranteed not to cause interference themselves?).

Microsoft wants to draw analogies with the societal guidelines we call "manners," i.e. that it's considered rude to talk on your cell phone in the movie theatre.  However, this is a false analogy since manners are guidelines, not rules.  DMP wants to disable functionality in your electronics (albeit temporarily) without your consent, or force them into sleep mode: limp and stun settings.

No, an actual manners technology is only a short step away from the "location-based services" stuff that all the cool kids were talking about 2 years ago--some of which are already out.  See, once your devices know where they are, you can do digital manners all client-side, without having to contact the Borg Cube to get your orders.  You have a couple different profiles, such as "theatre" which might mean switching to silent, "office" which sets ring volume to low, and "street" which sets it to high so you can hear it above the sounds of the city.  Simple, no external restrictions, and the user still stays in control.  Each person is free to choose to obey social guidelines or not: just like real manners.

Photo by Ted Sali
Creative Commons Licensed

Okay, so we all agree this wasn´t a particularly sensitive thing to say (not to mention dumb, in a situation where the candidates´ every move is closely watched by the media). But that isn´t all there is to it. Much more interesting, in my opinion, are the basic concepts behind statements like this, the mechanisms, the way of thinking. McCain/Black give a good example of some facts that hold true for the vast majority of conservative politicians- and quite a few others. In brief: Why do I think that what Black said is completely true, and why don´t I like it?

The answer to all these questions, in a way, is security. Security is what people crave in a situation which seems uncertain and full of new dangers. This, of course, would prove even more true if there was another terror attack making peoples´ vulnerability even more clear to them in a drastic way.

Nowadays, security is one of the most important things many people want the government to be able to provide. Traditionally, they tend to think conservative politicians are more competent when it comes to national security- it´s like that in Germany, and it´s no different in the US.

Associated with this is a notion that many politicians (and other people like media guys, representatives of police and the secret services, and so on) never seem to get tired of passing on to the public: The concept that security and the preservation of personal liberties (especially those related to privacy and the protection of personal data) are opposites.

We have heard that often enough and many of us certainly think it´s true. This is why a politician like Mr. McCain, who has said more than once that he is willing to pass new surveillance laws in the name of national security, is considered to be a so much better provider of security for the country and its people than his more liberal opponent (true, in the case of Mr. McCain, he has other merits, as well, which make him seem competent in this area- but the general mechanism remains unchanged, and it´s the same just about anywhere in the so-called "Western World").

Occasionally, this is also described as security and privacy being "a zero-sum game"- try to get more of one and you inevitably have to (at least partly) give up the other. Given this choice, many people will choose security- it´s natural. Security is a fundamental need essential to survival. Besides, it seems save to assume that no one wants to live in permanent fear.

So, are we doomed to live in a surveillance state, simply because we can´t face living in permanent insecurity instead? I don´t think so.

The security provided by more and more surveillance measures is often more felt than real. Surveys have shown that, for example, CCTV in public places doesn´t cut crime rates at all. Databases containing huge amount of personal data (for example related to ID cards, data retention schemes or lists of suspected terrorists) can actually cause a decline in security, putting peoples´ personal data more at risk from abuse or (cyber-)crime.

Still, most people think they are more at risk without (or with less) control and surveillance- to the point that I have spent hours having discussions with people who absolutely refused to even consider that more freedom and privacy didn´t necessarily mean anarchy and terror. The security people think they have seems to differ wildly from the security one would conclude is really there. When it comes to crime and terrorism people seem to feel much less secure than they really are. The great majority of people overestimates the risk of a terrorist attack and underestimates the risks related to the over-the-top counterterrorism measures employed, to varying extent, by practically all Western governments after 9/11. Logically this means many people will choose a very conservative policy when they´re trying to get as much security as they possibly can. It makes them feels secure, no matter if they really are.

The common belief that security and privacy are opposites is risky in many ways. It changes peoples´ behavior, making them give up personal liberties that seemed natural only ten years ago. It encourages politicians to think of even more invasive measures since this seems to be in line with the voters´ wishes. It prompts some politicians to use peoples´ fears for their own goals and even try to increase them, creating a culture of fear. In some cases it even helps the very people that we want to keep off by employing security measures by making us focus on some measures (those that make us feel secure) even if they are really totally ineffective and ignoring others (for example the protection of critical infrastructures from attacks).

Last but not least, these ideas prevent us from making informed choices. Fear is usually a bad decision-maker. We shouldn´t be scared and we shouldn´t think we have to choose between security and privacy. Security researcher Bruce Schneier, who has been (and still is) a great inspiration for me, puts it like this: "If you set up a false dichotomy, most people will choose security over privacy, especially if you scare them first. But it´s still a false dichotomy." There is little to be added to that except that, unfortunately, some (mostly conservative) politicians hoping for extra votes take it on themselves to do the scaring.

Even though it may seem that some people benefit from the fear of terror attacks, it can only hurt us, our society and our values in the long run. Therefore the problem isn´t primarily a politician´s aide making a tactless comment- it´s the fact that this comment is so completely realistic. But the only thing that really helps with that is information, is looking behind what we are told and making informed choices. In Europe, a popular motto for privacy demonstrations is "Freedom not Fear". This seems to be what it´s all about.

Source: The Guardian

Bruce Schneier

(Extract)

Pervasive security cameras don't substantially reduce crime. There are exceptions, of course, and that's what gets the press. Most famously, CCTV cameras helped catch James Bulger's murderers in 1993. And earlier this year, they helped convict Steve Wright of murdering five women in the Ipswich area. But these are the well-publicised exceptions. Overall, CCTV cameras aren't very effective.

This fact has been demonstrated again and again: by a comprehensive study for the Home Office in 2005, by several studies in the US, and again with new data announced last month by New Scotland Yard. They actually solve very few crimes, and their deterrent effect is minimal.

Conventional wisdom predicts the opposite. But if that were true, then camera-happy London, with something like 500,000, would be the safest city on the planet. It isn't, of course, because of technological limitations of cameras, organisational limitations of police and the adaptive abilities of criminals.

To some, it's comforting to imagine vigilant police monitoring every camera, but the truth is very different. Most CCTV footage is never looked at until well after a crime is committed. When it is examined, it's very common for the viewers not to identify suspects. Lighting is bad and images are grainy, and criminals tend not to stare helpfully at the lens. Cameras break far too often. The best camera systems can still be thwarted by sunglasses or hats. Even when they afford quick identification — think of the 2005 London transport bombers and the 9/11 terrorists — police are often able to identify suspects without the cameras. Cameras afford a false sense of security, encouraging laziness when we need police to be vigilant.

(Read more)

The Truth About CCTV
Almost all CCTV systems are illegal, says expert

There is nothing wrong or illegal about taking pictures of public buildings.   But more importantly, there is nothing about preventing people from taking pictures which makes us safer.   As Mr. Schneier succinctly pointed out, no terrorists ever used photography as a way to prepare for an attack.   Even if they were to decide to somehow use photography in their plans, it would be nearly impossible to stop all photographers, and in the end they could always simple visit the area themselves rather than take those pictures.  Trying to stop terrorism by stopping photography is like trying to stop wars by banning maps.   In my mind, there's only one good answer to all of this.  Stop.  Or, on our part, take more pictures and stand up against what has seemed to be primarily based around intimidation.

I know it's not my usual fare, but I've been reading through these stories and thought it a good topic to mention.

Both MeFi and Schneier report on the Subivor:

Whether it is a train fire, a highrise building fire or worse. People should have more protection than a necktie, their shirt or paper towel to cover their mouth, nose and eyes. As you know an emergency can happen at anytime and in anyplace, leaving one vulnerable. Don't be a sitting duck. The Subivor® Subway Emergency Kit can aid you in seeing and breathing while exiting . This all-in-one compact, portable and easy to use subway emergency kit contains some items never seen before in a kit.

Well, unless you make your own, of course.

* * *

Via BoingBoing, this news:

Your papers please: TSA bans ID-less flight

In a major change of policy, the Transportation Security Administration has announced that passengers refusing to show ID will no longer be able to fly. The policy change, announced on Thursday afternoon, will go into force on June 21, and will only affect passengers who refuse to produce ID. Passengers who claim to have lost or forgotten their proof of identity will still be able to fly.

Because no terrorist would *ever* lie to the TSA and claim that they had lost or forgotten their ID.

*sigh*

More security theater. Forcing people to submit to showing ID has nothing to do with airline security, and everything to do with just forcing them to submit to the government's authoritah.

* * *

And speaking of your civil rights:

Split Panel Affirms Warrantless Use of GPS Device

The warrantless use of a global positioning device on a vehicle by police does not violate a driver's right to privacy under either the U.S. Constitution or the New York state Constitution, an upstate appeals panel decided last week.

* * *

As to the Fourth Amendment of the U.S. Constitution, the panel found that nothing prevents the use of technology, such as the satellite-aided positioning devices, to "surveil that which is already public."

"Inasmuch as constant visual surveillance by police officers of defendant's vehicle in plain view would have revealed the same information [as the GPS device] and been just as intrusive, and no warrant would have been necessary to do so, the use of the GPS device did not infringe on any reasonable expectation of privacy and did not violate defendant's Fourth Amendment protections," Justice Robert S. Rose wrote for the majority.

The dissenter, Justice Leslie E. Stein, argued that global positioning system devices are considerably more intrusive than traditional surveillance methods.

"While the citizens of this state may not have a reasonable expectation of privacy in a public place at any particular moment, they do have a reasonable expectation that their every move will not be continuously and indefinitely monitored by a technical device without their knowledge, except where a warrant has been issued based on probable cause," Stein wrote.

Gee, a 'warrant', based on 'probable cause'.  What a concept.

* * *

And just so we don't end on that depressing note, here's a fun T-shirt site with a SF theme, thanks to Cory Doctorow.  A bit pricey at $32, but there are some very nice designs.

Jim Downey

One of the photographs I didn't take when I was on holiday was of the US Embassy in Berlin: and the reason I didn't was because, as Bruce Schneier outlines here, photographers are regarded as a threat: there are signs up all over their concrete bunker (which blocks half the street) making clear that photographer is not allowed, and there are a bunch of soldiers with guns hanging around who looked like they would welcome the opportunity of relieving their boredom by deleting all photos from a passing photographer's camera.

The worst threat to the US Embassy in Berlin from my photographing it would have been the obviousness of American paranoia and willingness to inconvenience others. As Bruce notes:

The 9/11 terrorists didn't photograph anything. Nor did the London transport bombers, the Madrid subway bombers, or the liquid bombers arrested in 2006. Timothy McVeigh didn't photograph the Oklahoma City Federal Building. The Unabomber didn't photograph anything; neither did shoe-bomber Richard Reid. Photographs aren't being found amongst the papers of Palestinian suicide bombers. The IRA wasn't known for its photography. Even those manufactured terrorist plots that the US government likes to talk about -- the Ft. Dix terrorists, the JFK airport bombers, the Miami 7, the Lackawanna 6 -- no photography.

Given that real terrorists, and even wannabe terrorists, don't seem to photograph anything, why is it such pervasive conventional wisdom that terrorists photograph their targets? Why are our fears so great that we have no choice but to be suspicious of any photographer?

Why indeed? Bruce's theory is that it's because

Terrorists taking pictures is a quintessential detail in any good movie. Of course it makes sense that terrorists will take pictures of their targets. They have to do reconnaissance, don't they? We need 45 minutes of television action before the actual terrorist attack -- 90 minutes if it's a movie -- and a photography scene is just perfect.

Well, maybe. Like the binary liquid explosives thing that meant, when I flew to Germany, I had to ditch my water bottle before I went through the security gates and buy another bottle of water on the other side: it's nonsense but it happens on the movies, so we all change our behaviour accordingly.

But that explains why we comply. It doesn't explain why people in charge enforce. When we know for a fact that terrorists do not photograph their targets before they attack, and that there is nothing useful they could do with their photographs if they did, why should people with cameras be assumed to be terrorists?

A friend's boyfriend told me, yesterday, that when he was in the Omni taking photographs a security guard rushed over and ordered him to stop: it was not allowed because a child might be in the frame. (The f'sbf pointed out that he was facing out of the Omni, taking a photo of the sky through the glass wall: any child in the frame might indeed be in danger, but not because of the photograph. The security guard was adamant.)

"If a decision is made to crack down on photographers, it should be made at the top. It's a general officiousness and a desire to interfere with people going about their legitimate business." Austin Mitchell MP

I do sometimes take photographs of people. (If you see yourself on this blog, and don't want to be there, contact me and I'll take the photo down immediately.) But I try not to take photographs that anyone could use against the person - unnamed, seen on the street or a bus, reflected in a window, or even just wearing utterly sophisticated sunglasses. Crowd scenes at the farmers' market, stallholders and musicians, children playing in the park. I hope to offend no one or worry anyone, as I stand there camera in hand catching a snapshot of a moment.

Mostly, I take photographs of Edinburgh. To celebrate - and sometimes to criticise - the city I love.

A recent article in The Guardian by security technologist and author Bruce Schneier says that photographers have been coming under increasing scrutiny since 9/11 under the auspices of national security. But, he says:

The 9/11 terrorists didn't photograph anything. Nor did the London transport bombers, the Madrid subway bombers, or the liquid bombers arrested in 2006. Timothy McVeigh didn't photograph the Oklahoma City Federal Building. The Unabomber didn't photograph anything; neither did shoe-bomber Richard Reid. Photographs aren't being found amongst the papers of Palestinian suicide bombers. The IRA wasn't known for its photography. Even those manufactured terrorist plots that the US government likes to talk about -- the Ft. Dix terrorists, the JFK airport bombers, the Miami 7, the Lackawanna 6 -- no photography.

He makes a good point. Outlawing photography makes politicans and law enforcement feel good, like they're doing something in the fight. Unfortunately they're going after the wrong people.

And in case there was any doubt, he gives this nice reminder:

Fear aside, there aren't many legal restrictions on what you can photograph from a public place that's already in public view. If you're harassed, it's almost certainly a law enforcement official, public or private, acting way beyond his authority. There's nothing in any post-9/11 law that restricts your right to photograph.

Article via The Guardian.
Photo via let 'er rip.

Public-key infrastructure (PKI), usually meaning digital certificates from a commercial or corporate certificate authority (CA), is touted as the current cure-all for security problems.

Certificates provide an attractive business model. They cost almost nothing to manufacture, and you can dream of selling one a year to everyone on the Internet. Given that much potential income for CAs, we now see many commercial CAs, producing literature, press briefings and lobbying. But, what good are certificates? In particular, are they any good for E-mail? What about free certificates, as with PGP?

For e-mail, you want to establish whether a given keyholder is the person you think or want it to be. When you verify signed e-mail, you hope to establish who sent the message. When you encrypt e-mail to a public key, you need to know who will be capable of reading it. This is the job certificates claim to do.

An ID certificate is a digitally signed message from the issuer (signer or CA) to the verifier (user) associating a name with a public key. But, using one involves risks.

The first risk is that the certificate signer might be compromised, through theft of signing key or corruption of personnel. Good commercial CAs address this risk with strong network, physical and personnel security. PGP addresses it with the "web of trust" - independent signatures on the same certificate.

The next risk is addressed unevenly. How did the signer know the information being certified? PGP key signers are instructed to know the person whose key is being signed, personally, but commercial CAs often operate on-line, without meeting the people whose keys they sign. One CA was started by a credit bureau, using their existing database for online authentication. Online authentication works if you have a shared secret, but there are no secrets in a credit bureau's database because that data is for sale. Therefore, normal identity theft should be sufficient to get such a certificate. Worse, since credit bureaus are so good at collecting and selling data, any CA is hard pressed to find data for authentication that is not already available through some credit bureau.

The next risk is rarely addressed. ID certificates are good only in small communities. That's because they use people's names. For example, one company has employees named: john.wilson, john.a.wilson, john.t.wilson, john.h.wilson and jon.h.wilson. When you met Mr. Wilson, did you ask which one he was? Did you even know you needed to ask? That's just one company, not the whole Internet. Name confusion in unsecured e-mail leads to funny stories and maybe embarrassment. Name confusion in certificates leads to faulty security decisions.

To a commercial CA, the more clients it has the better. But the more it succeeds, the less meaningful its certificates become. Addressing this problem requires work on your part. You need to keep your namespace under control. With PGP, you could mark keys "trusted" (acting as a CA) only if they certify a small community (e.g., project members), otherwise, you could sign keys personally, and only when the certified name is meaningful to you. With some S/MIME mailers, you could disable trust in any CA that has too many (over 500?) clients and personally mark individual keys trusted instead. Meanwhile, you can print your public key fingerprint (a hash value, sometimes called a thumbprint) on your business cards, so that others can certify/trust your key individually.

There are other risks, also.

Did the issuer verify that the keyholder controlled the associated private key? That's what the certificate claims.

Does your mail agent check for key or certificate revocation? Few do.

Finally, how well are the computers at both ends protected? Are private keys protected by password, and if so, how strong? Are they used in tamper-resistant hardware or merely in software? Do you have to provide the password for each operation or is it cached? Is the encryption code itself protected from tampering? Are public (root) keys protected at all? Usually they aren't but they need to be to prevent false signature verification or encryption to an eavesdropper's key. Can a physical passer-by sign something with the signer's key or tamper with the software or public key storage? Is your machine always locked?

Real security is hard work. There is no cure-all, especially not PKI.

For more details, see http://www.schneier.com/paper-pki.html.

Survey: Americans make 41M fewer air trips

WASHINGTON - Nearly half of American air travelers would fly more if it were easier, and more than one-fourth said they skipped at least one air trip in the past 12 months because of the hassles involved, according to an industry survey.

The Travel Industry Association, which commissioned the survey released Thursday, estimated that the 41 million forgone trips cost the travel industry $18.1 billion — including $9.4 billion to airlines, $5.6 billion to hotels and $3.1 billion — and it cost federal, state and local authorities $4.2 billion in taxes in the past 12 months.

When 28 percent of air travelers avoided an average of 1.3 trips each, that resulted in 29 million leisure trips and 12 million business trips not being taken, the researchers estimated.

Gee, like this is a surprise. Between the airlines doing everything possible to squeeze each and every last penny out of their customers to cover increasing fuel costs and their own ineptitude, to absurd security theater practices, to idiotic behaviour by TSA personnel, travel by air has become such a pain in the ass that it is hardly news that people avoid unnecessary air travel whenever possible. But it is good to see some solid numbers on the impact these factors are having, and perhaps it will prompt some changes. I can hope, can't I?

How about you? Have you changed travel plans in the last couple of years to avoid air travel? Because we were 24-hour care providers for someone with Alzheimer's until early this year, my wife and I have had limited opportunities to travel recently. But I certainly would not have flown anywhere if I could avoid it. And we're planning a trip out to Denver to visit friends this summer, and are going to drive the 12 hours rather than fly (as we did some years back when we last went out there) in order to avoid all the hassles. So yeah, the air travel environment has definitely changed *my* behaviour.

Jim Downey

(Cross posted to UTI.)