Travellers beware--again!

Bad news for travelers:

 

http://www.usnews.com/articles/news/national/2008/06/24/seizing-laptops-and-cameras-without-cause.html

Definitely one of several good arguments for burning your overseas image files to DVD and posting copies of them

back to yourself in advance of passing again through airports, baggage handling, customs, etc.

<br><br>

It will be interesting to hear what comes up in the hearings mentioned in the article. Congress has the ball, in terms

of further clarifying what the long-standing authority to inspect baggage really means, when it translates to the

hundreds of GB of data that people now routinely carry with them. The papers in your briefcase, the currency in your

wallet, etc., have been subject to the same sort of inspection for many years. The advent of very small, huge

capacity storage devices has completely altered the landscape. It's sort of like inspecting baggage and finding rolls

of microfilm containing thousands of images that no customs agent could possibly, personally see or understand

without specialized equipment and the time to actually do the work. So the question is - are any forms of data

(microflim, paper, binary data) - as legitimately subject to inspection as the courts have repeatedly said they are?

The only way to change that is legislatively. That would be up the legislative agendas set by the leaders of each

house of congress. Give 'em a call, if you've got the perfect border control vs. privacy recipe in mind - I'm sure they'd

love to hear it.

The implications of this are broader than merely affecting the rights of airline travelers and shows just how simple laws designed to protect us from terrorism can be abused. TSA inspecting for bomb-making/hazardous materials certainly does not extend to reading your email, acquiring information/personal records from your hard-drive and potentially sharing that information with iintelligence and law enforcement agencies ... or does it?

That's the problem, Michael. As seen with the Khan network (out of Pakistan), detailed information <i>is</i> a type

of bomb-making material. Money, likewise, is a such a material... and cryptography (such as large encryption keys

ferried on portable storage devices) are central to harder-to-crack over-the-internet bad guy communications channels

about finances and logistics. And of course, the days when purveyors of truly nasty child-exploiting wares out of,

say,

Russia or southeast Asia had to carry video tapes ... those days are long gone. But large MPGs and whatnot can

now be deeply encrypted onto portable storage, and hauled around in relative obscurity without having to first transit

overseas routers that are more easily traced back to unique IP addresses. When you bury 50GB of such exploitive

material in a hidden file on a laptop drive, it can take an IT forensics guy a little while to have his bots sniff it out. Just

a couple of examples.

<br><br>

It's certainly not worth fretting about such things (searching-wise) unless you've got some other array of indicators

that the person carrying the laptop/storage falls into some profile that merits a look. Tickets bought with a Visa card

that tracks back to well-used Russian organized crime front-business accounts... or someone who's just done a 24-

hour round trip through Thailand and back, that sort of thing.

<br><br>

I've been singled out in Denver on a domestic flight. Business emergency, with little to go on for planning... so it was

a one-way ticket, bought by sheer coincidence with a debit card, and I had no checked bags, <i>plus</i> I have the

official IT Guy Long Hair. Red flags galore! I got the special bag check treatment flag for months afterwards... but only

on domestic flights. Flying in and out of the country: not a problem. I don't envy anyone the job of having to think

about ways to spot the habits or intent or circumstances of some bad actors out of millions of travelers. It would

almost be refreshing to go back to the quaint old days when just risking a hijack detour to Cuba were all that one had

to consider.

"TSA inspecting for bomb-making/hazardous materials certainly does not extend to reading your email, acquiring information/personal records from your hard-drive and potentially sharing that information with iintelligence and law enforcement agencies ... or does it?"

 

 

That's the scary part "..or does it?"

 

Nobody knows, nobody tells, very few question! One more freedom is captive.

-- "...and cryptography (such as large encryption keys ferried on portable storage devices) are"

 

There is absolutely no need to move large encryption keys (aka one-time-pads) arround. Just use a 2Kbit key (or 4Kbit key if you're paranoid) for the typical asymetric encryption and you can be save that noone will be able to crack your stuff in any reasonable time. (The largest public key that was brocken by a brute force attack on thousands of machines working in parallel was obout 650 bits long (each bit is doubling the afford to be made)). Reasonable time is in that case many many many years (eventually longer than you live).

 

And also using asymetric encryption, there is absolutely no need to move the (private) key at all. You just publish your public key on the internet.

 

Also, (on the front of symetric cryptography), 3des and aes256 are regarded as "save for use", and their keylength is 168bits and 256bits.

I'm simplifying a bit, Rainer. It's not like we're talking about hard drives full of huge keys. We're talking first and foremost about keys moving around courier-style, sometimes with, and sometimes without additional payload.

 

But with keys - even just a couple kb of hash - the main thing is to get it to the other people who will need it (to encrypt communications with them) without any chance of that delivery being picked up by a man in the middle. There's a reason that diplomatic couriers carry disk drives to and from overseas embassies... and a reason that bad guys do the same. The Al Queda IT guy they picked up in Pakistan a couple years back had a laptop that was a treasure trove of keys, IM trails, VoIP targets, steganographic tools, and good ol' spreadsheets with org charts. A huge find, and just the tip of the iceberg.

times have changed.

we have to takle this seriously.

I, Too would like to see things like they were in the "good old days"

but there are nutcases ouit there who feel it is their goal in life to destroy western civilization.

 

The Good, Calm, and Peaceful Muslims and America have not spoken out against these evil prople.

Perhaps they are more afraid then we are. Many are here because it is not safe in their homeland.

 

When we talk about Rights & Freedoms we must take into account that these evil folks take advantage of this to do their dirty work.

We should ban the entire internet then if you're worried about embedded jpgs.

I meant mpgs and think of all the terror that could have been spread with the Paris Hilton video.

Obviously Paris Hilton is exactly the sort of thing for which other people want to destroy western civilization.

Paris Hilton HAS destroyed western civilization!

Makes me wonder if TSA has another list of people to harass, confiscate and inspection their computers, cameras, etc.,

thoroughly (hand) search their baggage, call in for extended interviews, and just generally be a nuisance, like journalists,

activists, photographers, etal, especially when they can track your air travel. And they say Big Brothers is fiction. It's alive

and well in our US government agencies. Oh shucks, they're reading this too...

Your country is going down the toilet. I can't help thinking the terrorists have won.

<i>And they say Big Brothers is fiction.</i>

<Br><br>

It's not really any different than Amazon.com recommending books for you based on your reading habits, is it? As I

mentioned above, I've personally gotten onto the hand-inspected-luggage list. I'm not an "activitst," a reporter, or

anything else that the tinfoil-hat crowd imagine are talked about in the break rooms at the airport. It was my specific

transactional details that thew up a flag. Why? Because my travel arrangements and the way I paid the airline for it

had an unusual feel to it (because it WAS unusual). How did the TSA know to pull me aside? My boarding pass had

a special code on it. The airline with which I was doing business was aware of the status of my checked bags (none

checked!), the speediness with which I'd purchased the one-way ticket (an hour before flying), and the means by

which I bought it (debit card!). THEY (the business) said, "this is unusual."

<br><br>

The TSA people, who saw the code on the boarding pass, were quick (considering the pile of carry-on stuff they

looked through), careful, pleasant, and explained the likelihood that my next several flights - especially on the same

airline - would probably involve the same extra three minutes. The delicious irony, of course, was that the "please

step over here, sir" line was moving MUCH faster than the normal line. So, I know why they did it, I know what it's

like, and haven't a complaint in the world. Of course, they didn't have an interest in my laptop's content... but that''s

NOT the TSA, right? That's customs and immigration. People seem to get that confused a lot.

"THEY (the business) said, "this is unusual." "

At the behest of TSA--YES!!!!

Sanyal, you picked a very sensative point to talk, so first of all ,thanks to you to put this kind af isuue.

 

Some mediums to transfering data from one to anohter country, Internet (Beggest one), post/curiour, and already described- laptops and other storages, digital cameras, pen-drives/flash data cards, and so many oothers.

 

Developement always brings problems with that, as we know every coin has two faces, so like that more the scince will advance for developments, it will dwfinetly bring more advanced problems too.

 

The news you refered, might be bad news the routeen travelors, but it is all about the security. Toaday all the world is facing a terrorism issue, so all the security departments all over the world should be more alert and aware of mighty coming dangers.

 

But this is realy a sensative matter, and no one can easily be in favour or unfavour of this news.

Don't you find, Nick, that the business that owns the multi-million-dollar aircraft, and which is responsible for the hundreds of lives on the plane, and which is still reeling financially from the loss of business following 9/11, has an interest in trying to help spot the Richard "Shoe Bomber" Reid types based on anything obvious that sticks out in the way that they're booking their travel or boarding? It's not terribly insidious to rely on the behavior patterns that decades of experience have shown to be indicative of how <i>some</i> such people act. One wonders, if it was your job personally to contribute to the safety of those boarding a plane, exactly how you'd approch the issue. Specifically. Knowning the same things that thousands of professionals in that area know about human behavior.

<br><br>

Just because they're not right every time doesn't make the caution they exercise pointless. If you don't agree that some thought can be given to when and how to be more thorough checking out some people boarding a plane, then your ONLY other two alternatives are to be completely intrusive about checking out everyone getting on the plane, or to never be that thorough. Those are your three choices. And if you realize that using judgement and experience isn't, itself, some tyrannical evil Big Brother scheme cooked up just to make people miserable, then you can have an honest conversation about whether or not one particular aspect of the strategy is better than the next. THAT's the conversation to be having... not silly comparisons to fascism and all of the other blather that too often pre-empts taking a deep breath and looking at it rationally. Plenty of room to debate the efficacy of one tactic or another, but there isn't a lot of room to debate the need to pay attention to who is boarding a plane and with what in their carry-on bags.

My carrying pornographic images on a 2 gig CF card is not going to down a plane. My carrying trade secrets of Ben and Jerry's next flavor is not going to down a plane. My missing my hard drive, or my vacation pictures, or my laptop for 4 weeks is going to make me an embittered and reluctant flier, who may just give up flying or switch carriers.

Why should the rights of the individual be secondary to the rights of a corporation?

Credit cards are more closer tied to crime than debit cards. And I though cash was the currency of the realm!

 

<<"It's not terribly insidious to rely on the behavior patterns that decades of experience have shown to be indicative of how some such people act." >>

 

Really?

 

<<"One wonders, if it was your job personally to contribute to the safety of those boarding a plane, exactly how you'd approch [sic] the issue.">>

 

I'd refrain from trampling all over individual rights and freedoms, for one, and keep a copy of the constitution and the relevant laws close at hand. And I'd be more forthright with Congress.

Soon everyone will be require to travel Naked with a bio-chip implanted in your body with all your personal information.

 

Now, this is really making me think twice on my upcoming vacation to Hawaii, will my electronics be safe coming back or is it safer just to leave them at home and be stolen in my own home.

 

I don't know what to think, the world including ourselves are going mad!!!

<i>Now, this is really making me think twice on my upcoming vacation to Hawaii, will my electronics be safe coming back or is it safer just to leave them at home and be stolen in my own home. </i>

<br><br>

Are you flying to Hawaii from within the US, Noe? If so, you won't be going through customs. Again: it's not the TSA who search the one-in-a-million storage device. Customs officials have, for decades, had and used the authority to look at the contents of briefcases (including the papers therein), count currency, etc as people come and go between nations. <i>This is not new</i>. What IS new is that you can carry with you the equivalent of the encrypted equivalent of the local library (or a vast pile of something classified, ripped off during an inside job) with you in and out of the country on something smaller than a deck of cards. But this isn't even an issue on domestic flights. If you're flying between states (say, California to Hawaii), you <i>do not pass through customs</i>.

<br><Br>

But of note, there are endless articles like this posted here, and conspicuous by their absence are all of the people who've actually had this be an issue. To help, your faithful congress is about to have some hearings, in the interests of clarifying what <i>they</i> think should be the options for customs officials when it comes to the searches they've always had the option of doing. Your congress charters, funds, and provides oversight for customs/immigration, as well as for the TSA. Changes to their mandates are <i>legislative matters</i>. The people you elect, from your state, are the ones to talk to about reducing customs officials' leeway and mandate to do what they do.

<i>Why should the rights of the individual be secondary to the rights of a corporation?</i>

<br><br>

Boarding an aircraft isn't a right. It's a business transaction between you and the people that own the aircraft. You're conflating two separate issues that have been brought up, here. Having your bags checked by hand as you board ... that's not about whether your CF card's content is dangerous to the aircraft. That's about whether you've got a garrot, a ceramic knife, two ounces of strong acid, a thin sheet of plastic explosives or something else similar in your bags. That's the TSA's territory and concern. This is NOT THE SAME as having your bags searched by customs when you happen to be crossing a border. They're looking for fresh fruit, sausage, drugs, libraries of child porn from Thailand or Russia, or - especially if they've got some reason to think so - the kind of information that <i>does</i> transit national borders, and <i>does</i> involve the groups that blow up trainloads of people, and worse.

<Br><br>

Stop confusing the TSA's routine inspections of bags for physically dangerous stuff being brought on board with <i>customs</i> inspections of bags when people cross borders (which can involve traveling by car, train, busse, ship, aircraft, or by foot across a border to or from another country).

<br><br>

<i>I'd refrain from trampling all over individual rights and freedoms, for one, and keep a copy of the constitution and the relevant laws close at hand. And I'd be more forthright with Congress.</i>

<br><br>

That's nice. So, what, <i>specifically</i> would you do? Specifically? You seem very tuned into the issues. If you were telling a crew of customs officials how they were to deal with each of the things the <i>law</i> (not some nefarious Bush administration villain) requires them to investigate as people cross the border today, how would you have them do it? Let's say you've got a name in a passport that pops up as being related to someone who routinely carries counterfeit US $100 bills out of North Korea (which is a cottage industry there). Do you just smile and send them through, or do you search their bags? Is that search of what they're carrying across the border contrary to the constitution, a copy of which you have right there with you? If so, why have you not been bothered by such searches until just now? A folder full of printed photographs, which have been subject to customs inspection for decades, isn't any different than a CF card full of photographs. Have your principles changes, or just the practical nature of the problem at hand?

Dude! you have naked pictures of Ben and Jerry? Hook us up man!

 

"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety."

Benjamin Franklin

<<"Dude! you have naked pictures of Ben and Jerry? Hook us up man!">>

 

Seeing those 2 in the buff would put anybody off of ice cream for ever! HA!

 

<<"Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety." Benjamin Franklin">>

 

Well said!

 

'nuff said!

Yes, well, sometimes Benjamin Frankin had body guards, and sometimes had a military escort keeping people from

the freedom of doing whatever they wanted to him. That's an appropriately famous quote. But it would indeed be

interesting to get his take on "essential liberty" if, at the time, the British royalists had been sending suicide

bombers to - armed with something the could hide in a powdered wig - to sink ships full of civilians. There was plenty

of brutality during Franklin's time, as well as plenty of espionage and various ways of intercepting messages carried

by couriers aboard ship... but there weren't precedents like the sarin gas attack in Japan to think about.

<br><br>

The continental army, at the time, DID stand guard around water supplies, and challenge people to show that they

weren't about to drop a piece of rotting meat into a town's well. Was that deprivation of liberty (the momentary

inconvenience while accessing a well) the sort of essential-liberty-waiving, in a time of conflict, that Franklin would

have

thought corrosive? Well, he was alive and talking about such things at the time, and didn't seem to think so. He

certainly DID complain about any notion of giving up the right to <i>talk</i> about such things, and talk people did -

and still can. You know, just like we're doing right now.

<br><br>

Also, give me the liberty of never having seen Ben OR Jerry naked, or give me death.