27629226
submission
OverTheGeicoE writes:
It looks like Congress' recent jabs at TSA were just posturing after all. Last Friday, President Obama signed a spending act passed by both houses of Congress. The act gives TSA a $7.85 billion budget increase for 2012 and includes funding for 12 additional multi-modal Visible Intermodal Prevention and Response (VIPR) teams and 140 new behavior detection officers. It even includes funding for 250 shiny new body scanners, which was originally cut from the funding bill last May.
27406664
submission
OverTheGeicoE writes:
Perhaps its now officially cool to criticize TSA. Vanity Fair has a story questioning the true value of TSA security. The story features Bruce Schneier, inventor of the term 'security theater' and contender for the Most Interesting Man in the World, it would seem. With Schneier's, um, mentoring, the author allegedly doctors a boarding pass to breach security at Reagan National Airport to do an interview with Schneier. 'To walk through an airport with Bruce Schneier is to see how much change a trillion dollars can wreak. So much inconvenience for so little benefit at such a staggering cost.' Perhaps. The real question is this: now that he's been idolized in Vanity Fair, will Bruce still eat lunch with us in the cafeteria after math class?
26995560
submission
OverTheGeicoE writes:
You might think that Facebook privacy is bad, but if you're a BitTorrent user, you've got bigger problems. Krebs on Security has a story about youhavedownloaded.com, a site that indexes download activity for BitTorrent and other file-sharing services by IP address. It isn't perfect; it doesn't have records for a lot of activity, and it doesn't disambiguate information for shared IP addresses. Still, if it has records on you, that may be bad enough to expose you to legal action from MPAA or RIAA, or perhaps just uncomfortable discussions with Mom and Dad.
26889376
submission
26556288
submission
OverTheGeicoE writes:
It appears that Google's Chrome is now the world's second most popular browser. Microsoft's Internet Explorer is still the worldwide leader with 40.63% of the market, with Chrome (25.69%) just edging out Mozilla's Firefox (25.23%) for second place this month. In the US, the story is unchanged. Firefox still has about a 3% lead over Chrome.
25851266
submission
OverTheGeicoE writes:
The European Union has adopted a proposal to regulate airport body scanners at Member State airports. No Member State or airport is obligated to use scanners, but if they do, the scanners must conform to new European Union standards. Here's a partial list. Scanners must not store, retain, copy, print, or retrieve passenger images. The image viewer must be in a remote location. Passengers must be informed how the scanners are being controled, and can opt out if they choose. Perhaps most importantly, x-ray scanners are banned 'in order not to risk jeopardising citizens' health and safety.'
25222746
submission
OverTheGeicoE writes:
ProPublica has a story on how x-ray scanners became the controversial yet mandatory security fixtures we in the US must now endure. The story title, "U.S. Government Glossed Over Cancer Concerns As It Rolled Out Airport X-Ray Scanners," summarizes a substantial part of the article, but not all of it. The story also describes how government attitudes about the scanners went from overwhelmingly negative in the early 1990's to the naive optimism we see today. How did this change occur? The government weakened its regulatory structure for radiation safety in electronic devices, and left defining safety standards to an ANSI committee dominated by scanner producers and users (prison and customs officials). Even after 9/11 there was still great mistrust of x-ray scanners, but nine years of lobbying from scanner manufacturers, panic over failed terrorist attacks, and pressure from legislators advancing businesses in their own districts eventually forced the devices into the airports. The article estimates that 6 to 100 cancers per year will be caused by the x-ray scanners.
25185206
submission
OverTheGeicoE writes:
On Saturday, the Electronic Privacy Information Center announced that they filed papers in the US Court of Appeals for the DC Circuit to get the Department of Homeland Security to start its public comment process. In July the court ordered DHS to take public comment on airport body scanning, in accordance with federal law. The court allowed DHS and TSA to continue using scanners during the comment period. According to EPIC's filing the ruling against DHS became final on September 21 after EPIC's motion for a rehearing was denied. Since then, DHS has done nothing to comply with the order. EPIC wants DHS to release details for their public comment period process within 45 days. DHS is no stranger to the kind of notice and comment rulemaking that is being required of them. Earlier public comment on their Large Aircraft Security Program (LASP), which would have required draconian security on aircraft 10% of the size of a Boeing 737, did not go so well. They received 7400 comments 'vehemently opposed' to LASP in 2008 and 2009 and are still reworking the plan in response to the comments received. How will DHS manage the public comment period for body scanners, which directly affects many millions more Americans than LASP does? Would DHS prefer to take their chances in court, including an appeal to the Supreme Court if need be, rather than face the public over their body scanners?
25096294
submission
OverTheGeicoE writes:
TSA's VIPR program may be expanding. According to the Washington Times, 'TSA has always intended to expand beyond the confines of airport terminals. Its agents have been conducting more and more surprise groping sessions for women, children and the elderly in locations that have nothing to do with aviation.' In Tennessee earlier this month bus passengers in Nashville and Knoxville were searched in addition to the truck searches discussed here previously. Earlier this year in Savannah, Georgia TSA forced a group of train travelers, including young children, to be patted down (video). (They were getting off the train, not on.) Ferry passengers have also been targeted. According to TSA Administrator John Pistole's testimony before the Senate last June, 'TSA conducted more than 8,000 VIPR operations in the [previous] 12 months, including more than 3,700 operations in mass-transit and passenger-railroad venues.' He wants a 50% budget increase for VIPR for 2012. Imagine what TSA would do with the extra funding.
24847658
submission
OverTheGeicoE writes:
TSA is expanding its presence to the American road system. As part of its Visible Intermodal Prevention and Response (VIPR) program, TSA agents are now working at 5 weigh stations and two bus stations in Tennessee. They are randomly checking trucks with 'drug and bomb sniffing dogs', and encouraging truck drivers to join their First Observer Highway Security Program an report anything suspicious that they see to authorities. VIPR is allegedly not a response to any particular threat.
24111266
submission
OverTheGeicoE writes:
It was reported yesterday that researchers had found a way to break the most commonly used SSL/TLS encryption in browsers. According to the Register, Google is pushing out a patch to fix the problem. The patch doesn't involve adding support for TLS 1.1 or 1.2. FTFA: "The change introduced into Chrome would counteract these attacks by splitting a message into fragments to reduce the attacker's control over the plaintext about to be encrypted. By adding unexpected randomness to the process, the new behavior in Chrome is intended to throw BEAST off the scent of the decryption process by feeding it confusing information." The fix is supposedly in the latest developer version of Chrome.
24082320
submission
OverTheGeicoE writes:
The US Government's battle against online poker is escalating. The US Justice Department on Tuesday accused poker celebrities Howard 'The Professor' Lederer and Christopher 'Jesus' Ferguson and other executives of Full Tilt Poker of defrauding poker players out of more than $300 million. Their Web site was allegedly a Ponzi scheme: 'the government alleges Full Tilt executives misrepresented to the website's players that the money the company was supposed to be holding in player accounts was safely held when it was actually being used for other purposes, including owner profits.'
23903292
submission
OverTheGeicoE writes:
The Electronic Privacy Information Center posted a news release about the DC Circuit Court awarding them attorney's fees yesterday. They are to receive $21,482 in attorneys fees for an open government lawsuit against DHS that ultimately released documents about DHS' airport body scanner program. EPIC used these released documents in EPIC v. DHS, another lawsuit that attempts to end the use of airport body scanners. At the end of an e-mailed version of this news release (EPIC Alert 18.18, not yet posted on the Web), EPIC states that "EPIC requested an en banc review of the court's decision not to suspend, but, on September 12, 2011, the court declined the request." Is this the end of EPIC v. DHS, or does this simply open the door for an appeal to the Supreme Court?
23578358
submission
OverTheGeicoE writes:
'The airport is today the scene of some of our most humiliating experiences,' according to 'Aiming to Balance Security and Convenience', a supposedly-paywalled article in the Wall Street Journal. The article is primarily about minor changes to airport screening that may (or may not) be coming soon, but it also depicts US airline passengers increasingly fed up with airport screening procedures. Several passenger stories regarding bad experiences are covered, including one passenger referring to 'TSA's totalitarianism'. 'Complaints about TSA screening filed with the agency jumped 40% this year through June,' the article states, 'compared with the first six months of 2010. In the month of June alone, TSA logged 1,975 screening complaints, more than double the 814 received in June 2010.' Travelers' negative views of TSA are having an economic cost as well. According to surveys by the U.S. Travel Association 'each person avoids two to three trips a year [on average] because of the hassles of airport-security screening. That amounts to an estimated $85 billion in lost business for hotels, restaurants, airlines and other travel suppliers.' Compare the $85 billion lost figure with TSA's airport security budget of about $5 billion.
Other sources confirm TSA's growing public relations problems. Bruce Schneier mentions a job opening at TSA for a Public Affairs Specialist. The posting has expired. Perhaps the opening will be at the administrator's level instead?
23544498
submission
OverTheGeicoE writes:
The Electronic Privacy Information Center received more FOIA documents from the US Department of Homeland Security regarding mobile x-ray scanners (a.k.a. Z Backscatter Vans). We've discussed these devices before. Perhaps the most interesting part is slide #11 ("Disclaimer About Scanning People") on page 6 of this PDF explaining that the radiation output of these devices is too high to comply with ANSI N43.17. In other words, they output too much radiation even by TSA's questionable standards for airport body scanners. Regardless, the slide ends with the author stating that the ANSI standard "is not applicable to covert operations". What might that assertion have meant to the presentation's intended audience?
