IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Air passenger screening makes us less secure
Not that this is news to anyone here. Consider that I booked a ticket on lastminute.com to SF to attend a seminar at Stanford last Saturday. Round trip - two nights - no checked bags. I got the full length rubber glove treatment both ways.

Do the "security" people honestly believe that terrorists don't know that last minute flyers, one way flyers, and bagless flyers will be subjected to additional scrutiny? Do they suppose that terrorists are incapable of booking 4 weeks in advance, bringing a bag of clothes from the salvation army, and choosing round trip tickets (that are usually cheaper anyhow)? Their collection of data just makes things worse.

[link|http://www.guardian.co.uk/idcards/story/0,,1766266,00.html|http://www.guardian....,,1766266,00.html]

It was a prosaic, relatively unambitious idea at first. For example, in highly simplistic terms, if someone bought a one-way ticket, paid in cash and checked in no baggage, they would be flagged up as an individual who had no intention of arriving or of going home. A bomber, perhaps.

After 9/11, the ambitions for such screening grew exponentially and the newly founded Department of Homeland Security began inviting computer companies to develop intelligent systems that could "mine" data on individuals, whizzing round state, private and public databases to establish what kind of person was buying the ticket.

In 2003, one of the pioneers of the system, speaking anonymously, told me that the project, by now called Capps II, was being designed to designate travellers as green, amber or red risks. Green would be an individual with no criminal record - a US citizen, perhaps, who had a steady job and a settled home, was a frequent flyer and so on. Amber would be someone who had not provided enough information to confirm all of this and who might be stopped at US Immigration and asked to provide clearer proof of ID. Red would be someone who might be linked to an ever-growing list of suspected terrorists - or someone whose name matched such a suspect.

"If you are an American who has volunteered lots of details proving that you are who you say you are, that you have a stable home, live in a community, aren't a criminal, [Capps II] will flag you up as green and you will be automatically allowed on to your flight," the pioneer told me. "The problem is that if the system doesn't have a lot of information on you, or you have ordered a halal meal, or have a name similar to a known terrorist, or even if you are a foreigner, you'll most likely be flagged amber and held back to be asked for further details. If you are European and the US government is short of information on you - or, as is likely, has incorrect information on you - you can reckon on delay after delay unless you agree to let them delve into your private details.

"That is inconvenient enough but, as we tested the system, it became clear that information was going to be used to build a complete picture of you from lots of private databases - your credit record, your travel history, your criminal record, whether you had the remotest dubious links with anyone at your college who became a terrorist. I began to feel more and more uncomfortable about it."

Eventually, he quit the programme.

All of this was on my mind as I sat down with my computer expert, Adam Laurie, one of the founders of a company called the Bunker Secure Hosting, to examine Broer's boarding-pass stub. Laurie is known in cyber-circles as something of a white knight, a computer wizard who not only advises companies on how to make their systems secure, but also cares about civil rights and privacy. He and his brother Ben are renowned among web designers as the men who developed Apache SSL - the software that makes most of the world's web pages secure - and then gave it away for free.

We logged on to the BA website, bought a ticket in Broer's name and then, using the frequent flyer number on his boarding pass stub, without typing in a password, were given full access to all his personal details - including his passport number, the date it expired, his nationality (he is Dutch, living in the UK) and his date of birth. The system even allowed us to change the information.

Using this information and surfing publicly available databases, we were able - within 15 minutes - to find out where Broer lived, who lived there with him, where he worked, which universities he had attended and even how much his house was worth when he bought it two years ago. (This was particularly easy given his unusual name, but it would have been possible even if his name had been John Smith. We now had his date of birth and passport number, so we would have known exactly which John Smith.)
--------
Law of unintended consequences for sure. Shred your ticket stubs and receipts.



[link|http://www.blackbagops.net|Black Bag Operations Log]

[link|http://www.objectiveclips.com|Artificial Intelligence]

[link|http://www.badpage.info/seaside/html|Scrutinizer]
New You're obviously marked as a questionable character.
Perhaps if you were registered as Republican you'd be OK. :)

January of last year my wife and I flew one way from Charlotte to LAX (via Houston) and had no grief. Well, we did have a carry on dog with us.
Alex

When fascism comes to America, it'll be wrapped in a flag and carrying a cross. -- Sinclair Lewis
New Not even the TSA is dumb enough...
...to give the rubber glove treatment to a dog....
jb4
"So don't pay attention to the approval ratings that say 68% of Americans disapprove of the job this man is doing. I ask you this, does that not also logically mean that 68% approve of the job he's not doing? Think about it. I haven't."
Stephen Colbert, at the White House Correspondent's Dinner 29Apr06
New Call me "Shifty".



[link|http://www.blackbagops.net|Black Bag Operations Log]

[link|http://www.objectiveclips.com|Artificial Intelligence]

[link|http://www.badpage.info/seaside/html|Scrutinizer]
New Actually, there could be someone else with the same name...
responsible for the problem.

A friend of mine, named Paul Smith (and how may of those are there?), visited the White House many years ago (and not as normal tourist). He knew someone who worked there. It took 4 hours of questioning and verifications of life history, travels, etc., to get the entry approved.

Alex

When fascism comes to America, it'll be wrapped in a flag and carrying a cross. -- Sinclair Lewis
New There was - but he's dead now
[link|http://www.easternwakenews.com/news/story/2592114p-9026791c.html|http://www.easternwa...14p-9026791c.html]



[link|http://www.blackbagops.net|Black Bag Operations Log]

[link|http://www.objectiveclips.com|Artificial Intelligence]

[link|http://www.badpage.info/seaside/html|Scrutinizer]
New Non-linear logical leap
next paragraph after your quote blames this on government collected information. Don't understand how that follows from stealing a mans identity from an extremely poorly designed commercial airline site.

Otherwise...agree that screening is largely inneffective. It looks for patterns. Beat it by changing the pattern. And since we are forced to be PC and make searches random (lest we offend the profiled)...you may as well not bother.
If you push something hard enough, it will fall over. Fudd's First Law of Opposition

[link|mailto:bepatient@aol.com|BePatient]
New Being PC is more secure than profiling
If there is a clear profile that is searched, all that bad guys have to do is find people who don't fit the profile to do the job.

See [link|http://swiss.csail.mit.edu/6095/student-papers/spring02-papers/caps.htm|http://swiss.csail.m...2-papers/caps.htm] for details.

In fact the terrorists did this in 9/11. A big reason why so many of the people participating were Saudi is that they knew that people from Saudi Arabia had expedited visa procedures. Secondly they actually did a dry run before the real one to verify that they wouldn't be caught.

Cheers,
Ben
I have come to believe that idealism without discipline is a quick road to disaster, while discipline without idealism is pointless. -- Aaron Ward (my brother)
New There is random..then there is random
There are obvious times with the random aspect lands on a non-starter. Infant tickets, 80 year old grandma from Wisconsin, etc. Completely unecessary screenings.

There are also pretty solid statistics on age/sex profiles of suicide bombers and some pretty telltale signs.

[link|http://www.nytimes.com/2005/07/28/opinion/28sperry.html?ex=1280203200&en=4cc1386247dcd8f0&ei=5090&partner=rssuserland&emc=rss|http://www.nytimes.c...suserland&emc=rss]

Our problem is that we can't keep our collective mouths shut. Of course, if we establish a profile, we will be compelled to shout it off the highest rooftop so that everyone knows EXACTLY what we are looking for...and then it will obviously be a damned simple exersize to subvert.
If you push something hard enough, it will fall over. Fudd's First Law of Opposition

[link|mailto:bepatient@aol.com|BePatient]
New We don't have to tell anyone our profile
If we're using profiles, it is easy to figure it out from what we do. And then becomes easy to subvert.

Also 80 year old grandma isn't necessarily an unnecessary screening. You never know, she might be carrying an "interesting package" from her son-in-law. And if we're screening everyone else, don't think that terrorists won't think of that angle.

Cheers,
Ben
I have come to believe that idealism without discipline is a quick road to disaster, while discipline without idealism is pointless. -- Aaron Ward (my brother)
New Not so simple
because your article also points out the other necessary ingredient...which is an intelligent set of screeners and a process that does stray from the profile often enough to make it less evident. Its essentially a combination of approaches.

And I'll take my chances on that 80 year old Wisconsin woman's son before I'll take a chance on an 18-26 yr old male smelling of flower water and being recently shaven.

In the meantime, we're all chatting about something that is irrelevent...because it is highly unlikely that this plot will be repeated, ever...basically due to the door reinforcements making it near impossible for a small group of people to gain control of the aircraft.

Bombs are the possibility now...and THAT we should be able to catch with current tech...but since we all think $99 round trip is a God-given right...its likely we won't see that tech fully deployed anytime soon.

If you push something hard enough, it will fall over. Fudd's First Law of Opposition

[link|mailto:bepatient@aol.com|BePatient]
New Technology isn't the answer
Well-trained, motivated people is the answer.


Peter
[link|http://www.no2id.net/|Don't Let The Terrorists Win]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
New Yeah, but that would mean that you'd have to
pay them well, and we can't have that.
--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------
New Who owns Capps II?
"the newly founded Department of Homeland Security began inviting computer companies to develop intelligent systems that could "mine" data on individuals, whizzing round state, private and public databases to establish what kind of person was buying the ticket.

In 2003, one of the pioneers of the system, speaking anonymously, told me that the project, by now called Capps II, was being designed to designate travellers as green, amber or red risks. Green would be an individual with no criminal record - a US citizen, perhaps, who had a steady job and a settled home, was a frequent flyer and so on. Amber would be someone who had not provided enough information to confirm all of this and who might be stopped at US Immigration and asked to provide clearer proof of ID. Red would be someone who might be linked to an ever-growing list of suspected terrorists - or someone whose name matched such a suspect.

"If you are an American who has volunteered lots of details proving that you are who you say you are, that you have a stable home, live in a community, aren't a criminal, [Capps II] will flag you up as green and you will be automatically allowed on to your flight," the pioneer told me."
----------
Incidentally, I complained about being singled out unusually often to the screener - they offered to let me fill out a form that would result in a background search and maybe get me onto a green list. I declined.




[link|http://www.blackbagops.net|Black Bag Operations Log]

[link|http://www.objectiveclips.com|Artificial Intelligence]

[link|http://www.badpage.info/seaside/html|Scrutinizer]
New That's wonderful.
So all the terrorists have to do is recruit disaffected white boys who have frequent flyer miles.

Can you say "retarded"?


Peter
[link|http://www.no2id.net/|Don't Let The Terrorists Win]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Home]
Use P2P for legitimate purposes!
New DHS owns that.
But that has crap to do with the stealing of someones info from a boarding pass. Thats the logical leap the article is trying to make. They are trying to tell you that poor security at BA.com is somehow related to the government collection of your information.

It doesn't follow.

And what you are going to see at most major airports within the next 6 months is the introduction of the "trusted traveler" program. This effort is actually private (not gov't developed or paid for) and is being piloted in Orlando now.

You will pay, and you will volunteer your info and be screened. The gov't will be polled and gets final say on your status..but they do not have access to the data you provide beyond this. This is going to eventually largely supplant the need for CAPPS2.

However, if you don't like to be screened so much...buy your ticket in advance from the airline site (cheaptickets doesn't save you much anyway). They even offer the last minute deals on their own in addition to giving them to the 3rd party folks...get the autoemails from their frequent flyer programs.

And for pete's sake...take off your shoes without a hassle when you get to the security line.
If you push something hard enough, it will fall over. Fudd's First Law of Opposition

[link|mailto:bepatient@aol.com|BePatient]
     Air passenger screening makes us less secure - (tuberculosis) - (15)
         You're obviously marked as a questionable character. - (a6l6e6x) - (4)
             Not even the TSA is dumb enough... - (jb4)
             Call me "Shifty". -NT - (tuberculosis) - (2)
                 Actually, there could be someone else with the same name... - (a6l6e6x) - (1)
                     There was - but he's dead now - (tuberculosis)
         Non-linear logical leap - (bepatient) - (9)
             Being PC is more secure than profiling - (ben_tilly) - (5)
                 There is random..then there is random - (bepatient) - (4)
                     We don't have to tell anyone our profile - (ben_tilly) - (3)
                         Not so simple - (bepatient) - (2)
                             Technology isn't the answer - (pwhysall) - (1)
                                 Yeah, but that would mean that you'd have to - (jake123)
             Who owns Capps II? - (tuberculosis) - (2)
                 That's wonderful. - (pwhysall)
                 DHS owns that. - (bepatient)

Over 9000!
54 ms