The TSA is Still At It.

court A recent article in the Wall Street Journal brings to light continuing abuses by the Transport Security Agency of people’s freedoms. In the article several cases are depicted in which the TSA expanded their role from protecting against terrorism on planes to general law enforcement. Here’s the issue: the only reasons the Fourth Amendment of the Constitution allows anyone to screen at all in advance are that the screening is not viewed as a law enforcement activity, and that it is impossible to undo a successful attack. The principle, then, should be that TSA should be required to invade our privacy to the minimum extent possible to protect against such attacks, so that we can continue to enjoy what little we have left of our rights to be free from unreasonable search and seizure. The courts have held as such repeatedly, and it is the same logic used to uphold drunk driving checks.

Technology actually hurts and helps. For instance, new scanners make it possible to see through clothing and detect all manner of substances. On the other hand, because they can do so, there should be less need to open containers if those scanners have said that they are safe. Similarly, technology can improve the way we identify individuals. By doing so, quizzing people about their identity should become less necessary. Just to be clear, I do not view anything having to do with RFID in such a vein. We’ll discuss this more soon.

Secure SmartPhone? No Such thing

iPhone Today’s CNN reports that President Barack Obama will supposedly get a secure smartphone that would be similar to his Blackberry. The Sectera Edge, made by General Dynamics, has already received a seal of approval from the National Security Agency. There is only one problem: either it’s not that smart or it’s not that secure. You can have either one, but you can’t have both. Smartphones are those phones that can provide some form of general purpose computing function. It is that function that is subject to abuse. While it is possible to develop and provide a general purpose computing function that is perhaps even provably secure, it will also be provably useless.

Another problem with the Sectera Edge is that it lacks the ecosystem that Mr. Obama may be used to with the Blackberry, or others might be used to with the iPhone. I imagine that very few applications have actually been written outside of GD. Looking at the iPhone, only a fraction of the apps for the iPhone are developed by Apple.

The Next Terrorist Threat: Canada Geese

Evil Geese But for some fancy flying by Captain Chester “Sully” Sullenberger and his co-pilot Jeffrey Skiles, a menacing flock of geese would have managed to pull of the same feat that Osama Bin Laden’s gang of thugs took pains to plan and execute. La Guardia Airport is as close to Manhattan as an airport can get. It wouldn’t have taken much for that plane to kill many people. The geese almost got their way.

Now it has been shown that geese can wreak havoc on our infrastructure, especially those Canada geese that crap all over the east coast. Probably the Canadians planned it that way. Blame Canada, too. Next we should probably invest in goose protection technologies. I’m sure DARPA is already on it. Harboring geese? Better beware. I’m sure you’re being watched already. How do you think Bin Laden managed to get them positioned? Did he pay them off? Did he seed their trail right through Queens? Let us flock to investigate and excoriate the guilty.

In the meantime, as we evict the 43rd president from the White House, a man who defined his administration by the war on terror, who led from a place of fear, and who capitalized on the fears of others, let us shut the door on this sorry chapter of our history by endeavoring to remember the miseries we have to go through at airports, the violations of our privacy that were made in our names, the destruction of our international reputation through the reckless disregard for human rights and international law, and now goose poop, which perhaps is best cleaned up with the editorial pages of the Wall Street Journal, as they have no better use.

And so now I’m on Facebook

Having staved it off for years I’ve finally joined Facebook. Here are a few initial thoughts:

I was disappointed that the only authentication method offered was old fashioned passwords. We are still as an industry struggling with making the leap to a better means. And it’s not like there are none out there. OpenID and Infocards can no longer be considered new. A question for a future blog entry might be why these technologies are not succeeding. Indeed just this week SlashDot.Org ran a story about how OpenID is losing ground.

There is a whole different set of social rules on Facebook, and I don’t know what they are. For instance:

One of my friends wanted to add detail about my previous employment experience, which is something I wasn’t prepared to do myself. And so I refused. Have I offended him? I don’t know.
My initial “note” indicated that I don’t do much with FaceBook, and that people should see my blog. This elicited a long discussion, not involving me. If I don’t reply, have I offended?

Why is Facebook even necessary? Isn’t this what we want the Internet to be in general? Why should this form of communication be limited to one site? For one, people are tired of spam on the Internet and so they are looking for an email replacement. Beyond that, having one’s own web server is a royal pain in the ass. But moreover, the comment I got more than once was that a blog is isolating. Why is that? What makes this blog isolating as compared to Facebook?

Bamford’s latest update on the NSA

James Bamford is well known for his revealing of the National Security Agency in The Puzzle Palace, published in 1983. He has written two updates since then, Body of Secrets and The Shadow Factory, the latest one covering the Bush Administration in some detail. Bamford’s technical details in The Shadow Factory are nowhere near as good as they were in The Puzzle Palace, which is something that really attracted me to his writing. Also, in this book, Bamford seems to play both sides of the fence, at one point arguing that the attacks on 9/11 were an intelligence failure, while at the same time arguing that we must safeguard our civil liberties. This works, mostly because he successfully argues (in my opinion) that the government had all the power it needed to stop the attacks, but that incompetence ruled the day.

To be sure there are a few points I would take issue with. For one, although I despise the name, it was probably a good idea to roll together many agencies into the Department of Homeland Security. But quite frankly even that was done ineptly, as we have seen from auditor reports, again and again.

Returning to the Shadow Factory, in this update Bamford highlights the role of the Internet and the change in the nature of communications, where many communications have moved from sattelite to fiber, and from simple voice circuits to voice over IP. He talks about certain organizations wanting to hire Cisco employees simply to reverse engineer IOS and find ways to install back doors. I have no way of knowing if that has happened.

Bamford retreads much of the story about the illegal spying the NSA did within the United States, and how James Comey would not recertify the program. While it makes my blood boil to think that anyone in government would think that such a program was legal (certified by the attorney general or not), that part of the story isn’t so much about the NSA as it is about Dick Cheney and David Attington. Quite frankly I think Bob Woordward has covered that ground as well as could be covered.

Were I to give advice to Mr. Bamford it would be simply this: it is difficult to read just one of the three books he’s written, as either the earliest is woefully out of date, or the latest doesn’t stand on its own without having read the earliest. A consolidated update that combines all three seems in order.