Posts Tagged ‘privacy’

Should You Be Afraid of Airport Body Scans?

March 11, 2010

Fast Company has a brief article up about body scanning machines at airports. The article itself is unremarkable, but the photo accompanying the article is illustrative of the view that is possible with these machines.

Read the whole article here.

The TSA Shifts the Goalposts Again

April 10, 2009

William Saletan has a new posting up over at Slate.com talking about how the TSA (Transportation Security Administration) has changed the rules again and backpedaled on a prior promise (surprise, surprise).  He talks about how the introduction of millimeter wave scanners was accompanied by a promise that it only be used as a voluntary alternative to a pat-down but the machines are now being used in place of metal detectors.

It’s a reasonable article, but Saletan somehow misses the most important point — the erosion of our civil liberties by the TSA doesn’t really improve safety in the long term.

Saletan quotes the TSA:

As the ongoing terror trial in London clearly illustrates, terrorists actively look for ways to manipulate security protocols. Intelligence has also shown for decades, terrorists’ manipulation of societal norms to evade detection or use social engineering techniques to their advantage. Terrorists have successfully hidden explosives in these areas. … TSA developed this pat down as a measure to close the gap on items hidden on sensitive areas of the body.

In other words, the TSA is actually telling us that security protocols are subject to manipulation.  If you close one avenue of attack, terrorists will actively look for ways to subvert the system and wreak havoc.

I have a hint for everyone:  the solution to this never ending game is not further erosion of civil liberties.  The solution to this game is not more power to the thugs at the TSA.

Americans that line up and put up with this are being conditioned to accept further erosion of liberty in exchange for a false sense of security.

The answer to the problems is MORE freedom, FURTHER civil liberties, and a return to the way of life that made America great to begin with.

Nobody could pull a 9-11 today.  Nobody.  The game has changed.  Prior to 9-11 everyone knew that if your plane was hijacked the right thing to do was to keep your head down and do what you were told.  Today everyone knows that passivity will likely result in certain death.  If your plane was hijacked would you sit silently, or would you grab the nearest fork and try to save your skin?

So in light of that, ask yourself – why do you put up with this?  Why do you put up with the insult and debasement of having to remove your shoes to board a flight?  Remove the belt that is keeping your pants up?  Take off the watch that your father gave you on his deathbed? Show your naked body to some TSA hire at the airport?

I’m no prude – in fact I’m a devoted gymnosophist.  The issue I have is that this is theater, and the only thing it’s helping is the development of a police state.

Passive Millimeter Wave Scanning and Privacy

September 12, 2008

I went through Denver International Airport during the 2008 Democratic National Convention.

I was not especially surprised when I came across this small sign (about 8 1/2 x 11 inches or A4 sized paper – click to enlarge):

All individuals are subject to screening beyond this point
Transportation Security Administration
Security Screening Notice
All individuals are subject to screening beyond this point

The sign was in a public area of the airport, and I thought it was reasonable to expect to be screened while in the airport.  What I never expected was what I saw next (again, click to enlarge):

Passive millimeter wave scanner in a public area of Denver International Airport

Passive millimeter wave scanner in a public area of Denver International Airport

Now, note a few things –

1.  This station is about 50m from the first sign.  According to the Wikipedia page on millimeter wave scanners, “[…] Farran Technologies, a manufacturer of one model of the millimeter wave scanner, the technology exists to extend the search area to as far as 50 meters beyond the scanning area which would allow security workers to scan a large number of people without their awareness that they are being scanned.” (note that the quote lacks any citation)

2. The sign describing what the device is has been placed immediately beside the scanner.  By the time you figure out what it is, you’ve already been strip searched.

3.  Notice that the people operating the scanner are sitting right beside it, in apparent contravention of TSA guidelines.  This Transportation Security Administration page states that “For additional privacy, the officer viewing the image is in a separate room and will never see the passenger and the officer attending to the passenger will never see the image. The officers have 2-way radios to communicate with other in case a threat object is identified.”

4.  This scanner is operating in a public area – not a secure area for passengers.  This is happening on the concourse near the food courts.  This again appears to be in contravention of TSA policy because they specify that millimeter wave scanning  “technology is a voluntary alternative to a pat-down during secondary screening.”  The food court is not a place that you would expect to undergo secondary screening, nor is it voluntary.

5.  Understanding that the machine and operators are in public, I went around the side of the machine to have a look at what was on the screen.  This threw the girl into a fit (picture of her below).  The man operating the machine was a bit less flummoxed, but it only took him a couple of seconds to turn off the monitor.  Now, I didn’t get much of a look, but the screen seemed to show a lot more than the TSA claims on this page.  My question is that if the scanner does not allow the operator to see “too much” of a person, then why can’t a casual bystander observe the same images as the operator?

I left the area, and asked another TSA officer on patrol if it was okay to take pictures in the airport.  He said that it was no problem so long as I wasn’t taking pictures of the output of computer screens in the check-in area.  After hearing that, I went back and took a couple more pictures – the only one I’ll post here is of the bossy girl that kept insisting loudly (and incorrectly) that I couldn’t take pictures in the area.  The other gentleman standing in the back also came over, but was far more civil.  Notice the operator that turned off the screen earlier sitting behind the monitor.

Rude TSA / DHS (neither?) lackey

Rude TSA / DHS (neither?) lackey

The TSA has tried to gloss this issue over with another one of their blog posts, but the whole article just glosses over the privacy problems.  Especially interesting on that page was this remark in the comments section by “Trollkiller” in response to someone who said that since people entered the airport, and the airport has a sign, they have given up their right to privacy:

” Your rights do NOT vanish because a Government entity posts a sign.

The courts have repeatedly held that common areas of an airport are indeed public spaces and as such all rights are upheld.

The area that this abomination operates in is a public space. As [a previous commenter has] pointed out most of the time you have no expectation of privacy in a public space.

As a photographer I can take your picture in a public space without your consent and use it as I wish without your permission as long as I use the image in a way that does not imply endorsement by you or places you in an untruthful light.

If I were to use a standard Sony Nightshot video camera and an IR pass through filter to see past your clothes, even though you are in that same public space, I would be violating you right to privacy and would be subjected to the legal penalties associated with that crime.

By the TSA using this MMW device to “see” past my clothing violates my reasonable expectation of privacy. Because this person is using the device under the color of law or pretend color of law, in order to detect contraband and to act on said contraband, the use of the device violates the Constitutional protection of the 4th Amendment.”

http://www.tsa.gov/travelers/airtravel/08conv_dnc.shtm discusses increased security at the airports during the conventions, including application of the scanners, but glosses over privacy implications.

This page from NPR says “This past week, the Transportation Security Administration introduced new security measures at Baltimore-Washington International Airport, including a controversial “whole-body scanner.” The scanner provides guards with an image that strips away a traveler’s clothing, revealing everything that person is carrying — and their naked bodies.”  The page also has a link to the audio story.

Image from the TSA showing output of a millimeter wave scanner.

Image from the TSA showing some output of a millimeter wave scanner.

This whole situation reeks.

If the public knew what the TSA was really up to here, they would be furious.

Get the word out, and let everyone know that there is nothing reasonable about a strip search under these conditions.

Update: Make Gmail Use SSL Permanently

August 27, 2008

Further to the previous post regarding how to set up GMail to force SSL throughout the email session, I noticed that I was having sporadic problems using the Gmail App on my mobile phone (The Gmail App is highly recommended, by the way).

It turns out that this is a known problem with the Gmail for Mobile application, but the fix is simple.

Go into the Gmail for Mobile App settings (on my phone it was in Menu > Go to > Settings), and uncheck the box that says “Always keep me signed in”.

Then make sure you select the option that says “Always use secure network connections (slower performance)” by enabling the check box beside that option.

Select “Save”, then Menu > Exit Gmail.

Now you can restart the Gmail App, sign in using your username and password, and re-select the option in the menu to keep you logged in (Menu > Go to > Settings, and then put a check mark in the box that says “Always keep me signed in”).

Since I made these changes I haven’t had any problems, and I haven’t noticed that the connection is any slower over my EDGE connection than it was before.

Turn on permanent SSL for Gmail

August 20, 2008

Mike Perry of San Fransisco has developed a tool to break into Gmail accounts that are not using an SSL connection.  He presented details of his creation at Defcon 16, and is planning to release the tool over the next two weeks.

Part of the problem arises because when you go to the Gmail login page, the system logs you in using SSL, but then reverts back to an unencrypted connection to transfer the rest of the data to you.

To change the settings in Gmail permanently:

Log into your account using https://mail.google.com.
Click on “Settings” on the top right hand corner of the page.
Scroll down to the bottom of the page and find the “Browser Connection” option.
Select the option “Always use https”
Click “Save Changes”

Google also notes that it is important to end each of your Gmail sessions by clicking Sign out at the top of any Gmail page and to close all Gmail browser windows.

There is currently no free fix for users who use Gmail with their own domain.

Mike Perry writes more about why Google’s “fix” is not adequate given the threat.

Update August 27,2008:  Also read about how this affects the “Gmail for Mobile” application here.