“Post-Totalitarian Stress Disorder”

This – the damage done to individual psyche – and not just to the physical infrastructure and institutions of the country, is what we have to always keep in mind when assessing the progress of reconstruction and democratisation in places like Iraq. If things aren’t moving ahead as fast as expected, if cooperation is lacking and trust hard to find, and if the population seems apathetic and disengaged, it’s just the fallen regime having its final chuckle from beyond the grave.

is a fascinating piece in Chrenkoff (via Iraq The Model.)

Acceptable ID

Virginia Postrel writes about flying without ID:

Coming home today from New York, I was a little more prepared. I still didn’t have “government-issued i.d.,” but at least I knew I was headed for trouble. I got to JFK several hours early. The young security guard wasn’t sure what to do with me and asked a more senior guard. The elder guard sternly insisted that I must have a photo.

“This is a little weird,” I said to the young guard, as I opened my bag and pulled out one of the extra paperbacks I’d snagged from my publisher. “I wrote this book, and here’s my photo in it.” He laughed and let me through. This time, they didn’t even search my bags.

Below, I wrote about discretion for screeners. This is a great example of that discretion being used in a harmless and entertaining way. Of course, since anyone can get a book published, this can’t last.

account.management@gmail.com

So when Google Mail started up, I managed to register “account.management@gmail.com.” I didn’t have any particular plan for this, I just figured that it was entertaining, and a good, harmless prank could be made of it. (I specifically emailed a friend who works for Google security about it, and mentioned it in person next time we saw each other.) Google has just closed the account.

The termination clause of their terms of use clearly allow this: “Google may at any time and for any reason terminate the Services, terminate this Agreement, or suspend or terminate your account.”

So, I’m not really complaining. I do wish I’d gotten a good prank from it.

I do hope they don’t terminate the accounts that were associated with it, because a bunch of family members are using their accounts more in line with the way Google wants you to. But this raises a real worry. The lack of consideration for your account, along with that clause, may allow them to shut you out of your email. I’m glad I’m not seriously using the service.

There’s a great business in selling gmail appliances for corporate email, I think. Google’s reconsideration of the use of email was well overdue, and I’d like to be able to use their work without such worries.

“All Persons Held As Slaves Shall Be Forever Free”

Happy Emancipation Proclamation Day!

On Sept 22, 1862, President Lincoln issued the Emancipation Proclamation:

“…all persons held as
slaves within any State or designated part of a State the people
whereof shall then be in rebellion against the United States shall
be then, thenceforward, and forever free;

Now, like many government proclamations, there was more to read in the fine print. This is a good summary, but essentially, Lincoln knew that his powers as President, even during wartime, were limited, and he was only able to free slaves in the confederate (rebellious) states.


Regardless, a great day for human freedom. Raise a glass to Abe Lincoln tonight.

Testing Airline Data for …what?

The New York Times reports that
“The Transportation Security Administration said Tuesday that it planned to require all airlines to turn over records on every passenger carried domestically in June, so the agency could test a new system to match passenger names against lists of known or suspected terrorists.”

The data will vary by airline. It will include each passenger’s name, address and telephone number and the flight number. It may also include such information as the names of traveling companions, meal preference, whether the reservation was changed at any point, the method of ticket payment and any comment by airline employees, like whether a passenger was drunk or belligerent in encounters with airline personnel.

Now, I may have missed it, but it seems that no hijackings took place in the US in June. So what does a successful test look like? What’s more, information about how belligerent a passenger is on the plane is clearly not available before they fly, unless there’s a new database of belligerent passengers that will be maintained. I saw no mention of such in the PIA or Federal Register notice.

The question is partially answered: “What we’re looking for is the people who are actually on that list,” said Lisa Dean, of TSA. Does TSA need a month of real data to see if they can match names, addresses, and phone numbers from a database?

This whole article forces me to ask, does the current system work at all? If there’s a list of people who are a threat to aviation, shouldn’t we have arrested some of them when they tried to fly?

This system isn’t ready for testing, never mind using real data.

Iraqis Target Forigners

Omar writes about

A group of Iraqi citizens in Al Karkh/ Khidr Al Yas arrested 6 Syrian terrorists after placing a land mine at the gate of Bab Al Mu’a dam bridge from Al Karkh side.

According to New Sabah newspaper, after a road side bomb exploded missing an American convoy that was patrolling in the area, a group of citizens who happened to be there noticed a bunch of young men who looked foreigners (turned out to be Syrians) that were gathering near the place and that looked suspicious. The citizens found their atittude very suspicious and they were not from the area, so they jumped on them and kicked them until some of them started to bleed and then turned them on to the American forces. Eyewitnesses said that the citizens were shouting “Terrorists. You are targeting our children and families. You are killing our youths”

I guess at least some Iraqis really don’t like imperialists coming in and using their country as a proving ground for their theories of how the world should be. Incidentally, there seem to be a fair number of Iraqi bloggers out there, representing points of view that I don’t see covered. Go find a bunch at random and read them.
PS: I make no claim that they’re representative. And one or two might even be a fraud. But is that any worse than say, CBS?

CAPPS as Corporate Welfare

I’ve written in the past about how government-validated ID acts as a subsidy to privacy invasion. In the absence of such a card, I can give you whatever name I want, protecting my privacy. With such a card, it becomes easy to invade people’s privacy.

Under CAPPS-2, the government would like the airlines to collect your name, home address, phone number, and date of birth. (Perhaps more, depending on the phase of the moon. Social security numbers have been mentioned.) The courts have already declared that airline privacy policies are meaningless. So, what will happen is that the airlines will get a very high quality data stream because you’ll be under threat of arrest if you choose to creatively fill their database. They’ll then be able to use this data for marketing purposes, a la their frequent flyer programs. They’ll be able to pass it along to the credit agencies. They’ll be able to do whatever they’d like to profit from data that they could never collect without a government program to back them.

Testing Airline Customers

Ed Hasbrouck has another pair of good posts (1, 2) on the “Free Wheelchairs” program. In the first one, he quotes from “Department of Homeland Security Appropriations Act, 2005”, H.R. 4567:

(2) the underlying error rate of the government and private data bases that will be used both to establish identity and assign a risk level to a passenger will not produce a large number of false positives that will result in a significant number of passengers being treated mistakenly or security resources being diverted;

(3) the TSA has stress-tested and demonstrated the efficacy and accuracy of all search tools in CAPPS II or Secure Flight or other follow on/successor programs and has demonstrated that CAPPS II or Secure Flight or other follow on/successor programs can make an accurate predictive assessment of those passengers who may constitute a threat to aviation;

There’s an analogy here to intrusion detection programs, which was first pointed out by Taosecurity. That is that you may not have false positives, people mistakenly identified as terrorists, and you may not have false negatives, that is missing those who “may constitute a threat to aviation.” In the computer security world, Intrusion Detection Systems are notoriously hard to tune so that they get the attacks you want, and don’t produce huge amounts of noise. Some companies are dumping their IDSs because of this. Can we learn something about what may happen to CAPPS-2?

Assuming for a moment that the meaning of “constituting a threat to aviation” is that someone imminently and demonstrably plans to hijack, blow up, or otherwise attack a plane, then you need to catch them with tools handy. That might work better if we concentrate on looking for the tools, rather than collecting home phone numbers. If the meaning is broader than that, it may mean that you need to arrest them, or risk exposing an intelligence operation. If you tip your hand and show that a suspect is on a watch list, then the terrorist pool can be adjusted to deal with that.

It seems that meeting subparagraphs (2) and (3), which are both good criteria, is going to be quite difficult. Perhaps airline security should start with a focus on people bringing dangerous things onto planes, rather than who they are, and trying to discern their motives.
That’s not to say that if intelligence agencies are watching someone, they should never share that with TSA for extra scrutiny. But this isn’t about a watch-list, its about behavioral profiling of the American people, in a manner that has never been shown to work.

New York Protests

Eugene Volokh rightly criticizes a corespondent for his ad-hominum attacks on NYC Mayor Bloomberg, who said (I’m quoting Volokh):

But Bloomberg insisted that there’s no proof that the NYPD did anything wrong. “There is absolutely no evidence whatsoever that there was any intent by any law-enforcement official to hold people any longer than was absolutely necessary to process them,” he said before marching in the Mexican Day Parade on Madison Avenue.

Bloomberg pointed out that many protesters who were arrested have already pleaded guilty. “I suspect that most of them [did so] because they know they don’t have a case,” he said. “They broke the law . . . They might as well just plead guilty and go on.”

But Bloomberg should know that the city was found in contempt of court for its processing.
See MSNBC: “Police carted Pincus to a holding cell topped with razor wire and held him for 25 hours without access to a lawyer.” and “The first mass arrests came three days before the Aug. 30 to Sept. 2 convention, when police swooped down on Critical Mass, a loosely knit collective of bicyclists who periodically flood city streets and slow traffic. Police usually tolerate the disruption, but that night officers arrested more than 200. Kelly told New York magazine that he wanted to send protesters a message.” (Emphasis mine.)

Newsday quotes Legal Aid attorney Michelle Maxian as saying “The mayor himself has admitted that in the pens, they caught both innocent and guilty people. Police will be unable to distinguish which was which. And most people were not actually violating the law.”

So while invective may not be needed, it certainly seems that Bloomberg knows who doesn’t have a case, and it’s not the protesters.

The people who will pay for this aren’t just the protesters and the innocent people caught in literal police drag-nets, but the taxpayers of New York, when the city is rightfully sued for the behavior of the police.

AT&T Wireless time service

I have cell service with AT&T wireless. One feature of the service is network time updates. It fortunately includes a confirmation. It’s great when you land in a new city. It hasn’t been so great last night or today. Last night, at 23.20, I got an update telling me that the new time was 21.15. Just now, I got one telling me that it’s 10.15 (It’s actually 10.30.)

There are a whole bunch of security protocols which rely on having roughly correct time. I hope none of them are implemented with a reliance on the PCS network.

Jefferson Nickels

Samablog points to the new nickel design which will have either a buffalo or a depiction of the pacific coast on the back. The buffalo refers to the Louisiana Purchase, while the pacific coast refers to Lewis and Clark’s expedition .

Despite his careers as a lawyer, diplomat, Secretary of State, and President of the United States, Jefferson considered three achievements to be his enduring legacy:

  1. The Declaration of Independence,
  2. The Virginia Statute on Religious Freedom, and
  3. The University of Virginia

That’s what he asked be engraved on his tombstone. The ideas in each of those are in many ways, still revolutionary. In a much more religious age, Jefferson wrote “we hold these truths to be self-evident; that all men are endowed by their creator with certain inalienable rights…” (emphasis added). He wrote “their creator,” rather than “God,” in a document where every phrase was argued over. What would he have thought about gazing at the words “In God we Trust?” on the currency of a country he did so much to shape?

I blame the Hamiltonians.

Free gropes for travellers

Over at BoingBoing, Cory points to a USA Today story at NewsIsFree about more screening. There seem to be four components:

  • Explosives Detection Secondary screening will now always include nitrate detection swabbing. This is a fine step, but why has it taken 3 years to come in? (In fact, every time I’ve been thrown into the secondary system, my bags have been swabbed, so I’m surprised that it’s new.)
  • Outer garment removal Remove bulky outer clothing. Again, I thought this was already in place.
  • More discretion “TSA screeners will be given greater authority to refer passengers for extra scrutiny if clothing looks bulky, misshapen or otherwise suspicious. Some passengers also will receive expanded pat-downs when screeners consider it warranted.” I have very mixed feeling about this. On the one hand, it may make the life of a terrorist harder. The 9/11 hijackers knew what they were allowed to take, and the screeners didn’t have much discretion. On the other hand, it’s going to lead to more abuses where the screeners make strange or offensive decisions. Those incidents (“drink your own milk,” “drop your trousers”, etc) will greatly outnumber terrorists caught, however good the screeners are. There are a lot more innocents than terrorists traveling and so the silly-season perception of screeners will increase.

    As to the “groping,” it was inevitable. If the goal is to keep all knives off planes, then you need to rub-frisk every passenger. Maybe they can at least hire better looking screeners to do it?

  • Document scanners “For traces of explosives,” they claim. No, its more reliable data capture, and an attempt to cut down on fake ID being used. As if any of the terrorists ever travelled with fake ID. They travelled on fraudulently issued ID, a market driven by the immigration and work policies of the US.

Qui Custodes Custodiat?

There’s a brilliant post over at Orcinus about the 9/11 commission, whose (outstanding) report I’m just getting around to reading.

Really, if the Kerry campaign is serious about persuading the American public that Bush is a serious liability when it comes to securing the nation from the terrorist threat, this should be Exhibit A: Bush fought the formation of the 9/11 commission for a year, and continued to fight its work throughout.

This isn’t about politics as it seems to be practiced today, with a storm of invective and attacks. It’s about an honest look at what went wrong, and preventing it from happening again. That’s a process that requires openness and honesty, not blind trust, and not requests for such.

During the fights over cryptography laws in the 90s, we spent a great deal of time on the claim from high-ranking government officials, “If you knew what we knew, you’d agree with us.” This claim was put to rest by a dozen generals, admirals, ambassadors, and former spies who served on the National Research Council’s report Cryptography’s Role in Securing the Information Society. That report plainly stated that while details of operations needed to remain secret, the arguments themselves had all been discussed openly. In much the same way, those details that have come out have argued strongly against secrecy. Condoleezza Rice’s description of the (then classified) “Bin Ladin determined to strike in US” Presidential Daily Brief as “purely historical” is exhibit A.