Abdulmutallab/Flight 253 Airline Terror links

  • The Economist “The latest on Northwest flight 253:” “the people who run America’s airport security apparatus appear to have gone insane” and “This is the absolute worst sort of security theatre: inconvenient, absurd, and, crucially, ineffective.”
  • Business Travel Coalition, via Dave Farber and Esther Dyson, “Aviation Security After Detroit:” “It is welcome news that President Obama has ordered an airline industry security review so long as it is strategic in nature.”
  • Stuart Baker, “Six Uncomfortable Answers” which seems to boil down to “identity-based security has failed, let’s not address the good reasons why, and build more of it.” Usually Stewart has been more insightful than this. But then he writes “I asked several questions about how good the screening was in Nigeria and at Schiphol. I now think that it barely matters how good a job those screeners did. Without a reason to treat Abdulmutallab differently from other passengers, the current level of screening wasn’t likely to find the explosives.” Actually, as he points out, no acceptable level of screening is likely to find the explosives.
  • The New York Times points out that “Questions Arise on Why Terror Suspect Was Not Stopped :” “That meant no flags were raised when he used cash to buy a ticket to the United States and boarded a plane, checking no bags.” It used to be that that got you extra screening. Why did we stop?
  • Gawker, “The Shady Mainstream Media Payday of Flight 253 Hero Jasper Schuringa
  • I lost the link, but someone else pointed out that the new, alleged TSA rules would have made it a crime to get up and stop Abdulmutallab when he tried to set off his bomb.
  • This comment on the Flyertalk thread raises the interesting question: are terrorists planning to fail, expecting over-reaction by governments? Provocation would not be a new page in terror playbooks.
  • Alleged text of SD 1544-09-06
  • Every international traveller to the US is being asked to spend an extra hour on these measures. Cormac Herley’s “So Long, and No Thanks for the Externalities: the Rational Rejection of Security Advice by Users” is absolutely irrelevant, unless travel to the US falls. Again. Which, of course, makes the odds of each remaining traveller being a terrorist materially higher.

New Restrictions: No Using Electronic Devices for the Last Hour

Apparently, in the wake of thousands of deaths from idiots paying more attention to GPS, cell phones, GameBoys, iPods and other such electronic devices, TSA has announced a ban on all use of such devices for the last hour of your commute.

No, just kidding. Apparently, they may be imposing new secret restrictions on use of electronics during the last hour of flight.

How can we break the cycle of terrorist does something irksome, we all pay forever? Our current oversight isn’t restraining DHS or TSA.

Fingerprinted and Facebooked at the Border

According to the Wall St Journal, “Iranian Crackdown Goes Global ,” Iran is monitoring Facebook, and in a move reminiscent of the Soviets, arresting people whose relatives criticize the regime online.

That trend is part of a disturbing tendency to criminalize thoughts, intents, and violations of social norms, those things which are bad because they are prohibited, not bad in themselves. It’s important if we want to export freedom of speech and freedom from self-incrimination, to push for an international norm of limiting the powers of governments, not of people. Of course, since the main way that the international reach of governments is limited is through treaties negotiated by, umm, governments, I don’t expect a lot of that soon.

Not to mention the creation of fake Facebook accounts by Iranian intelligence.

But most interesting is this:

Five interviewees who traveled to Iran in recent months said they were forced by police at Tehran’s airport to log in to their Facebook accounts. Several reported having their passports confiscated because of harsh criticism they had posted online about the way the Iranian government had handled its controversial elections earlier this year.

and

One 28-year-old physician who lives in Dubai said that in July he was asked to log on to his Facebook account by a security guard upon arrival in Tehran’s airport. At first, he says, he lied and said he didn’t have one. So the guard took him to a small room with a laptop and did a Google search for his name. His Facebook account turned up, he says, and his passport was confiscated.

Eight Million? Eight Million?!?!

Chris Soghoian, who we’ve mentioned here extensively in the past, has posted some new research around just how much electronic surveillance is really going on here in the US.

Sprint Nextel provided law enforcement agencies with its customers’ (GPS) location information over 8 million times between September 2008 and October 2009. This massive disclosure of sensitive customer information was made possible due to the roll-out by Sprint of a new, special web portal for law enforcement officers.

And that’s just Sprint. (Who btw also keeps logs of all IP access for 24 months, including in many cases full URLs).
You really need to read the full article because he has so much data, as usual, Chris sums things up nicely:

As the information presented in this article has demonstrated, the publicly available law enforcement surveillance statistics are, at best misleading, and at worst, deceptive. It is simply impossible to have a reasonable debate amongst academics, public policy makers, and members of the public interest community when the very scale of these surveillance programs is secret.

and

As for the millions of government requests for geo-location data, it is simply disgraceful that these are not currently being reported…but they should be.

Per Chris’s request the full data dump has been mirrored here as well.

Tifatul Sembiring Causes Disasters

Padung-earthquake.jpgThe BBC reports that “Indonesia minister says immorality causes disasters:”

A government minister has blamed Indonesia’s recent string of natural disasters on people’s immorality. Communication and Information Minister Tifatul Sembiring said that there were many television programmes that destroyed morals. Therefore, the minister said, natural disasters would continue to occur.

His comments came as he addressed a prayer meeting on Friday in Padang, Sumatra, which was hit by a powerful earthquake in late September. He also hit out at rising decadence – proven, he said, by the availability of Indonesia-made pornographic DVDs in local markets – and called for tougher laws.

Now, you might think I’m just being snarky, but the opportunities that are open to a communication and information minister include communicating about earthquake or tidal wave safety, or how to cope afterwards. If Sembring is sharing his bizzaro ideas that a lack of morals causes people’s homes to collapse, then he is clearly putting his energy into the wrong message. He should be encouraging people to learn first aid, to have a small disaster kit, etc.

But to the extent that he’s delivering morality over engineering, preparedness, and response, he’s turning natural events into worse disasters.

Earthquake photo part of the Padang earthquake set by dapiiiiit

Toyota Stalks Woman, Claims She Consented

clown-and-cops.jpg

In a lawsuit filed Sept. 28 in Los Angeles Superior Court, Amber Duick claims she had difficulty eating, sleeping and going to work during March and April of last year after she received e-mails for five days from a fictitious man called Sebastian Bowler, from England, who said he was on the run from the law, knew her and where she lived, and was coming to her home to hide from the police.

There was even a fictitious MySpace page reportedly created for Bowler.

Although Bowler did not have Duick’s current address, he sent her links to his My Space page as well as links to video clips of him causing trouble all over the country on his way to her former house in Los Angeles, according to the lawsuit.

“Amber mate! Coming 2 Los Angeles. Gonna lay low at your place for a bit till it all blows over,” the man wrote in one e-mail….

It turns out the prank was actually part of a marketing effort executed by the Los Angeles division of global marketing agency Saatchi & Saatchi, which created the campaign to promote the Toyota Matrix, a new model launched in 2008. …Tepper, Duick’s attorney, said he discussed the campaign with Toyota’s attorneys earlier this year, and they said the “opting in” Harp referred to was done when Duick’s friend e-mailed her a “personality test” that contained a link to an “indecipherable” written statement that Toyota used as a form of consent from Duick….(“Woman Sues Toyota Over ‘Terrifying’ Prank,” ABC News.)

Dear Toyota attorneys: a contract involves, first and foremost, a meeting of the minds. We’ve had years of farcical and indecipherable privacy policies. Anyone who’s ever tried to read them knows that you can’t figure them out. Everyone knows that no one even tries. The final thing which any first year law student knows: neither of those lead to terms which shock the conscience.

I’d like to ask readers to blog and tweet about this until Saatchi, Saatchi and Toyota explain what went wrong, and agree to all of Duick’s demands.

Shown, Toyota’s attorneys in conference with representatives of Saatchi and Saatchi. Photo by Jrbrubaker.

A Little Temporary Safety

allstate-new-jersey-ad.jpg
So I saw this ad on the back of the Economist. (Click for a larger PDF). In reading it, I noticed this exhortation to “support the STANDUP act of 2009:”

The STANDUP Act* (H.R. 1895) creates a National
Graduated Driver Licensing (GDL) law that [limits nighttime driving, reduces in-car distractions, puts a cap on the number of friends in the car and increases the required hours of training and supervision. ] congressional representatives When states have implemented comprehensive GDL programs, the number of fatal crashes among 16 year old drivers has fallen by almost 40%.”

Now I was curious as to how many lives that was, and so I went looking. I found a lot of interesting stuff. For example, “Beginning with Florida in 1996, graduated licensing systems also have been adopted in most U.S. states.” That’s from the “Insurance Institute for Highway Safety/Highway Loss Data Institute.” But they also tell us: “A national evaluation reported that states with 3-stage graduated systems had 11 percent fewer fatal crashes per population of 16 year-olds during 1994-2004 than states without such systems.” Last I checked, 11 is not almost 40.

It also turns out that the number of teens killed in New Jersey last year was 60. Now, I don’t want to minimize the pain for the families who lost their children, or those injured by teens driving like, well, teens. But based on Allstate’s high number, these laws about graduated driving privileges may save as many as 25 lives a year. Based on the IIHS assessment, it may be 6 or 7.

Now there’s an old saw “Where are you from? New Jersey. Oh, what exit?” The truth is that life in New Jersey is car-centric, and saving those lives involves restricting the behavior of about 110,000 teens. (Or so I estimate, based on New Jersey Quickfacts from the US Census, who say that there are 8.6MM people, and roughly 24% are under 18, and so I figure that roughly 1.3% of the population is 16.) Those teens are in the process of exploring who they are, and asserting their independence from their parents and geography. They’re in the process of growing up. Part of that growing up is taking risks, and I suspect that some of the risk taking is simply delayed, not removed.

The other thing I don’t get about Allstate’s ad is that the insurance industry says “most states” already have such laws. Setting a national law is hard, and Congress is busy investigating baseball players. So clearly, they have important tasks to be working on. What’s more, phrases like “A national evaluation reported that states with 3-stage graduated systems had 11 percent fewer fatal crashes … than states without such systems.” A stronger argument for continued experimentation by laboratories of democracy is hard to imagine.

But stepping back, the real issue I have here is the desire to drive one particular danger to zero without consideration of the costs or alternatives. These folks are dedicated to stopping deaths in cars (which is appropriate for the IIHS, less so for Allstate). But what fraction of teen deaths are in cars that a teen is driving? What are the costs of a little temporary safety for teens?

[updates: corrected quote, added link to text]
[update2: Don’t miss Kenneth Finnegan’s comment about having 5 teens all drive separately from point A to point B, with attendant environmental and parking impact.]

BBC Video of Liquid Explosives

The BBC has some really scary video “Detonation of Liquid Explosives.” However, as I thought about it, I grow increasingly confused by what it purports to show, and the implications.


At the end of the day, I think there are two possibilities: It’s a fair representation, or it’s not. I’m leaning slightly towards the second.


If it’s a fair representation, then why are we still drinking on planes? What’s the point of allowing us to bring in smaller amounts of stuff if a 16 ounce bottle can be bought at the airport, washed out, and used to contain whatever that is?

The second choice is that it’s misleading. First, we don’t see what’s being mixed: we see an orange powder poured into a liquid, with a jug labeled water nearby. We the expert tilting the bottle back and forth to mix it. Second, we don’t see how it’s detonated. Third, we don’t really see the placement of the bottle, or how many bottles are placed. There’s an implication that it’s one, but no statement. (In fact, there’s a lack of a statement of how much of a liquid bomb was used. The BBC website say “a liquid bomb.” We don’t see if there were squibs or other games played.

The BBC ought to tell us more about what they showed.

Off to the Moscone Center

Every year around this time, thousands of people converge on the Moscone Center in San Francisco for RSA. I had never given much thought to who Moscone was–some local politician I figured.


I first heard about Harvey Milk in the context of the Dead Kennedys cover of I Fought The Law:

The law don’t mean shit if you’ve got the right friends
That’s how this country’s run
Twinkies are the best friend I’ve ever had
I fought the law
And I won


I blew George and Harvey’s brains out with my six-gun
I fought the law and I won

I learned about Harvey Milk, but didn’t really remember George. I learned who he was from Milk, the movie.

When you hear someone talking about the absolute catastrophe that getting hacked might be, put it in context of human life. Most hacking incidents are annoying, some have real financial impact, and some few have the potential to do real and irreparable harm.

So as we go to the Moscone Center, remember the murders committed by an authorized entrant into city hall. When you hear someone talking about the absolute catastrophe that getting hacked might be, put it in context, and remember George Moscone and Harvey Milk.

Children, Online Risks and Facts

isstf-report.jpg
There’s an interesting (and long!) “Final Report of the Internet Safety Technical Task Force to the Multi-State Working Group on Social Networking of State Attorneys General of the United States.” Michael Froomkin summarizes the summary.” Adam Thierer was a member of the task force, and has extensive commentary on the primary online safety issue today is peer-on-peer cyber-harassment, not adult [sexual] predation, along with a great link roundup. Kim Zetter at Wired gives unfortunate credence to hyperbolic claims by some attorneys general that “harsh reality defies the statistical academic research underlying the report.” Uh huh. I’m glad Richard Blumenthal knows the truthy, and isn’t going to let facts stand in his way. I’m less glad that Wired chose to portray that as a ‘controversy.’ I’d call it an embarrassment to the state of Connecticut.