Tuesday, November 28, 2006

Good news and bad news

The Good.

One of my lawyers flew into Indianapolis on Nov 14th and we met with two FBI cybercrime agents, as well as an assistant US Attorney. The short version of things, is that they've stopped the investigation, due to a lack of evidence of criminal intent on my part. They've given me back my passports, my computers, and I'll be getting the rest of my stuff back shortly. Essentially, I'm a free man - with no charges filed. I've been represented by two amazing lawyers throughout this mess - Stephen Braga and Jennifer Granick. Without them - this would not have ended so quickly, or with such a fantastic outcome.

The Feds (at least those that I met) fundamentally disagree with me on many subjects - the role that researchers, academics, and common citizens take in studying, criticizing and pointing out the flaws in our security systems. I have been laying the groundwork for some Tor related research at Indiana University (pending approval from the University Counsel) - in fact, two of Tor's designers are visiting researchers at IU this year. It was made perfectly clear during the meeting that parts of the US government, at least the two represented at the meeting, strongly disapprove of Tor - and in particular, thought that research universities such as IU, MIT, Georgia Tech, Harvard and others have no business supporting such projects.

It is difficult for me to properly express how deep the divide was at this meeting - between the positions and opinions expressed by the feds, and of the "common values" shared by most researchers in my field and those taught to me in university settings. However, in spite of this, after talking for a few hours, they came to understand that although in my own way, I'm trying to work towards the same thing as them: A safer flying experience.

Also - my lawyers tell me that it's now OK to do interviews.

The Bad.

The forced take down of my website a few weeks ago has not improved airport security. The bigger and more interesting question, is if putting the site up in the first placed made airport security any more vulnerable.

There are currently multiple goals of the airport security system in the US.

1. Make sure there are no weapons/bombs on-board an airplane.
2. Make sure that the people who 'should not' be flying do not get on airplanes.

Goal number one is easy enough:

TSA representatives have stated multiple times since my boarding pass generator went live that passengers are not placed at any additional risk when fake boarding passes are used. This is true. As long as the TSA checkpoint staff do their jobs, then evil-doers should not be able to bring bad things on-board. Recent reports seem to indicate that TSA is having a bit of trouble with their screening process, but at least for this discussion, let us imagine a world where TSA is able to actually stop every single knife, gun, binary chemical explosive device and box cutter from being smuggled on-board.

Goal number two - the no-fly list - is problematic for a number of reasons.

1. Terrorists do not pre-register themselves before committing their crimes. There are no repeat offender suicide bombers - and thus it should not be too difficult for terrorist organizations to recruit people with clean criminal records.

2. Terrorists evolve to avoid detection. If ethnic profiling is used, they recruit from local mainstream, or less-suspected ethnic groups (for example, the Jamaician/British "shoe bomber" and then the use of British born, south Asian Muslims in the London attacks). When gender profiling is used, women are recruited (see: Palestine, Sri Lanka, Chechnya). If we rely upon a watch list to find terrorists, they'll conduct 'dry runs' before the real event, to figure out who will be forbidden from participating in the real attack itself. The futility of using ethnic profiling to detect terrorists has been discussed at length by researchers from MIT, where they prove that random searches are far more effective.

3. You can legally refuse to show ID at the airport. They will let you board the plane, without a single piece of ID.

4. The implementation of the no-fly and mandatory-selectee lists is flawed, secretive and in no way transparent. Senator Ted Kennedy was put on the list for a while, Cat Stevens, the wife of the Senator made famous for stating that the "Internet is a series of tubes" has been repeatedly delayed at airports, due to the fact that she shares a name with the now-Muslim singer, and any passenger named Robert Johnson or John Smith is severely inconvenienced when they fly. Yet, at the same time, the 9/11 hijackers, all of whom are dead, are still on the list, while the names of the London liquid bombers were not placed on the list - due to the chance a boarding denial at the airport could tip them off to the fact that they were under investigation.

What to do with the no-fly list?

We, as a nation, must decide a few things. If we want no-fly, and mandatory search lists, we have to decide how effective we want them to be.

If we want to bar those who are on the no-fly list from boarding a plane, we must institute checks of ID at the gate. Airport staff, or TSA agents with access to the airlines' computers, must be able to scan a boarding pass, look at the name on the computer, and see that it matches the name on the passenger's ID. Looking at the printed boarding pass is not enough - the name in the reservation system must be verified and matched. This, will, of course, cost money - as someone will have to be paid to perform this check.

If we want to bar those no-fly list passengers from boarding the plane and from getting into the 'secure' area past the TSA checkpoint, then the TSA must be able to match the boarding pass and ID to a computer reservation at the security checkpoint. This would require barcode scanners/ticket readers at the checkpoint. Furthermore, TSA would either need to find a way to interface with every airlines' computer systems, or the airlines would need to get together, publish the data, and agree upon a common, computer readable and verifiable standard for boarding passes (Hint: this is where a bit of government guidance/regulation could be useful).

Each of these two computer based boarding pass/ID checks would make impossible the current and widely reported airport security vulnerability, which has been documented at length on Senator Schumer's website.

Let us imagine that the government rolls out computer boarding pass checks at the TSA checkpoint. One problem remains: You can fly without ID. You can either refuse to show ID, citing a right affirmed by the US appeals court, or tell the TSA staff that you've forgotten your ID. Sure, you will be subjected to a more vigorous search - but if your aim is to bypass the no-fly list (and not to sneak a weapon past security), then you'll have succeeded in your goal.

The domestic no-fly list and the ability to fly without ID simply cannot co-exist. The former is made completely useless by the latter. If we want to have a no-fly list, we must require ID to be shown. Otherwise, a passenger simply purchases a ticket in a fake name, refuses to show ID at the checkpoint, and then can successfully board the plane.

As things stand right now, Checking ID at the security checkpoint does nothing to stop people who are on the no-fly list from actually flying. It merely inconveniences regular passengers who play by the rules. A security system that "keeps the honest honest" doesn't work when the attackers you're worried about are intelligent, well funded and willing to kill themselves to get the job done. The question of forcing passengers to show ID for domestic flights is one that is currently working its way up to the US Supreme Court. This issue, and a larger discussion surrounding the no-fly list should be publicly debated by Congress and in the newspapers. The ability, right now, to fly without ID creates a gigantic loophole in a no-fly list that arguably wasn't doing so well to begin with. We need to figure out, as a nation where the majority of people do not support a national ID, if we want a no-fly list in the first place and if we are willing to be forced to present our papers when we want to fly/ride a train/get on a greyhound bus. How many 4-year old children, and countless John Smiths and Robert Johnsons are we willing to let the government search and inconvenience in the name of "security".


Anonymous said...

Glad you are free, although I shouldn't have to say that. This whole saga - invisible rules, invisible jails, and the like - remind me of the old teenage years of reading Atlas Shrugged...

Keep on keeping on.

Anonymous said...

The only reason this isn't a perfect happy ending is that there are still major problems with airline security, and nothing seems to be being done about it.

Anonymous said...

Does the FBI understand that Tor was a Navy Research Project?

Anonymous said...

i think the govmt. should quit hiring dildo geeks who went to college for this stuff. The true guys are like this guy who have been doing this way before it was the cool thing to do. We are our own worst enemy. To much red tape. If the govn. was so concerned with security they could hire me to work m-f and just fly from airport to airport and i could point out over 100 ways we could be breached at each airport etc. COMMON SENSE GUYS. i could go on for days and raise hell until the feds kicked my door down and bring me an application. lol

Anonymous said...

Welcome back onto the Web and congratulations on working through the legal entanglements, Chris.

Anonymous said...

Sadly why is it that the right people weren't in place when this system was put in place? What I mean by "right people", is people who actually analyze the process from start to finish.

These are such simple issues to point out and yet would take great amounts of time to implement. All due to the fact that it deals with politics and government policies. Furthermore it is also due to the fact that it wasn't done right the first time. Ironic how the government really does want to provide the best security, yet they are unwilling to institute these kinds of standards.

Why (just my opinion)? Airlines have a business to maintain and customers to keep happy. Scary to think about these kind of things, but yet very necessary.

All regard to you Chris for making a statement that has tried to be made for the past 3 years and gone unheard.

Anonymous said...

Hi Chris and congrats!

I do applaud your efforts. However, you are upset that IU did not back you legally. As a researcher, did you check with IU and legal counsel concerning your work and its implementation in relation to your research at IU?

My assumption is that since you posted the site on what appeared to be a non-IU host that you implemented this project personally and not professionally.

This should serve as an example to researchers in general. If you are going to work with sensitive materials or topics, cover your rear.

If you are doing it as a research grant or affiliation to a group, make sure they have you covered legally.

If they choose to not back you up or stifle the project, then you would then have the option of "going it alone", finding another backer or not proceeding.

If you are invoking a university or business's name in your research then they DO have some rights in terms of your project.

Alas, it is the nature of the beast that is research.

Dan Walker said...

Glad to hear you didn't get extraordinarily renditioned - good to know it all worked out, and keep up the sterling work :)

Anonymous said...

Nice research, bad presentation. While I might applaud your determination to show the insecurities in our airports, etc., I find the good you've done negated by the fact you posted it so publicly. Posted the information so that, like how to make a bomb, is accessible to anyone with the deviousness to use it incorrectly.

Invisible rules, invisible procedures...I think you've done basically what you set out to do: Pinpointed our weaknesses and published it for the WORLD. Are you HOPING others will only use it for good? Good luck with your "research" project. I'm glad you were released and things seem to be resolving themselves (no matter how painful) for you.

I do believe that one of the reasons so many areas haven't been addressed is because we are a free country, able to discuss, disagree. Sometimes there's another free American whose opinion and rights means they want things done differently. One person says "check all IDs". The other says, "hey wait, that's an infringement on..." And things get lost in the middle.

I'd congratulate you on getting all this damaging insight "out there in cyberland" but I'm now going to be too busy trying to live my own life while watching over my shoulder for someone who read your site and will use the information to hurt me.

Anonymous said...

What you did was absolutley awesome. So sorry that you had to put up with the FBI and the Government redtape, but if they were smart enough in the first place to see what you saw, this would not have happened in the first place. KUDOS TO YOU!!!!!

Anonymous said...

The Onion Router (progenitor of TOR) was a project at the Naval Research Lab, and In-Q-Tel, the private venture capital arm of the CIA, once invested in Safeweb, a firm that facilitated anonymous browsing.

There are people in the U.S. Government who care about technologies that facilitate Internet privacy, but there are just as many who don't see the big picture.

It's convenient to forget that the same tools that help individuals protect their privacy also have uses in law enforcement.

Anonymous said...

It's sad that this is an age-old story with countless names... A hearty congratulations my friend, but the battle is far from over. As a former contract employee of the DOD (Dept. of Defense), let me tell you just how bad things are with gov't computer systems. In fact, if it weren't for the contractors, things would be worse. Far worse. Even if we could get things approved for use, there was so much red tape and committee decisions, that by the time it was approved, it was outdated. It's completely ludicrous. It's so bad I had to finally quit and move on to something else that made sense.

Anonymous said...

Congratulations and welcome back, and thank you for your insightful writeups.

Anonymous said...

I couldn't disagree more with forcing ID checks on all passengers. Surely you of all people know how easy stolen/fake ids are to come by. I would rather run the risk of a terrorist with a knife than live in a nation where every move I make is met with "papers please." Don't make me quote the usual bit about sacrificing liberty for security.

Anonymous said...

When I was growing up (back in the 50's), National IDs, internal checkpoints, police at every transportation terminal, forced identity checks, and so forth were considered earmarks of a despotic regime such as Nazi Germany or the Soviet Bloc countries.

I personally don't care who boards the plane with me as long as they don't stink too bad and don't have the means of hijacking or destroying the plane. I don't object to traveling with Methodists, Catholics, Jews, Hindus, Hari Krishnas, etc., (although I draw the line at Demopublicans) so, as long as the person next to me doesn't get violent, why should I care whether he's Islamic from a sect as radical as Lyndon LaRouche fundamentalists?

Focusing on physical safety rather than both physical safety and ideological safety may require some other type of design considerations, but the design considerations are easier to implement and would more than halve the scope of keeping passengers safe.

The aircraft belongs to the airline. They should be the ones spending the most time and money trying to make their passengers safe during flight and during the terminations.

I am glad you are doing some research, but I wish you would spend less time engaged in controlling people than controlling circumstances. I am significantly more worried about weapons and explosives, worms in the electronics and missiles on the ground than I am an unarmed radical going from point A to point B. People, in general, are less controllable than the environmental circumstances, and the larger the group of people needed to be controlled, the less the possibility of control. There should be multiple and redundant security checks on the personnel involved in the flight, multiple redundant security checks of all airliners and airline electronics, and VERY thorough screening of people and luggage traveling on the flight.

Most of the other stuff is a violation of privacy and/or a form of pre-conviction.

Anonymous said...

Unfortunately, though you indicate that point 1 is a solved problem ... I want to indicate that I do not believe it is.

When the TSA spends time confiscating shaving cream, toothpaste, hair gel, and other items not larger than some set size, they are closing the barn door after all the horses have left.

Sadly for us frequent travelers, a nefarious individual can do damage with solid phase chemistry just as easily as liquid phase.

I am not going to give examples here.

The other aspect I find objectionable is that the TSA and screeners tend to follow patterns of screening and selection. They appear more concerned with throughput of customers than of safety. I noted patterns shortly after 9/11 where positioning myself just right in line could effectively guarantee that I was or was not screened more intensely.

Additionally, our countries predilection towards PC attitudes and rules means that we do not spend time focusing upon the groups that are most likely to commit such nefarious acts, and instead the TSA gropes granny and junior. Until we swallow the bitter pill that we have to focus on specific sub-populations whom have demonstrated a willingness to undertake this sort of evil deed, we are going to constrained to look very closely at people who do not have the remotest chance of doing evil deeds on airplanes. All in the PC name of not pissing off a sub-population group.

What the FBI, TSA, and others need to look at is the Israeli model. How many hijackings have they had in the last 20 years? How many evil doers have done evil on their flights? This is why we need to emulate them. This is going to piss off sub-population groups. Tough. The price of freedom is sacrifice. Freedom isn't free, you have to work for it, it isn't easy, and it demands different things of different people and groups.

Anonymous said...

The only real answer to secure flight is to allow everyone to board the plane armed. This does 2 things. First, in order to hijack a plane, you now need a sufficient number of armed terrorists to take out the armed non-terrorists. This would add logistical problems, and in addition to a watch list increases the chances of someone tripping the alarm. A plane full of terrorists is easier to shoot down in public opintion than a plane of 1 terrorist and 100 innocents. This also makes them incur heavier losses rather than a 1-at-a-time. Second, they actually have to survive the hijacking attempt. The problem exists because we let the government disarm us, then we have to rely on the government's implementation of safety protocols to protect us. For big-government advocates, this is ideal. For everyone else it sucks. We know the government is a bearacracy and its saftey protocolsa re horribly inefficient and most often, laughable. We the People must reject that the government is fully responible for our safety, and take charge and be responsible for your selves. As big as the government is, it can't always be there. And I would be scared if it actually was.

Anonymous said...

Re: Mr. "Nice Research, Bad Presentation":

"Hey, I've found a problem that could potentially kill hundreds of people!"

"Shh! Don't tell anyone!"

Only by calling attention to these problems will anything be done about them. The problems exist independent of general knowledge of their existence. If the goal is to truly make air travel safer, then we should be shining as much light on these problems as we can.

Anonymous said...

To the people who think exposing the Boarding Pass vulnerability to the world was a bad idea: Do you really think the bad guys are so naive that this was huge revelation for them? Even the most dense people I know realize much of what is done in the name of security is merely a show.

Anonymous said...

Goal number 2 is already taken care of. By exposing the possibility that you're not just going to get flown to Cuba then ransomed, every incentive has been given to ordinary passengers to resist hijackers themselves. Very simply, it's not possible to hijack planes anymore without killing everyone on board first.

Anonymous said...

So, ya gonna put the app back up?!? 8-D

Anonymous said...

It's not about security. It's about appearing to do something (In other words TSA is window dressing). Now that there are big bucks being flushed (err spent) on this, it is probably self perpetuating. The primary security innovation was the passengers jumping the terrorists, and that happened without any government action. And now for something thousands of times more dangerous... I will attempt to cross a Chicago street...

Anonymous said...

"Tough. The price of freedom is sacrifice. Freedom isn't free, you have to work for it, it isn't easy, and it demands different things of different people and groups."

Our founding fathers knew that there would be risks of liberty. But did that stop them?

Anonymous said...

Mr. law enforcment, if your methodologies that you depend on to protect society from crime fundementally violate that same society's values. What then must go?

To state this in another way. No where in the constitution, or any other legal cannon does it say, the citizens of these United Stated of America must surrender our liberties, or education to make your job easier. If you don't want to do the work that is assigned to you, find a new vocation more befitting your place in society's values.

Anonymous said...

So got to ask, what did those lawyers cost you? If you are not wealthy, I presume it would have been significant. Maybe you should setup a Legal Defense Fund to reimbure you. I would contribute. While you have the news focus and a slashdot article could be added, I think it'd be a great step. People should not be personally given expenses to defend themselves against idiotic feds.

Anonymous said...

Chris, thanks for showing the public at large that was aware of this that there is something very wrong with post 9-11 security. once problems/flaws are found they are dealt with very poorly [I cannot imagine someone didn't know about this before; if not then we have a serious problem much bigger than this.] it may be that this flaw was well known by the government but was either unable/unwilling to do anything about it.

*about the previous post by Anonymous:
Chris did post about the legal defense fund on the 28th of October I believe.

Anonymous said...

has anyone tried taking a hundred three-ounce bottles on an airplane yet?