Feds: TSA Worker Tried to Sabotage Terror Database: Via Threat Level.

A former Transportation Security Administration contractor is being charged in Colorado for allegedly injecting malicious code into a government network used for screening airport security workers and others.

The malicious code, a logic bomb installed last October, was designed to cause damage and disrupt data on servers on an undisclosed date but was caught by other workers before it delivered its payload.

Douglas James Duchak, 46, had worked as a data analyst at the TSA’s Colorado Springs Operations Center, or CSOC, since 2004. The CSOC is used to vet people who have “access to sensitive information and secure areas of the nation’s transportation network,” according to the indictment. A source involved in the case said this involved screening of both passengers and workers at airports and other transportation facilities.

He pleaded not guilty in a Denver federal court on Wednesday and was released on a $25,000 unsecured bond. The indictment did not say whether the malware was crafted to erase or alter data, or simply disable servers.

The CSOC network stores updated information from the government’s terrorist watchlist as well as criminal histories from the U.S. Marshal’s Service Warrant Information Network. [ Read more ... ]

Government No-Fly List Includes the Dead: Via Threat Level.

You may be dying, figuratively, to get off the government’s no-fly list, but death won’t guarantee removal.

The government’s no-fly list includes the names of dead suspects, according to government officials who spoke with the Associated Press, to help catch people who may try to assume the suspect’s identity.

The no-fly list has been shrouded in mystery since it was first developed after the 9/11 attacks. How people get on the list or get off it has been a closely guarded secret, with only bits of information made public during congressional hearings.

The AP has pieced together the broad steps it takes for someone to get on the list, and some of the changes the list has undergone since it was first created nine years ago. [ Read more ... ]

ACLU Sues Over Unconstitutional Airport Detention And Interrogation Of College Student Carrying Arabic Flashcards: Via American Civil Liberties Union.

Incident At Philadelphia Airport Highlights Misdirected Security Efforts, Says ACLU

FOR IMMEDIATE RELEASE
CONTACT: (212) 549-2666; media@aclu.org

PHILADELPHIA – The American Civil Liberties Union and the ACLU of Pennsylvania today filed a lawsuit on behalf of Pomona College student Nicholas George, who was abusively interrogated, handcuffed and detained for nearly five hours at the Philadelphia International Airport because of a set of English-Arabic flashcards he was carrying in connection with his college language studies.

"Arresting and restraining passengers who pose no threat to flight safety and are not breaking any law not only violates people's rights, but it won't make us any safer. It may actually make us less safe, by diverting vital resources and attention away from true security threats," said Ben Wizner, staff attorney with the ACLU National Security Project. "Nick George was handcuffed, locked in a cell for hours and questioned about 9/11 simply because he has chosen to study Arabic, a language that is spoken by hundreds of millions of people around the world. This sort of harassment of innocent travelers is a waste of time and a violation of the Constitution." [ Read more ... ]

Mikey Hicks, 8, Can’t Get Off U.S. Terror Watch List: Via NYTimes.com .

The Transportation Security Administration, under scrutiny after last month’s bombing attempt, has on its Web site a “mythbuster” that tries to reassure the public.

Myth: The No-Fly list includes an 8-year-old boy.

Buster: No 8-year-old is on a T.S.A. watch list.

“Meet Mikey Hicks,” said Najlah Feanny Hicks, introducing her 8-year-old son, a New Jersey Cub Scout and frequent traveler who has seldom boarded a plane without a hassle because he shares the name of a suspicious person. “It’s not a myth.” [ Read more ... ]

Have You Been Subjected to Suspicionless Laptop Search or Seizure at the Border?: Via EFF.org Updates.

EFF has long fought for the privacy of your laptop and other digital devices at the border. U.S. Customs and Border Protection has implemented program that authorizes searches of the contents of travelers’ laptop computers and other electronic storage devices at border crossings, notwithstanding the absence of probable cause, reasonable suspicion or any indicia of wrongdoing.

In U.S. v. Arnold we fought for a requirement that customs agents have some reason before searching your computer and in our FOIA work on border searches, we have pushed the government to reveal its policies and practices in this area. [ Read more ... ]

Adding More Names to Watch Lists Isn’t Change, It’s a Step Back: Via Threat Level.

Adding more names to the government’s terrorism watch lists as a way to prevent another underwear bomber, as President Obama promised to do Thursday, won’t work. It will only make things worse. It’s the anti-terrorism equivalent of the D.C. cliché of throwing money at a problem — far short of what we’d expect from the country’s first high-tech president.

From top to bottom, for over a decade, this country’s system for putting suspected terrorists in databases to help keep them out of the country has been a failure. Critics on the right and left (now including Obama) howl that Umar Farouk Abdulmutallab should have been put on a watch list, rather than being allowed to board a plane destined for the United States while he was wearing a bomb. And, rightly so, since he was reported to U.S. authorities as a threat by his own father, there were plenty of other clues, and we’ve spent billions of dollars on high-tech systems that well-paid analysts are supposed to use to detect plots.

Still, that watch list failure is hardly surprising to anyone who has followed the saga of the watch lists, or who remembers that less than a year ago, the DoJ’s inspector general found that the FBI routinely forgets to add subjects of a terrorism investigation to the list. Just as disturbingly, the FBI also neglects to remove people when an investigation is closed.

Given that the lists are used at traffic stops and airline check-ins foreign and domestic — and that the FBI is only one of many three-letter agencies that nominate people to the list — having the good guys on the list and the bad ones off of it is far from ideal. [ Read more ... ]

Airport Scanners Can Store, Transmit Images: Via Threat Level.

Contrary to public statements made by the Transportation Security Administration, full-body airport scanners do have the ability to store and transmit images, according to documents obtained by the American Civil Liberties Union.

The documents, which include technical specifications and vendor contracts, indicate that the TSA requires vendors to provide equipment that can store and send images of screened passengers when in testing mode, according to CNN.

The TSA has stated publicly on its website, in videos and in statements to the press that images cannot be stored on the machines and that images are deleted from the scanners once an airport operator has examined them. The administration has also insisted that the machines are incapable of sending images. [ Read more ... ]

White House calls for IT boost to fight terrorism: Via Computerworld Data Mining News.

Better technology needed to 'connect the dots' on terror-related data, says Obama report

The White House report on the failed bombing attempt of a U.S airliner on Christmas Day highlights the challenges U.S intelligence agencies face in correlating terrorism-related information gathered from multiple databases and sources.

The review, released yesterday, identified an overall failure by intelligence agencies to "connect the dots," despite having enough information at their disposal to have potentially disrupted the botched attack.

The problem, according to the report, was not a lack of information sharing between government agencies but a failure by the intelligence community to "identity, correlate and fuse into a coherent story all of the discrete pieces of intelligence held by the U.S. government."

In listing the various causes for this failure, the report noted that information technology within the counter-terrorism community "did not sufficiently enable the correlation of data that would have enabled analysts to highlight the relevant threat information." [ Read more ... ]

The backfiring of the surveillance state: Via Salon: Glenn Greenwald.

(updated below - Update II)

Every debate over expanded government surveillance power is invariably framed as one of "security v. privacy and civil liberties" -- as though it's a given that increasing the Government's surveillance authorities will "make us safer."  But it has long been clear that the opposite is true.  As numerous experts (such as Rep. Rush Holt) have attempted, with futility, to explain, expanding the scope of raw intelligence data collected by our national security agencies invariably impedes rather than bolsters efforts to detect terrorist plots.  This is true for two reasons:  (1) eliminating strict content limits on what can be surveilled (along with enforcement safeguards, such as judicial warrants) means that government agents spend substantial time scrutinizing and sorting through communications and other information that have nothing to do with terrorism; and (2) increasing the quantity of what is collected makes it more difficult to find information relevant to actual terrorism plots.  As Rep. Holt put it when arguing against the obliteration of FISA safeguards and massive expansion of warrantless eavesdropping power which a bipartisan Congress effectuated last year: [ Read more ... ]

Threshold for Getting Onto No-Fly List Lowered: Via Threat Level.

The government has lowered the criteria for putting someone on a watch list or no-fly list, and has revoked several U.S. visas as a result, according to CNN.

The action will result in more people being grounded from flights or undergoing secondary screening at airports. Officials wouldn’t indicate how many people might be affected.

The terrorist watch list has about 400,000 names on it, according to the most recent figures reported by the government. Most of them are non-U.S. citizens, and the list includes those suspected of providing financial assistance or aid to terrorists.

The “no fly” list, a subset of the watch list, contains about 3,400 names, of which about 170 are U.S. citizens or residents.

In addition to being used by airport security personnel to single out some travelers for extra screening or interrogation, the watchlist is used for, among other things, screening U.S. visa applicants and gun buyers as well as suspects stopped by local police. [ Read more ... ]

Adopting the Israeli Airport Security Model: Via Schneier on Security.

I've been reading a lot recently -- like this one on the Israeli airport security model, and how we should adopt more of the Israeli security model here in the U.S. This sums up the problem with that idea nicely: [ Read more ... ]

TSA Agent Used Twitter to Trick Source Into Revealing Himself: Via Threat Level.

A TSA agent who served a civil subpoena on blogger Steven Frischling last week also posed as the blogger in order to trick the blogger’s anonymous source into revealing his identity, according to someone familiar with the incident.

The agent, while in possession of Frischling’s BlackBerry, typed a message in the blogger’s Twitter account asking the source to contact him by e-mail. The message read: “To the gentleman who sent Flying With Fish the TSA Security Directive … Thank You! Can you drop me an email?I have a question. Thanks-Fish.”

The agent then handed the BlackBerry back to Frischling and asked him to click on the “send” button to post the message to his Flying With Fish Twitter page, the source said. [ Read more ... ]

Airline Security Must Protect Rights As Well As Safety: Via ACLU - Privacy.

Racial Profiling And Body Scanners Target Civil Liberties But Not Necessarily Terrorists

FOR IMMEDIATE RELEASE
CONTACT: (212) 549-2666; media@aclu.org

NEW YORK – The Obama administration announced Sunday it will subject the citizens of 14 nations who are flying to the United States to intensified screening at airports, including being subjected to full-body pat downs or body scanners. According to the American Civil Liberties Union, the government should adhere to longstanding standards of individualized suspicion and enact security measures that are the least threatening to civil liberties and are proven to be effective. Racial profiling and untargeted body scanning do not meet those criteria.

"We should be focusing on evidence-based, targeted and narrowly tailored investigations based on individualized suspicion, which would be both more consistent with our values and more effective than diverting resources to a system of mass suspicion," said Michael German, national security policy counsel with the ACLU Washington Legislative Office and a former FBI agent. "Overbroad policies such as racial profiling and invasive body scanning for all travelers not only violate our rights and values, they also waste valuable resources and divert attention from real threats." [ Read more ... ]

Suricata Beta Available for Download!!: Via The Open Information Security Foundation.

It's been about three years in the making, but the day has finally come! We have the first release of the Suricata Engine! The engine is an Open Source Next Generation Intrusion Detection and Prevention Tool, not intended to just replace or emulate the existing tools in the industry, but to bring new ideas and technologies to the field.

The OISF is part of and funded by the Department of Homeland Security's Directorate for Science and Technology HOST program (Homeland Open Security Technology), by the the Navy's Space and Naval Warfare Systems Command (SPAWAR), as well as through the very generous support of the members of the OISF Consortium. More information about the Consortium is available, as well as a list of our current Consortium Members. 

The Suricata Engine and the HTP Library are available to use under the GPLv2. 

The HTP Library is an HTTP normalizer and parser written by Ivan Ristic of Mod Security fame for the OISF. [ Read more ... ]

EFF Helps Blogger Subpoenaed by TSA, TSA Backs Down: Via EFF.org Updates.

On December 31, 2009, the Transportation Security Administration backed off on an ill-considered administrative subpoena it issued to trasportation industry blogger, Christopher Elliott. EFF assisted Mr. Elliott in responding to the subpoena.

The subpoena was hand-delivered to Mr. Elliott by a TSA representative on the evening of December 29, 2009. It sought all documents "concerning your receipt of TSA Security Directive 1544-09-06 dated December 25, 2009." The much-criticized directive had been given to hundreds of employees of TSA and the airlines and described some of the passenger-related security measures put into place in the immediate aftermath of the unsuccessful attempted bombing of a Northwest Airlines flight on December 25, 2009. The directive expired on December 30, 2009. Mr. Elliott obtained it in the course of his coverage of the situation and had sought TSA comment before publishing. The subpoena demanded all documents by the close of business on December 31, 2009, just two days after the agent delivered it.

Mr. Elliott’s counsel Anthony Elia, assisted by EFF and others, responded to TSA by objecting to the subpoena both on the grounds that it did not provide a reasonable time for Mr. Elliott to respond and because it improperly sought to require a journalist to reveal his sources and materials. Upon receipt of the objection, TSA first granted an extension to Mr. Elliott, then withdrew the subpoena entirely. [ Read more ... ]

TSA Withdraws Subpoenas Against Bloggers: Via Threat Level.

In the wake of public outcry against the Transportation Security Administration for serving civil subpoenas on two bloggers, the government agency has canceled the legal action and apologized for the strong-arm tactics agents used.

Travel writer and photographer Steven Frischling, who was served with a subpoena by two TSA agents on Tuesday, told Threat Level that he received a phone call Thursday evening from John Drennan, deputy chief counsel for enforcement at TSA, telling him the administration was withdrawing its subpoena.

Frischling was told the TSA would no longer be pursuing the investigation into how he received a security directive that he published on his personal blog, Flying with Fish, on Dec. 27. [ Read more ... ]

TSA nominee misled Congress about accessing confidential records: Via washingtonpost.com .

The White House nominee to lead the Transportation Security Administration gave Congress misleading information about incidents in which he inappropriately accessed a federal database, possibly in violation of privacy laws, documents obtained by The Washington Post show.

The disclosure comes as pressure builds from Democrats on Capitol Hill for quick January confirmation of Erroll Southers, whose nomination has been held up by GOP opponents. In the aftermath of an attempted airline bombing on Christmas Day, calls have intensified for lawmakers to install permanent leadership at the TSA, a critical agency in enforcing airline security.

Southers, a former FBI agent, has described inconsistencies in his accounts to Congress as "inadvertent" and the result of poor memory of an incident that dates back 20 years. He said in a Nov. 20 letter to key senators obtained by The Post that he had accepted full responsibility long ago for a "grave error in judgment" in accessing confidential criminal records about his then-estranged wife's new boyfriend. [ Read more ... ]

TSA Threatens Blogger Who Posted New Screening Directive: Via Threat Level.

Two bloggers received home visits from Transportation Security Administration agents Tuesday after they published a new TSA directive that revises screening procedures and puts new restrictions on passengers in the wake of a recent bombing attempt by the so-called underwear bomber.

Special agents from the TSA’s Office of Inspection interrogated two U.S. bloggers, one of them an established travel columnist, and served them each with a civil subpoena demanding information on the anonymous source that provided the TSA document.

The document, which the two bloggers published within minutes of each other Dec. 27, was sent by TSA to airlines and airports around the world and described temporary new requirements for screening passengers through Dec. 30, including conducting “pat-downs” of legs and torsos. The document, which was not classified, was posted by numerous bloggers. Information from it was also published on some airline websites. [ Read more ... ]

Me and the Christmas Underwear Bomber: Via Schneier on Security.

I spent a lot of yesterday giving press interviews. Nothing I haven’t said before, but it’s now national news and everyone wants to hear it.

These are the most interesting bits. Rachel Maddow interviewed me last night on her show. Jeffrey Goldberg interviewed me for the Atlantic website. And CNN.com published a rewrite of an older article of mine on terrorism and security.

I've started to call the bizarre new TSA rules "magical thinking": if we somehow protect against the specific tactic of the previous terrorist, we make ourselves safe from the next terrorist. [ Read more ... ]

Debate Over Full-Body Scans vs. Invasion of Privacy Flares Anew After Incident: Via NYT > Privacy.

The technology exists to reveal objects hidden under clothes at airport checkpoints, and many experts say it would have detected the explosive packet carried aboard the Detroit-bound flight last week. But it has been fought by privacy advocates who say it is too intrusive, leading to a newly intensified debate over the limits of security.

Screening technologies with names like millimeter-wave and backscatter X-ray can show the contours of the body and reveal foreign objects. Such machines, properly used, are a leap ahead of the metal detectors used in most airports, and supporters say they are necessary to keep up with the plans of potential terrorists. [ Read more ... ]

Move to National ID Cards Delayed: Via Threat Level.

The United States’ quest for a national identification database associated with driver’s licenses won’t be finished by year’s end.

The deadline was Dec. 31 for the states to have created what would be the largest identification database of its kind under the auspices of the Real ID program. The law also mandates uniform anti-counterfeiting standards for state driver’s licenses.

None of the states are in full compliance with the law, first adopted in 2005, requiring the states’ motor vehicle bureaus to obtain and internally scan and store personal information like Social Security cards and birth certificates for a national database, according to the American Civil Liberties Union. About half the states oppose the mandate, or have said they would never comply.

Beginning Jan.1, the law was supposed to have blocked anybody from boarding a plane using their driver’s license as ID if their resident state did not comport with the Real ID program. But the Department of Homeland Security is set to extend, for at least a year, the deadline of the Real ID program that has raised the ire of privacy advocates. [ Read more ... ]

FBI: 19,000 Matches to Terrorist Screening List in 2009: Via Threat Level.

United States law enforcement agents and partners reported “encounters” with suspected terrorists 55,000 times in the last year; a check against the terrorist watchlist found a match 19,000 times, according to testimony presented to the Senate on Wednesday.

The figure includes multiple hits on the same people, according to an FBI spokesman, who didn’t know how many unique individuals were counted in the 19,000 hits.

The statistics appeared in testimony by the FBI’s Timothy Healy, director of the Terrorist Screening Center, or TSC, to the Senate Homeland Security and Government Affairs Committee.

Established in 2003, the TSC is a multi-agency clearinghouse for tips and other information about known and suspected terrorists that is shared with federal, state and local law enforcement agencies, as well as intelligence agencies and 17 foreign partners.

The center maintains the terrorist watchlist, which currently has about 400,000 individuals on it, most of them non-U.S. citizens, and includes those suspected of providing financial assistance or aid to terrorists. A subset of this list, the No Fly list, includes people considered a threat to aviation or national security and contains about 3,400 names, of which about 170 are U.S. persons. [ Read more ... ]

Lawmakers Want to Bar Sites From Posting Sensitive Government Docs: Via Threat Level.

Three Republican lawmakers have asked the Department of Homeland Security what can be done to bar or criminally penalize whistleblower sites that reposted a sensitive airport-screening manual that was published on the internet by a government worker.

They also asked about enacting regulations that would bar such publication in the future.

The congressmen are outraged that sites like Cryptome and Wikileaks republished the manual after it was posted online by a government contractor working for the Transportation Security Administration. The manual was posted last March on a government procurement site and was discovered Sunday by a blogger.

In their letter to Homeland Security Secretary Janet Napolitano (.pdf) on Wednesday, Reps. Peter T. King (R - New York), Charles Dent (R - Pennsylvania) and Gus Bilirakis (R - Florida) asked, “How has the Department of Homeland Security and the Transportation Security Administration addressed the repeated reposting of this security manual to other websites, and what legal action, if any, can be taken to compel its removal?” [ Read more ... ]

Dead Man Gets Passport - The Top 10 Stories You Missed in 2009 : Via Foreign Policy.

Since 2007, the U.S. State Department has been issuing high-tech "e-passports," which contain computer chips carrying biometric data to prevent forgery. Unfortunately, according to a March report from the Government Accountability Office (GAO), getting one of these supersecure passports under false pretenses isn't particularly difficult for anyone with even basic forgery skills.

A GAO investigator managed to obtain four genuine U.S. passports using fake names and fraudulent documents. [ Read more ... ]

TSA nominee questioned over FBI censure: Via washingtonpost.com .

Sen. Susan Collins (R-Maine) questioned President Obama's nominee to lead the nation's airport security agency Tuesday about a censure he received from the FBI in 1988.

Erroll Southers, who was serving as an FBI special agent at the time of the censure, asked a co-worker's husband who worked for the San Diego Police Department to run a background check on his ex-wife's boyfriend.

Under questioning by Collins, Southers said that he has not misused government databases to receive personal information on anyone since the incident and that he would not do so in the future.

Collins did not describe the incident during Tuesday's hearing, instead referring only to an "issue" that led to the censure. [ Read more ... ]