Slashdot Mirror

concentrate on securing the network to keep China/Isis etc out of America

Seems that would be redundant with the Department Of Homeland Security's Office of Cybersecurity and Communications: http://www.dhs.gov/office-cybe...

> Seems the left hand doesn't know what the right hand is doing, or wants!

DHS includes a LOT of hands that don't know what the others are doing. This is a high-level overview of a few of the major sections within DHS:
http://www.dhs.gov/xlibrary/as...

You'll notice it includes agencies as diverse as the Coast Guard, FEMA, health stuff ...

The $60 billion budget for all of the different agencies within DHS is 10% of the total non-defense operational budget of the entire government. So anything the government does, there's a reasonably good chance it's part of DHS.

US-CERT is now part of DHS, and of course US-CERT is the #1 information security organization. One thing CERT is doing is dispensing DHS grant money to pay universities to develop free cybersecurity courses http://niccs.us-cert.gov/ . Some of the courses are quite good.

This is the entire reason that the Department of Homeland Security was created, to bring all intelligence about threats to the United States under one body.

That's not true... The DHS absorbed INS, USCIS, Customs, Border Patrol, Coast Guard, Secret Service, and probably some other notable stuff I'm too lazy to look up. If you need help spotting the theme, it's enforcement.

There may be more collaboration between members of the intelligence community, which DHS is a party to but that's not the reason DHS was created.

The problem with crazily-complex passwords is that if you can't remember them you write them down, and, at a stroke, have compromised security. One of the worst I've encountered is the U.S. Customs eAPIS web site, for sending advance information when you want to fly a private plane or sail a private boat to the U.S.

The other issue is that you risk locking out legitimate access.

My bank does the password plus security question thing. My security questions (you can make up your own) are more than a little interesting. :-)

...laura

Here's what the DOJ actually said. The rest was just the media going wild trying to mix together the statements of the DOJ with the claims of the Russians. The DOJ statement says nothing about him being "arrested overseas", just that he was arrested. This, and always was, a question for the Maldives government to respond to. And now they have.

Research in tracking heart rate and respiration using radio waves has been happening for decades. Technology has progressed to the point where modern devices can detect a heartbeat through 30 feet of rubble or 20 feet of solid concrete: http://www.dhs.gov/detecting-h... . Chapter 2 of Jonathan S Burnham's 2009 MIT master's thesis seems to have a nice historical overview: http://hdl.handle.net/1721.1/6... . There probably are novel things about the MIT technology mentioned in the original post (e.g. lower power RF or better separation of individuals), but there is nothing new about tracking heart rate and respiratory rate through walls.

I think you're about 10 years behind on that one, smokey.

http://www.dhs.gov/fusion-cent...

The TSA and more broadly, DHS/CBP are most certainly doing that and have at international ports for YEARS.

My bank card PIN is four digits. It's not the year I was born, nor is it any other year (or other four-digit number, for that matter) that you will find in my personal information.

For computer passwords I like the "first letter of a phrase" algorithm, producing passwords like TbontbTitQ and MRwiTDtESSahtuwws. Or pick a phrase, l33t it up a bit, and come up with something like W1nd0ze1sTehSux0r3. Long passwords are good.

The worst public web site I've encountered for silly password requirements is U.S. Customs eAPIS, which you use to send your information if you're going to fly privately to the U.S.A. Not only does it enforce silly password requirements, it doesn't tell you about them until after you have typed in your new password and it tells you why your password sucks. Yes, I end up writing them down.

...laura

Then they've been failing to comply with their own standards - but I don't believe you.

The government provides the mission and funding, the private sector does what it does best.

Bribe senators & congressmen for contracts, inflate the costs to double or triple original estimates, deliver 20 years after spec while milking every dollar they can from the government? So, you want to turn NASA into the Defense Industry II?

At least the defense industry gets a workable budget.

2013 Estimated NASA budget : $17,000,000,000 - http://www.nasa.gov/pdf/632697main_NASA_FY13_Budget_Summary-508.pdf

Estimated cost of one year of the afghan war: $109,500,000,000 - http://www.google.com/hostednews/afp/article/ALeqM5gNQ3JbWwd6t-PzkuECkRJvsAlNkA

FY 2013 Intelligence Budget: $52,000,000,000 - http://apps.washingtonpost.com/g/page/national/inside-the-2013-us-intelligence-black-budget/420/

DHS 2013 Budget: $54,807,277,000 - http://www.dhs.gov/xlibrary/assets/mgmt/dhs-budget-in-brief-fy2013.pdf

We spend about 3 times as much on intel and spying on our own citizens than space research and capability

When you add in DHS it is 6 times.

A year of one war is almost 9 times the NASA budget.

This does not include all the other crazy defense spending. Even if NASA were completely axed today, it would not take even a tiny dent out of our national deficit. Cutting 'unnecessary' NASA spending is just a way to please ill-informed constituents, and make it look like our elected legislators are working to reign in spending. They are NOT.

Well, at least we can still afford to defend against Brown People.

Say something. I feel so much safer.

Regulation is mindless and wants to be followed to the letter. To make allowances for reality and the real world they need to have a lot of supplements and exceptions and then become so complex that no living person(dead or alive) will ever grasp them completely. So you need a lot of persons to manage those regulation and thus bureaucracy was born.

The queen bee of these superfluous bureaucracies has to be the DHS. I've been subjected to what they call CVI. Take a look for yourself:
http://www.dhs.gov/training-chemical-terrorism-vulnerability-information
Take that test and tell me what it accomplishes. Tell me what the issued certificate signifies. Tell me what is achieved by requiring such a certificate. This is all silly red tape and nothing more.

On top of that it seems to be implemented with the pinnacle of low-brow web frontend technology: Oracle Application Express. It is targeted at PHBs in yet another glorious effort to get professionals out of IT and let their secretaries do the application implementing stuff. Yet I wager some clever IT consulting business charged megabucks for this particular turd. I tried to break it in all the ways I know how to break bad Apex stuff and left it whimpering in a corner.
Regulations also tend to supplant common sense more and more. Especially if non-compliance is immediately considered a felony. By now it has become uncommon sense and should be put on a list for endangered species.

...is a post incident review with support people involved, and their management teams, along with directors and executive involvement

There are some useful training materials from Homeland Security on this. See the National Infrastructure Protection Plan One of the key points there is to focus not only on prevention, but fast recovery. You may want to have spare control units on site which can be swapped in if the main ones are corrupted, for example.

Actually, the rules surrounding private planes are pretty strict.
They're trying to make them even more so:
http://www.dhs.gov/general-aviation

Even as it is, there's a whole host of people who can turn up unannounced and check a number of things, including searching you and the airplane, without requiring a warrant, btw.

As I am given to understand it, the No-Fly list consists of a list of the names of known terrorists, terrorist suspects, and the aliases that they have used. Back in 2004, Senator Edward "Ted" Kennedy was stopped and questioned five times at airports because "T. Kennedy" was an alias used by a terrorist suspect. It took the senator and his staff more than three weeks to get his name removed -- a process likely to be more painful and time-consuming for the average individual who only has access to the DHS TRIP ('Traveler Redress Inquiry Program') site.

Click here to report anti-patriotic activities citizen! Remember, it could be a test, and Big Brother is watching! If you SEE something, SAY something!

Sincerely, your department of Homeland Security! (formerly ThinkPol)

My bad, I meant to include the source: http://www.dhs.gov/xlibrary/assets/budget_bib_fy2011.pdf

Behavior Detection Officers (BDOs): An increase of $20M and 350 BDOs (210 FTE) is
requested to further enhance TSAâ(TM)s Screening Passengers by Observation Techniques
program. The FY 2011 request includes a total of 3,350 officers, to enhance coverage at
lanes and shifts at high risk Category X and I airports, and expand coverage to smaller
airports.

[...]

Transitioned validated multi-cultural indicators of hostile intent, and demonstrated a
mobile device that enables TSA Behavioral Detection Officers to record observations,
automatically calculate behavior-based scoring, and share information among peers
and with supervisors in near-real time. This potentially saves TSA an estimated 60 -
120 FTEs.

You mistakenly believe that force of law is effective in privacy rights. http://www.dhs.gov/

If you want your car to be invisible to electronic monitoring, you must drive a car with no electronic capability. I suggest one of these http://www.legendaryfind.com/

Does your car have a license plate? ANPR will track that just fine.

You mistakenly believe that force of law is effective in privacy rights. http://www.dhs.gov/

If you want your car to be invisible to electronic monitoring, you must drive a car with no electronic capability. I suggest one of these http://www.legendaryfind.com/

But this is not "news for nerds" by any reasonable stretch of the imagination.

Unless it happened to you.

Secretary Janet Napolitano oversees the third largest Cabinet department and leads our nation's efforts to secure our country from terrorism to natural disasters.
http://www.dhs.gov/about-dhs

Arrington is an interesting person but it's a stretch to say the he's either a terrorist or natural disaster.

Seen this yet?

"The Circle Jerk is not a victimless crime. It threatens U.S. businesses and robs hard-working Americans of their jobs, which negatively impacts the economy. It can also pose serious health and safety risks to consumers, and oftentimes, it fuels global organized crime." Here is a link to Homeland Security's rationale: http://www.dhs.gov/topic/intellectual-property-rights [dhs.gov]

much more applicable

"The endless masturbation is not a victimless crime. It threatens U.S. businesses and robs hard-working Americans of their jobs, which negatively impacts the economy. It can also pose serious health and safety risks to consumers, and oftentimes, it fuels global organized crime." Here is a link to Homeland Security's rationale: http://www.dhs.gov/topic/intellectual-property-rights [dhs.gov]

"The Drug War is not a victimless crime. It threatens U.S. businesses and robs hard-working Americans of their jobs, which negatively impacts the economy. It can also pose serious health and safety risks to consumers, and oftentimes, it fuels global organized crime." Here is a link to Homeland Security's rationale: http://www.dhs.gov/topic/intellectual-property-rights

Fun with words.

"Intellectual property rights theft is not a victimless crime. It threatens U.S. businesses and robs hard-working Americans of their jobs, which negatively impacts the economy. It can also pose serious health and safety risks to consumers, and oftentimes, it fuels global organized crime." Here is a link to Homeland Security's rationale: http://www.dhs.gov/topic/intellectual-property-rights

I think they need to plug the tunnels to prevent them flooding, and the Department of Homeland Security agrees with me: http://www.dhs.gov/35000-gallons-prevention

`U.S. Secretary of Defense Leon E. Panetta has warned that the country is 'facing the possibility of a "cyber-Pearl Harbor" and [is] increasingly vulnerable to foreign computer hackers who could dismantle the nation's power grid, transportation system, financial networks and government'.

Assuming this is the case and not a pretext for getting a bigger budget, then it's largely self inflicted due to the excessive and compulsory use of Windows in finance, government and the DHS itself ...

The President has always had the right to directly command all agencies in the executive branch.

I didn't realize that ISPs and cell phone carriers were 'agencies of the executive branch', since this executive order, section 5.2 says the government can take over any/all 'privately-owned communications resources' as they see fit.

How about immigration law? This article seems to think the President overstepped his authority with this little gem signed by Napolitano.

This is from the DHS website: Link

I'm all for jumping down the government's throat for wasteful spending, but let's keep things in perspective. I also didn't see a link to the GAO report in the sensational article at the top . Here's a link to a GAO report: GAO Report I'm not sure if if is the one being described in the article, but this one came out in January.

Really, how many of you have been stopped at government checkpoints and asked to show your papers (except when leaving the country)? Further, if you failed to supply papers, were you under threat of arrest? How many of you have had your entire families deported or locked-up because of their religions or their views of the government? Can I call the feds and report my neighbor for being a collaborator if I want his house?

I'm not sure if you're trolling or not...

I live and work 100 miles from the border, and as such, i get stopped and asked for "papers" once a day on my way to work. If they are not in order, i am threatened with a "bad time".

And don't forget the DHS's "If you see something, say something" ad campaign.

In fact the DHS is setting up road blocks on highways as well. (not just border patrol). They are locking down air travel, and soon travel between states via road and rail. They control the coast guard, so you're pretty locked down that way as possible. Time to wake up and smell the "Terrorists won" blend coffee. You're going to need a lot of sugar to choke it down.

-AC

http://www.dhs.gov/ynews/testimony/testimony_1304456565968.shtm

http://en.wikipedia.org/wiki/Visible_Intermodal_Prevention_and_Response_team

The color thing has been dropped by DHS:
The National Terrorism Advisory System, or NTAS, replaces the color-coded Homeland Security Advisory System (HSAS).

The ISC is a little slow on the uptake, but isn't government.

With this migration, how long until we get warnings from DHS saying "If its not .com, its terrorists and you cant trust it!"

You mean like http://www.dhs.gov/?

And the DHS has what business of doing that, exactly?

Just a wild guess, but this is probably relevant: National Strategy for Pandemic Flu

P.S. Google is your friend.

Not having a passport never has prevented you from leaving any particular country.

http://www.dhs.gov/xlibrary/assets/whti_landseafinalrule.pdf
Start on page with with Paragraph I.A.1 which reads "Generally, U.S. citizens must possess a valid U.S. Passport to depart or enter the United States".

the people who post it ought to be on government watch lists.

Well that doesn't happen by magic, now does it? You've got to do your part first, citizen.

Link to some more sources people
http://cryptome.org/2012/01/0035.htm

http://www.dhs.gov/files/publications/gc_1281732303362.shtm#3

Remember, good American citizens...if you see something, say something. Be a good little Gestapo troop. If they have gay values, not traditional Christian values, let's get 'em jailed as terrorists.

nice one Mr Reductio Ad Absurdum

The Nazi German government would not have functioned without civilian snitch patrols(people who had to walk the streets to see those they don't like, but now only have to traverse Facebook).

Remember, good American citizens...if you see something, say something. Be a good little Gestapo troop. If they have gay values, not traditional Christian values, let's get 'em jailed as terrorists. We are already forcing our religion upon them now, let's take it home, back to the good ol' days of the crusades.

Yet you have no hard data to back up what you're saying do you.

"Between 2000 and 2007, the unauthorized population increased by 3.3 million, equivalent to an
average annual increase of 500,000 per year. "

I would call that number massive.

http://www.dhs.gov/xlibrary/assets/statistics/publications/ois_ill_pe_2010.pdf

I haven't been to the US since they introduced the eye scan for citizens of my home country at entry.

I call bullshit.

1. You're from the UK... not some terrorist backwater country.

Recent riots in Britain had few deaths (care to guess why and follow our example?)

2. US collects 10 fingerprints and a digital photograph:

The officer will scan your fingerprints and take your photograph with a digital camera.

http://travel.state.gov/visa/immigrants/info/info_1336.html
http://www.dhs.gov/files/programs/editorial_0525.shtm

There was a pilot program like 5 years ago where you could use an eye scan to speed through security (you had to signup for it and submit a scan before hand)... and that was never a general requirement, and it was discontinued.

As long as this nonsense exists, they'll be facing an uphill struggle. If you're a US citizen, go there, click the Apply button at the bottom left, pretend you're from the UK, and see how long it takes you to get to the point where they want money from you ($14 IIRC). After that, you have to wait to see whether you'll evn be allowed to come to the US and be fingerprinted like a common criminal. Now do it again for the wife and kids, because I didn't see any way to fill that out for a group (but I may have missed it). Oh, and this is for countries within the Visa Waiver Program.

Faced with that, I bet a nice holiday in Europe starts to look a whole lot more attractive...

in nazi Germany people rated others out

If you see something, say something

And this is precisely what is wrong.

If you see something, say something

While I don't like the Terrorist Screening Database operated by the FBI, this story is off the mark by making it sound like DHS is setting up a new list; which they are not. They are looking to improving how they get the information from the TSD. Read the abstract here:

http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_dhs_wls.pdf

Thanks for the link, but I think it is you that are way off the mark: the uttermost important thing to the matter is not how accurate the information is, but the fact that nobody from the civil society will know if they are or are not included in that database, much less how accurate the information is.

Not very different from the files gathered and stored by every secret police (or "State Security" organisation, like STASI and KGB) used to. And I can guarantee you: the STASI/Securitate/KGB/Gestapo files were accurate enough for the purpose.

While I don't like the Terrorist Screening Database operated by the FBI, this story is off the mark by making it sound like DHS is setting up a new list; which they are not. They are looking to improving how they get the information from the TSD. Read the abstract here:

http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_dhs_wls.pdf

You put the fire extinguisher in your house by choice ... or you may choose to throw them out. You still have the freedom to make that choice, no matter how irrational I or the gub'ment may think it is.

However, there is an analogous intrusion creeping into home building. Many municipalities, mine included, now require the installation of a residential sprinkler system with new construction. That *is* the TSA-intrusion-equivalent forced onto us by the government. You must have this sprinkler system or you are denied a building permit. Hey looky, that URL is disturbingly familiar ...

Not like anyone cares, but I found the new and improved final ruling about data retention:

TSA will retain the data it receives in accordance with record schedules approved by the National Archives and Records Administration (NARA). TSA will retain records for individuals who are not a match or potential match to a watchlist for one year after the individual no longer has access. In addition, for those individuals who may originally have appeared to be a match to a watch list, but subsequently cleared, TSA will retain the records for at least seven years, or one year after access has been terminated. For individuals who are an actual match to a watch list or otherwise determined to pose a threat to transportation security, TSA will retain the records for 99 years, or seven years after TSA learns that an individual is deceased.

http://www.dhs.gov/xlibrary/assets/privacy/privacy_pia_tsa_twic_fr.pdf