Slashdot Mirror

You might be thinking of this rather hilarious case.

The drives in question did, in fact, have FIPS 140-2 validated hardware AES implementations. So far as anybody has bothered to find out, basically bulletproof, plus a case design that at least makes it obvious when somebody has tried to crack it open.

However, and this is where things go straight into dailywtf.com territory, Authentication was handled as follows:

On insertion, authentication program autoruns from a small unencrypted partition.
User is prompted for password.
Program(running on hostile untrusted computer, mind you) verifies password, I assume against a stored hash.
If password is good, program sends a "password good" string to the drive, telling it to open up.

The same "password good" string is always used, across all drives using this implementation. It is therefore trivial to either attach a debugger to the password verification program, and force it to always return "password good", or write a little libUSB stub that just sends the drive a "password good" when a device with the appropriate ID shows up.

So, yeah. Inside the hardware blackbox, everything was just fine and dandy as far as we know. Anybody who isn't a Real Serious Expert would probably have a bitch of a time if they attempted a chip-level attack on the AES key itself. However every drive would open itself, using its securely stored AES key, in response to the exact same signal from the host computer.

And that is what happened with the vendors who bothered to get FIPS 140-2. Just imagine what the guys who are just slapping a "OMG AES!!!!" sticker on the box are up to...

Yeah, those are much better! http://www.schneier.com/blog/archives/2010/03/usb_combination.html ;)

Ooops, let's try this again

Schneier on Security - Who Should be in Charge of U.S. Cybersecurity?

  . . .

            the NSA's dual mission of providing security and conducting surveillance

            means it has an inherent conflict of interest in cybersecurity.

  . . .

This essay from Bruce Schneier goes directly to this issue:
http://www.schneier.com/essay-208.html

Government has a lot of power over you. Whereas you as an individual have very little power over the government. To balance things out, large/powerful entities should be transparent. Smaller entities and individuals get to have secrets (privacy).

The basic problem with this and many similar measures is not that people disagree with the *intent* of the changes, they disagree that there is a connection between the intent and the action.

Having IDs which are harder to fake is probably a good thing. Fake IDs are the source of much fraud, and fraud is a big problem. Let's do something about it.

Now ask yourself the following question: Would you support this measure if it cost money and made IDs easier to fake?

See Bruce Schneier for a thoughtful analysis.

Here, let me quote from that article:

[The National ID card system] won't work. It won't make us more secure.

In fact, everything I've learned about security over the last 20 years tells me that once it is put in place, a national ID card program will actually make us less secure.

Whenever anything like this comes up we keep asking the wrong questions. "We should ban liquids to make us safer", "we need to take naked pictures of all airline passengers to make us safe", "we should let border guards rifle through everyone's PCs to make us safe".

Everyone wants to be safe, there's absolutely no doubt about that, we should be in favor of all these measures.

But do you support expensive naked-photo camera systems if they make us *less* safe? Again, thoughtful commentary from people who have to actually make a living at this sort of thing is instructive.

Stop distracting us with the intent and convince us of the effectiveness.

Given that German has already gone and adopted an absurdly vague and overbroad law aimed at "hacking tools", I wouldn't really describe somebody hypothesizing that other jurisdictions might do so in the future as "paranoid".

Perhaps ultimately more dangerous(because they tend to be subtler) are situations where no law ever bans something, per se; but some quiet mixture of contractual, legal, and technical pressure effectively prevents it anyway. Consider SDI for an instance of that. A digital video transmission standard, available well in advance of HDMI, that was frozen out of the "Consumer" market entirely. It's not like possession was illegal or anything; but most people never even heard of it, nor was it available on any broadly affordable hardware.

In the case of something like debuggers, I'd be very surprised to see any sort of legal ban; but the technological/private sector contractual de facto neutralization is an eminently plausible scenario. Already, in recent versions of Windows, any media application that requires the "Protected Video Path" will throw a fit if there are any unsigned drivers loaded that could compromise that path. An analogous "Protected Execution Path", provided by the OS for programs that didn't want anybody else debugging them or looking at their memory, hardly seems implausible. Not to mention, of course, the increasing percentage of consumer-level computer activity that is occurring on devices were being able to run arbitrary programs isn't even an expectation. Not much debugging going on on Xbox360s, and debuggers don't have to be illegal to not be available through the App Store.

There will always be gaps, of course, for the sufficiently knowledgeable, motivated, and well equipped; but a largely opaque consumer level computing environment seems like an unpleasantly plausible prediction.

As such, you really cannot assume you haven't been rooted just because someone got access only as a given user.

Well, how surprising. Isn't that why they are called "privilege escalation" vulnerabilities?

Many linux people seem to disregard local root vulnerabilities

Which only shows us that PEBKAC isn't a Windows-only problem. How true.

What is true, or at least was true up until at least Vista, is that Windows effectively only had one level of protection. Privilege escalation vulnerabilities were much, much more common on Windows systems than on Linux systems (partially because of Microsoft bugs, but mainly because of the fact that (practically) all third-party software was installed with administrative privileges and a ton of third-party software was useful for attaining privilege escalation).

Every security briefing I've been to they say don't write your password down on a piece of paper.

Bruce Schneier disagrees with you and your security professionals.

one of the guys couldn't establish a PPTP connection

PPTP? People should know better. PPTP is very weak. OpenVPN and IPSec are much better all around.

One of the consequences of the second law of thermodynamics is that a certain amount of energy is necessary to represent information. To record a single bit by changing the state of a system requires an amount of energy no less than kT, where T is the absolute temperature of the system and k is the Boltzman constant. (Stick with me; the physics lesson is almost over.)

Given that k = 1.38×10^-16 erg/Kelvin, and that the ambient temperature of the universe is 3.2Kelvin, an ideal computer running at 3.2K would consume 4.4×10^-16 ergs every time it set or cleared a bit. To run a computer any colder than the cosmic background radiation would require extra energy to run a heat pump.

Now, the annual energy output of our sun is about 1.21×10^41 ergs. This is enough to power about 2.7×10^56 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all its energy for 32 years, without any loss, we could power a computer to count up to 2^192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.

But that's just one star, and a measly one at that. A typical supernova releases something like 10^51 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.

These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space.

Source: http://www.schneier.com/blog/archives/2009/09/the_doghouse_cr.html

The above text applies to symetric-key cryto, such as AES, and it's slightly different for asymetric-key algorithms (they are less secure than their keysize would suggest compared to most symetric-key algorithms) such as RSA. With quantum computers, public key will be pretty much screwed, but symetric-key should be safe for the forseeable future (and that is more than enough for almost every situation).

Did he pass that off as his own idea? Because I think it's not

Blurring often isn't enough to remove the information.

http://www.schneier.com/blog/archives/2007/01/how_to_recover.html

Expensive Cameras in Checked Luggage

Slashdot. Your source for news that is:
a) 4 years old
b) 4th hand (Bruce was 2nd hand, LifeHacker is 3rd hand)

Okay.

Exactly. See: http://www.schneier.com/blog/archives/2010/02/more_details_on.html

The rumor that China used a system Google put in place to enable lawful intercepts, which I used as a news hook for this essay, has not been confirmed. At this point, I doubt that it's true.

Seriously slashdot, you're not even trying. Although, I have to say it was somewhat irresponsible of Schneier, who in general I have enormous respect for, to write an essay predicated on an unconfirmed rumor.

The rumor that China used a system Google put in place to enable lawful intercepts, which I used as a news hook for this essay, has not been confirmed. At this point, I doubt that it's true.

The original essay, linked to in TFP, is dated January 23rd; the update I quote from is from February 8th.

Whoever wrote that letter is obviously a fool. But show up, and bring a camera, preferably a camera crew, and some gelatin. Then replicate this experiment described by Bruce Schneier.

http://www.schneier.com/crypto-gram-0205.html#5

OK, I've actually never faked a fingerprint myself. But I've read about research on it in Bruce Schneier's blog:

      http://www.schneier.com/crypto-gram-0205.html#5

Care to guess what the batting average of most fingerprint readers was against someone trying to fool them?

(Answer: the eleven commercial fingerprint ID systems, together, wouldn't defeat my son's blindfolded Little League team.)

As I see it the problem isn't so much that it's just another "picture", it's the fact that your fingerprint is high-value.

The huge level of implicit trust given to fingerprints by the government means that a fingerprint is considered absolute proof of identity. Show me a company that produces a foolproof fingerprint scanner and I'll show you a company who has only ever had themselves test their product. Anyone can invent security that they cannot crack, it takes a whole hell of a lot more work to create security that nobody else (or a reasonably high proportion of everybody else) can crack.

These things are not infallible, and when they fail, or are cracked/bypassed, well if it was your fingerprint - too bad, you've just been pwned for the rest of your life. You can't get another fingerprint.

I'm sorry to break this to you, but no biometric is reliable, either in the capture, or the matching to a database. The systems are vulnerable to attack and abuse. The privacy angle isn't always about what you are giving up today - it's about what you will be giving up tomorrow, next week, next month, next year. It's about the appalling level of trust given to so called high-tech products that claim to give everything but in reality give nothing of practical value.

anime-expo.org engadget.com anishshaikh.com schneier1 schneier2 schneier3 schneier4

As I see it the problem isn't so much that it's just another "picture", it's the fact that your fingerprint is high-value.

The huge level of implicit trust given to fingerprints by the government means that a fingerprint is considered absolute proof of identity. Show me a company that produces a foolproof fingerprint scanner and I'll show you a company who has only ever had themselves test their product. Anyone can invent security that they cannot crack, it takes a whole hell of a lot more work to create security that nobody else (or a reasonably high proportion of everybody else) can crack.

These things are not infallible, and when they fail, or are cracked/bypassed, well if it was your fingerprint - too bad, you've just been pwned for the rest of your life. You can't get another fingerprint.

I'm sorry to break this to you, but no biometric is reliable, either in the capture, or the matching to a database. The systems are vulnerable to attack and abuse. The privacy angle isn't always about what you are giving up today - it's about what you will be giving up tomorrow, next week, next month, next year. It's about the appalling level of trust given to so called high-tech products that claim to give everything but in reality give nothing of practical value.

anime-expo.org engadget.com anishshaikh.com schneier1 schneier2 schneier3 schneier4

As I see it the problem isn't so much that it's just another "picture", it's the fact that your fingerprint is high-value.

The huge level of implicit trust given to fingerprints by the government means that a fingerprint is considered absolute proof of identity. Show me a company that produces a foolproof fingerprint scanner and I'll show you a company who has only ever had themselves test their product. Anyone can invent security that they cannot crack, it takes a whole hell of a lot more work to create security that nobody else (or a reasonably high proportion of everybody else) can crack.

These things are not infallible, and when they fail, or are cracked/bypassed, well if it was your fingerprint - too bad, you've just been pwned for the rest of your life. You can't get another fingerprint.

I'm sorry to break this to you, but no biometric is reliable, either in the capture, or the matching to a database. The systems are vulnerable to attack and abuse. The privacy angle isn't always about what you are giving up today - it's about what you will be giving up tomorrow, next week, next month, next year. It's about the appalling level of trust given to so called high-tech products that claim to give everything but in reality give nothing of practical value.

anime-expo.org engadget.com anishshaikh.com schneier1 schneier2 schneier3 schneier4

As I see it the problem isn't so much that it's just another "picture", it's the fact that your fingerprint is high-value.

The huge level of implicit trust given to fingerprints by the government means that a fingerprint is considered absolute proof of identity. Show me a company that produces a foolproof fingerprint scanner and I'll show you a company who has only ever had themselves test their product. Anyone can invent security that they cannot crack, it takes a whole hell of a lot more work to create security that nobody else (or a reasonably high proportion of everybody else) can crack.

These things are not infallible, and when they fail, or are cracked/bypassed, well if it was your fingerprint - too bad, you've just been pwned for the rest of your life. You can't get another fingerprint.

I'm sorry to break this to you, but no biometric is reliable, either in the capture, or the matching to a database. The systems are vulnerable to attack and abuse. The privacy angle isn't always about what you are giving up today - it's about what you will be giving up tomorrow, next week, next month, next year. It's about the appalling level of trust given to so called high-tech products that claim to give everything but in reality give nothing of practical value.

anime-expo.org engadget.com anishshaikh.com schneier1 schneier2 schneier3 schneier4

Believe me, you are better off without it.

In almost related news, ok ok not really, check out http://www.schneier.com/blog/archives/2010/01/tsa_logo_contes.html

It's funny. Promise.

For example, he complains about weak encryption because it's 'only AES-128 and you can't change that', except that since 10.5 it's been AES-128 or AES-256, even AES-128 is more than secure enough....

Actually, because of the way that AES-256 and AES-192 were implemented, AES-128 is actually MORE secure than AES-256 (or AES-192). IANAC (IANA Cryptologist); but I just finished a project where AES-128 encryption was used, and one of the whitepapers I read said that AES-192 and AES-256 were kind of a kludge, and was actually far more susceptible to a certain class of attacks than AES-128.

[citation needed]

The six year archive of schneier's blog?

http://www.schneier.com/

It often seems that the closed source crypto marketplace in a binary state, either publicly known as snake oil, or not yet publicly known as snake oil. After being burned a zillion times, it seems its all snake oil.

PGP Inc.'s stuff is "a proprietary tool from a big and famous manufacturer". Has the source to their 'enterprise' products been released and inspected? Should we not trust PGP? (BTW, Schneier is on their "Technical Advisory Board".)

What about the encryption used in RIM's products to transfer e-mails to BlackBerrys? The SSL use in IE? S/MIME in Outlook? RSA's SecurID tokens? STU-III/STE phones?

Take off your tin foil hat and think rationally.

[citation needed]

The six year archive of schneier's blog?

http://www.schneier.com/

It often seems that the closed source crypto marketplace in a binary state, either publicly known as snake oil, or not yet publicly known as snake oil. After being burned a zillion times, it seems its all snake oil.

This guy needs to be heard as much as possible.

So, your idea is to institute a computer network to stop people who are saavy at screwing with computer networks?

1. It would probably be illegal for the US government to require "drivers licenses" for general Internet use. The Internet is primarily a medium for the dissemination of speech, and the US government is prohibited from demanding that people obtain permission before speaking.

2. Even if done privately, requiring people to identify themselves for any and all uses of the internet is likely a bad idea.

Bruce Schneier had a pretty good takedown of this kind of argument just the other day.

Accept that you'll never truly know where a packet came from. Work on the problems you can solve: software that's secure in the face of whatever packet it receives, identification systems that are secure enough in the face of the risks. We can do far better at these things than we're doing, and they'll do more to improve security than trying to fix insoluble problems.

The past decade has been relatively safe for flying: http://www.schneier.com/blog/archives/2010/01/nate_silver_on.html and the scanners won't necessarily improve the security we already have: http://www.schneier.com/blog/archives/2010/01/german_tv_on_th.html. It's a bit of security theatre that at best is inconvenient and at worst is highly intrusive while probably making very little difference to the safety of passengers or those on the ground.

Nakedness will be on a "high pedestal" as long as it is culturally accepted or expected that we wear clothes for most activities (like going outdoors, even if this is minimal clothing in the summer). We'd need to start by changing the law on how acceptable public nudity is before we can hope to change people's views on their own and others' nakedness. This would have to be followed by a change in a lot of people's perception that nakedness is a sexual thing - an event (http://news.scotsman.com/nakedrambler/Naked-Rambler-locked-up-.3689718.jp) involving someone who doesn't want to wear clothes and was repeatedly arrested because of this demonstrated that many people think that the natural state is in some way threatening (radio phone ins revealed opinions that the guy was someone who we needed to be protected from - for not wearing clothes).

As for me - I think that we ought to have a choice of whether to wear clothes or not - which means a choice of whether to be seen naked (I have curtains on my the windows of my house). I won't be flying from airports with these scanners

The past decade has been relatively safe for flying: http://www.schneier.com/blog/archives/2010/01/nate_silver_on.html and the scanners won't necessarily improve the security we already have: http://www.schneier.com/blog/archives/2010/01/german_tv_on_th.html. It's a bit of security theatre that at best is inconvenient and at worst is highly intrusive while probably making very little difference to the safety of passengers or those on the ground.

Nakedness will be on a "high pedestal" as long as it is culturally accepted or expected that we wear clothes for most activities (like going outdoors, even if this is minimal clothing in the summer). We'd need to start by changing the law on how acceptable public nudity is before we can hope to change people's views on their own and others' nakedness. This would have to be followed by a change in a lot of people's perception that nakedness is a sexual thing - an event (http://news.scotsman.com/nakedrambler/Naked-Rambler-locked-up-.3689718.jp) involving someone who doesn't want to wear clothes and was repeatedly arrested because of this demonstrated that many people think that the natural state is in some way threatening (radio phone ins revealed opinions that the guy was someone who we needed to be protected from - for not wearing clothes).

As for me - I think that we ought to have a choice of whether to wear clothes or not - which means a choice of whether to be seen naked (I have curtains on my the windows of my house). I won't be flying from airports with these scanners

a society which does not allow a free exchange of ideas...

Interesting you say that. When MD-5 weaknesses were found the Chinese researchers were free to disclose them, even though that result had major security implications (cf. NSA and differential cryptanalysis). Yet those same researchers were denied US visas a year later

His article is short on sources

Agreed so I visited his blog and a recent post is equally scant. He points back to another blog post with a little more but really he's just pointing out the irony of a new proposed bill outlawing Google's collaboration with China in violating human rights issues. The irony being that the US has asked for similar backdoors from Google already.

So here's my problem: More frequently Schneier acts as a reputable news source 'breaking' a story without citing the originator of the information. This is fine when it's a big paper like the New York Times but Schneier runs a blog on security. That's it. He might be a first hand expert but if so why isn't he showing and describing his conclusive evidence that the US mandated backdoor is how Chinese hackers gained entry? There's no doubt the software is less secure with a backdoor -- by definition -- but when he says:

In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.

He better be able to back it up. And he reiterates:

China's hackers subverted the access system Google put in place to comply with U.S. intercept orders.

I just want to caution everyone that you're reading an opinion piece by a security blogger with no corroborating evidence. And on top of that, he has zero accountability. In fact, he says none of this on his blog, he leaves it as an op-ed on CNN. Read it like a strange click generating opinion piece and nothing more.

I have respect for the man but this certainly shakes that. Any concrete proof of this would be welcomed. The problem is I'm not sure how one would prove it one way or the other since I believe all the source in question is closed source to begin with.

His article is short on sources

Agreed so I visited his blog and a recent post is equally scant. He points back to another blog post with a little more but really he's just pointing out the irony of a new proposed bill outlawing Google's collaboration with China in violating human rights issues. The irony being that the US has asked for similar backdoors from Google already.

So here's my problem: More frequently Schneier acts as a reputable news source 'breaking' a story without citing the originator of the information. This is fine when it's a big paper like the New York Times but Schneier runs a blog on security. That's it. He might be a first hand expert but if so why isn't he showing and describing his conclusive evidence that the US mandated backdoor is how Chinese hackers gained entry? There's no doubt the software is less secure with a backdoor -- by definition -- but when he says:

In order to comply with government search warrants on user data, Google created a backdoor access system into Gmail accounts. This feature is what the Chinese hackers exploited to gain access.

He better be able to back it up. And he reiterates:

China's hackers subverted the access system Google put in place to comply with U.S. intercept orders.

I just want to caution everyone that you're reading an opinion piece by a security blogger with no corroborating evidence. And on top of that, he has zero accountability. In fact, he says none of this on his blog, he leaves it as an op-ed on CNN. Read it like a strange click generating opinion piece and nothing more.

I have respect for the man but this certainly shakes that. Any concrete proof of this would be welcomed. The problem is I'm not sure how one would prove it one way or the other since I believe all the source in question is closed source to begin with.

Here's two more "unique" glimpses into what kinds of passwords people use.
http://www.schneier.com/blog/archives/2009/02/another_passwor.html

Oh look another "unique" look at what passwords people use
http://blog.jimmyr.com/Password_analysis_of_databases_that_were_hacked_28_2009.php

This site gets dumber and dumber every day. The Onion insults my intelligence far less often.

"I think judgment matters. If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place, but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it's important, for example that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities."

Sorry, this does sound to me like one of those despicable and horribly misguided "if you have nothing to hide, why would you want privacy?" line.
I like Bruce Schneier's answer.

Let's try this again...without blown links (Need caffeine in the morning before posting

http://www.schneier.com/blog/archives/2008/12/forging_ssl_cer.html
http://www.checkpoint.com/defense/advisories/public/2009/cpai-31-Dec.html
http://www.win.tue.nl/hashclash/rogue-ca/

It ain't my job to Google you up your own argument.

What you have there are a few links about people being prosecuted for stealing Wi-Fi (not for providing WiFi where someone did something illegal), an opinion piece, a paper in a law journal speculating about liability for wireless networks in general, and a two year old bill in the House that never went to the Senate (and which is so broad that the Supreme Court would probably kill it with fire).

In fact, the peer-reviewed article doesn't help your point at all:

As demonstrated in the A&M Records, Inc. v. Napster, Inc decision, which involved vicarious copyright infringement liability of a peer-to- peer network provider, courts limit such liability to cases where the peer-to-peer network has "the right and ability to supervise the infringing activity and also has a direct financial interest in such activities." Regarding the right and ability to supervise, home-based WAPs typically do not come packaged with monitoring mechanisms that would facilitate the tracking of potentially infringing activity (assuming operators have a right to supervise such activity). In addition, although WAPs typically feature technology that allows the operator to block certain users, these types of functions usually require the operator to implement security options that the average user would probably avoid due to complexity and lack of automation. Regarding direct financial interest, given that those who deploy Wi-Fi residentially do so primarily to make the Internet more accessible within their own homes, it seems unlikely that home- based WAP operators would have any financial interest in infringing activities. Commercial HotSpot operators may have some indirect financial interest to the extent that infringing users may run up more access fees in their attempts to download infringing media files. Still, prevailing reluctance to impose responsibility on ISPs for harmful conduct committed by end users would probably protect these parties from contributory liability in this context.

It also mentions that you might violate your ISP's ToS by opening your WiFi, and that this may have legal penalties in some states (not mine, AFAIK, and I go out of my way to avoid that sort of ToS, anyway). But I guess making sure your links actually support your point was too much.

None of what you gave argues against my main point: that it's very unlikely that you'll actually be prosecuted for someone else doing something over your open WiFi connection, and this tiny risk is not worth the costs. Bruce Schneier agrees with this risk assessment.

The risk assessment works out something like this:

• There are a whole lot of open (or easily broken) WiFi connections, and some handful of people who want to use them without permission.
• Of the people who do, most will just want to check their email/facebook/whatever.
• Of the portion who will actually do something illegal, most will be downloading movies or music.
  • The RIAA/MPAA doesn't have enough lawyers to prosecute even 1% of these people, so it's unlikely you'll be caught in the crossfire
• A tiny percentage will then do something dangerously illegal, like child porn.

The last one get's all the headlines, but that's precisely because it's so rare. The consequences may be large, but the chances of that actually happening are minuscule.

If you can provide an actual argument against that, then I'm happy to read it. Preferably in the form of an actual decision against an open WiFi operator for something an uninvited user did. If you can't find such a case, that in itself is evidence that the risk assessment above is correct.

Too bad it's already been cracked.

The problem is the difference between "provably secure" in theory and practice. From recent news Schneier's blog reports on a quantum encryption system that was provably secure that has been broken.

Handing over information regarding a passenger's name, gender and birth-date may violate Canadian privacy laws

What's worse is that the TSA can't even get any of those three facts right in many cases.

Last Name: "Alphabetic, no numeric or special characters, except dash ( - ) and single quote ( ' ). Do not include suffixes (e.g., jr.). Truncate names longer than 35 characters to 35 characters".
First Name: "Secure Flight allows first initial only;" otherwise, same as last name. Honorifics are not to be placed in the name.
Middle Name: same as first name.

So if any of your three names doesn't perfectly fit this convention, you will be hit with a $100 Change fee, including if you don't have a middle name. This is particularily problematic for asian, greek, or many other nationalities whose names include special characters or when translated to english result in a name longer than 35 characters.

Gender: Once again, the TSA fails to account for any manner of diversity in the human population. Anyone who doesn't conform to the gender stereotype fixed to your official documents will be subject to additional (unwanted) attention. I wonder if they'll be offering sensitivity training for the crossdressers, transgendered, butch lesbians, and intersexed amongst us. And god help you if the Driver's Bureau screws up, or you live in a state that won't alter birth records after surgery, or one of a dozen other very real problems.

Birthdate: Did you know a lot of people who immigrate to this country don't know when they were born? In fact, in developing countries, it's quite common for people not to know their actual age. People assume a person's date of birth is a fixed thing -- how could you screw that up? And if you live in this country, you don't have to worry about this anyway. Well, remember that until the mid-90s the Social Security Administration wasn't so on about immediately registering newborns -- and did you know some people choose to have their kids at home? Some people don't get a birth certificate until they're five years old because parents just plain forget -- and for a variety of reasons, sometimes they fudge the actual date. Try getting this changed later -- it's fun.

In short, there's no real security being added here. All of it can be defeated quite easily in any event by putting a gun to the head of your wife, kid, or anything else you don't feel like losing. And as we make these security restrictions increasingly ethnocentric, the terrorists will adapt their strategies accordingly, because the payoff is so damn good! They sucked the US economy of trillions of dollars and all they had to do was crash four passenger planes. We offer the best "bang for the buck", literally and figuratively. It doesn't matter if they make it ten thousand times more difficult and expensive to pull another 9/11 job -- it's still an amazingly good deal for the terrorists.

Unless he is the Ass Bomber: http://www.schneier.com/blog/archives/2009/09/ass_bomber.html

It's well-known that people overestimate risks which they feel they cannot control, and underestimate those which they feel they have some level of control. Well, it's at least well-known to those who follow Bruce Schneier:

http://www.schneier.com/essay-155.html (see section "Conventional Wisdom About Risk")

CDMA uses the CMEA and ORYX algorithms, which are pretty weak as well, as shown in the linked papers.

That's presumably "CDMA" as in "Qualcomm's cdmaOne and CDMA2000", not "CDMA" as in "Code Division Multiple Access".

However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.

That sounds as if it's referring to "CDMA" as in "Code Division Multiple Access", Does it apply to W-CDMA as used in UMTS 3G networks (such as AT&T in the US and just about everybody in Europe)?

CDMA uses the CMEA and ORYX algorithms, which are pretty weak as well, as shown in the linked papers.

That's presumably "CDMA" as in "Qualcomm's cdmaOne and CDMA2000", not "CDMA" as in "Code Division Multiple Access".

However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.

That sounds as if it's referring to "CDMA" as in "Code Division Multiple Access", Does it apply to W-CDMA as used in UMTS 3G networks (such as AT&T in the US and just about everybody in Europe)?

Schneier has an nice write up of why those unencrypted feeds are in fact not a big deal, pretty interesting read. His logic seems pretty good, I'd actually agree with him that it is no big deal at all.

http://www.schneier.com/blog/archives/2009/12/intercepting_pr.html

No indicators, no action, as the number of indicators goes up, raise the response level to the appropriate level for the individual at hand. In other words, ACTUALLY USE THE RESULTS OF INVESTIGATION AND INTELLIGENCE IN A TIMELY AND APPROPRIATE MANNER. . .

This presupposes that the indicators are accurate. The TSA "threat levels" are nonsense. People get put on the TSA's lists simply because their names are similar to other people's names. People get beaten by border guards, or detained and interrogated for no apparent reason; want to know the reason, i.e., the "indicator?" -- you're not allowed to, because it's a secret.

I'm not criticizing you for disagreeing with Schneier. He's not a god or an oracle. But when you say "Bruce is only pointing out the obvious...," and then go on to contradict everything he says in the article, it does seem a little odd. Maybe we should check what he has to say about the "indicators" you want to put so much faith in -- "indicators" such as the TSA threat level and the no-fly list. You seem to be advocating strip-searching people because they show up on lists like the no-fly list. Schneier says the no-fly list is bogus.

No indicators, no action, as the number of indicators goes up, raise the response level to the appropriate level for the individual at hand. In other words, ACTUALLY USE THE RESULTS OF INVESTIGATION AND INTELLIGENCE IN A TIMELY AND APPROPRIATE MANNER. . .

This presupposes that the indicators are accurate. The TSA "threat levels" are nonsense. People get put on the TSA's lists simply because their names are similar to other people's names. People get beaten by border guards, or detained and interrogated for no apparent reason; want to know the reason, i.e., the "indicator?" -- you're not allowed to, because it's a secret.

I'm not criticizing you for disagreeing with Schneier. He's not a god or an oracle. But when you say "Bruce is only pointing out the obvious...," and then go on to contradict everything he says in the article, it does seem a little odd. Maybe we should check what he has to say about the "indicators" you want to put so much faith in -- "indicators" such as the TSA threat level and the no-fly list. You seem to be advocating strip-searching people because they show up on lists like the no-fly list. Schneier says the no-fly list is bogus.

CDMA uses the CMEA and ORYX algorithms, which are pretty weak as well, as shown in the linked papers. However, CDMA has somewhat of an advantage, because it's difficult to obtain the encrypted data stream in the first place: the nature of CDMA transmission means you can't pull a signal out of the noise unless you know the codes being used by the base station and handset.