Slashdot Mirror
Airport Monitoring of Travellers via Blackberry
glhturbo writes "According to this article in Mass. High Tech, Massachusetts State Police stationed at Logan Airport will soon have access (via Blackberry handhelds) to "7 billion records" containing information on "nearly 98 percent of the U.S. population, including, for example, a person's prior residence and with whom he or she lived, criminal information, court filings, vehicles owned, and even restricted government data." The database is from a Massachusetts company, LocatePlus, started by a former policeman who was "on the waiting list for the FBI". Seems like a good tool, but major potential for abuse, and hopefully no false identifications."
If this is wireless I can see someone stealing one of these little suckers, getting the encryption code, and getting access to tons of info they shouldn't have. I could be wrong...just a speculation that made my eyes bigger for a second while reading this.
Two roads diverged in a wood, and I - I took the one the bus load of girls just went down.
... I should get to know the same information about the people "screening" me.
Speak truth to power.
Why would terrorists do the "airline" approach anyway? They know how more secure it is than ever before and they probably have a different plan now. And even if they do that approach, I don't think they will only rely on shaving their beards.
Once the government lists them on ebay in 3 years after "forgetting" to erase the access to the database. This sounds like a case of too much important info in the hands of too many incompetent people.
Eh? Is it 1984 or 2004? These days I just can't tell.
I think the editor misspelled "incredibly
fucking evil".
That's why I stopped flying.
-I like my women like I like my tea: green-
I trust 99.9% of cops. But not ALL of them. Here, we're putting a VERY powerful tool into the hands of any state police officer.
The question is, do they need instant, portable, unrestricted access to such a tool? And the answer is, no, they do not.
This is the equivalent of giving everyone who needs to use your computer access to the root account.
paintball
I saw this demonstrated on a Pocket PC about a year ago. I'm pretty sure it works through the normal cell network. They can pull up all your information based on your name, license plate, driver's license number, etc. I thought it was just for Mass. residents but I could be wrong. Doesn't seem any worse than "running your numbers" through a dispatcher, it just takes less time so it makes the police more efficient.
Like, I won't arrest you if you pay me 10k.... Or I won't tell your wife you've been living in an apartment in Florida with an unmarried woman...
The potential for abuse is just enormous.
However, this kind of capability is not going to go away. What we need is a structure in place that will ensure that no abuses take place. It's a cliche, but we need a monitor of the monitors...
Here's another one (but appropriate): who will monitor the monitors of the monitors?
You can pretty safely assume that if someone has access to a database and something to gain, and no chance of being caught (i.e. no auditing of queries), they will use the information.
When I can find out Bill G's home address, Dick Cheney's driver's licence number, George's arrest record, and Ken Lay's bank balance - then I'll say it's fair.
Anyone who says this is not ripe for abuse is a shareholder.
hopefully no false identifications
"Hope is not a plan."
Makes me seriously want to live off the grid. I do not feel any more secure knowing some hack has information on 98% of the U.S. population on a glorified palm pilot, what if this device "walks away"? All that info in the wrong hands (ACTUAL BADGUYS, id thieves, spammers, etc) is scary. I hate the fact that when 19 foreign citizens do some bad shit, 300 million legal Americans have to pay for the incompetance of our government to stop it. It is a classic kneejerk reaction, the current administration has eroded 200 years of balanced liberty and security in 4 years, that has to be some kind of record. I feel less safe, and downright ashamed of our preemptive attacks and feeble attempts at nation building. The way the little guy has taken it in the ass in these past 4 years is astounding. Where to begin? The overtime ripoff, outsourcing, tax cuts for the rich, PATRIOT act, PATRIOT II, TIA, DMCA, "show me your papers", and that is just the beginning. I would vote for Nader if I thought he could actually win, so I will vote for Kerry instead. Mr. Kerry has actually come out with stances on issues, most of which I agree with. I was worried he was not going to have any discernible viewpoint on anything for a second.
I hate sigs.
Since when has a password stopped anyone from accessing "protected" data?
It's disturbing enough that all this information on us is available to someone who just has to pass a "basic" background check. It's even more disturbing that these people will have access to my ex-girlfriend in college that I haven't spoken to in 10 years.
So, what if the data is wrong? I'd say the results would be worse than identity theft or a simple bad credit report.
With ID theft, bad data gets attached to you and affects your ability to find jobs, get loans, rent housing, etc. But, it only affects you (perhaps also a spouse). You can get your data and try to fix it. Takes 200 hours and never quite finishes, but you have rights and the credit agencies have duties.
With this system, bad data will affect you and your ability to travel. The government has admitted that it has no responsibility to fix bad data in government files. So, you'll have few to zero chances to fix it. And the best part is bad data about you will creep out to taint anyone you've associated with. If you look bad, then so do your old roommates. And your new business partners. And whoever you call regularly. So now grandma will get a free breast cancer screening whenever she flies (mmmmm. Wand searches).
From my favorite essay written by a precog on privacy post 9/11( the former Canadian privacy czar's excellent essay), as I commented here in this thread on airlines gave away your privacy (and it definitely applies to those of us in the US, he's warning Canadians not to do what the US was doing already):
"[gives example of Canada wanting to collect data, US style]... This is unprecedented. The Government of Canada has absolutely no business creating a massive database of personal information about all law-abiding Canadians that is collected without our consent from third parties, not to provide us with any service but simply to have it available to use against us if it ever becomes expedient to do so. Compiling dossiers on the private activities of all law-abiding citizens is the sort of t
A: This service has zero info that you shouldn't have. It's all public records, the scary part of this service is that they seem to have most of the nation's public records about individuals assembled in an easy-to-query form.
The fact that info is public record does NOT mean that it's OK to assemble it with OTHER information that is ALSO public record and make the result - or even the original public records - available at electronic speed.
One of the big objections to the creation of the Social Security System was that the SS# would serve as a universal identifier, making it easier to assemble dossiers of individuals from diverse public records. This almost killed the program - which was eventually passed on the promise (among others) that the nubmer would NEVER EVER EVER be used in that way.
Remember that this was before WWII, which means before computers and even xerography. ("copying" was, at best, thermofax, blueprint, or photography.) AND in the midst of the "Great Depression", with its starving masses of people (including the elderly) who had just gone bankrupt and lost their homes, farms, and businesses in a pre "welfare" system environment.
Can you IMAGINE how concerned they were to consider blocking the creation of the SS system JUST to prevent the hand-construction and misuse of manual dossiers composed of public information?
The US classified information rules DO classify the JUXTIPOSITION of certain publicly available unclassified information - whenever this juxtaposition hints at something that IS sensitive. This happens in nuclear physics, radio, and several other fields. Why should individuals be any less protected from combining public information in a way that stips more of their privacy than the individual records standing alone?
= = = =
Databases run in their private time by policemen or retired policemen were, back in the '70s, a dodge to get around new laws banning ilicit governmental record keeping. These laws were passed after the government's investigative agencies at all levels (FBI, Military Intelligence, State/County/City police) went 'WAY out of bounds on domestic surveilance and so-called "dirty tricks" against people suspected of participating in the civil rights and anti(vietnam)war movement. (See COINTELPRO for an example.)
They were SUPPOSED to destroy the ill-gotten info. But instead some of them absconded with it and set up for-profit companies to maintain it and sell access back to the very police departments that weren't supposed to have it. This let the departments continue to use it and CLAIM that they didn't have it.
So this one is run by a former policeman, eh? Any bets on whether it's a modern continuation of one of those ilicit databases?
= = = =
Dylan said you had to pay to keep from going through these things twice. Well we DID pay and we're STILL going through them again! B-(
B: Since this company charges by the query, too many queries from a device will likely cause that device quickly be deauthorized by whomever's paying the bill.
Aren't we talking about the Federal Government's Homeland Security boondoggle department? Somehow I doubt that breaking the US budget is an issue.
Bantam Dominique roosters crow a four-note song. Once you've heard it as "Happy BIRTHday" you can't NOT hear it that way
This is true in aggregate. I know they are few and far between, but there are people alive who will stand on principal even if they have something to gain and there are no consequences to their actions.
- These tools/extended rights will be abused.
- They won't help to prevent terrorist attacks.
How many terrorists are US citizens? Even if they previously they student visas, etc, terrorist groups just have to stay out of the US until right before the attack. There will be no records on them, and hence this does nothing to prevent them from pursuing their actions.But now there is this huge pool easily accessible information out there, just waiting to be used for other purposes.
Anyway, IMHO there will never be an attack like 9/11 again, because on 9/11 the terrorists relied on the will and hope of the passengers to stay alive. Now, if a plane is hijacked the passengers will have to assume that they will die, hence it will be impossible to control them (what would you threadten them with?) That's what happened to the 4th plane on 9/11 when people on the plane learned about the other attacks via cellphone.
Which brings us, again, to the question: "Is the universal and effective law enforcement desirable?" If, suddenly, there was a method for the police to promptly find and arrest everyone they needed, would it be a good thing to have (even if we ignore the potential abuse problems)?
Before you say: "Yes!" -- consider the fact, that the US' Founding Fathers were, most certainly, breaking the law(s) of the British Empire and committed treason...
In Soviet Washington the swamp drains you.
So...if you have a kid, that kid is screwed. Or even better, if you know the first name of the mother (of whomever's identity your trying to steal), you can then easily find HER maiden.
What a great system. No potential for abuse. Nope none. Because only law enforcement, private detectives and COMPANIES (not specified) can get access to this info.
-Ian
it was only a matter of time. All of the "services" that LocatePlus offers are matters of public record, which means that by the law you, I, or any jackass Orwellian fascist w/ a frutrated Big Brother complex ( *ahem* Jon Latorella - that's you bub! ) can access them and do whatever the hell he wants with them.
If you want an example of how available these records are now, check out Adams County Records. I've used them before to see if charges had been filed on friends, etc. So it's not hard to get, especially in the "digital" age.
What is scary is the fact that our society ( and our judicial branch in particular - which should be motivated by an evolving sense of ethics and morality, which, well, DOESN'T SEEM TO BE FUCKING EVOLVING to cope with our changing world ) doesn't seem to be able to prevent these abuses. Because a private citizen ( or a government agency, for that matter, but they have a lot of liabilities under the law that private citizens don't, that limit their abuses ) compiling a database from public records ( which aren't always accurate ) and then selling it to government agencies ( which is now probably excused for their mistakes due to the fact they were using "someone else's system" ) is most definitely an abuse. It's the basest whoring of public information that I can possibly think of.
Which beggars another question : if we were as intelligent and moral as we suppose, why haven't we done the following :
1) rather than releasing records freely, release them under a public license, similar to the GPL. Since they would have to be copyrighted to be released under a license, why not copyright each citizen's information to that person, and their relatives owning their copyright when they die? Yeah, it sounds sick in a way - you're copyrighted, dude ! - but it would prevent commercial and governmental abuses like this. Your information is copyrighted to yourself, freely available under the Citizen's General Public License or some such shit, and any sentencing, divorce, etc., is an addendum to the copyrighted work - namely YOU. And you have to authorize any use of your records which involves commercial profit.
2) Made laws disallowing the use of public records for direct commercial gain.
3) Passed laws that required private and public agencies furnishing public or private information to other agencies to be be directly culpable for all misuse, negative repurcussions, etc., that result from any inaccurate or outdated information that they provide. This one rings home with me particularly strongly tonight, since I just found out that 2 medical bills that I paid over a year ago still show up on my credit as unpaid debts. There's no accountability there, even though I've badgered these bastards before to update their records.
Yeah, making laws doesn't always solve a problem, but making the right ones will. Stop telling people who they can fuck, how they can get high, stop giving money to religious "charities", stop supporting people that are unwilling to work but still willing to reproduce, legislating the RIAA's paranoid crusade about whether I can copy a fucking DVD or not, and start making some laws that pull that metaphorical boot off of our face. Because I only see it getting worse. And this is the really goddamn scary part kids :
I see it getting a whole worse before it gets any better.
PC moderators can suck my White pierced, tattooed dick. If you think pride == hate, s/dick/Aryan meat mallet/g.
I really do not understand this. A fair percentage of violent criminals have no prior record before they commit their offenses. I am sure the same goes for terrorists. You have a student over here learning and then he is told to do a suicide mission or release some nerve gas. No one is really watching this fine upstanding person under 30, bright, personable.
I mean, none of the 911 terrorists were being investigated and all had current papers to be here legally.
Click here or here.
Even if a court rules that you were within your rights to refuse to give your name, you'll get arrested, do some jail time, and have the burden of proof to be freed. The "mistaken" arresting cop will have done nothing but "waste" their time dealing with a harmless citizen, rather than face an actual criminal with a gun for a while. The Supremes also ruled this month that the President can lock up people he doesn't like, without evidence, without charges. Although you're theoretically entitled to a lawyer, you'll have to go to court (without a lawyer) to get one. These are the people who elected our President.
--
make install -not war
In OSS, espousing "anti-obscurity" means "supporting transparency of the *mechanism* for protecting the data".
It doesn't mean "supporting transparency of the *data*".
Your logic implies that it would be ok for security policies to allow anyone to have read-only access to our bank statements, health records, etc.
College students might have their "permanent" (home) address for taxes, one or more local addresses per year for school (and voting), and perhaps also a POBox. If they have a credit history, it won't necessarily keep up with their moving around. So from the point of view of BigBroBrand database, they'll look dreadful.
The unemployed also might use more than one address that shows up in the database (renting a POBox to appear like a local when applying for jobs, or using a friend's address).
All to say I'm not happy that they're using data on "how good are you at moving small green pieces of paper around?" gathered by private companies to guess "how risky is it for us to give you more green pieces of paper?" as a proxy for "how established are you in a neighborhood?" to let the government guess "how risky is it for us to let you travel around?" (...On the whole its those private companies being handed planet-sized bundles of green pieces of paper to continue tracking you that are happy: they themselves don't get tracked, much.)
What makes you think the password won't be written on the back cover of the Blackberry?
Seems to me this becomes more likely if "strong" passwords that rotate often are used.
See here.
The Census Bureu's Take on it is:
See here.
The problem that I see with these things is that the database is maintained by cross-linking private data of likely dubious validity so we have know way of knowing if the false positives/negatives are even within reasonable bounds. Remember what heppened in florida when many african-american voters were mistakenly "scrubbed" from the rolls and denied their rights to vote? What guarantee do we have that "bad data" (as the peole in florida assert) or deliberate falsification (as others have charged) will prevent otherwise innocent people from flying.
But, more importantly, the article makes no mention of controls, not only ensuring that a connected device is not stolen but that the data will not be misused by some guards who are seeking to stop all muslims. The potential for abuse in both forming the databases and in using them is frightening. Suppose the number of african-american men, or chinese people, or muslims who are stopped at the gates goies up even a little, who will be keeping an eye on that and keeping the airport honest? The Airport itself?
Lest we forget, the reason that the FBI doesn't have a database on 98% of Americans including past locations, etc is that, up until now, being innocent of a crime meant that you were entitled to some measure of privacy, and, that the goal was to curb abuses of police power not aid and abet them.
biometric encryption eh?
what was the last count of undefeated biometric id systems? somewhere around zero wasn't it?
Anyone, not even having to be a PI, can get their hands on much of this information about anyone who hasn't taken a lot of steps to avoid leaving so many cookie crumbs. That it has been organized for more convenient access was just a matter of time. We need to insure some things:
a) that the information is accurate;
b) that we can examine our information for accuracy and there is a way to correct it;
c) that there are stringent laws governing the use of this information;
d) that there are workable procedures for reporting abuse and taking legal remedies against abuse.
The above will not make us completely safe of course. But they are necessary steps in the right direction in this world of dense information flows.