Slashdot Mirror
US Visitors May Have to Hand Over Social Media Passwords: DHS (nbcnews.com)
People who want to visit the United States could be asked to hand over their social-media passwords to officials as part of enhanced security checks, the country's top domestic security chief said. From a report on NBC: Homeland Security Secretary John Kelly told Congress on Tuesday the measure was one of several being considered to vet refugees and visa applicants from seven Muslim-majority countries. "We want to get on their social media, with passwords: What do you do, what do you say?" he told the House Homeland Security Committee. "If they don't want to cooperate then you don't come in."
At least with FB it's against the TOS, and if you sign on from an unfamiliar IP, it would try other challenges to validate your identity.
I can imagine Facebook, Twitter etc. blowing up over this.
Besides, if they get password access how can they use ANYTHING they find as evidence of anything? They've got WRITE access, for crying out loud! The evidence chain isn't just poisoned, it's rotted right through.
-=This sig has nothing to do with my comment. Move along now=-
Maybe other countries will demand the same thing. I can see el Presidente Tweety giving up his password in the name of security.
Next up on the hit series "'Murica: Hell yeah!", the orange prez makes a scandalous law - all students are to get daily cavity searches.
While glove manufacturer stock prices are soaring, Homeland Security Secretary John Kelly tells worried students "If you don't want your rectum searched for contraband, just stay at home.
God-damn the news are getting entertaining.
Um... TFA said "We want to get on their social media, with passwords".
What you suggest will not allow them to "get on their social media". It's the same as telling them to go pound sand.
I'm not even sure how this is supposed to work. "Do you have any social media accounts?" "No." "Curses, Foiled again!"
or even worse, "Sure, I'm Anonymous Coward on Slashdot."
What are *chan users going to report?
Simple - you tell the visa applicant to give the DHS the real accounts and not the benign ones, otherwise they aren't allowed in.
Seriously though, I haven't logged onto my facebook account for about 18 months now - so that could flag up as being fake. That is if they could find it - I had the security settings locked down so that I can't even find it knowing my name and username.
People will just keep real and fake social media accounts. One for real stuff, and one for border control to ogle.
It must have been something you assimilated. . . .
Is it to be a requirement to hand over passwords to accounts that don't exist.
DHS: "Social media logins and passwords, please.
Victim: "I don't have any social media accounts. I don't want to be Zuck's product"
DHS: "BS! Everyone has an account! No entry! Cavity search!"
Or...
DHS: "Social media logins and passwords, please"
Victim: "here."
DHS: "These accounts are brand new, you must be a terrorist! No entry! Cavity search!"
USA doesn't want tourists visiting the country
or business people doing trade deals
I'm not surprised DHS is "considering" something like this. Certain gestapo elements in our government always are trying thuggish and ill considered tactics to make their lives easier. This is plainly a stupid and counterproductive idea to anyone with a functioning brain but the danger is real enough. The good news is that the companies affected (Facebook, Twitter, etc) have lots of money and flesh eating lawyers to fight such an over-reach by the government. I don't generally trust Facebook but I do trust their profit motive and DHS forcing people to hand over passwords is a clear and present danger to their bottom line.
If this behavior is permitted, then the social media sites need to start implementing read-only passwords for account. It is one thing to allow the US government to see everything n your account, and all your friend's accounts. It is an entirely different thing to allow the US government to act on your behalf with your account.
Sucks to be DHS. My FB password alone is like 255 random characters. What about 2FA systems? They can have the password, but they're not getting the token.
I'll just start using 128 character passwords, randomly generated from the non-ascii part of Unicode.
Just create a fake account with a crappy password or tell them you don't have a social network account. If they give you hell, tell them to prove it. If they can prove it, it's your own damn fault for posting about yourself online.
Don't forget those subversive Canadians! Them and their secrets around making good poutine or which beers taste best! Dude, you really have no clue do you. IF someone intending to do harm were entering the country, do you really think they will have social media posts about it or contain their devious plans on their phones or laptops? This just affects honest and decent people.
If DHS hasn't already scanned social media for jihadi, socialist, or subversive secrets, and linked them to individuals who can be identified on arrival in the US, then they HAVE NOT BEEN DOING THEIR JOB. Not one more tax dollar for security theater.
This is only if you're coming from one of the seven banned countries.
Only the State obtains its revenue by coercion. - Murray Rothbard
You are admitted to the US (and other Western nations) only if you can establish with reasonable certainty that you (1) will leave again, and (2) won't cause harm while you're here. If you come from places like Europe, the US uses your police records, surveillance data, credit records, and similar information to make that determination. If you come from places like Somalia or Yemen, reliable records are not available, and the US is trying to use social media profiles as an unofficial substitute. I think that's a bad idea. Social media profiles are unlikely to be very reliable, and the whole thing looks appears like a massive invasion of privacy. The US should generally give visas only to people who can provide credible government and financial records, with case-by-case exemptions in a few special cases.
Just another reason to not use social media.
P.S. I don't even remember my FB password, on those rare occasions that I try to use FB from a new device I always have to go through the "forgot your password?" ordeal. But I don't expect border officials to be too sympathetic about that.
Most social networks (like Facebook) expressly forbid sharing passwords or allowing others to use your account. Because that's the policy it becomes a Felony according to the Computer Fraud and Abuse Act (CFAA). The United States Court of Appeals has affirmed sharing accounts contrary to the TOS is a violation of the CFAA and there are people in PRISON as we speak for doing just that.
I would contend that you cannot be compelled to commit a felony by a agent of the United States. If DHS wants this power they need to have the CFAA amended to grant them an exemption.
No social media account? You're a terrorist.
#DeleteFacebook
That can only be described as fucking stupid. Hell, why don't we make them submit to vivisection? Then we could learn LOTS and be certain they couldn't be a threat afterwards!
There are many reasons it is stupid but for starters: Most everyone reuses passwords simply so there is some chance that they can actually remember their passwords. So what this amounts to is, "Give us unrestricted access to everything."
And this coming from one of the least trustworthy things that exists: A government agency...
If they want your social account's name, fine. They can look it up for themselves. If a court wants to approve it they can have Facebook build them a read-only interface that will show a person's complete activity. (I suspect they already have this.) I'm wondering if they want this so they can go pillaging through all of a person's other internet activity. That makes sense.
What about 2FA?
What if you don't know your password (password manager)?
What if you don't have a social media account?
All perfectly valid non-edge cases.
My eyes reflect the stars and a smile lights up my face.
Enjoy paying 10 cents to your carrier to receive an SMS every time you log in.
It's just another talking point to create distrust about anyone in Trump's way, like Fake News social media ....
"We tried to keep America safe, but the leftists in Silicon Valley took us to court and wouldn't let us look at terrorist social media accounts. Wake up America! If a terrorist kills a US citizen, blame over-rated Facebook. Sad."
Well played, President Breitbart^H^H^H^H^H^H^H^H^HTrump.
"I don't use social media. I think it's dumb."
What are they going to do?
How many social network identities, if any, I have? This is just plain FUD!
Sent as ripples into the electromagnetic field. No single photon has been harmed in the process.
I simply won't go to the US unless my job forces me to. I certainly won't spend any tourist dollars there until this bullshit stops.
I'm sure it will be a surprise to all the people of Arabic, Turkic, Indo-Iranian or East Indian peoples to know that they are of Negroid ancestry
Enjoy paying 10 cents to your carrier to receive an SMS every time you log in.
These are people travelling to the US. Not Americans.
Outside the US, people generally don't pay to receive; only to send.
Have gnu, will travel.
That just means you can't enter the country without a mobile.
We can set up such a password, parent over the shoulder, password etc. They will appear to be normal and seemingly function cleanly. But it will expose only parts of the account you had already deemed safe for that access.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
What about changing that password as soon as you're in the country?
Do cellular subscribers outside the United States still receive messages without charge even when roaming in the United States?
How exactly is data sitting on a server in silicon valley "at the border" just because the person who created that data is at the border? By that logic, you can search their car, house, workplace and bank account without a warrant as long as they are standing at the border when you do it.
Support Right To Repair Legislation.
CBP has been confiscating and rummaging through telephones and computers for years. They don't need your FB password if they can break into your computer. http://www.wnyc.org/story/my-d...
I like what you did there, but why stop with that?
"If you don't want your rectum searched for contraband, just stay at home."
"If you don't want your social media scrutinized, just cut yourself off from your social circle."
"If you don't want your pussy grabbed, why do you have one?"
"If you don't want to be shot in the face, why do you have a face?"
"If you don't want to be discriminated against based on your religion, just quit your religion."
So many problems become easy when you ask people to abandon everything important to them!
1) Not everyone uses social media
2) Trivial to set up multiple accounts
3) If you're gonna Jihad, don't put it on FB
4) Other countries may start requiring it from US visitors
5) Other than being innaccurate ( see #1 and #2 ) and annoying, what exactly does it gain us intelligence wise ?
How exactly is data sitting on a server in silicon valley "at the border" just because the person who created that data is at the border?
The persistent identification cookie on the laptop, tablet computer, or smartphone that a traveler carries allows access. But it's difficult to extract said cookies because of the design of operating systems and web browsers for those devices. As a substitute for a means of exporting cookies, they ask for enough information to replicate the identification cookies stored on the device.
I'll give you my login to anything, even Facebook. Hell, my Slashdot login is above this very message.
What use is that to use unless it's so open that it's showing everything you said (e.g. my Slashdot). My social media logins get you almost nothing that you wouldn't already have by that point.
Are you suggesting they've stopped at that point, when there are no posts visible because "Homeland Security" isn't in your friend list on Facebook? I don't think so. I think, at minimum, they're asking you to reveal a login and if they're suspicious (which could include "Gosh, he doesn't let us see ABSOLUTELY EVERYTHING"), then it will go for passwords too.
And, technically, the email on this account of mine is completely different to the email of other accounts. Hell, I have about 20+ domains all with unlimited aliases I could use on them. There's no help there at all.
No, this is about volunteering information, and then if there's any suspicion (you didn't volunteer) forcing it out of you.
The US has been dead to me since just before 9/11 when all this nonsense started. I literally CANNOT take a laptop or phone which may have any work logins, emails or anything else at all on it into the US. EU law says that's breaking the law.
That ruins a whole load of stuff you might want to do on holiday, and kills business trips stone dead.
And if you demand logins to unrelated things, I'm likely to refuse. It's that likely to get me into trouble, I'm likely not to bother trying to go.
As such, not been to the US in years and have no current intention to go there.
Step 1. Delete your Facebook Account before leaving your country.
Step 2. Reply, "I don't have a Facebook Account" when asked.
Step 3. Restart your Facebook Account at some later time.
Problem solved.
Proverbs 21:19
First of all, anyone who doesn't have a FB account (like me) and doesn't give a shit about making one (like me) will create one for the US trip because obviously now you need one to enter the US. I would even write exactly this onto the page, that this page only exists because DHS wants to see a FB page from me, so I had to make one, don't expect any updates because they will not be forthcoming.
Everyone who does have one and has reason to think that DHS doesn't like what's going on on it will create a fake one.
And now try to convince DHS that the one you created because you have none and don't give a shit about telling the world how good your last dump was is not a fake one you created because you're Bin Laden's lovechild.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
In actual implementation, most likely, people will be asked to login themselves — jumping through whatever secondary authentication-hoops there may be — on the officer's computer or on their own one. They don't need your password — which you can change immediately afterwards anyway — they just want to see, who you are...
Israel has been doing it for years (including access to your emails), for example. I do not like it, but I don't like my luggage and person being searched either — this is not especially more outrageous.
What a duly privacy-minded service could offer is something like a duress password — if you login using that code instead of your usual one, certain mailboxes, messages, etc. are to be hidden... Can't hide everything — or even most things — because then the officer may get suspicious...
In Soviet Washington the swamp drains you.
That's all you'd have to say. What are they going to do, waterboard you until you admit you're on Facebook? I suppose if you're dumb enough that you actually use Facebook and actually have a picture of yourself in your profile and they find it all, then you're stuck, but what self-respecting terrorist is going to post pictures of themselves online? Also as others have pointed out, divulging your passwords is against Terms of Service for just about anything online, and in fact it may be a felony to allow someone else to access your accounts, even if it's law enforcement. This also sets a dangerous precendent, I think, if allowed to go forward; if they can force people coming into the country to give up passwords to online accounts, then there's a good argument for forcing anyone to give up their passwords, even if you were born in the U.S. and have never set foot outside it's borders, and never have had so much as a parking ticket your entire life.
Of course "this is a bad idea" and "this is a dangerous precedent" are phrases I think we're going to be hearing quite a bit in the next 4 years..
That's only valid because you know about Manson because he's been vetted via due process.
It little behooves the best of us to comment on the rest of us.
... social media.
Don't have a Facebook account?
Get one, then we'll talk.
--
"Thanks, dude." ~ Zuckyberg
It little behooves the best of us to comment on the rest of us.
I don't *have* a FB account.
That one?
Someone must have put that up about me, but I certainly didn't.
Yes, please, waterboard me for my alleged Facebook password.
-Styopa
I deleted my facebook several years ago. I never used twitter. I have this /. account. What will they do with people who do not partake in social networking?
So regular non-threat people will have to let these bumbling thugs go through their private social media, and actual terrorists will hand over the fake account they prepared just for this purpose.
- For the complete works of Shakespeare: cat
Wouldn't it be enough just to declare any social media accounts that you are on? Friend lists should be enough to determine if someone is connected with terrorists.
love is just extroverted narcissism
"Facebook password?"
"I don't use Facebook"
"Twitter account?"
"I don't use twitter"
I suppose I could give them my AC account name for slashdot, but I'm not sure what the other ACs have been up to, so that's probably a bad idea.
"DHS officials also stated that if the wife of a US visitor is good-looking, they want to demand they get to sleep with the woman before allowing entry to the couple..."
If telephones are outlawed, then only outlaws will have telephones.
The wife and suspected catalyst in the San Bernadino massacre would have been barred from entry if the feds had had access to her social media, as she had a lot of radical stuff. So no, it doesn't just affect honest people. http://www.cbsnews.com/news/co...
Visa applicants can probably get away with saying that they don't have social media as part of the affidavit on penalty of perjury, but the US government may ask social media sites to run a facial recognition scan on you of all photo posts from your home region, and/or a scan for your name in your region. If they can pick you out in that data set, they can find all of your friends who do have social media, and the account at the center of the relational web had better be your mom or your spouse. If it is something like Islamonut42, then odds are that is your account and you are concealing it and you should probably pack a bag for Gitmo because they will get a FISA warrant and get into that account anyway along with all of your electronic devices and track you back through your IP. If you are not actively going into the visa process as a terrorist, it is in your best interest to be honest.
If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
That "Donald Trump has the best words."
What about 2FA?
They'll require that you activate the 2FA while they check your accounts. You're waiting in customs or holding or something, so you have nothing better to do, and likely neither do they.
What if you don't know your password (password manager)?
Every password manager that I know of allows you to actually look up your real password, so you can write it out for them.
What if you don't have a social media account?
Don't be silly, everyone is on Facebook! Liar. But really, "I do not have social media accounts" will be perfectly valid, and the discovery that you lied would be grounds for immediate prosecution and/or expulsion and/or watch-listing.
Don't forget those subversive Canadians! Them and their secrets around making good poutine or which beers taste best!
These are valid secrets that will be very helpful to the folks in DHS!
Each one has been lovingly hand-filled by my well paid assistants with glowing comments about the Great again United States, and how handsome and insightful its great blonde (duly elected) God-king is.
Very cheap. Contact "Butch Hillhurst" on Silk Road 4.0 for details.
Where are we going and why are we in a handbasket?
Try to confine yourself to relevant, intelligent posts. Don't fall into the trap of lowering yourself to their level.
FUCK YOU, DHS
I suppose now it will be alright for foreign governments to demand the same of US citizens traveling abroad?
They were only following orders.
That's the bottom line. Do you think American citizens have rights in Iraq? I rest my case. Mod me down liberals, reality still stands.
We'll make great pets
Don't forget those subversive Canadians!.
Last time I checked there wasn't a travel ban on Canadians.
We'll make great pets
You are obviously a dangerous lone wolf terrorist.
We only want sheep entering the US, who will get along sociaaaaaaaaly with all the other sheep.
Where are we going and why are we in a handbasket?
People who want to visit the United States could be asked to hand over their social-media passwords to officials as part of enhanced security checks, the country's top domestic security chief said.
Homeland Security Secretary John Kelly told Congress on Tuesday the measure was one of several being considered to vet refugees and visa applicants from seven Muslim-majority countries.
We'll make great pets
So they want access to falsify evidence.. By being able to post fake posts or send fake messages under their name..?
I see no room for abuse there!
-Myke
That would be the CIA/NSA, not DHS. Surveillance of US citizens requires a warrant, assuming that Obama followed the law on that for the last 8 years (all indications are he ignored the Muslim community, opting instead to investigate reporters who didn't carry his water: https://www.yahoo.com/news/blo... ). Surveillance on the rest of the world is open season and the purview of the CIA and NSA, but at the direction of the president. Since Obama hated the idea of US supremacy and actively tried to make the US just another global citizen, pretty sure we don't have anything that is less than 8 years old on 99.99% of the world population.
If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
Yah vol, Herr Commandant!
There are two types of people in the world: Those who crave closure
If you're going to suggest German Fascism, you might as well get the fucking German right.
I guess they can have that.
I am very small, utmostly microscopic.
Sure they can have my LinkedIn access as long as they connect my account to some super sweet recruiters, with hot job prospects, for me.
You're not following the joke.
And it was in reference to Hogan's Heroes.
You might want to get your fucking references right.
There are two types of people in the world: Those who crave closure
Numb nuts, it's spelled "jawohl", even when an actor on Hogan's Heroes says the line.
>"People who want to visit the United States could be asked to hand over their social-media passwords...If they don't want to cooperate then you don't come in."
And exactly what are you supposed to do if you have no "social media" passwords because you have no such accounts. I have no Facebook, Google+, Twitter, Instagram, etc accounts at all....
So which social media site is the first that will let users configure a distress password?
Assorted stuff I do sometimes: Lemuria.org
Courts have frequently extended constitutional protections to people from other countries interacting with the US government. I have a hard time seeing why this would be any different. I seriously hope this gets challenged in court, and the administration loses very badly.
How ... quaint ...
-- Tigger warning: This post may contain tiggers! --
If they do not want the TSA guys to look into their accounts they can say they don't have one. Or is that a new rule now that you have to have a Twitter, Facebook, YouTube, and Google+ account in order to enter the US?
...I'm not a dumb fuck
http://www.newyorker.com/magaz...
ZUCK: yea so if you ever need info about anyone at harvard
ZUCK: just ask
ZUCK: i have over 4000 emails, pictures, addresses, sns
FRIEND: what!? howâ(TM)d you manage that one?
ZUCK: people just submitted it
ZUCK: i donâ(TM)t know why
ZUCK: they âoetrust meâ
ZUCK: dumb fucks
I'm not repeating myself
I'm an X window user; I'm an ex-Windows user
Apart of some very often used sites where I have to enter my user details every time I access them (like my webmail my computer at home and at work) I can't even tell you my password because I don't remember it. I have to write my passwords down in a file and look them up every time I have to use them. That goes for my Facebook profile (which is logged in on my home computer but I can't access it at work because I don't remember the password) to virtually every webshop I ever bought something and online newspapers.
So, are they really going to deny me entry if I genuinely don't know the password?
USA, the land of the free and the home of the brave? I don't think so. The land of the opressed and the home of the frightend.
As soon as you give up your password, it should be reasonable that you can't be accounted for anything that happens in your account(s).
Also, people reutilize passwords a lot, I guess they are shooting for that too.
Whoooooosh!!!!
Not on Hogan's Heroes.
There are two types of people in the world: Those who crave closure
The Orlando shooter and Boston Marathon bombers were identified as likely terrorists before they did anything. Fat lot of good it did us.
Also, Gitmo is not something to be proud of. It was specifically set up under a weird constitutional theory to be somewhere the rule of law would not apply.
"When you have eliminated the unacceptable, whatever is left, however improbable, must be the truthiness" - Holmes
If neither side has a monthly unmetered SMS plan, a text message from one cell phone in the United States costs twenty cents, split evenly between the sender and recipient. If only one side has a monthly unmetered SMS plan, only the other side pays its ten cent toll. If both sides have a monthly unmetered SMS plan, there is no toll.
Wait hold up, what? It costs more for a landline subscriber to call a cell phone than to call a local landline?
Because calls from one landline to another in the same city have long been toll-free in the United States, the pricing model for its cellular market is to charge for airtime on each leg of the call so that a landline user doesn't incur unexpected tolls when calling a cell phone. For example, if a cellular carrier's voice toll is ten cents per minute, a call from a landline to a cell phone or vice versa costs the cell phone subscriber ten cents per minute, and a call from a cell phone to another cell phone costs each subscriber ten cents per minute, or a total of twenty cents per minute between the two of them. An SMS is billed as one minute of airtime. (Source: T-Mobile USA's pay-as-you-go plan) The next step up from pay-as-you-go is usually unmetered voice and SMS, both outgoing and incoming, but that costs hundreds of dollars per year.
I have visited the US over a dozen times. what a beautiful country & great people.
I have so many friends there.
But now I will not go there any longer - until the administration behaves again as I expect in a civilized country.
I foresee the tourist numbers - and thus $$$ revenue dropping now.
what a shame - I hope I can visit this wonderful country again some day.
Greetings from myheart to all you americans that have made my many visists to enjoyable
Deactivate all social media accounts before flying. Reactivate once you've reached your destination. Lather, rinse, repeat for the trip home.
Obama signed an executive order - the NDAA - that allows the government to arrest anyone, at any time, for no reason other than being declared a terrorist and detain them indefinitely. Where was the liberal outrage? Hint: There wasn't any.
Murphy was an optimist
Considering he also wants the financial records and Trump refuses to show even his tax records, then no, he wouldn't. He'd be stuck in an interrogation cell at the airport ranting about his rights and wanting a lawyer. We really should consider making this a procedure in the EU as well! Then, when Trump comes to visit, we hold him at the airport and demand his financial records to make sure he isn't a russian spy. I'm sure he'd love that.
If it doesn't have facebook app on it, or facebook on browser memory, It's going to be hard to prove you even have a FB account. Or Twitter, or LinkedIn, etc
Restless should be rested.
Irrelevant. And I've never seen that film anyway.
Joke? What joke? It's just badly misspelled German.
Birds are not dinosaur descendants;birds are dinosaurs, for all useful meanings of "birds", "are" and "dinosaurs"
I have been around the world and the US is still the most desirable place to be or do business by far. If you want a socialist paradise or a communist totalitarian state, there are other options. The EU is uncomfortable, dirty, and has about 10 years of life left and then it will fragment as member states go bankrupt under their massive socialist spending and donor states like the UK and Germany leave. Good luck starting a business in the EU. France is deteriorating fast and will become a Muslim majority country around 2050, the radicals they have invited in may turn it into a war zone long before that. Look to the middle east to see how that will turn out. I have hope for the UK, but the world in general is pretty unstable and uncertain.
If you disagree, please post your argument. (-1, Overrated) isn't your personal censorship tool for views you don't like
The problem, as I see it, is when people who I consider reasonable suddenly begin pondering how to break the law, or subvert it, then there is a bigger issue than just "You're breaking the law". you've made law abiding citizens into criminals.
You can kiss goodbye all the money that comes from tourism. People have lost interest in seeing the US anyway. Uganda and Zimbabwe looks more attractive and you don't have to go through a stripsearch and scorn to get there. The US is all yours "Americans".
"It is no measure of health to be well adjusted to a profoundly sick society." - Jiddu Krishnamurti