"There's a reason you don't wear your Social Security number across your T-shirt," Albrecht says, "and beaming out your new, national RFID number in a 30-foot radius would be far worse."

There are no federal laws against the surreptitious skimming of Americans' RFID numbers, so it won't be long before people seek to profit from this, says Bruce Schneier, an author and chief security officer at BT, the British telecommunications operator.

Data brokers that compile computer dossiers on millions of individuals from public records, credit applications and other sources "will certainly maintain databases of RFID numbers and associated people," he says. "They'd do a disservice to their stockholders if they didn't."

Or put simply, everyone knows that this is scary beyond reason and we need to do something now BEFORE it's a problem.

Here is some more information from the source article:

In its October 2005 Federal Register notice, the State Department reassured Americans that the e-passport's chip — the ISO 14443 tag — would emit radio waves only within a 4-inch radius, making it tougher to hack.

Technologists in Israel and England, however, soon found otherwise. In May 2006, at the University of Tel Aviv, researchers cobbled together $110 worth of parts from hobbyists kits and directly skimmed an encrypted tag from several feet away. At the University of Cambridge, a student showed that a transmission between an e-passport and a legitimate reader could be intercepted from 160 feet.

The article also mentions a video that shows the results of his experiment. I was able to find it HERE.

Related topic(s):

How RFID Tags Could Be Used to Track Unsuspecting People

Here is an excellent short essay on how to fix airport security and restore a bit of our dignity and rights at the airports:

Fixing Airport Security

Also be aware that the TSA is making significant strides backwards when it comes to whole body imaging. Where they used to be looking at technology that wasn't as privacy invasive, they've now started making a major push for what some are calling a digital strip search. The most important issue here is that the scanners are being planned as a replacement for metal detectors which means you'd have no choice but to bare all for the TSA.

Bring on the tinfoil underwear…

This is so wrong, I barely know what to say. I sure hope this trend doesn't start to catch on, because a lot of people would give up the information when they're pressured instead of doing the right thing and refusing.

"Please list any and all, current personal or business websites, web pages or memberships on any Internet-based chat rooms, social clubs or forums, to include, but not limited to: Facebook, Google, Yahoo, YouTube.com, MySpace, etc." the form reads. But Bozeman isn't simply interested in finding out where to look for potentially embarrassing personal details; the city wants full disclosure, since the form demands username and password information for each.

This is way worse than all those sickening social networking sites asking for your e-mail address password.

The panel this morning consists of members of the FTC, Google, and Microsoft and the subject is profiling people online.

There are so many questions I want to ask such as why Google stores data for so long (which they've avoided answering before) and why the FTC doesn't promote credit freezes (which they've avoided answering before).

In the meantime, there's talk about the different types of data collection each group does and the standard rigamarole about customizing and targeting advertisements as if that's helpful to the end user. Granted having ads that are more appropriate are more useful than less, but I see that as the same as having a neighbor down the street that you hardly know bring you a box of your favorite beef jerky. It's nice, but damned creepy when someone knows that much about you when you don't know who they are, what their intentions are, and how much else they know about you.

I stood up to lecture the panel on the fact that personalized ads aren't necessary for small sites to exist if they use the product recommendation method versus random ad policy like me, opt-out is an unfair business practice since it requires that people become very knowledgeable about ads and how to stop them which is near impossible for regular people, and opt-in is not only necessary, it's easy.

I doubt the information I shared will have any positive effect on the industry, but it was still worth a try.

If you've ever wondered what the Department of Homeland Security knows about you, try filing a Freedom of Information Act request like this guy did.

This comes from a long string of stories about how bad privacy is getting in the UK. As bad as it's become in the US, apparently our friends out there have it much worse.

(H/T to Slashdot for the link)

Transit Police will only inspect areas of bags that are capable of concealing explosives. Police will not be viewing the content of papers or other reading material. But if illegal items such as drugs are found, they will be confiscated as evidence, and police will cite or arrest the individual. Those who refuse to have their bags searched will not be allowed to enter. Transit Police will not arrest people who refuse to have their bags inspected.

The key here is that you have the right to refuse which most people probably wouldn't know about or exercise. If you don't know, ask. Ask "do I have the legal right to refuse the search and what are the consequences if I do so?" I have no idea if asking such a thing could create legal problems in some circumstances, but it's what I would do. Never submit to authority asking you to do things you don't think are right without at least questioning it (in my personal, non-legal, non-professional, opinion).

(H/T to Privacy.org for the link)

How would you like to be paid $50 a month to carry a cellphone that can be remotely activated as a listening device by the company that provides them?

The scary thing is, this is just software, it's not a special phone. If you have software like this, what's to stop you from installing it in your girlfriend's phone or a business contact. Where's my "phone only" phone?

But will anything be done this time? That's the question.

The NSA has been working on their public image and trying to market itself as a cool place to work partially with their "Cryptokids" campaign. Their goal is to teach kids about what the NSA does in a fun, kid-friendly way.

But that's not what I'm posting about.

I ran across this interesting comic about the unpopular little-know cryptokid, Y.R. Tap, the NSA domestic spying fly. The fly shows the Cryptokids what can happen when civil liberties are violated.

The Wall Street Journal says that Dunkin' Donuts is experimenting with video screens that use facial recognition technology to figure out your age and gender. The screens then display ads targeted specifically to you.

The last thing we need is computers trying to figure out who and what we are so they can target ads to us.

The TSA's CLEAR program where people can spend $100 to be "pre-screened" at airports and bypass security had a security hit recently when a laptop (doesn't this get old) with customer data was stolen.

Well gosh, how could they ever have seen that coming?

Anyway, Schneier covers the story and links to the TSA's response as well as taking a moment to denounce the program again along with most of what the TSA is doing for airport security. Since I've met the privacy officer for the TSA and know he knows what he's doing, the only reason I can come up with for this is that they're not listening to him when he's telling them not to put this kind of data on laptops unencrypted.

In Senate debate, Patrick Leahy (D-VT) argued strongly against telecom immunity, because it would make it almost impossible to ever find out what really happened and "the American people ought to know who in the White House said, 'Go break the law.'"

Sen. Russ Feingold (D-WI) noted that, "We're considering granting immunity when roughly 70 members of the Senate still have not been briefed on the president's wiretapping program. The vast majority of this body still does not even know what we're being asked to grant immunity for."

These were the protests that smarter senators made before the vote. They were ignored. The "FISA update" including immunity was passed yesterday.

"I sit on the intelligence and Judiciary committees, and I am one of the few members of this body who has been fully briefed on the warrantless wiretapping program," said Sen. Russell Feingold (D-Wis.), another prominent opponent. "I can promise that if more information is declassified about the program in the future, as is likely to happen . . . members of this body will regret that we passed this legislation."

Breaking news, Congress is full of quarter-witted imbeciles and corrupt sychophants. Wait… we knew that already. What is new is that now we have a roster of the members of the House who either have no clue about what's going on or have gone to the dark side (cue Darth Vader-like breathing).

Yesterday the House passed a FISA amendment act which includes a provision shielding telecommunications companies from any liability. In the coverage of the situation by Ars Technica, they were able to quote Nacy Pelosi as being an idiot:

The most extended apologia came from House Speaker Nancy Pelosi (D-CA), who urged that the compromise be judged by comparison with the Senate bill, which she characterized as the only realistic alternative (So we can't ask for a good law, only a less bad one? That's a great standard to live to). She outlined several ways in which the current legislation is preferable to the Senate's version. First, the compromise bill reasserts that FISA is the "exclusive means" for conducting electronic surveillance, which would require the president to ignore such language twice in order to launch an extralegal surveillance program, rather than only once, as under traditional FISA rules (So if the President breaks the law, now it would violate two laws instead of just one. The next time someone breaks a law, I wonder if it will result in jail time if it only breaks the law "once"). Second, it preserves prior judicial review of surveillance authorizations, except in "very, very rare" circumstances, such as when the attorney general asserts that waiting for a judge would entail delay (I think that recent history has shown how much we can trust to the "rarity" of the Attorney General approving anything a president might ask. Has she even been awake in the last decade?). Third, it contains specific provisions barring the use of authorizations targeting parties abroad as a pretext for targeting U.S. persons, presumably to be enforced by a board of psychics. Finally, it provides for an internal investigation of the extent of past surveillance, which Congress will act upon with the same legendary zeal for civil liberties it has displayed over the past seven years (Brilliantly summarized. Ars has some great writers.).

So in one day, the House voted to expand powers of the Judicial branch that they didn't need and shield their conspirators from liability against justice.

Don't get me wrong, if I got a letter from the Attorney General of the United states that required my company to do something and my lawyers said to do it, I would have and maybe that's what happened to the telcos. But if there is no accountability for the Attorney General, the President, and the involved Agencies, then the whole things tastes like Congress cooked us up some chili made of poo.

Any computer with at least one file "coming from 'dubious origins,' e.g. downloaded from P2P". I don't know about you, but everyone I know has downloaded something at one point or another. As I've said before, there are many situations where downloading even copyrighted material is completely ethical(even if it may not be clearly legal or illegal).

Info on the bill brought to you via Slashdot.

By putting tons of cameras at different angles on an airplane and carefully inspecting everyone's faces and movements, the EU hopes to identify terrorists before they strike.

There's only a few problems to work out:

1) There's no way to know what a terrorist looks like
2) Removing privacy with no gain is a vast waste of money and resources
3) Mass surveillance hurts everyone and doesn't actually work.

(H/T to Schneier's Blog for the link)

American companies are providing technology to China to be used in their mass surveillance of their people.

The Fourth Amendment prohibition against illegal search and seizure made it into the U.S. Constitution precisely because its drafters understood that the power to snoop is addictive. Even if we happen to trust in the good intentions of the snoopers, the nature of any government can change rapidly — which is why the Constitution places limits on the tools available to any regime. But the drafters could never have imagined the commercial pressures at play today. The global homeland-security business is now worth an estimated $200 billion — more than Hollywood and the music industry combined. Any sector of that size inevitably takes on its own momentum. New markets must be found — which, in the Big Brother business, means an endless procession of new enemies and new emergencies: crime, immigration, terrorism.

We're in very real danger of what they have over there being implemented here. And it's already begun.

(H/T to Slashdot for the link)

The EFF has an excellent article about how to avoid being searched at the border. Specifically, how to protect your laptop data that courts recently ruled could be searched without warrant.

Here's a guide on how to make a very low cost GPS tracking device useful for monitoring your own car, your loved ones, or anyone else for that mater so long as you can slip this device into their bag or car.

(H/T to Digg.com for the link)

You can be forced to turn it on and let border agents browse around for stuff to charge you with. Isn't that nice?