Many states have defied REAL ID for privacy (but mostly money) reasons. Now it looks like things are coming to a head with the DHS warning Maine that if they don't implement REAL ID, their identification may no longer be accepted at airports.

(H/T to Privacy.org for the link)

In what appears to be an attempt to counter the black hole that is their reputation, the TSA has launced a blog called "Evolution of Security". Like most things Bushian, it starts out by inflating their viewpoint somehow implying that they are right about everything they do just in the title.

And their tagline:

Terrorists Evolve. Threats Evolve. Security Must Stay Ahead. You Play A Part.

Awwwww… Isn't that nice? Too bad we disagree on how security must evolve. Bruce Schneier has pretty much successfully challenged every major TSA policy, but they refuse to acknowledge him (yes I know he interviewed the head of the TSA, but did he get meaningful answers?).

I wonder how long they'll be able to keep the blog up against the storm of complaints that is so inevitably on the horizon.

(H/T to Ars Technica for the link)

They say it's to prove that someone actually is related to someone in France before allowing them to move to France. But not to worry! They say the test is "voluntary"… assuming you don't want to enter France that is.

(H/T to Privacy.org for the link)

Almost six years after 9/11, it is inexcusable that — in an environment where TSA misses more than 90% of weapons, RON [aircraft left unattended and unlocked at night] aircraft are not secured, and ground employees are not screened — fewer than 2% of our airliners have a team of armed pilots aboard, fewer than 5% have air marshals, and the flight attendants have no mandatory tactical or behavioral assessment training. $24 billion dollars later, we are not materially safer, except in the areas of intelligence that prevent an attack from getting to an airport. Once at the airport, there is little reason to believe the attack won’t succeed.

Well said. Be sure to read the full thing which has a stinging review of the TSA's failed efforts to make airlines more secure. Keep in mind that this guy is the president of the Airline Pilots Security Alliance and he knows what he's talking about.

(H/T to Schneier for the link)

The TSA is about the worst example of a security agency that there is. Nearly everything they do is pure theater and doesn't actually help us at all and yet they continue merrily on their way abusing us and making airports a living nightmare for all with no apparent improvement to security.

In this case, a mother was detained, humiliated, threatened with arrest and generally abused because she brought a tiny sippy cup of water through security for her 19 month old son.

At this point, I was detained against my will by the police officer and threatened to be arrested for endangering other passengers with the spilled 3 to 4 ounces of water. I was ordered to clean the water, so I got on my hands and knees while my son sat in his stroller with no shoes on since they were also screened and I had no time to put them back on his feet. I asked to call back my fiancé, who I could still see from afar, waiting for us to clear security, to watch my son while I was being detained, and the officer threatened to arrest me if I moved.

Freaking idiots.

I wonder how long this kind of crap will continue. I hope someone files a lawsuit against the TSA and soon. The judicial branch appears to be the only one that's working right now anyway.

In a continuing effort by the Bush administration and the ridiculous Department of Homeland Security to make sure there's not a country left in this world that supports us, the DHS has suddenly abandoned talks with Canada about traveller pre-screening.

"It's unacceptable to say it can't be figured out," former U.S. ambassador Gordon Giffin said Thursday from Calgary.

"The U.S. can't just throw up its hands. It's almost childish, like they're taking their marbles and going home," said Giffin, who served in Canada from 1997 to 2001.

"It's just not productive. For Pete's sake, we're working with Canada. We're not working with some Third World country."

(H/T to Schneier for the link)

The people over at CASPIAN have warned about how companies are trying hard to get RFID tags into all their products without people knowing. Well, now they will. The anti-theft tags that nearly every product currently has will be combined with RFID technology so that nearly every item you walk out of the store with will also transmit a unique identifying number to any reader nearby. Theives, marketers and big brother are salivating.

You don't believe that companies are desperately interested in what you do every waking moment? Then you haven't been paying attention.

Tantrum turns to police record.

She flailed away at the teachers who tried to control her. She pulled one woman’s hair. She was kicking.

Unless the kid has a knife or some other kind of weapon, nothing they can do could be counted as dangerous.

Desre’e was charged with battery on a school official, which is a felony, and two misdemeanors: disruption of a school function and resisting a law enforcement officer. After a brief stay at the county jail, she was released to the custody of her mother.

So your kid has a felony and two misdemeanors on record from the time they're 6? What was wrong with the normal way, calling her mother? So now this poor girl, her mother, the community, and most of the Internet all have less respect and trust for police officers. Great work Florida.

(H/T to Schneier for the link)

List of post 9/11 watch lists.

Watch out for TIDE:

Likely to have the name of anyone who ever called anyone who ever called Al Qaeda.

That's just funny. And this one:

Name: No-Fly and Selectee Lists

Details: Being on the TSA's no-fly list grounds you, while the Selectee list gets your bags pawed through.

Who's Listed?: Likely to include someone named Bob Johnson, and Edward "Not the Senator" Kennedy.

It must be nice to be a senator so you can get your name immediately removed from these lists. Too bad for the rest of us.

(H/T to Schneier for the link)

We already suspected, but now we have some confirmation from the people who's job it is to breach our security. Airport security has inconvenienced us for no apparent gains in security.

The covert testers who were at DIA are part of the TSA's Red Team. The Red Team was formed by the Federal Aviation Administration after terrorists blew up Pan Am Flight 103 over Lockerbie, Scotland in 1988, killing 270 people.

…

"There's very little substance to security," said former Red Team leader Bogdan Dzakovic. "It literally is all window dressing that we're doing. It's big theater on TV and when you go to the airport. It's just security theater."

Dzakovic was a Red Team leader from 1995 until September 11, 2001. After the terrorist attacks, Dzakovic became a federally protected whistleblower and alleged that thousands of people died needlessly. He testified before the 9/11 Commission and the National Commission on Terrorist Attacks Upon the US that the Red Team "breached security with ridiculous ease up to 90 percent of the time," and said the FAA "knew how vulnerable aviation security was."

Dzakovic, who is currently a TSA inspector, said security is no better today.

"It's worse now. The terrorists can pretty much do what they want when they want to do it," he said.

I'm not saying that we should be secure. What I'm saying and what I believe others agree with, is that the things that are done in the name of security are more about making people think something is being done than actually getting things done.

And on that final note:

Dzakovic, who testified that the FAA ordered the Red Team to "not write up our findings," said the TSA is also trying to hide its results.

"The last thing TSA wants to do is look bad in front of congress and in front of the public, so rather than fix the problem, they'd rather just keep them quiet," said Dzakovic.

Ouch.

(H/T to Schneier for the link)

From the "You're so stupid it hurts" department: Apparently the head of the DHS doesn't see why the REAL-ID act is such a big deal.

I'll make this very simple: Passports. E-voting. Airline security. Domestic spying. Now we're supposed to believe the government is doing something right in security?

A company who's trying to seel their solution to the TSA is out to prove that the no-fly list is bogus. By going to their site, you can enter a name and see if you have a good chance of being on the no-fly list yourself. Hopefully, enough people will try this and see what a stupid idea it was for the TSA to have done this based on names alone.

Idaho has joined a growing trend of states that are flat out telling the federal government to jump off a cliff. The REAL ID act has been attacked by privacy organizations for being a national ID card which will have far reaching implications to personal freedom. Not only that, but implementation of the system is extremely expensive and each state is supposed to pay for it.

The original article is titled "New autopilot will make another 9/11 impossible", but I think mine is more accurate.

It's clear that most new systems that are produced aren't airtight when they're released. Like e-voting, RFID passports, and jet fighters that can't cross the international date line without their navigation going on the fritz.

So now they're going to make airplanes remote controllable. How will they make sure the right people are controlling it? What happens if a terrorist triggers the system while another jams the radio signal that's supposed to control the plane? What if the system triggers by mistake? Are they going to be required to notify passengers before they board the plane that this system is there so they have a choice to avoid it (I think we know the answer to that)?

Using some simple deduction, a security consultant discovered how to clone a passport as it's being mailed to its recipient, without ever opening the package. These are the kinds of things that people need to understand are possible now that our governments are trying to use wireless technology (inherantly insecure) for security.

Privacy.org points to an article explaining that the backscatter x-ray will be fielded in Phoenix. This X-ray device can penetrate clothes, but not skin making a pornographic video of them. Yes this allows the TSA to see if you're carrying bombs or guns, but it also removes your clothing.

So today my wife received a letter from our bank saying that her card was included in the data breach. They were very pleasant and helpful (as credit unions tend to be), but one thing caught my attention:

If at any time you suspect you may be a victim of fraud or identity theft, you may place a fraud alert on your credit file with one of the three major credit-reporting [companies]. A fraud alert will require any company or creditor to contact you to authorize any new accounts or loans.

For the record, fraud alerts are required, but can be ignored. The problem is that it's the issuing company's responsibility to check for the fraud alert and act accordingly. Since it hurts their business to do so, it's far more likely that they will "miss" the flag (especially when they're on comission). That means that it may help and it may not. It's basically nothing compared to the real protection: Credit Security Freezes

Public Citizen reports one of their recent victories against American Airlines on behalf of John Cerqueira, who was denied the right to ly after airline authorities thought he might be "Arab, Middle Eastern or South Asian descent".

$400,000 dollars is a small price to pay for taking away an American's freedoms. The airlines and the TSA better figure that out in a hurry.

As reported by Privacy.org:

The Maine House and Senate registered nearly unanimous opposition Thursday to the federal Real ID Act, which requires states to change their drivers' licenses into national IDs linked to a central database. The resolution is not binding on Congress, but says the Legislature refuses to implement the Real ID Act. It asks Congress to repeal the law.

I feel so warm and fuzzy inside :)Â Go Maine!

Security theater is the tem Bruce Schneier uses to describe a secruity measure that doesn't actually improve security as much as it makes us feel more secure. While he disagrees with most uses, he allows that sometimes, feeling better is a good thing. For example, hospitals that put RFID bracelets on newborns that will trigger an alarm if they go through the wrong doors helps reassure new mothers when the babies are out of their sight.

Granted, this is only harmless because there's no real security problem that is being covered up like in the case of offering credit monitoring services as a way to fight ID theft (which does not work).