| November 2005 Archives | « October 2005 | Main | December 2005 » |
November 29, 2005 | Sony's Fony Graffiti
Not content with simply knowingly infecting its customers' computers with security-hole inducing spyware, Sony is now sponsoring a "guerrilla" graffiti ad campaign to promote the PSP, covering inner city neighborhoods with images of kids playing with its overpriced, crippled handheld.
Reports on the interwebs indicate that Sony or its ad agency has paid graffiti artists to spray paint images of little kids playing with PSPs in at least five U.S. cities: Chicago, New York, Philadelphia, Los Angeles, and San Francisco.
Thankfully here in San Francisco's Mission neighborhood, someone decided to talk back to a mega-corporation arrogant enough to piss on my neighborhood's walls in order to move units.
And whoever the commenter was, he or she was right. Not another dime.
Note the very nice "Fony" addition, and for those who aren't bike geeks, a Brompton is a folding bicycle that can make one look more than a wee bit nerdy (though I would love to own one for traveling).
As for teabagging, well, go check out the John Waters movie Pecker.
More on the tagging can be found at the Gothamist and at the WoosterCollective (action shot, reactions)
These photos were taken at 23rd and Shotwell Streets and I've heard there are more examples on Mission Street near 26th.
Update: Welcome, Diggers! Please stop and leave a comment. For those who got here, not through Digg, their comment board on this entry can be found here.
And my Wired News story on the graffiti campaign (with new, exciting info and pictures) is here.
Posted by Ryan Singel at 10:50 PM | Comments (37) | TrackBack
November 28, 2005 | Irish GrayAn Irish-born pilot who was labeled a security threat by the Transportation Security Administration when he attempted to learn to fly a larger plane is hoping to settle the matter out of court, according to Eric Gershon of the Cape Cod Times.
Cape Air pilot Robert Gray, 35, sued the feds in July after they denied his flight school application and alleges he was subsequently was placed on the "no-fly" list as punishment. If true, he would be the first person, outside of a few (but not all) high level Al Qaeda and some Guantanamo detainee, known to actually be on the list.
Many, including Senator Edward Kennedy and Sister Glenn Anne McPhee, have matched against the list due to name similarities.
If Gray is on the list, he would be the only person likely to have standing to challenge the legality of the no-fly list. The challenge would be interesting since the no-fly list is an odd bird. Bruce Schneier calls it a list of people too dangerous to fly, but not dangerous enough to arrest. I'm more interested in the challenge since the list is an extra-legal administrative punishment that sits in a very gray legal area. And until now no one seemed to have a way to challenge.
The government has long argued that the no-fly list and Secure Flight do not implicate the right to travel (generally understood as deriving in part from the First Amendment) since there are other ways people can travel. The suit by several Alaskans who can only get to the Alaskan capital and their jobs by plane would have mooted that argument, but that lawsuit is currently on hold.
As for one of the weirdnesses of a no-fly list, consider that Gray is Irish. If Gray is on the no-fly list, how would he get back to Ireland if he wanted to?
Link: Eric Gershon's Cape Cod Times story
Posted by Ryan Singel at 09:41 AM | Comments (1) | TrackBack
November 14, 2005 | ChoicePoint Intelligence Agency?The FBI and the Defense Department have long subscribed to private commercial data broker ChoicePoint, for use in investigations.
But since 2002, the agencies have also been relying on ChoicePoint's data to fuel data mining operations in one of the least understood post 9/11 operations, known as the Foreign Terrorist Tracking Task Force, according to Shane Harris of the National Journal.
The article, which relies on heavily redacted documents acquired through an open government request, raises questions about whether the Privacy Act -- which largely prevents secret databases on American citizens -- means anything if the government can simply outsource that data collection to a company like ChoicePoint (best known now for selling information on 145,000 citizens to identity theft scammers).
To help the government track suspected terrorists and spies who may be visiting or residing in this country, the FBI and the Defense Department for the past three years have been paying a Georgia-based company for access to its vast databases that contain billions of personal records about nearly every person -- citizens and noncitizens alike -- in the United States.[...]
A set of contract documents, obtained under the Freedom of Information Act, and which the government sought to withhold for almost two years, reveals details not previously reported about ChoicePoint's work for the FBI's Foreign Terrorist Tracking Task Force, called FTTTF or "F tre F." This task force was set up soon after the 9/11 attacks to assist law enforcement and intelligence agencies in locating foreign terrorists and their supporters in the United States. Because the task force can't maintain records on U.S. persons without opening an official investigation, it relies on ChoicePoint to augment the intelligence that the government collects through legal channels.
[...]
But the documents indicate that ChoicePoint may have gone beyond simply offering its commercially available products to the government. In 2003, ChoicePoint agreed to provide access to an "exclusive" system used to help identify terrorism suspects. Although much of the description of the system has been redacted from the documents -- on the grounds that it would reveal law enforcement tactics and operations -- the portions that were released indicate that ChoicePoint's work involves continuously tracking a "subject of interest" and notifying the government when new information has surfaced on that person.
After a string of redacted text about this exclusive service, the document states, "When this new information is added and identified as relevant new data for a subject of interest, the FTTTF will receive electronic notification.... Additional information beyond the identity and address data can be provided to the FTTTF with a subpoena." In releasing the contract documents, the government said it could not elaborate on the system, because doing so "could certainly assist ... terrorists in circumventing detection." The government also redacted the dollar amount of the contracts, making it harder to assess costs and scope.
According to an outside expert on ChoicePoint who reviewed the documents for National Journal, the exclusive service looks like something ChoicePoint built specifically for federal agencies, and the arrangement raises questions about whether the company is effectively becoming an arm of the federal government.
"The language [of the contract], and ChoicePoint making their full system available to the government and [performing] custom-tailored searches for the government, show a high degree of cooperation," says Chris Hoofnagle, a researcher with the Electronic Privacy Information Center, who has obtained ChoicePoint contracts and corporate documents through other legal filings.
Full ChoicePoint/FBI story here.
Posted by Ryan Singel at 10:03 AM | TrackBack
November 13, 2005 | All I need is a badge and a cell phone
I almost hesitate to mention this, after what Daniel Solove did the last time I mentioned a TSA toy, but an outfit called Water Cooler Games has released a game for Nokia cell phones called Airport Insecurity.
The developers call the game "a mobile game about inconvenience and the tradeoffs between security and rights in American airports. Players are encouraged to try their current travel itinerary while in line at security."
It's unclear exactly what you have to do, but it looks like its a game about being good at standing in line at 138 airports. It has three play modes: Arcade, Practice, and Endless Queue.
It costs $3.99.
If prefer hardware to software, for $10, you can buy a badge that identifies you as a flier who would fight back against airline hijackers, just as the passengers of Flight 93 did, possibly sparing the Capitol or the White House from destruction.
The group is called Sky Posse, which says the badges are a "means of demonstrating a visible symbol that you are one American who will fight back."
Now, I appreciate the sentiment, but I wonder if it might not be better for citizen air marshals (and hopefully we've all learned that lesson) not to advertise their intentions?
(Tip of the badge to Bruce Schneier).
I have no idea if wearing such a badge while playing Airline Insecurity will help or hurt your score, but you should find out.
Posted by Ryan Singel at 09:34 PM | Comments (3) | TrackBack
November 11, 2005 | TSA "Refreshes" Website, Removes Critical ReportThe Transportation Security Administration has removed a link from its website to an internal report highly critical of its newest airline passenger screening proposal, while simultaneously adding rebuttals to it.
The scathing report was written by a group of privacy experts and technologists appointed to the Secure Flight Working Group, which was tasked by the TSA with evaluating the effectiveness and privacy risks of its proposed upgrade to the current passenger watchlist system, now dubbed "Secure Flight."
Frustrated by incomplete briefings, the group recommended that Congress ban live testing of the program until the Department of Homeland Security clarifies how it will work.
When asked about the delinking of the report, TSA spokesman Nico Melendez said by email the delinking was part of a "'scrub' of our website."
"Several items have been refreshed to ensure appropriate information for public consumption is available," Melendez said.
The report was posted in full to the TSA's website in mid-September to the surprise of several group members who did not expect the critical report would be allowed to be made public.
"Based on the limited test results presented to us, we cannot assess whether even the general goal of evaluating passengers for the risk they represent to aviation security is a realistic or feasible one or how TSA proposes to achieve it," the report said. "We do not know how much or what kind of personal information the system will collect or how data from various sources will flow through the system. Until TSA answers these questions, it is impossible to evaluate the potential privacy or security impact of the program..."
The group's membership included security expert Bruce Schneier, noted technologist Ed Felten, corporate privacy lawyer Martin Abrams, and Steve Lilienthal of the conservative Free Congress Foundation.
The TSA has since delinked the report, replacing it with an executive summary of the report (.doc) that simply summarizes the nature of the working group and the Secure Flight program. It contains none of the report's findings.
The revision seems to have been done by a TSA employee named Jose Carrao on October 12.
Oddly, the full report (.pdf) remains on the TSA's servers, though there are no links to it. A saved copy can also be found here.
The TSA also added two rebuttals from aviation groups (Word docs here and here) and one clarification (.pdf) from the Terrorist Screening Center, which is responsible for creating the centralized terrorist watchlist.
One of rebuttals itself has been revised to remove original comments about the size of the TSA watchlists, saying that information "has been determined by TSA/DHS to be Sensitive Security Information (SSI)." SSI is not classified information, but the TSA uses the designation to withhold information from the public, such as airport security plans and the fact it requires airlines to ask for identification from passengers. One federal judge has already ruled that the TSA uses SSI designation frivolously.
The working group's report discusses the watchlist's composition and length, relying on information provided to it by a TSA employee and other information found in a Justice Department report on the watchlist(.pdf).
In part, the working group wrote that "As of spring 2005, there were about 270,000 entries in the TSDB [Terrorist Screening Database], many of them aliases of the same individual. Of these, about 30,000-40,000 were on the No-Fly list, and 30,000-40,000 were on the Selectee list, for a combined total of about 70,000. As the TSDB and TSA lists are further scrubbed, TSA officials predict that the number of No-Flys might be reduced to as few as 20,000. However, the number of Selectees was expected to increase substantially, so that the total of the No-Fly and Selectee lists might be about 160,000 persons."
Melendez did not reply to a follow-up email asking if the report contained sensitive information inappropriate for public consumption.
If the document does contain information that is too sensitive for the public to know about, it is unclear why the TSA simply delinked the document without removing it from their servers, since the report is easily available through search engines.
Melendez also declined to say why the TSA uses the word "refresh" to refer to the removal of information from its website.