[SecurityRatty] tag: dhs

Data-Mining for Terrorists Not 'Feasible,' DHS-Funded Study Finds

Tue, 07 Oct 2008 15:30:00 +0000

Searching for terrorists in masses of electronic data doesn't work and will lead to unacceptable privacy invasions, a government-funded commission reported Tuesday. Instead, the government should carefully evaluate how it uses the same technology as book recommendation software, and update the nation's privacy laws.

Whos got your Laptop?

Wed, 17 Sep 2008 12:05:17 +0000

I’d like a receipt for you taking my lappie please.
Sure.

clipped from arstechnica.com

New bill would tighten rules for DHS border laptop searches

Sanchez’s bill would bring more routine to the search process. The bill requires the government to draft additional rules regarding information security, the number of days a device can be retained, receipts that must be issued when devices are taken, ways to report abuses, and it requires the completion of both a privacy impact study and a civil liberties impact study. Travelers would also have the explicit right to watch as the search is conducted.

DHS rejects criticism of agency as Beltway politics

Wed, 17 Sep 2008 09:00:00 +0000

The U.S. Department of Homeland Security dismissed as classic Beltway politics the suggestion by a group of experts that it was unfit to lead the country's cybersecurity initiatives.

DHS rejects criticism of agency as Beltway politics

Tue, 16 Sep 2008 20:00:00 +0000

The U.S. Department of Homeland Security Wednesday dismissed as classic Beltway politics the suggestion by a group of experts that it was unfit to lead the country's cyber security initiatives.

Group: US DHS should lose its cybersecurity authority

Mon, 15 Sep 2008 20:00:00 +0000

The U.S. Department of Homeland Security has been ineffective in coordinating government cybersecurity efforts and should be stripped of its authority in the area, members of a private cybersecurity task force told members of the U.S. Congress.

Again, On Laptops and US Borders

Tue, 12 Aug 2008 07:00:00 +0000

"According to the U.S. Department of Homeland Security (DHS), Customs and Border Protection (CBP) officers can confiscate and detain travelers' laptops at the U.S. border without suspicion of wrongdoing. Laptops can be taken to an off-site location for an undisclosed period of time, during which officials may examine the computer's contents and share copies of files with other agencies. This policy applies to any other form of digital or analog storage device, including iPods, cell phones, flash drives, hard drives, and tapes." (source)

"The key to the above paragraph, of course, is "without suspicion of wrongdoing." Indeed, in the policy (PDF), DHS says (emphasis mine), "In the course of a border search, and absent individualized suspicion, officers can review and analyze the information transported by any individual attempting to enter, reenter, depart, pass through, or reside in the United States."" (source)

Fun question that was brought by someone on a security mailing list: if your employer-owned laptop is "captured" by DHS, TSA or Customs AND it has regulated information on it (CCs, SSNs, PHUI, etc), do you have to report it as "data loss"? The chances of that info being lost are definitely much, much higher now AND the control over such data is clearly not in your hands anymore... Niiiiice.

Chertoff: I'm Listening to the Internet (Not in a Bad Way)

Wed, 06 Aug 2008 20:28:00 +0000

In an exclusive interview with Wired.com, Homeland Security chief Michael Chertoff explains why cybersecurity finally matters, how airlines botch the terrorist watch list, and why blog comments are driving policy changes at DHS.

Homeland Security: We Can Hold Laptops Indefinitely!!!

Sat, 02 Aug 2008 04:50:02 +0000

The U.S. Department of Homeland Security has concocted a remarkable new policy: It reserves the right to seize for an indefinite period of time laptops taken across the border.A pair of DHS policies from last month say that Customs agents can routinely -- as a matter of course

Frequent Flyers Have More to Fear than Terrorists

Fri, 01 Aug 2008 11:12:37 +0000

The last international flight I took, I was frisked carefully when the security realized I had a laptop with me. At the time I was a student on a 6-month trip for foreign study. Today I’m taking another flight but it’s only down to LA for a friend’s wedding. I’ve been researching how much luggage I can take on board, and it’s not much, considering I regularly carry a few heavy items everywhere with me - my laptop, and my dslr camera, and naturally a book and purse.

I also came across this tidbit online — the government has granted themselves the right to take any traveler’s laptops away on international flights, even if they have no reason for suspicion. Apparently this has been in place a while but they’re finally publicizing it.

Federal agents may take a traveler’s laptop computer or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed.

Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, U.S. Customs and Border Protection and U.S. Immigration and Customs Enforcement.

Read the full article here.

U.S. Government Policy for Seizing Laptops at Borders

Fri, 01 Aug 2008 08:21:25 +0000

Amazing. The U.S. government has published its policy: they can take you laptop anywhere they want, for as long as they want, and share the information with anyone they want.

Here's the actual policy:

Federal agents may take a traveler's laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop's contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement... DHS officials said that the newly disclosed policies — which apply to anyone entering the country, including US citizens — are reasonable and necessary to prevent terrorism... The policies cover 'any device capable of storing information in digital or analog form,' including hard drives, flash drives, cell phones, iPods, pagers, beepers, and video and audio tapes. They also cover 'all papers and other written documentation,' including books, pamphlets and 'written materials commonly referred to as "pocket trash..."

It's not the policy that's amazing; it's the fact that the government has actually made it public.

Slashdot thread. My previous essay on crossing borders with laptops, and how to protect yourself.

Although honestly, the best thing is probably to keep your encrypted archives on some network drive somewhere, and download what you need after you cross the border.