[Quote:]

The United States and the European Union are nearing completion of an agreement allowing law enforcement and security agencies to obtain private information — like credit card transactions, travel histories and Internet browsing habits — about people on the other side of the Atlantic Ocean.

The potential agreement, as outlined in an internal report obtained by The New York Times, would represent a diplomatic breakthrough for American counterterrorism officials, who have clashed with the European Union over demands for personal data. Europe generally has more stringent laws restricting how governments and businesses can collect and transfer such information.

Negotiators, who have been meeting since February 2007, have largely agreed on draft language for 12 major issues central to a “binding international agreement,” the report said. The pact would make clear that it is lawful for European governments and companies to transfer personal information to the United States, and vice versa.

But the two sides are still at odds on several other matters, including whether European citizens should be able to sue the United States government over its handling of their personal data, the report said.

So now the US can engage in industrial espionage without having to worry about being sued for it, and my own government gives away data to be sold to the highest bidder and doesn’t get anything in return for it.

When can we start executing politicians for this immense disservice to the people who voted for them?

For example, the two sides have agreed that information that reveals race, religion, political opinion, health or “sexual life” may not be used by a government “unless domestic law provides appropriate safeguards.” But the accord does not spell out what would be considered an appropriate safeguard, suggesting that each government may decide for itself whether it is complying with the rule.

In other words, they can do whatever the fuck they want with the data. And they know it, or they wouldn’t keep it a secret like this:

The Bush administration and the European Commission have not publicized their talks, but they referred to their progress in a little-noticed paragraph deep in a joint statement after a summit meeting between President Bush and European leaders in Slovenia this month.

[Quote:]

A rifle club located inside a Scarborough community centre and a gun club at Union Station will now have to find a space to lease on private property in order to operate. Toronto Mayor David Miller said he supports the plan because of recent crimes that were committed using stolen legal guns.

“In a day when you can’t bring a large tube of toothpaste on a plane how can you allow guns to wander through Union Station, the biggest transit hub in Canada?” he asked his colleagues on city council.

Allow me to steal some remarks from Bruce Schneier’s weblog:

“We can allow guns to wander in Union Station only if they are less than three ounces.”

“In a day when a gun club can share space with the biggest transit hub in Canada and no one gets killed from it, how come I can’t bring a large tube of toothpaste on an airplane?”

“Under Miller’s premise, that anything more dangerous than toothpaste shouldn’t be allowed in a public area like a transit hub, can we expect to ban cups of hot coffee (scalding, slip-and-fall), ballpoint pens (pointy), bottles of cologne (flammable aerosol), and cigarette lighters (flammable liquid)?”

[Quote:]

The publication of a scientific paper by Radboud University that discusses design flaws of the MIFARE chip in cards such as the Oyster travelcard may be in jeopardy. Dutch secretary of state Tineke Huizinga has urged the university not to publish any secrets that may lead to abuse.

Last week researchers from Radboud University in Nijmegen revealed they had cracked and cloned London’s Oyster travel card. Earlier this year the researchers did the same to the Dutch MIFARE travel card. As a result, the introduction of the €1bn transport payment system in the Netherlands has now been postponed.

The Dutch researchers were planning to publish their scientific paper, appropriately named Dismantling MIFARE Classic, at the European Computer Security Conference Esorics in October, but secretary of state Huizinga has called upon the university to exercise responsibility.

These days “responsibility” apparently means “don’t embarrass the politicians”… the Uni is best of releasing it as soon as possible - otherwise when the next person cracks it (pretty soon now that it is known that it is possible) the Uni will be blamed for leaking the information anyway. The choice is between getting blamed for taking a principled stand, or getting blamed for leaking they didn’t do.

[Quote:]

Automated passenger profiling is rubbish, the Home Office has conceded in an amusing - and we presume inadvertent - blurt. “Attempts at automated profiling have been used in trial operations [at UK ports of entry] and has proved [sic] that the systems and technology available are of limited use,” says home secretary Jacqui Smith in her response to Lord Carlile’s latest terror legislation review.

Furthermore, when the security services stopped trying to let the machines figure out who was a threat and went back to traditional “inituitive” stops, they were more effective. “Intelligence improved during the trials when officers reverted to the traditional intuitive methods, albeit applied in the context of intelligence provided by the security service,” says Smith. “It is likely that with more effective use of intelligence, and possibly some behavioural analysis training the quality of intelligence retrieved from persons of interest will improve and the number of people stopped will decrease.”

The Home Office’s belated discovery that human beings acting on sound intelligence make for better policing does however raise questions about the future operation of its E-Borders programme. This is intended to track people in and out of the country, and to operate in conjunction with Advanced Passenger Data (API) and Passenger Name Records (PNR) collected via Project Semaphore. As Home Office minister Joan Ryan told Parliament in March of last year, “In January 2007 23 successes were recorded by Project Semaphore as a result of automated profiling based on passenger data.”

23. Out of how many thousands of travelers profiled they dare not say, nor do they say how many of those 23 were for unpaid parking tickets and the like.

Yep, crap alright.

[Quote:]

The UK’s streets are today a safer place for kiddies and decorated war veterans after public and police hostility forced a Gloucestershire bus-spotter to give up his lifelong hobby of snapping interesting examples of road-based public transport, the Evening Standard reports.

Rob McCaffrey, 50, had apparently over 40 years built up an impressive 30,000 pics of buses, coaches and trams from across the globe, but has now put the lens cap on for good because he “keeps being mistaken for a terrorist and paedophile”.

He explained: “Since the 9/11 attacks there has been a crackdown on security and it seems everyone with a camera is now regarded as a potential criminal. The past two years have absolutely been the worst. I have had the most appalling abuse from the public, drivers and police over-exercising their authority.

[Quote:]

House and Senate leaders have agreed to a new compromise surveillance bill that would effectively shield from potentially costly civil lawsuits telecommunications companies that helped the government wiretap citizens’ phone and computer lines after the September 11 terrorist attacks without court permission.

The House will debate the bill on Friday, potentially ending a monthslong standoff about the rules for government wiretapping inside the United States.

House Majority Leader Steny Hoyer of Maryland said the new bill “balances the needs of our intelligence community with Americans’ civil liberties, and provides critical new oversight and accountability requirements.”

The great thing about the two-party system is that when one party is tired of fucking you, the other party is rested up and ready to take over.

[Quote:]

In 2006, the State Department’s report on Russia contained one of the most amazing passages I’ve read in all the time I’ve been writing about political issues. This is really — honestly — what the State Department said in condemning Russia. I highly recommend reading this a few times, especially in light of what the Congress is preparing to do this week:

The law states that officials may enter a private residence only in cases prescribed by federal law or on the basis of a judicial decision; however, authorities did not always observe these provisions.

The law permits the government to monitor correspondence, telephone conversations, and other means of communication only with judicial permission and prohibits the collection, storage, utilization, and dissemination of information about a person’s private life without his consent. While these provisions were generally followed, problems remained. There were accounts of electronic surveillance by government officials and others without judicial permission, and of entry into residences and other premises by Moscow law enforcement without warrants. There were no reports of government action against officials who violated these safeguards.

What kind of monsters would spy on their own citizens without warrants even when the law requires warrants, and then not even punish those who broke the law? Russian Communist KGB thugs — that’s who would do such a horrible thing, our State Department complained in 2006.

[Quote:]

Plans to compress internet (VoIP) phone calls so they use less bandwidth could make them vulnerable to eavesdropping. Most networks are currently safe, but many service providers are due to implement the flawed compression technology.

The new compression technique, called variable bitrate compression produces different size packets of data for different sounds.

That happens because the sampling rate is kept high for long complex sounds like “ow”, but cut down for simple consonants like “c”. This variable method saves on bandwidth, while maintaining sound quality.

VoIP streams are encrypted to prevent eavesdropping. However, a team from John Hopkins University in Baltimore, Maryland, US, has shown that simply measuring the size of packets without decoding them can identify whole words and phrases with a high rate of accuracy.

[Quote:]

Is the “al-Qaeda manual” still an easy get into jail card? The UK Court of Appeal yesterday quashed the conviction of Samina Malik, aka the “Lyrical Terrorist”, for possession of information useful for terrorist purposes under Section 58 of the Terrorism Act 2000, but the Crown Prosecution Service still views this and other widely circulated documents as prima facie evidence of wicked intent.

So the jury’s still out, as it were. The Court of Appeal ruled in Malik’s favour because it felt there was “a very real danger that the jury became confused”, and that her conviction was therefore unsafe. The prosecution conceded this, but Sue Hemming of the CPS counter-terrorism division said that although some of the 21 documents that had been used in Malik’s trial could no longer be seen as giving practical assistance to terrorists, “other documents in her possession, including the al Qaeda Manual, the Terrorist’s Handbook, the Mujahideen Poisons Handbook and several military manuals, clearly retain that potential.”

Hemmings added that Malik had already spent time on remand and would be likely to receive a non-custodial sentence if a further trial were pursued, and said that the CPS had therefore decided not to seek a retrial. Which you might well take to mean ’she’s guilty as hell, but we’re not going to bother with her, so there.’

Section 58 covers the collection or holding of information likely to be useful for terrorism, but doesn’t require any specific terrorist intent, and is therefore particularly useful for sweeping up small fry, wingnuts and thought criminals. The three documents referred to by Hemmings are all widely distributed on the Internet (sometimes, indeed, by the US Department of Justice), and have been used frequently in UK terrorist prosecutions.

[Quote:]

A controversial law in Sweden which would have allowed Sweden’s National Defence Radio Establishment (FRA) to monitor all outgoing and incoming communications crossing Sweden’s borders didn’t get enough votes in parliament today.

FRA would have been allowed to read emails and SMS messages and tap phone conversations without a court order. A majority of Sweden’s center-right government agreed on Tuesday evening to support a revised version of the proposal, but Prime Minister Fredrik Reinfeldt didn’t get the backing of his four-party coalition and the draft has been sent back to the committee for revision. Government representatives have pledged to build in more protection for personal privacy.

[Quote:]

A Lolland dress shop owner has had a payment for six dresses made in Pakistan frozen by the US on fears that it is being used to support terrorism

The US government has taken the step of freezing a $205 payment from a Danish clothing boutique to a dress manufacturer in Pakistan, reports Berlingske Tidende newspaper.

Christa Møllgaard-Hansen, owner of Christabella’s in the town of Maribo on Lolland, routinely buys women’s clothing and shoes from around the world to resell in Denmark. But a recent purchase of six dresses from Pakistan for $205 was considered by the American authorities to be money going to support terrorists.

The US froze the funds four months ago and contacted Møllgaard-Hansen’s bank, saying they wanted more information on the payment’s recipient. Møllgaard-Hansen had put all the necessary information into the original netbank payment, but complied with her bank’s request for the additional information.

A few days later, the bank contacted Møllgaard-Hansen and said the Americans were now requesting the birth date of her contact in Pakistan, named Rashid. It was at that point the bank told her that the US authorities suspected the money was going to support terrorist activities.

‘At first I thought it was some kind of sick joke,’ said Møllgaard-Hansen. ‘But later I was just angry that the Americans could conduct that kind of surveillance on us and require such information. What was I supposed to say to Rashid? That the US suspected him of being a terrorist? I couldn’t do that.’

Many politicians are now asking the same questions and want some clear answers from the Liberal-Conservative government. But the Liberal’s legal spokesman, Kim Andersen, saw nothing wrong with the US’ confiscation of Danes’ money.

If somebody from the US authorities is reading this: please freeze all Kim Andersen’s money, and let’s see if there’s still “nothing wrong”…

[Quote:]

PARENTS are outraged at a State Government plan to post the profile of every state school student on its intranet, sparking fears pedophiles could find it.

The intranet database, dubbed OneSchool, will profile each of the state’s 480,000 public school students enrolled from Prep to Year 12.

Photographs, personal details, career aspirations, off-campus activities and student performance records are being collected from all 1251 state schools.

Let *all* of the kids enter “political assassin” as a “career aspiration”, and you can fight terrorism at the same time!

But Education Minister Rod Welford has warned the state-wide rollout of the OneSchool database is “non-negotiable” and students could be refused an education if they don’t divulge required information.

Except, the law says the government MUST provide an education…

couriermail.com.au reader Sari, of Brisbane, suggested personal information of our politicians, their wives and children should be posted first.

“Then we’ll see how safe it is before adding school children.”

Sandra of Brisbane said Mr Welford could not stop her children from attending school if she refused to allow them to be part of the database “because by law the government has to provide my children with an education”.

Maybe they should start reading history a bit:

[Quote:]

Of the 140,000 Jews that had lived in the Netherlands prior to 1940, only 30,000 survived the war. This high death toll had a number of reasons. One was the excellent state of Dutch civil records: the Dutch state, prior to the war, had recorded substantial information on every Dutch national. This allowed the Nazi regime to easily determine who was Jewish (whether fully or partly of Jewish ancestry) simply by accessing the data.

[Quote:]

Authorities can now put the brakes on terrorists who hijack New York buses.

Like something out of the movie “Speed,” a new GPS device enables authorities to remotely control a bus - slowing it down to 5 mph and preventing it from restarting once it has stopped. The device has been installed on thousands of local commuter and tourist buses.

The technology is designed to prevent a terrorist from ramming a bus filled with people and explosives into buildings or tunnels.

They’ve been watching too many movies…

[Quote:]

Town hall snoopers used controversial anti-terror powers to delve into the phone and email records of thousands of people last year.

They wanted to check for evidence of dog smuggling and storing petrol without permission - and even to trace a suspected bogus faith healer.

In one case they were inquiring into unburied animal carcasses.

Some councils are allowing middle-ranking staff to authorise covert operations under the controversial Regulation of Investigatory Powers Act, which is intended for use ‘in the interests of national security’.

Next time some politician tells you that a certain law “will only be used to fight terrorism” kick him in the balls. Hard.

[Quote:]

De chip in de ov-chipkaart is dermate onveilig, dat onmiddellijk een alternatief gezocht moet worden. Die harde conclusie uit een onderzoek van een Londense universiteit werd geschrapt uit een rapport dat naar de Tweede Kamer is gestuurd.

[..]

Uit de documenten blijkt verder dat TNO in 2004 ook al een onderzoek deed naar de beveiliging van de chipkaart. Dat rapport is nooit gepubliceerd. TLS wil tegenover Webwereld slechts kwijt dat het gaat om een vertrouwelijk rapport, waar het geen details over prijsgeeft, “omdat dit op korte termijn afbreuk zou kunnen doen aan de totale beveiliging van het systeem.”

Vroeger sneuvelde er nog wel ’s een minister vanwege het verkeerd inlichten van de kamer - wedden dat er deze keer niets gebeurd? De sloten op de deuren in het ministeries die met RFID werken zijn inmiddels vast vervangen…

Overigens, de beveiliging van de chip is slechts een zeer klein deel van de problemen

[Quote:]

The problem with surveillance is not primarily that some bored officer might learn about some embarrassing private detail (although this is a problem as well). The fundamental problem with surveillance is that it changes people. People under surveillance behave differently than people who are not monitored - differently than free people.

Unfortunately, this fundamental problem has just been proven in Germany. Since the beginning of this year, communication providers are required to record who communicated with whom and when (but not the content of the communication). This data is stored for six months and available to law enforcement in cases related to certain forms of crime.

A recent survey (German) by the well-known German Forsa institute now showed the social effects of this data retention law: Communication habits are indeed changing.

1.003 individuals have been questioned on May 27th and 28th. These are the results:

• 73% know about the data retention
• 11% said that they had already abstained from using phone, cell phone or e-mail in certain occasions
• 6% believe to receive less communication since the beginning of the data retention
• 52% said they probably would not use telecommunication for contacts like drug counselors, psychotherapists or marriage counselors because of data retention

And the sad fact: 48% still think that data retention is a necessary step for crime prevention.

[Quote:]

Sweden is on the verge of passing a far-reaching wiretapping program that would greatly expand the government’s spying capabilities by permitting it to monitor all email and telephone traffic coming in and out of the country.

So far, hacks from the mainstream Swedish press seem to be on holiday, so news about the proposed law is woefully hard to come by. That leaves us turning to this summary from the decidedly left-leaning Swedish Pirate Party for details. We’d prefer to rely on a more neutral group, but that wasn’t possible this time. According to them, here’s a broad outline:

The En anpassad försvarsunderrättelseverksamhet bill (which loosely translates to “a better adapted military intelligence gathering”) gives Sweden’s National Defence Radio Establishment (FRA) direct access to the traffic passing through its borders. Now remember, we’re talking about the internet, which frequently routes packets though multiple geographically dispersed hops before they reach their final destination.

This all but guarantees that emails and voice over IP (VoIP) calls between Swedes will routinely be siphoned into a massive monitoring machine. And we wouldn’t be surprised if traffic between parties with no tie to the country regularly passes through Sweden’s border as well, and that too would be fair game. (For example, email sent from a BT address in London to Finland is likely to pass through Sweden first.)

[..]

“The funny thing is when asked what do you want to look for, [backers of the bill] don’t really specify what they’re interested in,” he continued. “It’s a very broad bill. They basically can interpret whatever they like.”

I’m sure this will make Sweden a lot safer… right?

[Quote:]

A prototype European system uses multiple cameras and “Big Brother” software to try and automatically detect terrorists or other dangers caused by passengers.

The European Union’s Security of Aircraft in the Future European Environment (SAFEE) project uses a camera in every passenger’s seat, with six wide-angle cameras to survey the aisles. Software then analyses the footage to detect developing terrorist activity or “air-rage” incidents, by tracking passengers’ facial expressions.

The system performed well in tests this January that simulated terrorist and unruly passenger behaviour scenarios in a fake Airbus A380 fuselage, say the researchers that built it.

[..]

Ferryman admits that his system will require thousands of tests on everyday passengers before it can be declared reliable at detecting threats.

Ehm, no - sorry, it will require thousands of tests on real terrorists as well before it can be declared reliable at detecting threats. You need to take both false positives and false negatives into account. Which means it will never work, but it will sure be a handy tool to give manufacturers of the system billions of euros income, and it will be loved by all security goons… “the camera says you’re a terrorist!”

And don’t you love how it assumes terrorists wouldn’t ever be calm or completely resigned to their fate?

I just wish the ‘nice security folks’ would go back to their old jobs. they were certainly skilled enough to inquire if I needed any fries with my order and I was happy with their overall service. Why did we need to change that?

[Quote:]

Flying British Airways, leaving from terminal 5.

Go through security, get pulled to the side. I’m wearing a French Connection Transformers t-shirt. Bloke starts joking with me is that Megatron. Then he explains that since Megatron is holding a gun, I’m not allowed to fly. WTF? It’s a 40 foot tall cartoon robot with a gun as an arm. There is no way this shirt is offensive in any way, and what I’m going to use the shirt to pretend I have a gun?

With the liquids ban in place I guess it’s only time before t-shirts with bottles on them are banned as well.

I sure feel safer that way!