SSL and internet security news

borders

Auto Added by WPeMatico

Department of Homeland Security to Collect Social Media of Immigrants and Citizens

New rules give the DHS permission to collect “social media handles, aliases, associated identifiable information, and search results” as part of people’s immigration file. The Federal Register has the details, which seems to also include US citizens that communicate with immigrants.

This is part of the general trend to scrutinize people coming into the US more, but it’s hard to get too worked up about the DHS accessing publicly available information. More disturbing is the trend of occasionally asking for social media passwords at the border.

Powered by WPeMatico

Passwords at the Border

The password-manager 1Password has just implemented a travel mode that tries to protect users while crossing borders. It doesn’t make much sense. To enable it, you have to create a list of passwords you feel safe traveling with, and then you can turn on the mode that only gives you access to those passwords. But since you can turn it off at will, a border official can just demand you do so. Better would be some sort of time lock where you are unable to turn it off at the border.

There are a bunch of tricks you can use to ensure that you are unable to decrypt your devices, even if someone demands that you do. Back in 2009, I described such a scheme, and mentioned some other tricks the year before. Here’s more. They work with any password manager, including my own Password Safe.

There’s a problem, though. Everything you do along these lines is problematic, because 1) you don’t want to ever lie to a customs official, and 2) any steps you take to make your data inaccessible is in itself suspicious. Your best defense is not to have anything incriminating on your computer or in the various social media accounts you use. (This advice was given to Australian citizens by their Department of Immigration and Border Protection specifically to Muslims pilgrims returning from hajj. Bizarrely, an Australian MP complained when Muslims repeated that advice.)

The EFF has a comprehensive guide to both the tech and policy of securing your electronics for border crossings.

Powered by WPeMatico

Programming No-Fly Zones into Drones

DJI is programming no-fly zones into its drone software.

Here’s how it’ll work. The update will add a list of GPS coordinates to the drone’s computer that tells it not to fly around the Washington D.C. area. When users are within a 15-mile restricted zone, the drone’s motors won’t spin up, preventing it from taking off.

If this sounds like digital rights management, it basically is. And it will fail in all the ways that DRM fails. Cory Doctorow has explained it all very well.

Powered by WPeMatico