AT&T’s huge data breach

From TechCrunch

U.S. phone giant AT&T confirmed Friday it will begin notifying millions of consumers about a fresh data breach that allowed cybercriminals to steal the phone records of “nearly all” of its customers, a company spokesperson told TechCrunch.

 

Some of the stolen records include cell site identification numbers associated with phone calls and text messages, information that can be used to determine the approximate location of where a call was made or text message sent.

In all, the phone giant said it will notify around 110 million AT&T customers of the data breach, company spokesperson Andrea Huguely told TechCrunch.

It seems like Snowflake, a cloud based data analytics company, is the likely source of the breach. These types of breaches are becoming more and more common, with third parties who offer some sort of service, have poor or unchecked security practices. If you are an AT&T customer just keep an eye on your account and consider changing your password or passcode.

Don’t Give Away Historic Details About Yourself

With all of the recent security issues with Facebook, I think this advice from Krebs on Security is probably some of the most relevant information on the internet today.

From “Don’t Give Away Historic Details About Yourself“:

I’m willing to bet that a good percentage of regular readers here would never respond — honestly or otherwise — to such questionnaires (except perhaps to chide others for responding). But I thought it was worth mentioning because certain social networks — particularly Facebook — seem positively overrun with these data-harvesting schemes. What’s more, I’m constantly asking friends and family members to stop participating in these quizzes and to stop urging their contacts to do the same.

On the surface, these simple questions may be little more than an attempt at online engagement by otherwise well-meaning companies and individuals. Nevertheless, your answers to these questions may live in perpetuity online, giving identity thieves and scammers ample ammunition to start gaining backdoor access to your various online accounts.

These quizzes seem innocuous, but the data that can be harvested from them is enough identifiers to get into your phone account, your banking, your credit cards, and more. It seems harmless to fill in a answer but you are putting yourself at risk by exposing that history to data mining.

New Automated Security Gates at O’Hare

Both United and American Airlines opened automated security lines at Chicago’s O’Hare airport recently and they’re pretty cool.

O'Hare TSA Screening
From United’s press release:

The new lanes enable up to five customers to fill their individual bins simultaneously and move through the screening process quicker, even if TSA agents need to perform additional screening on a customer further up the queue. The lanes also utilize a parallel conveyor system that automatically returns empty bins to the front of the queue.

Both airlines claim that the new automated lanes will speed up the security process while still allowing a thorough search of bags.

The lanes themselves remind me a lot of the security lanes you see in Europe, where bins are provided and then moved through the line automatically, keeping people moving and filling the next available bin. Will be interesting to see how this goes at O’Hare and maybe we’ll see expansion to other airports soon.

Airline Service Returning to Klamath Falls?

According to U.S. Representative Walden’s website, the House has unanimously approved the Treating Small Airports with Fairness Act. The act name is kind of cheesy but essentially it would bring back TSA screening to small airports that lost service at the beginning of 2013 and has a commitment from an airline for service.

The TSA Fairness Act would require the TSA to restore screening services to any airport that lost service after January 1, 2013 and that has a guarantee from a commercial airline to resume service within one year. There are currently at least six airports nationwide that have commercial airlines seeking to resume flights after undergoing a temporary gap in service, but are being denied TSA security screening and personnel. Instead, the agency directed the airports to allow passengers to fly unscreened to their next destination, and undergo screening there.

Klamath Falls is one of the closest airports to Crater Lake so this change will make it easier for tourists to make it to that lovely attraction, not to mention the rest of southern Oregon. If the act passes in the Senate the airline that has already been tapped to operate the Portland-Klamath Falls service would be PenAir, who has already started a number of routes out of Portland and is partners with Alaska Airlines.

There is no date for when the Senate would vote on the legislation, but I will definitely be on the look out for its passing.

I Flew on a Plane Without Going Through Security and No One Died

I Flew on a Plane Without Going Through Security and No One Died (Washington Post)

Imagine if catching an 11 a.m. flight out of D.C. was a matter of hopping on the Metro at Petworth at 10:20, getting off at Reagan/National Airport at 10:43, and boarding the plane at 10:50.

That world is possible. I’ve lived it, and it is amazing. All we have to do is abolish the TSA. Entirely. Just let people walk off the street and onto a plane.

Would this increase hijacking? Probably. But there’s no reason to believe it would increase casualties from terrorist attacks overall. That’s because increasing airport security just leads terrorists to direct their assaults elsewhere.

It is an interesting idea and fun to think about, but it isn’t going to happen. We will see the expansion of PreCheck availability, but as a whole, airport security in its current form is staying where it is. The TSA has firmly embedded itself as part of the traveling way of life.

TSA Wants to Raise Per Flight Fee

The TSA is a little closer to raising the security fee on airline tickets →

The Senate Appropriations Committee on Tuesday moved forward with legislation to increase airline passenger security fees, beating back a GOP attempt to keep them at current levels.

The 2013 Homeland Security appropriations bill would increase one-way fees for passengers from $2.50 to $5 in order to close a budget shortfall at the Transportation Security Administration.

Yet the TSA has security items going unused and sitting in storage. This is the perfect opportunity to reduce the reach of the TSA by forcing them to come up with a smaller budget and operate within that budget.

TSA Leaves Metal Detector Unattended

A TSA checkpoint was left unattended in Sacramento

Officials told KCRA 3 that four of the individuals were ticketed passengers and one was an airport employee. According to TSA officials, “a walk-through metal detector was left unattended for less than one minute.”

And if that story was not enough, here’s a great write-up on why the TSA should go away, written by a former FBI agent.

Why Does the TSA Need to Shame People?

I ran across this article the other day and I can’t help but feel sorry for the woman involved. Lori Dorn is a breast cancer patient who had a bilateral mastectomy in April and, as a result, had tissue expanders inserted to make way for a later breast implant. During a TSA body scanner inspection at JFK these tissue expanders caused Lori Dorn to be pulled aside for “secondary” screening. She explained her situation and asked to retrieve the cards with the expander information. She was refused this courtesy and was told that unless she underwent the secondary screening of her breast area she would not be flying that day.

The TSA agents have a job to do, I understand that, but they should treat their jobs with the same dignity and respect that they would want to receive. It is ridiculous that this woman was not able to retrieve the card explaining the expanders, even though not being able to see your bags is a violation of the TSA’s own suggestions. There has to come a point where we say “enough” and rectify this situation.

My last few trips have shown me that more and more people are becoming comfortable with these TSA procedures, making it harder to ever change them.

 

[disclaimer] The article website contains language that is not suitable for young people and is fairly strong. [/disclaimer]

The Future of Air Travel Thanks to the TSA

There is no soft spot in my heart for the TSA, in fact, I have posted a lot about my disdain for their methods. After reading Jeffrey Goldberg’s latest piece on The Atlantic, I can’t say I’m holding out hope that things are going to get better any time soon.

Here’s a small excerpt from the article, though the whole thing deserves a read.

The pat-down at BWI was fairly vigorous, by the usual tame standards of the TSA, but it was nothing like the one I received the next day at T.F. Green in Providence. Apparently, I was the very first passenger to ask to opt-out of back-scatter imaging. Several TSA officers heard me choose the pat-down, and they reacted in a way meant to make the ordinary passenger feel very badly about his decision. One officer said to a colleague who was obviously going to be assigned to me, “Get new gloves, man, you’re going to need them where you’re going.”

The take-away from this single paragraph and really the whole article, is that the new pat-downs have little to do with security and a lot to do with intimidating people into using the backscatter machines. When a traveler opts-out of going through the x-ray machines, they will be subjected to a verbal demoralization as well as a pat-down that can be best described as borderline fondling.

Does any of this really increase security? After last week’s events in which explosive materials were found in ink cartridges being shipped to the United States, I would say it is all show and little substance. From what has been reported, the bomb plot was foiled thanks to information from a former Guantanamo Bay prisoner. That’s right, it wasn’t some TSA agent taking away your bottle of water while you got the frisking of a lifetime, it was information. Imagine that.

It may feel like there is not much we can do but I plan on making the TSA agents as uncomfortable as they make me in these situations. Maybe if their own employees complain enough, we’ll see some changes in these new pat-down procedures. Me, I’ll be opting-out of the backscatter every time I am at an airport that uses one. When they ask me why I opted out (had this happen the last couple of times) I am thinking about replying with an overtly sexual remark. Is that wrong? Probably. What’s worse is being groped so much that you finally submit to the backscatter machine.

In all seriousness, the TSA has the upper hand. You and I have destinations to get to and they are the gatekeepers. I have no problem taking out my laptop or taking off my shoes, but this is bordering on the ridiculous. Wait, it is ridiculous. I am sure we could do a much better job of making air travel safe by actually asking questions when people go through security and analyzing facial expressions, demeanor, etc. rather than taking naked pictures of everyone or worse, shaming them in front of others.

Let’s start sending notes to the men and women who work for us in government and ask that a serious look be taken at the procedures used at airports and oversight of the TSA. If someone in either House wants to make this their pet project, I’ll back them 100%.

For those of you who fly out of IAH, you can technically clear security at any checkpoint so long as your airline does not require you to go through a certain one (some international flights do). A number of the checkpoints do not have the backscatter machines, feel free to use those.