I think that one of the interesting aspects of this talk was explaining that the airline companies really have no incentive to fight abuse beyond recognizable fraud.
I mean, someone could build some really interesting services on top of these holes, one I was thinking of is that for customers who do not check into their flights before a certain period of time, somehow one could get those flight codes and change the information, and then people nearby the airport can hitch the ride while everything looking good from the perspective of the airline company or even a Frequent flier miles as a service, where someone just creates accounts by automatic means, and scans for trips that don't have ff codes applied and uses "their" code for it and passes those miles to someone else for a price.
As we amass more and more data, and devices get cheaper to leak stuff, i wouldn't be surprised to see some interesting power shifts from traditional incumbents (the NSA's of the world, to more lean operations who are increasingly in a position to mine/exploit similar large amounts of information at scale).
Now I'm waiting for the story about how they are vacuuming up the output of all those license plate readers.
Meaning, there is no current such story I'm aware of. But I'm certain it's being worked on. And if not by them, directly, that they are ensuring they have a feed from/to the resulting system.
We encounter little in the way of stories about all this data collection, that demonstrates these agencies' claimed restraint. At this point, you pretty much have to figure, if and when they can, they will.
P.S. Think that "domestic" jurisdiction will stop them? I'll just remind you, among other things, of the stories about just how much of the U.S. can be interpreted as being withing 100 miles of an international border. The CPB's jurisdiction within that territory, per reported documents. And the CPB's "need" for data analysis of people transiting its... "system".
I'm just speculating... But so far, it seems almost no speculation has been too outlandish to be eventually realized.
Well, there's that one alleged program with the name "Perfect Citizen" which seems to touch upon using the power grid as backbone SIGINT & data transport infrastructure:
Seems like this was de-bunked reading the comments [1], the system would have to be incredibly huge considering the RFID tag inside the tire is only a few inches (so it is not generating a very far field - the 20 feet seems incredibly far for such a small tag).
On top of that it would be far easier to just track the giant visible license plate since we already have that technology available.
The destroying with a camera flash is legit (not because of the flash but because of what seems to be caused by capacitors in the device - light reading on this so I may not be correct) however many users point out why read that when there are much easier ways to track a vehicle where-a-bouts.
Interesting and disturbing however much more complex then just OCR!
That NSA was tracking flight data was no great reveal. When we fly we share that fact with countless international organizations. Government boarder services. Airport secuity. Credit card companies. Insurers. And certainly the airlines. Anyone who thinks that air travel was ever private, pre or post-911, doesnt appreciate the number of information systems involved with moving people across boarders via aircraft. The data was always open to whatever organization could express a reasonable need.
I agree with your general point, but we really need a better approach to saying these types of things. In general, it seemingly comes across as justification, hipsterism, or even a personal attack. When really the intent is more "I wish you had listened to me earlier, but I am glad you're here now. Let's try to rationally tackle this problem within its longer term context, rather than being alarmed over a single news cycle".
Similarly, Snowden didn't really reveal much that wasn't already known or trivially inferable from what was. But qualitatively, what he did was a "great reveal". It doesn't actually matter what had been keeping people from being aware - overt conspiracy ("classified"), or just their own cognitive dissonance. What matters is that many more people are now aware of the surveillance society.
But to what advantage? Before governments knew who was arriving on thier shores travellers would be held for days, even months, sometimes on dedicated islands. Even in the 90s, 10+ hours to clear customs and immigration was not unussual in many countries. Today, law enforcement and immigration officials can rely upon advance data and do away with lengthy in-person background checks for all. This is why land crossings, which are unannounced, take so much longer and are more unpredictable than air crossings.
Fly to Dubai. Then try driving to Dubai. Same boarder, vastly different inspection.
Spoken like someone who rarely crossed borders in the 90s. I spent significant time crossing borders in the 80s and 90s and it never took much time. This was primarily between PR China and the USA so not your friendliest border but also involved land crossings between Hong Kong and PR China. Most of these tickets were purchased in cash months in advance. I'm not sure why you think it was so onerous without info sharing.
Try Saudi, or russian boarders, or vietnam. I spent a great many hours in long lines to see stonefaced boarder guards carrying more bullets than brains.
What would be better in this case? Should anyone be able to show up to an airport, pay for a ticket and board a flight anonymously?
I'm a pretty staunch libertarian and even I can see the benefit here. Until we reach the border-less, one-world utopia that so many people seem to be gunning for, it's valuable to know who is coming/going from your country.
>Should anyone be able to show up to an airport, pay for a ticket and board a flight anonymously?
This is the reality in large parts of EU, I've flown several times without having my real name on the ticket.
Hell, when I fly private it's even better. Show up at airport, meet pilot, get on the plane, hand the pilot a pile of cash. No passport control or security at any point, and this isn't just EU.
So far no massive disasters have resulted from this.
>Hmmm... I've flow a ton in the EU and always had to show ID that matched the name on the ticket.
Yeah, those are the rules. However, the only place where your passport and ticket will be compared is at the gate and they certainly never look very carefully.
For international flights, they already get this information from the immigration/border control.
For domestic flights, there's no reason tickets can't be anonymous. Here in Japan tickets are sold cash and there are no ID checks on flights and the country seems to be doing fine on the security front.
> For domestic flights, there's no reason tickets can't be anonymous. Here in Japan tickets are sold cash and there are no ID checks on flights and the country seems to be doing fine on the security front.
You can board a (domestic) plane in Japan without giving your name?
You can in Europe (Schengen). ID controls can happen so you can't be 100% sure but other then that you could book a flight with whatever name you want and no one will notice.
Amtrak and Greyhound require photo ID (though I've only had Amtrak ask to see it when paying cash), and taxis will not generally take you between cities.
You could drive, but you will almost certainly pass some ALPR cameras.
There is no anonymous long-distance transportation in the US.
Ground-based vehicles can definitely be used as offensive weapons. Plenty of examples of people not in vehicles being injured. The truck used in the attack in Nice, France is a very clear example. Granted, it wasn't a transit vehicle, but there's no reason why one couldn't be.
Your claim was that taxis, buses, and trains couldn't be weaponized, not that there was a psychological difference between them. A bus or taxi can be run into a building as well. (I'll grant a train is different.)
Which, to me, is the point of the border checks. The country can request all the information it wants at this time from people who want to enter and refuse admission if they do not comply (or if it does not like what is sees).
But this is separate from airline tickets, passenger manifests, etc.
Valid, though travelsWith is something that I didn't think the government would be able to systematically canvass unless they had access to passenger manifests.
The Secure Flight program isn't a secret, and already shows that every flight that originates, terminates, or flies over the US has its data sent to the US Government.
This is a bit short of what's being shown in the article, as it doesn't send the whole PNR. However, it does make it clear that data connections exist, and already share flight and passenger data...the bulk of what's interesting in the PNR.
Edit: Worth noting that if you already have the PNR record locator, and the information already sent via SecureFlight, it's fairly easy to get the rest of the PNR data.
I first heard this 13 years ago. A friend visited an airline, and had a set of cables pointed out to him: "That's the feed to the NSA".
I thought it was well known that the NSA had feeds into the airline reservation system. We know for sure that the CBP gets data from all flights which overfly the US, or which might overfly the US.
There are well known stories about planes making unscheduled landings in the US (emergency, storm, delays, etc). Cue CBP opening the front doors, walking down the aisle, and pulling one guy off the plane.
"Sorry sir, you are forbidden to enter the US, and you have just done so illegally. You're under arrest".
Except for most people, we haven't cleared customs, and haven't tried to enter the States. So the rest of the passengers are "OK". Mostly.
This is known as having your cake and eating it, too.
> 13 years ago. A friend visited an airline, and had a set of cables pointed out to him: "That's the feed to the NSA".
13 years ago, that is 2004 noone would openly talk about the NSA, Room 641A was only exposed in 2006. I would also venture that in 2004 noone had or needed a direct feed to the NSA, the Internet would already do. In case you do not remember, how 2004 was, by 2000 you have Expedia, Travelocity, Priceline, Hotwire, Tripadvisor all launched. Edit: as comments below and the article itself points it out, the NSA would get your data from the GDS if it's there, what I mean here is that OP claims a dedicated line running to the NSA when it could have just used the Internet instead of a dedicated line to connect to your system. By 2004, the Internet was plenty established for that. That's all I meant.
> There are well known stories about planes making unscheduled landings in the US
This is, in fact, extremely rare. A flight which does not start or end in the USA rarely has the need to fly over it. Europe/Asia - Central America would and not much else -- and there are very few such direct flights, mostly only to Mexico City. Even a London-Bogota flight wouldn't.
> CBP opening the front doors, walking down the aisle, and pulling one guy off the plane.
While the previous event is merely rare this would be extraordinary and all over the news, even if not mainstream news. All the news I can remember about law enforcement boarding an emergency landed plane is about unruly passengers, not this Bond shit. So... source?
> I would also venture that in 2004 noone had or needed a direct feed to the NSA, the Internet would already do. In case you do not remember, how 2004 was, by 2000 you have Expedia, Travelocity, Priceline, Hotwire, Tripadvisor all launched.
That doesn't cover airline bookings that happened via travel agent or directly into the booking system. Many airline reservation systems pre-date the internet (SABRE, for example, came online in 1964), and much of the architecture driving the airline industry is archaic (which is one reason why a system outage can have such a massive impact on flights).
> 13 years ago, that is 2004 noone would openly talk about the NSA
Nonsense. The movie Enemy of the State came out in 1998 and the NSA was involved in the production, though the agency was portrayed negatively, to its chagrin.
> A flight which does not start or end in the USA rarely has the need to fly over it. Europe/Asia - Central America would and not much else -- and there are very few such direct flights, mostly only to Mexico City.
How about Canada to Central/South America? There are nonstop flights from Toronto/Vancouver to several cities. There are also flights from Canada to southern Europe that pass through the US. Even flights within Canada (Toronto to Vancouver) pass over the US. And routes from Canada to Asia fly over Alaska.
The post sounds a little off to me too but why do you think no one would openly talk about the NSA before 2006? Nerds have been telling each other ghost stories about ECHELON since the 90s at least and Bramford's books and many other disclosers are even earlier.
I'm not the OP but it doesn't strike me as absurd to imagine that if the security apparatus doesn't like you, they'll happily take whatever flimsy pretext presents itself to ruin your day.
E.g. if they can get you for some silly "illegal landing" violation they will, if not they'll try to trump up some other charges.
The US doesn't allow "sterile transit". You MUST clear customs if you land in the States. And it requires a visa for most people. FTA:
The US also has a "no fly list"; if your name is on that, you cannot board a flight that will pass through US airspace, even if the flight does not land in the US (eg. flights from Mexico to Canada).
i.e. there is every reason to believe that someone on a "no fly list" who accidentally lands in the States will be arrested. Similarly, anyone without a visa is breaking the law, and can be arrested.
Sure, but that's entirely unrelated to the original comment. It also applies to everyone.
Your original comment suggested that a single passenger can be singled out for arrest due to a forced non-routine stop. If it's a "well known" phenomenon it shouldn't be hard to find a single source.
I'm not trying to be combative, but in general I think claims of sneaky and absurd behavior should be backed by evidence.
So... you're saying they have the legal right to arrest people, and people will land in the States when they are banned from entry, but that it (a) has never happened, or (b) never will happen?
Come on... there's being skeptical, and there's being so closed minded that reality can't get in,
Your original comment made it seem like individual passengers would be targeted.
It's growing increasingly clear that you're not engaging in good faith. Instead of providing any evidence of this actually happening, you continue to insist on snark and vague accusations.
> a) there is no "sterile transit" in the US
There isn't, but that is completely immaterial: an international flight is extremely unlikely to include only a single non-American. In such a situation, it's absurd to claim that CBP would board and arrest a single non-American.
Your Quora link doesn't support your point. It makes it clear that there are sane procedures in place (ideally, passengers never deplane) and that CBP doesn't board planes and arrest people for accidentally entering the US.
Until you can provide a single example of this actually happening (someone being arrested for illegally entering the US after an emergency landing), I'm going to stop engaging with your FUD.
> an international flight is extremely unlikely to include only a single non-American. In such a situation, it's absurd to claim that CBP would board and arrest a single non-American.
<sigh> I was wondering if you could read my messages as written.
It is not absurd to suggest that someone on the no-fly list, or someone previously refused a visa, or someone with an arrest warrant in the US would be arrested in such a situation.
> Your Quora link doesn't support your point. It makes it clear that there are sane procedures in place (ideally, passengers never deplane) and that CBP doesn't board planes and arrest people for accidentally entering the US.
It shows that people involuntarily entering the States are processed by the CBP.
To repeat my last question, which you side-stepped:
you're saying they have the legal right to arrest people, and people will land in the States when they are banned from entry, but that it (a) has never happened, or (b) never will happen?
Only someone with an entirely closed mind would deny that it would never happen.
The fact that I can't find which article I read (years ago) is almost irrelevant. The laws permit them to do this, and no reasonable person would deny that the CBP would always sit idly by while someone on the no-fly list, or someone previously refused a visa, or someone with an arrest warrant in the US was in front of them.
> I'm going to stop engaging with your FUD.
Yeah, showing that the CBP (a) has the power to do something, and (b) has used that power... is FUD.
You've gone way out of line in this thread with incivility and personal attacks. Since your account doesn't have a history of this I'm not banning you, but it is a bannable offense, so please don't do it again. Instead, please (re-)read the site guidelines and post civilly and substantively, or not at all.
People misinterpret each other on the internet often. It's practically the default case. When this happens, it's important not to escalate, because that leads to more escalation, the needle goes into the red, and communication ceases.
A phrase like "lying about what I said" is an escalation. To escalate less, you could speak in terms of misunderstanding and clarification. Similarly, to escalate more, you could say something like "you're a liar". After all, they said something false, which by definition is a lie, and someone who lies is a liar, so you'd simply be stating a fact, yes? And a liar is a bad thing to be, right? So you could add "you're a bad person" too. This is how we get stuck in opposition and flamewars.
On HN, each of us is responsible for not letting that happen, regardless of how mistaken the other person is or how badly they violated the rules themselves. Acting from the feeling of "they started it" or "they did worse" won't work. Everybody always feels like the other person started it and did worse.
There are well known stories about planes making unscheduled landings in the US (emergency, storm, delays, etc). Cue CBP opening the front doors, walking down the aisle, and pulling one guy off the plane.
I'd also be interested in hearing about these well-known stories if you or someone else wouldn't mind sharing a link or two.
I've looked, and can't find anything. That doesn't necessarily disprove what I've said, it just makes it unsupported.
I still stand by my claims that the CPB has the legal power to do this. And that it is very likely they either have used that power in the past, or that they will in the future.
I also find it disappointing that previous comments denied such claims as "FUD", and others outright lied about my position.
The psychology of this is simple: Let's say you have an alcoholic "Uncle Bob" who shows up at every family gathering, gets drunk, gropes people, and passes out after throwing up in public. If you decide that you don't want him at your house next Christmas... it's your fault. You are the bad guy. The entire family will gang up on you, and punish you for bringing the abuse to light.
Laws are rarely fully or evenly applied. Even if the law says something must be done it might still not be done. For example there are many thousands of people every year who are not allowed to be in the US but who self-identify as working in the US by paying income tax.
By your logic they would be deported. Mostly, they are not.
This isn't space unilaterally claimed by the US. It is delegated by the ICAO, as one of the articles using that image mentions [1]. If the US has the infrastructure to control that airspace, and typically charges less than nearby countries such as Canada, then I see no objection to US control.
They can of course influence paths, but they're not going to be able to tell some random plane in the Western Pacific to fly to the US, and I'm not even sure they'd have the legal power to order you to land somewhere in particular until you're actually flying over US territory.
re-read the OP comment about "kidnapping", the "well-known cases" OP referred to weren't as "well-known" as he originally thought, because he couldn't find even one instance of it happening.
Is there anything Canada could do, if the US started targeting overflights aggressively, forbidding travel by dual citizens from certain countries, etc.
I've seen people get upset about overreach when the US asked to have a plane diverted / tried to strongarm extraditions / etc. I'd bet a large sum that this story was reported as "...detained while attempting to enter US..." and that nobody batted an eye upon reading it. That is the manufactured consent I was referring to.
In season 1 of the X-Files the 'Lone Gunmen,' a group of conspiracy theorists, was added to the show to make Mulder appear more credible and down-to-earth. One of their 'crazy, batshit insane,' conspiracy theories was that the government was recording all of our phone calls.
think of all of the circumstances we've become used to now that were the territory of conspiracy theorists 25 years ago.
https://media.ccc.de/v/33c3-7964-where_in_the_world_is_carme...