D-kriptik Blog

I remember a period of time a few years ago when my ID was checked twice at the airport, once when passing through security and once before boarding the actual flight. This was around the time when John Gilmore started fighting the ID requirements. Now it appears checking ID is not necessarily required at all.

Now, the signs in the airport still tell you that you must have identification.

The TSA’s website itself states, “Each adult traveler needs to keep available his/her airline boarding pass and government-issued photo ID until exiting the security checkpoint.”

Neither those signs nor the TSA’s website are true.

Who says?

The TSA.

“Passengers are allowed to enter screening area without identification,” TSA spokeswoman Amy Kudwa told this humble reporter today.

This reminds me of the non-requirement to take off one’s shoes, which varied from airport to airport, TSA employee to TSA employee, during the period of time when I had to travel a great deal for work. I remember one encounter, at my local airport at the time, Reagan National, that went something like this.

TSA employee: “Sir, please take off your shoes.”

Me: “I have passed through this metal detector in this airport many times before without taking off these very shoes, and there have been no problems.”

TSA employee: “Sir, please take off your shoes.”

Me: “I have never been forced to take off my shoes here before. Is that a new requirement, or is it still optional with the risk of extended searches if I set off the detector?”

TSA employee: “It is an optional, but I will not let you pass until you choose to take off your shoes.”

Me: “So, you are essentially saying I have to take off my shoes?”

TSA employee: “No, but I will not let you pass until you choose to take off your shoes.”

At that point, I gave up and took off my shoes. (Of course, the next time I flew out of Reagan National, I was not required to take off my shoes. Too bad, I made sure my socks were nice and dirty. )

All that aside, I still don’t understand what ID has to do with determining whether I am really a threat to a flight. I mean, getting a fake ID is simple – just ask any teenager.

I have sort of commented on this before.

Twice I was assessed, determined to be a friend and beneficial instead of a foe or threat, and then used to counter threats and mitigate risks. These people did so without scanning me with metal and chemical detectors, checking my identification, or making me feel harassed. They used their real world experience, applied it to me, my look, and my behavior, and made solid judgments based on the current situations. These are the types of skills necessary for people working in roles such as security screening at airports.

via DefenseTech

-

OSSI announced that the OpenSSL FIPS module has been officially FIPS 140-2 level 1 validated.

UPDATE: Wednesday, March 22, 2006
The OpenSSL FIPS Object Module has been validated and posted on the CMVP FIPS 140-2 Validation List. Certificate number 642

The FIPS validated module, security documents and user’s guide will be posted shortly. Thanks for your patience.

There it is. Congratulations to the team.

I commented on this effort back when the certificate was almost issued.

via Apex Assurance Group – Weblog

-

Determina has released a temporary fix for an unpatched Internet Explorer vulnerability that is actively being exploited in the wild.

This is a runtime fix for the IE createTextRange() vulnerability. It can be applied to Windows 2000, XP and 2003 systems running Internet Explorer 5.01 and 6.0. The vulnerability lies in the MSHTML.DLL rendering engine which is loaded into many applications for HTML rendering, including but not limited to Internet Explorer and Microsoft Office.

When Microsoft patch day arrives, it will be time to uninstall this temporary fix and install the official Microsoft patch.

Once Microsoft releases an official patch and it is installed by the user, the Determina Shield will not be applied any more. Determina recommends uninstalling this fix even though keeping it active will not affect the system. To uninstall the fix, use “Add Remove Programs” in the Control Panel. To uninstall it manually, remove the DLL from the AppInit_DLLs key and restart your machine. You can then safely delete the DLL.

via this post to DailyDave

Update: The official Microsoft patch has been released.

DHTML Method Call Memory Corruption Vulnerability – CVA-2006-1359

Many other critical issues in IE are patched as well.

-

Don’t notice those social cues when trying to explain a technical topic to a non-technical audience? This device could help.

The “emotional social intelligence prosthetic” device, which El Kaliouby is constructing along with MIT colleagues Rosalind Picard and Alea Teeters, consists of a camera small enough to be pinned to the side of a pair of glasses, connected to a hand-held computer running image recognition software plus software that can read the emotions these images show. If the wearer seems to be failing to engage his or her listener, the software makes the hand-held computer vibrate

For the typical geek though, technology is not the answer – practice and feedback are the proper tools, such as presenting at the NYCBUG meetings.

-

Here we have a periodic table of the elements for VI/VIM. (I use VIM most happily.)

via Populicio.us

-

And, look here.

The line between living organisms and machines has just become a whole lot blurrier. European researchers have developed “neuro-chips” in which living brain cells and silicon circuits are coupled together.

The achievement could one day enable the creation of sophisticated neural prostheses to treat neurological disorders or the development of organic computers that crunch numbers using living neurons.

What first popped into my mind? Ghost in the shell.

(I love the opening song to Stand Alone Complex – the MP3 can be found here on the official web site. Yoko Kanno.)

via OmniNerd

This entry was posted on Thursday, March 30th, 2006 at 1:49 am and is filed under NYCBUG, Off-topic, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.