Archive for November, 2010

The Exploding Snow Globe

Thursday, November 18th, 2010
If the TSA is really about protecting the public from another 9/11, then why are there so many obviously gaping holes in the way they perform their jobs? For example, the contrast of no security with general aviation and the illusion of security in commercial airports. Well, what about other painful items that are overlooked that are so egregious and obvious that it makes all the rest of the TSA’s efforts moot?

Flying back from Washtingon DC, a coworker traveling with me bought a snow globe for his daughter. He bought it at a store right next to the security line, and when he went through security the TSA agent promptly told him that a snow globe was not allowed to accompany him. I spoke up, “you’ve got to be kidding!?”. The agent replied, “You don’t know what’s inside there!” To me it’s pretty obvious, it’s water and sprinkles. My response, “Well you don’t know what’s inside a woman’s breast implants do you? What if they were packed with C4 rather than saline? If you’re going to kill yourself, you may as well surgically implant explosives in your own body. And how are you going to stop that?”

His response summarized the TSA, “Well nothing is perfect, we can’t stop everything.” My thinking, well if you can’t even do a midly good job, the opportunity cost of what the TSA is doing is simply not worth it.

Now as outragious as exploding breast implants sound, surgically implanting explosives in one’s body is really not far-off of an option to a terrorist. It’s actually more of a threat than a snow globe and there’s absolutely nothing the TSA can do about it. If someone surgically implanted a bomb in their body, the TSA cannot use intrusive pat-downs, body scanners, or x-ray devices to detect it.

Cryptographer Bruce Schneier is a big opponent of the TSA and originally coined the phrase “security theater” to describe the TSA’s antics. He’s also very clear in his thinking that, “security is only as strong as the weakest link”. Thus, if there are a myriad weak links in the TSA’s security posture, then basically there is no real benefit in spending the billions of dollars required to do just the basics.

Back to the snow globe: The day my coworker lost his snow globe, I was heckling a TSA agent with an aircraft transceiver radio in my backpack. I bought it as a backup to my own aircraft and I happen to have it in my backpack. It’s capable of talking directly to air traffic control and to other pilots during my flights. Sitting on the flight I let my mind wander and I thought, “wow I could turn on my radio and announce to the air traffic control that we have a hostage situation and that the plane is about to be under control of terrorists.” Something like,

“PLATOMIC APPROACH VX77 HAS A HOSTAGE SITUATION, PEOPLE HAVE BEEN SHOT, UNABLE TO SQUAWK 7500…”


Handheld UHF/VHF radio

Given the right conditions, someone might hear it on the low powered handheld. It might be more efficient to mess with the pilots rather than ATC and just imitate air traffic control. One could tell the pilots that there was an aircraft directly ahead and to drop 5,000 feet or other whacky things. To a really accomplished mind (with a lot of funding), radio communication could be pretty dangerous.

Granted, ATC have radios that will out power a tiny handheld, yet it could be used to overpower the air traffic control’s responses. Yet, taking off your shoes and having body scans don’t really address creativity and out of the box thinking.

Let’s take this entire radio concept and blow it up to absurdity. Let’s say that terrorists take high powered radios and mount them inside of vans. Let’s say they take ten of these vans and go out near the transmission range of 10 air traffic control regions in the United States. Let’s say they learn the FAA’s air traffic control radio lingo and they start directing aircraft to fly into other aircraft.

Now, I doubt any airplanes will fly into each other, however, it puts the trust of the entire US air traffic control system into question. Airports may have to shut down temporally. If it were done during Christmas travel, it would cause havoc for the holiday commuters and possibly places lives at risk.

The entire air communications systems between pilots and control is based off a system developed in the 1930′s and is basically high powered walkie-talkies. There’s no way for a pilot to know if he or she is communicating to a real air traffic source or not and visa versa. Unauthenticated communications is a pretty creepy problem and it’s not going to be fixed by the TSA groping children at security lines.

Now is any of this really feasible? Probably not. Yet, if someone wrote about 9/11 on 9/10 it might have sounded pretty unfeasible as well. Commercial pilots do have other communications methods to talk back to tower, but some asshole with a radio could make a lot of stress for a lot of people. There are times where pilots depend on very quick and short responses from ATC to maneuver properly and at times when there are no disruptions, even basic flight is difficult — especially during IFR conditions.

Now, on to my real point: Is society better because of the TSA’s policies? Does it improve security for an American citizen to throw away his snow globe? I really doubt it. We are submitting ourselves to what amounts to groping, reduced privacy, and reduced freedoms in the airports because we think there is a benefit to it. These TSA security tactics do little to nothing to prevent a creative mind from doing something awful. The TSA cannot stop bad things from happening but they can treat good people as criminals.

Tags: , , , ,
Posted in Airport Security, Opinion, Security, Strange Laws, TSA | No Comments »

How to Fly Without Airport Security!

Wednesday, November 17th, 2010
The Transportation Security Administration (TSA) have recently imposed new methods of inspecting travelers. These new methods include full body scans and intrusive pat-downs that some liken to being molested or groped. If a traveler refuses to have high resolution nude images taken of their body, their second option is to be inappropriately touched. This new groping technique includes children, the elderly, the injured, and even pilots. These rules and the TSA’s methods have made air travel a painful reminder that George Orwell’s 1984 was only off by 26 years or so.

However, there is a solution to this bureaucratic madness! What if you want to fly and completely skip the TSA, skip the scanners, skip your baggage check, and just walk right onto the plane? I’m here to tell you that there is a way! You can actually travel via airplane the way people used to with no security at all! All you need to do is be rich!

The wealthy that own their own aircraft do not need to be inspected by the TSA. They simply walk on their private aircraft or charter and fly anywhere they want, no scanners, no pat downs, no x-ray machine…. nothing. I own a small single engine private plane, and the only time I am subjected to airport security is when I am flying commercial. Learning about the lack of security as I became a pilot was eye-opening. In fact, when I land my plane at large private “jet centers” I am often greeted with a rental car that is waiting at my wing tip. I could only imagine what it would be like to travel via a jet capable of crossing oceans.
Rental car waiting by the plane in LA.

I feel these policies are unjust, unequal, and unfair — and are a massive gaping hole in the security posture of the TSA. It is so odd, so strange, that I do not understand it, and I cannot explain it.

Why is it okay for a private jet to take off without screening the passengers? What’s the difference between travelers? It’s all in the name of security, right? I guess the argument is that Bono, Steve Jobs, and Bill Gates are not going to fly a plane into a building. However, what if they wanted to? They, or anyone else with money, could. I guess the thought is that everyone knows each other so it’s okay. Well, that’s not true as well. In some cases the pilots and crew have no idea who the passengers are on a charter.

The TSA has clearly proven they’re in the business of creating security theater for the masses. The TSA wants to create an appearance that the United States can protect everyone. Apparently they don’t feel that the ultra rich, politicians, and the affluent need to feel that level of “comfort”. What’s worse is these are the people that have the ability to influence change within airport security methods, but they don’t even know what most people experience.

So the next time you want to avoid the new screening procedures, taking off your shoes, your belt, your jacket, having your body imaged, having all of your belongings subject to inspection, and still possibly having someone grope you… just be rich and buy your own aircraft.

While you are being groped, you might want to thank the minimally educated TSA agent for their help in creating a new class system in the United States. The rich and the rest of us that have to submit to the TSA’s absurd and broken policies.

This is a first part series covering the TSA and airport security.

Tags: , , , ,
Posted in Airport Security, Opinion, Security, Strange Laws, TSA | 6 Comments »

Akamai sues Cotendo

Wednesday, November 10th, 2010
It looks like Akamai and Massachusetts Institute of Technology are at it again: November 9th they jointly filed suit in Massachusetts District Court against CDN startup Cotendo citing multiple patent infringements. The patents in question (according to the complaint [pdf]) are: U.S. Patent No. 7,693,959 (“the ’959 patent”), U.S. Patent No. 6,820,133 (“the ’133 patent”), and U.S. Patent No. 7,293,093 (“the ’093 patent”).

Akamai has used lawsuits as a strategy to devalue its adversaries for years – In February of 2002 Akamai sued Speedera and subsequently acquired them in 2005. Akamai also sued LimeLight Networks resulting in a $45.5 million judgment, which was later set aside giving LimeLight a little freedom.

What I find interesting is the patents used to sue Limelight and Speedera were the “703″ patents (6,108,703) but the new battle between Akamai and Cotendo centers around a totally new patent arsenal from their Netli acquisition.

If I were guessing, the suit came from a culmination of two things: AT&T may have been looking to acquire Cotendo and Cotendo’s own application acceleration business may be cutting into Akamai’s revenue.

Looking at the Cotendo/AT&T relationship a bit: In July AT&T and Cotendo announced a partnership to deliver application acceleration services to AT&T enterprise customers. A carrier partnering with a CDN is a huge effort! At my previous startup BitGravity, I was part of the team that put together the partnership with Tata Communications. Carrier/CDN partnerships require deep integration with networks, technology, portals, billing systems, sales, etc. For AT&T to partner with someone like Cotendo, it’s a statement that says, “Hey we want to buy these guys, let’s give them a test drive.” It’s pretty clear AT&T wants to be a major player in the CDN market; Cotendo is a start. The partnership chemistry changes deeply with this suit. Akamai could have possibly thrown a wrench into AT&T and Cotendo’s plans.

Application acceleration — Akamai’s sweet spot — is a high margin business and Akamai is great at it. Different companies have been gunning at Akamai’s market for years, and it appears that Cotendo has done a pretty good job at getting into that business. The Netli patents may do a pretty good job at slowing down Cotendo’s sales and act as a “cooler” for their momentum.

Akamai and MIT are going after the usual damages and permanent injunction. Time to sit back and watch the fireworks.

  • Direct link to the complaint: Akamai-Technologies-et-al-v-Cotendo.pdf

    • Tags: , , ,
    Posted in Content Delivery Networks | No Comments »

    My credit card was compromised?

    Friday, November 5th, 2010
    I got a call from my bank a few days ago regarding the VISA credit card I have on file with them. The call was pretty simple, “Sir, your credit card has been compromised so we’re going to send you another one. Meanwhile, we’ll monitor your account.” Well, bummer, now I need to re-do all my automatic payments. I wanted to know what retailer caused it to be compromised so I can know never to shop there again and the logical thing was to simply ask, right?

    Apparently not, the VISA operator could not tell me how my card was compromised and he even suggested that they protect that information. My reaction was, “What? Someone stole my information, you know who allowed it to happen, and you will not tell me?” Round and round the conversation went, leading to more frustration and unanswered questions.

    It seems like it would be a consumer’s right to know! Maybe it was a local gas station or some vendor when I was traveling in London? Maybe the screwed up vendor with laxed security was something ominous like Amazon.com? VISA knows and just will not tell me and provides no way (that I can find/figure out) to retrieve the information.

    If you’ve figured out a way to query for this information, please let me know!

    Meanwhile, be careful out there:

  • Don’t use your debit card on the Internet, only use credit cards. In most cases debit cards are linked directly to your banking account and your liability is much higher when using a debit card than a credit card.

  • Find a credit card company that can provide you with virtual numbers for purchases that you’re making with untrusted merchants. Bank of America, Citibank, Discover, and PayPal provide free services that provide various levels of protection.

  • This one is pretty obvious; review your account often to make sure you are not being overcharged and to make sure that you are only being charged for purchases you made.

  • You might also want to sign up for a credit monitoring service, however, in my case that did nothing except make these credit reporting services more money.

    • Tags: , ,
    Posted in Opinion, Security, Strange Laws | 1 Comment »