Clear becomes Invisible

June 25, 2009

Clear, the program run by Verified Identity Pass, Inc. to enable pre-screened air passengers to pass through an airport security “express lane”, has announced that it has ceased operations.  From the company’s Web site:

At 11:00 p.m. PST on June 22, 2009, Clear ceased operations. Clear’s parent company, Verified Identity Pass, Inc., was unable to negotiate an agreement with its senior creditor to continue operations. Verified Identity Pass regrets that Clear will not be able to continue operations.

The program worked like this.  If you wanted to spend less time in security lines, you could submit an application, with a $100 fee, on which you provided a great deal of personal information, which was used as the basis for a background check.  If you were approved, you got a special get-out-of-line card which enabled you to go through a more expedited screening process.

According to the posted announcement, the company has not filed for bankruptcy protection at this time.  Although the message on the site tries to be reassuring, because each person who registered with Clear had to provide them with a good deal of personal information and biometric identification (fingerprints and iris scans), one naturally wonders what will become of all this data.  The company says that the data can only be used for a similar traveler screening program, according to TSA rules, but some people are a little nervous, nonetheless; I would say with some justification.

Although I have no personal involvement with this program, I would not be sorry to see it, and its underlying idea, go away for good.   The problem (as Bruce Schneier wrote in an essay originally published in the New York Times back in 2007) is that the program is based on two ideas: one that’s OK, and one that’s just dangerously stupid.  The OK idea is to provide some travellers, who find it worth their while, the opportunity to pay for quicker security screening service.  Although this might offend some people’s egalitarian instincts, it is really no different than the airline offering first class service at a premium price.

The stupid idea is that there is some reliable way for a background check to identify potential bad guys, even (and especially) when the bad guys can try to game the system.  Even if we could positively verify the identity of every person who applied for a Clear pass, we don’t have a good list of who the bad guys are.  And no  one has succeeded in constructing a useful profile of the typical terrorist, for example.  If having a pass results in a less thorough screening, the correct strategy for a terrorist leader is obvious: get 20 or 30 recruits, and have them all apply for a pass.  Perhaps six (to pick a number) are approved.  Guess which six will go on the mission?    Unfortunately, it is just not the case that the bad guy’s driver’s license will have a box called “Occupation” that says “Evil-doer”.  Another way you can look at this program is that, for $100, you can find out if you are suspected of being a bad guy.

There’s nothing wrong with creating a system that has a more efficient, but just as thorough, screening offered for a premium.  But creating two ways, one high-security, the other less so, to go through the screening process is just a Real Bad Idea that will make everyone less safe.

Where’s Your Data?

June 25, 2009

According to a story in IT World, a group of reporters doing research for the PBS show, Frontline, has acquired a hard drive in a market in Ghana that contains a large amount of confidential data pertaining to US government contracts with Northrop-Grumman.  The group was on assignment investigating the global business of disposing of electronic waste.  The information, which was not encrypted, was contained on a used hard-disk drive that the researchers bought for the equivalent of $40.

The drive had belonged to a Fairfax, Virginia, employee who still works for the company and contained “hundreds and hundreds of documents about government contracts,” said Peter Klein, an associate professor with the University of British Columbia, who led the investigation for the Public Broadcasting Service show Frontline. He would not disclose details of the documents, but he said that they were marked “competitive sensitive” and covered company contracts with the Defense Intelligence Agency, the National Aeronautics and Space Administration and the Transportation Security Agency.

According to the company, the disk drive came from an old computer that had been delivered to an outside waste management firm for disposal, a fairly common arrangement for dealing with old hardware.  (Old electronic devices are problematic to dispose of, because they often contain toxic materials, such as lead, cadmium, or mercury, in addition to possibly containing sensitive data.)  They say their records indicate that the drive must have been stolen from the disposal contractor after it left Northrop-Grumman.

The improper disposal of devices containing sensitive information is a widespread problem.  In the present case, it has an element of irony:

Some of the documents talked about how to recruit airport screeners and several of them even covered data security practices, Klein said. “It was a wonderful, ironic twist,” Klein said. “Here were these contracts being awarded based on their ability to keep the data safe.”

One of the reasons third-party disposal is a popular option is that it is relatively cheap, in part because much of the stuff gets shipped to other countries, which have considerably less  stringent environmental regulations than the US.   There the equipment is disassembled for parts, precious metals, and so on:

According to Klein, it’s common for old computers and electronic devices to be improperly dumped in developing countries such as Ghana and China, where locals scavenge the material for components, often under horrific working conditions.

Of course, potential data thieves can make use of them, too.  It is hard to blame the governments of these poorer countries for not protecting first-world consumers from the consequences of their own carelessness.

If you are interested in, or responsible for, keeping sensitive data secure, I suggest first that all such data on portable devices (e.g., laptops, flash drives, smart phones) be encrypted.  When you have equipment to dispose of, do not depend on “disk wiping” software to erase all the data.  It is actually very hard to do that well enough so that there is no way to recover any of the information.  (For example, the software may not completely wipe disk blocks that are marked as defective.)  These programs are fine for keeping your pesky kid brother from reading your files from an old disk, but if you need to be sure, physical destruction of the media is the only really safe option.

%d bloggers like this: