Paranoid: Big Brother’s Watching Me

Juergen is one of the very few people, I really mean, VERY FEW, people that understand both airlines and airports.

The Association of Corporate Travel Executives (ACTE)acte is requesting that the use of a controversial identification document reading device, being deployed at U.S. borders, be temporarily halted until thorough testing can determine if it is a potential source of traveler identity theft. According to published reports, the new device can remotely read highly personal data as an individual approaches U.S. border crossings. If traveling in a car, the device can read data on every individual in the vehicle, using Radio Frequency Identification (RFID) chips embedded in passports, passcards, and drivers licenses.

ACTE is concerned that unauthorized individuals could either resort to electronic eavesdropping at the border, or use similar devices that could extract data from RFID chips at other locations,” said the association’s Executive Director Susan Gurley.

hackerSome of you remember my ASRA-presentation 2007, where Christoph joked about me being paranoid? Yes, I am! Not paralyzed, but careful. My life is largely “online”, I use Social Networks, have my own websites and blogs. But yes, I do consider who gets access to what and I do distrust companies like Microsoft, Google, Yahoo & Co. I have to use them. Some of their stuff is simply great (Google Earth + Maps), but these corporations have stronger power today than a president of the United States. Do I use Facebook or does Facebook use me?

Food For Thought!

0 - click to show Jürgen you liked the post

Do you still enjoy privacy or do you Google already?

Juergen is one of the very few people, I really mean, VERY FEW, people that understand both airlines and airports.
Click to enlarge
Click to enlarge

A German saying asked “Do you still have sex or do you play golf already?” (Hast Du noch Sex oder golfst Du schon?). Adapting it this week to “Hast Du noch Privatsphäre oder googlest Du schon?” (see title).

Following the general and naive media hype (can the media be truly that naive?!) about the new Google Chrome, German ZDF and some other more reputable news media took a closer look. Do you remember the public outcry when Microsoft was found “phoning home”? Google’s Chrome does not just call home. Your browsing history (aside others) is stored right on the Google servers. Interesting enough, despite ability to develop tools cross-plattform, the Chrome browser is only available for the Windows environment.

Another report did address the fact that Google builds “The Cloud“. As most my readers are travel industry related, you may recall that Amadeus Germany (“Start”) replaced the last “dummy terminal” in 1993 with a “PC”. Enabling storage of information locally. With “The Cloud”, you need to be always online, but you do not need a large hard drive any more, as all programs and data is stored on the servers in the web. The Google servers that is if you ask Google… Welcome back to our roots!

1 ½ years ago, at my anual ASRA presentation (4,1 MB), I addressed data security. The friends in ASRA joked about me being paranoid. Last weeks the “loss” and misuse of private government data (in large style) is all over media and politics in Europe, especially U.K. and Germany. In Germany even the official registration office (where any citizen must register one’s address) sells the data quite publicly. So paranoid? Or just realistic? Or underestimating the case?

The Department of Homeland Security (DHS) is reported to actually pick laptops from travelers without a particular security concern (“spot checks”). Too bad, if that happens to an Airbus official, who denies to give the passwords to access the encrypted data. And there is no official information, how the data is secured by the DHS. So the data may end up at Boeing quite “legally”. And yes, sure there are many ways to ensure the DHS not getting access to any privacy data. The Cloud Computing can also be set to communicate not with Google but with your own server(s) and a nice, unobtrusive special login allows you to invisibly purge (not just “delete” recoverably) all private data including server accesses in case that becomes necessary. Then you login in via VPN (access details not on the computer) and just restore your work environment. On this or just another PC… Details on request 😉

Hmmm… The DHS and politicians sure know that terrorists are not so stupid as to answer “did you pack a bomb” with “yes” (still “normal” question at U.S. airport check-in) or that they are usually organized good enough to secure their backs better. So if they know that, am I paranoid to believe them to not be interested in terrorists but to increase their control of us, their citizens?!
It is a radical change of the legal paradigm that one is innocent until proven guilty. Today we are all presumed terrorists and have to proof we are innocent citizens! All that under the argument that an innoncent person does not have to hide anything? What a complete farce!
George Bush, Wolfgang Schäuble, read my lipps: You will be going into history for having brought down freedom and established the surveillance state. Oh, sorry George Bush, you did better, you’ve become the president leading the U.S. into global wars being proven lier, using faked proof for “weapons of mass destruction”. Your “holy wars” have as much justification as the holy wars of the mideval ages! What was that movie? Wag the dog… Good to start a war to cover up the real business – such as to establish a surveillance state? The land of the free… The what? … Well done Mr. President!

So as a summary: Be careful with your private data and start to consider preference of non-commercial Open Source software, such as Mozilla, Open Office and Linux instead of Windows – it becomes increasingly a (vital) privacy issue! Not only privately, but increasingly also for corporations…

0 - click to show Jürgen you liked the post

Data Security

Juergen is one of the very few people, I really mean, VERY FEW, people that understand both airlines and airports.

Best Western hit the media this week being reported to have been hacked and 8 million customer datasets being stolen. Best Western objected the news, mentioning they have no proof for such hack and they would delete their data anyway frequently.

Say WHAT? Corporations spend millions acquiring customer data and Best Western deletes them? Hmmm…

asra2007datasecurityNo matter, if this has been a newspaper hoax, there is something good in this. Who knows today, where data is collected, how it is stored, kept secure, who has access to it? How “secure” is “secure”? The Internet by definition is insecure. An old – even pre-WWW saying in IT: To have a secure system, remove all input… If a user in old DOS entered “format c: /u” the drive was formated irreversably. Oops, I forgot to backup that file? Too late. In my 2007 ASRA-presentation on Airline Sales & e-Commerce, my friends in ASRA joked that I would be paranoid… Today they know better, thanks to media coverage of data insecurities. I get increasing inquiries.
Most large corporates have a faulty and flawed security. Most even do not use encrypted communication with the most sensitive data they send through the web. Discussions on LinkedIn confirm the U.S. Department of Homeland Security to pick Laptops. Where does the data on them end up? Maybe your U.S. competitor has access to it?

But now we talk about personal profiles. Where is what data stored electronically about you? Have “they” told you they store the data beyond the immediate transaction? No. We only learn by security breaches becoming public that such behavior is not the exception but the rule. And thanks to the global networked world we live in, data is no longer limited to “my hotel”, “my supermarket”, “my anything”. But the hotel reports some or all of the data to the central server somewhere. Next you arrive in another city, they do have your address data on file. Hmmm… What else do they have???

And then we come to the new laws in the U.S., Germany and sure elsewhere, legally forcing providers to collect data and make it available to their government representatives. Said what? What is a “government representative”? Do I trust him or her? Not the government – I don’t trust “government”. But worse, “the representative”. Who controls the controller?

So sorry for the bad publicity Best Western, but thank you for another example to make people aware and think about their personal information. Did you ever read 1984? George Orwell did not even imagine what exists today!

Shift happens! Internet meet World. World meet Internet…

0 - click to show Jürgen you liked the post