funsec mailing list archives
Re: Who on funsec is in the "Main Core" database?
From: "John C. A. Bambenek, GCIH, CISSP" <bambenek.infosec () gmail com>
Date: Wed, 21 May 2008 12:01:02 -0500
Right, because seeing who is talking to overseas terrorists is the same as the TSA fingerbanging granny at the airport. On Wed, May 21, 2008 at 11:47 AM, <Valdis.Kletnieks () vt edu> wrote:
On Wed, 21 May 2008 07:18:44 CDT, Dennis Henderson said:In the US, anything considered "taking action " or "necessary" violatessomecivil or constitutional right or is leaked out by some "conscientious objector". It would seem some organizations care more about keeping their phone calls private than allowing the government to do its one constitutionally mandated function; Protecting us from all enemies,foreignand domestic.And exactly how far are they allowed to trample over our Constitutionally mandated freedoms to do it? Should the President be allowed to say "screw even the minimal oversight of the FISA court" and do mass wiretapping of US citizens with zero oversight? In case you didn't notice, he came out and admitted flat out that He. Broke. The. Law. Are we a nation of laws or of men? And do you *really* think that all of the "Security Theater" with trying to get on board a flight actually does any good, when *anybody* who has half a brain can get into the restricted areas of the airport? Consider the following two items from Dave Farber's I-P list about a week ago:From: K.E. <admin () edu-cyberpg com> Date: May 12, 2008 2:49:16 PM EDT To: "ip () v2 listbox com" <ip () v2 listbox com>, David Farber <dave () farber net>Subject: Security and Pittsburgh's AirportThe airport is restricted private property but if you know someone and get your name on the list and go shoot animals. Video: Hunting On Pittsburgh International Airport Property Favorite Quotes: The airport should have a professional wildlife biologist on site, as have many other major airports, including Philadelphia and Cleveland. Those airports contract with the USDA for that service. Pittsburgh does not. Allegheny County Airport Authority gave 28 of its employees exclusive rights to hunt deer on its 9,000 acres in and around Findlay Township. You can carry a gun and shoot . You can even bring your friends with you and no one at the airport knows who those people are. http://www.thepittsburghchannel.com/news/16192688/detail.html "The airport authority allows those 28 authorized employees to bring buddies along, and officials have no idea who those buddies are. We do not track the names of the guests," Jenny said. Just how many deer live on the airport's 9,000 acres is unknown, because according to a 2007 USDA document, the airport authority has never commissioned a deer density survey. Even without the study, the USDA says current density far exceeds the recommended five-to-12 deer per square mile.Second item:From: Vadim Antonov <avg () kotovnik com> Date: May 12, 2008 6:57:15 PM EDT To: David Farber <dave () farber net> Cc: ip <ip () v2 listbox com> Subject: Re: [IP] Security and Pittsburgh's AirportDavid -- just to make it clear - deer on the airfield are a very serious safety issue. Much more serious than all terrorists in the world - the likelihood of hitting a deer and wrecking the landing gear (with likely fatal outcome for the pilot and passeners) is much higher than being a victim of a terrorist attack. And this is not like "no one knows who these people are", they have to be escorted by a cleared airportemployee.Besides, "non-authorized" personnel can easily walk onto airfield through the general aviation parking and FBOs in *all* US airports. As a memberofa flying club I got codes to combination locks on gates in different airports, so I can pick up aircraft during off-hours - and I didn't have to go through any clearance process. I can easily bring firearms, too, - no one's looking, and it is not prohibited (i.e. one can rent an airplane to go for a hunting trip). The only "guns prohibited" signs I've seen in GA areas are at the entrances to the federal facilities such as control towers, radar sites, etc. Heck, I do not even have to show my ID to get keys to an aircraft, as long as I know the name under which the reservation has been made, the a/c registration number, and smile nicely. The "access to airfield" controls are security theater, plain and simple, designed mostly to impress and intimidate the sheepie. It is nearly impossible (and prohibitively expensive) to secure a civilian airfield against an intruder which has minimal tactical and camouflage skills (and a bolt cutter, if he's too lazy to climb over the fence), so no onereallytries. So this article should be read as a barely covered pimping for more funds to TSA (and more useless restrictions and hassle for the rest of us), and not as a valid alert about some new security threat or especially lax attitude of the airport administration, with obligatory anti-gun paranoia mixed in for a good measure.There's an airport across the street. There's a chain link fence around it. Nobody actually expects the fence to stop a determined human - it's only to stop *our* local deer from wandering out there. And by and large, it works, as I often see deer on our side of the street, and only rarely have I spotted them on the airport grounds in the 18 years I've been working across the street. A chain link fence is sufficient to stop a *real* threat to many airports. What *real* threat are they stopping with the "no liquids" policy, especially when there's a lot of low-wage people that work on the other side of the security perimeter who can probably be bribed to sell you the *special* bottle of liquid that you gave him before he went on shift? Or any of the 3 zillion *other* ways to attack airport security that are obvious and not much is done about them because they are *HARD* problems to solve - for instance, there's a *really* nice queue of several hundred people on the *outside* of the security checkpoint, where one explosive device could get them all. But that's too hard, so we'll make you remove your shoes and belt and throw out your bottled water and lighters - but you can take your laptop on board, complete with all of the improvised weaponry that you can make with it: A broken CD shard has nice sharp corners, probably works just as well as boxcutters, and we know how well *those* work. Anybody who's carrying around a 3-5 foot Ethernet cable has a garotte. The lithium battery is a *much* more interesting fire source than anything you could have cooked up with liquids in the bathroom. Oh, and did anybody mention that most of the interesting liquids require you to *sit there and watch it* for a half hour or more? Meanwhile people are gonna be banging on the door... If all else fails, the battery and a sock make a nice improvised blackjack... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Who on funsec is in the "Main Core" database? Richard M. Smith (May 20)
- Re: Who on funsec is in the "Main Core" database? Rich Kulawiec (May 21)
- <Possible follow-ups>
- Re: Who on funsec is in the "Main Core" database? Paul Ferguson (May 20)
- Re: Who on funsec is in the "Main Core" database? Gadi Evron (May 20)
- Re: Who on funsec is in the "Main Core" database? Valdis . Kletnieks (May 20)
- Re: Who on funsec is in the "Main Core" database? Dennis Henderson (May 21)
- Re: Who on funsec is in the "Main Core" database? Valdis . Kletnieks (May 21)
- Re: Who on funsec is in the "Main Core" database? John C. A. Bambenek, GCIH, CISSP (May 21)
- Re: Who on funsec is in the "Main Core" database? Valdis . Kletnieks (May 21)
- Re: Who on funsec is in the "Main Core" database? John C. A. Bambenek, GCIH, CISSP (May 21)
- Re: Who on funsec is in the "Main Core" database? Rich Kulawiec (May 28)
- Re: Who on funsec is in the "Main Core" database? Gary Warner (May 21)
- Re: Who on funsec is in the "Main Core" database? coderman (May 22)
- Re: Who on funsec is in the "Main Core" database? Rob, grandpa of Ryan, Trevor, Devon & Hannah (May 23)
- Re: Who on funsec is in the "Main Core" database? Gadi Evron (May 20)
- Re: Who on funsec is in the "Main Core" database? Andy Sutton (May 21)
- Re: Who on funsec is in the "Main Core" database? Imri Goldberg (May 21)