tequila bomb

More interesting than the perfectly reasonable objections made by pilots about being subjected to scans, or demeaning pat-downs, each and every time they go to work, is some of the PR that officials spit out to justify the scans…

Officers evaluating images are not permitted to take cameras, cell phones or photo-enabled devices into the resolution room.

The fact that they have that rule almost guarantees that it has gone on. And shows the mindset of the people both working in the scanning rooms and their bosses, as well as their work culture generally. But then having some sweaty customs official get off on blurry naked pictures of me is not what I am concerned about.

A single scan using backscatter technology produces exposure equivalent to two minutes of flying on an airplane.

Again, not something I am that bothered about. We’re all going to die of brain cancer from cellphones, and our whole race is going slowly sterile from WiFi anyway.

What I am concerned about is the increasing number of very basic invasions of privacy that are the accepted norm for ordinary people these days. The “alternative” to a “naked” scan is a crotch grab from a customs official, for example.

More on the “optional pat-downs”…

Just how invasive are these pat-downs? Back when the TSA was still testing the new procedure, an ACLU spokesperson in Massachusetts said, “To call it a pat-down is a euphemism… They really go for it.”

It’s also extremely worrying to me all the other ways that technology like this kind of scanning, or CCTV are being employed to expand the scope of law enforcement beyond the reasons for the stuff being introduced in the first place.

Using AIT, our officers are finding things like small packages of powder-based drugs hidden on the body. When I say small, I mean that one packet was smaller than a thumb print.

And that brings down drug cartels how? Or prevents terrorism in what way?

And how does it make me safer as a passenger? And if you are looking for those kinds of things perhaps you might not be looking for the stuff that actually goes bang.

Is it even the TSA’s job to do drug searches?

Frankly, I don’t give a damn if someone is having a “toot” in an airplane toilet. I’d like to get rid of the pricks with badges, sticks and attitude who create the queues at airports and make travelling hell. Because they sure as hell are not gonna do anything to prevent a real terrorist attack. So they might as well let me enjoy what little time they tell me I have left on the planet, travelling without inconvenience for inconvenience sake.

The iPhone’s UDID is eerily similar to the Pentium 3’s Processor Serial Number (PSN).  While the Pentium 3 PSN elicited a storm of outrage from privacy rights groups over the inherent risks associated with the sharing of such information with third parties, no such concerns have been raised up to this point regarding the iPhone UDID.  As UDIDs can be readily linked to personally-identifiable information, the “Big Brother” concerns from the Pentium 3 era should be a concern for today’s iPhone users as well.

My second “Good Grief” of the day.

You have to love College Network Admins. Here is the full report (pdf).

Eric should consider a job at Symantec.

My understanding is the UDID is the *only* piece of device information that Apple allows you to transmit. I may be rusty on that as they update their rules quite often.

But an iPhone’s UDID is no more dangerous than any device’s MAC Address, the IP you are currently using to access the internet, the Google account you are probably logged into on several devices, or the analytics I am using to track you right now…

The programme, sold for just 1.79 pounds in the online Apple store, has now been labelled an ‘aid to terrorists’ by security experts and the US Department of Homeland Security is also examining how to protect airliners.

Good grief.

The vulnerability that allows a web based exploit to jailbreak iPhones, iPods and iPads running iOS 4 does so by relying on a security flaw in iOS’s ability to read PDFs from the web.

When a PDF file is downloaded from a web page to your iOS device it can fool iOS into executing a small piece of code. Rumour has it that it is actually a bug in PDF font rendering code.

Apple are aware of the problem, and are working to patch it. But a multitude of less savoury characters are also aware of it, and they are working on ways to get you to visit their web sites, and click on their links.

This problem is obviously not limited to jailbroken devices. If you have already jailbroken you can actually fix the problem. But if you are on a “virgin” device you are vulnerable.

Until you update to the next version of iOS 4, most likely available in the next 48 hours from Apple, then avoid sites you are unfamiliar with on the web. And don’t download any PDFs!

Here is how to fix your device if you are jailbroken :

Those with long memories will recall that a similar web based TIFF exploit was used to get access to the iPhone earlier in its life.