Human rights coalition to DHS: don't demand social media passwords from people entering the USA


#1

Originally published at: http://boingboing.net/2017/02/21/human-rights-coalition-to-dhs.html


#2

Has anyone created an app that can completely lock a phone for a period of time? Like a time delayed safe: Lock phone for 2 days/36hours/etc with no unlock ability, or at least no “on-phone” unlock. Could be useful for borders, police stops, press shakedowns?


#3

DHS to human rights coalition: drop dead.


#4

Or an alternate code that opens in a “safe mode” so that only the most surface data is exposed?

I mean, they literally have this already for people escaping domestic violence…
…which, is kind of amazing/terrifying…


#5

I would have some serious trouble – if they ask me for my Facebook, Twitter, etc. passwords I’d answer that I don’t have accounts with those services. At which point, … what? Do I get denied entry to the USA for not having a Facebook account?

How about if I have my phone with me, but it’s been scrubbed to factory condition? Do I have to disclose to them the e-mail password on my employer’s mail system? How about my user id and login password?

Someone is really not thinking here. As usual, it’s the DHS because they’re assuming that “bad guys” are even dumber than DHS people. In case anyone wonders, that’s a very, very high degree of dumbth. As witness our longstanding policy of only guarding against attacks that have already been tried (and mostly failed miserably.)


#6


#7

The coining of a new phrase, “to the dumbth degree”.


#8

Here is how to make sure you are unable to provide passwords to the folks at DHS.

When leaving:


To: Employer

Please reset my passwords and don’t share them with me until you have confirmed that I have reached my intended destination.


To: Facebook

Please reset my password and mail the password reset codes to my home address on file.


To: Spouse

Please open the mail from Facebook and send me the reset code when i ask for it.



When returning:


To: Employer

Please lock out my accounts and security token, I will get/set new ones when I go into the office.


To: Facebook

Please reset my password and mail the password reset codes to my home address on file.


#9

To DHS: What makes you think I’m a spy?


#10

But which Facebook account? How would they know they got the one with the juicy secrets?


#11

How about getting “don’t share credentials with third parties without written authorization of [company]” added to the TOS of Facebook et al.


#12

The thing is, the DHS has already started doing this, notably with US citizens who work for JPL, but with non-citizens as well. So far it’s been people with “Muslim-sounding” names, but that effectively means anyone they don’t like the looks of.


#13

Your “Party Puffin” account of course. https://youtu.be/0o1u_zw-2NY


#14

[quote=“lumbercartel, post:5, topic:95523, full:true”]
I would have some serious trouble – if they ask me for my Facebook, Twitter, etc. passwords I’d answer that I don’t have accounts with those services. At which point, … what? Do I get denied entry to the USA for not having a Facebook account?[/quote]

Precisely! How can they prove one way or another that you have zero, one, two Facebook/Twitter accounts?

This is the stupidest thing I’ve ever heard.

Imagine traveling all the way to the US for a family holiday in Orlando (Disneyland, Busch Gardens, etc). You’ve been saving for years. But you’re turned away because you’re not on social media.

Is this the future?


#15

If this becomes standard for travel then attempts to avoid it will become “standard” as an indication you are a terrorist.


#16

They can have my Yahoo email password since I assume everyone else already has it. Have fun sorting through the spam.

And I honestly don’t even know what my Facebook password is. It’s a long, randomly generated string that gets stored in a password manager on my home computer. I don’t install FB on my phone. So how do you explain that without being detained indefinitely?

Does the border agent check the account and look for terrorist materials right in front of you? If not how would they know if you lied, or mistakenly supplied an old password, or changed it as soon as you could? And what about 2-factor authentication?

It’s pretty obvious this is just security theater to make dumb people think they really are doing their best to keep us safe.


#17

Deplorable as it is, it’s far from the worst kind of human rights violations they’re responsible for.


#18

This topic was automatically closed after 5 days. New replies are no longer allowed.