In March, Adi Shamir—that’s the “S” in RSA—was denied a US visa to attend the RSA Conference. He’s Israeli.
This month, British citizen Ross Anderson couldn’t attend an awards ceremony in DC because of visa issues. (You can listen to his recorded acceptance speech.) I’ve heard of two other prominent cryptographers who are in the same boat. Is there some cryptographer blacklist? Is something else going on? A lot of us would like to know.
Andy • May 17, 2019 6:50 AM
Remember that the main curl developer was also denied entry to the US despite having been in the US before several times?
Petre Peter • May 17, 2019 7:17 AM
He wasn’t denied, they just didn’t give him an answer. The conspiracy is that the big machine in the sky that does the flagging doesn’t want to be replaced by humans. Maybe it’s time to change the venue.
icing • May 17, 2019 7:40 AM
His evisa application was denied, just before boarding a flight. Mozilla lawyers investigated without results. No reasons given. He applied for a real visa at the embassy in Sweden spring 2018 and is waiting on an answer since. Only reply “it is being processed, be patient.”
Martin Niemöller • May 17, 2019 7:56 AM
First they came for the socialists, and I did not speak out—Because I was not a socialist.
Then they came for the trade unionists, and I did not speak out—Because I was not a trade unionist.
Then they came for the Jews, and I did not speak out—Because I was not a Jew.
Then they came for me—and there was no one left to speak for me.
Erdem Memisyazici • May 17, 2019 7:58 AM
That’s club eagle for ya. America is not an easy place to enter if you’re not wealthy to some extent and that’s because poor people volunteer their time in this country to keep people out as if they are volunteering time to sell cupcakes. “Sold 5 cupcakes for raising money to support cancer, and caught 10 people trying to swim in… Where are they? Oh they’re still in my truck. Oh you mean the cupcakes.”
Mike • May 17, 2019 8:00 AM
Why are these conference still insisting to be located in the US?
Ross Anderson • May 17, 2019 8:03 AM
It was an award for my book on security engineering, at which I had to announce by video rather than in person that there will be a third edition.
The chapters will come online as I write them for review and comment.
Here are the first two, including a chapter on threat actors that summarises not just what we know about cybercrime, but what we learned from Ed Snowden – and a chapter on the implications for the privacy landscape
https://www.lightbluetouchpaper.org/2019/05/17/security-engineering-third-edition/
I thought it curious that almost six years after the disclosures nobody had written a concise summary of what we learned.
M@ • May 17, 2019 8:15 AM
Ah, so you’re not just a cryptographer, you know how to write as well. That, Sir, is unforgivable here in the USA.
:(…
Malgond • May 17, 2019 8:40 AM
@metaschima: If they were Russian or Chinese cryptographers your guess might be more probable even if not very reasonable.
But, come on, both Israel and the UK are in bed with the USA or the other way round – so the matter here is most likely more complex. Some might blame Mr Trump or his hidden opposition (depending on one’s political view) but I’d rather guess it is one more sign of the US administration developing multiple types of cancer in the same time – various groups of interests gaining more and more internal influence and fighting one another and trying to get more grip on “the sheep”, uncontrolled by the top brass (President, Congress etc.), resulting in random jerks in legislation, executive orders, law enforcement, administrative resolutions etc.
JonKnowsNothing • May 17, 2019 9:02 AM
It’s not just Cryptographers that are being denied entry to the US or other countries. They do not get to Pass Go and Collect $200 anymore than anyone else who is exploited by the current set of Nasty Software that we employ by choice.
Those of us in the USA have enjoyed Freedom of Movement and Travel but that is ending PDQ. Those of us in the USA now will be required to carry a REALID to board a domestic flight to go to Disneyland.
An interesting by-product is that once you have passed a certain point in the boarding process you will no longer qualify for another plane, refund or rebooking. It’s very lucrative for the Airline Industry and of course the income stream varies by venue as to whether you can get a refund from your unreachable destination of choice.
It’s a whole new revenue stream: “No Stay Income”
I’m surprised that anyone wants to come to the USA anymore and even more surprised that anyone would want to travel to the UK either. Actually when you consider traveling at all, it’s rather an unpalatable undertaking. Between where-to-go and having a fun-relaxing time at a conference or vacation spot it’s hardly worth the hassle of a Full Body Cavity Search along with a stint in a No Man’s Land Detention-Vacation Facility just to have a go on Alice’s Tea Pot Ride.
ht tps://en.wikipedia.org/wiki/Real_ID_Act
* URL fractured to prevent autorun
Faustus • May 17, 2019 9:37 AM
@ Ross Anderson
Congratulations on your book’s recognition! I really appreciate the free new chapters and the free contents of the previous edition on line.
I didn’t notice you sawing any heads off in your video. We supposedly are on a nationwide search for cybersecurity people, yet we exclude the people who can teach these new recruits.
I think the idea is to collect government handouts for training while actually training as few competent security experts as possible. Knowledge in cybersecurity can be used to protect our “security state” but it also can threaten the more and more absolute access and control exercised by our cyber masters.
Chelloveck • May 17, 2019 10:02 AM
@tim: Not all of us who follow Bruce’s blog are conspiracy nutcases. Some of us are just plain smart-asses. Sometimes without the “smart”.
War Geek • May 17, 2019 10:15 AM
Raising public awareness of abusive government actions is a citizen’s duty in a democracy – at least the democracies that expect to survive. The comments are clearly not the main point or goal.
From a security community perspective…I’m glad to have more evidence of the need to prepare for drama coming in and out of the US. Already planned on doing burner phones only for my trips to Europe. Thinking I may need to go further and have some kind of dead man communication chains like calling a family member immediately before entering into any kind of customs vetting.
Glenn Vandaveer • May 17, 2019 10:18 AM
Never ascribe to malice what may be explained by mere incompetence?
gordo • May 17, 2019 10:22 AM
The visa delays seem to be impacting academics in general.
We’re losing foreign students due to Trump immigration rules, N.J. college presidents lament
Posted May 3, 2019
Delays in processing visa applications and “staggering” requests for more and more paperwork are threatening to drive foreign students and professors away from New Jersey universities, the presidents of 25 of the state’s four-year colleges said in a letter sent Thursday.
Browserman • May 17, 2019 10:46 AM
In case of Mister Ross Anderson I think there is the answer:
“including a chapter on … what we learned from Ed Snowden”.
Chris • May 17, 2019 10:51 AM
The way we’re going, one would think that it would be harder for a cryptographer to get out of the US rather than get in.
Z.Lozinski • May 17, 2019 10:55 AM
The US immigration process has become more complex, and is being automated to reduce costs. Consider how the application process for an electronic travel authorisation (the ESTA for people from visa-exempt countries) has changed since it was introduced.
If an on-line application is straightforward, then it is subject to “straight through processing’, and is very fast and efficient.
The problem with this approach is when an application triggers any of the exception clauses, then it requires manual intervention and a human has to scan the application and make a judgement. Think of the old I-94 question “Have you been involved in Nazi genocide?” We get a “process drop out”. Now the issue is how well designed is the remediation process? Or are Turing-award winning cryptographers from Israel being put in the same queue as someone from say Iran, who has a US parent. Are simple and complex cases in the same queue, which will reduce the throughput of the process.
So, what is it that is triggering the “human judgement required” step in the process? Looks like we are seeing some false positives based on some data being collected.
The broader question is does the creation of ever finer-grained criteria lead to better security for the USA?
James • May 17, 2019 11:02 AM
Encryption is bad, of course. Terrorists, criminals, drug lords, child abusers use it, so obviously it’s bad. People that did nothing wrong, have no reason to use encryption, right ? They have nothing to hide anyway. Encryption being the “big bad wolf” is the new norm, especially under the current administration.
Z.Lozinski • May 17, 2019 11:21 AM
@James,
The challenge is that the political rhetoric is conflating two (or more) different uses of encryption.
Encryption as part of ensuring the privacy of individual communications. Different countries have different rules. The telecommunications network has always been subject to lawful intercept – “wiretapping” in popular culture, thought it hasn’t been done that way since the 1930s.
Encryption as part of ensuring the fabric of society is secure. Ensuring for example that financial transactions cannot be fraudulently changed.
It is the same underlying encryption technology, and in many cases the same people. I don’t think the politicians have figured that one out.
I’ll go back to my favourite rant. I do not believe we, as a society, understand the emergent properties of digital technology. We don’t have the tools to think about it. Just think about internet advertising ..
anon • May 17, 2019 11:28 AM
It isn’t just cryptographers. There is recently a petition going around to abandon the US as a venue for computer science conferences due to problems with obtaining visas:
https://medium.com/syncedreview/abandon-us-petition-protests-ai-conference-visa-denials-b90dd5a808c4
Travel and immigration restrictions and border security have gotten out of hand.
I think it is also sad to see the US slowly losing its prominence as the leader in science.
Fazal Majid • May 17, 2019 11:40 AM
Naturalizations, green cards and visas are also taking at least twice as long to process than they used to. The best explanation I could find is that the Trump administration reassigned staff from processing applications to reviewing old ones to find clerical errors or other reasons to revoke the same, I.e. witch hunts against brown people:
https://missionlocal.org/2019/02/sfs-bissap-baobab-to-close-as-owner-fights-immigration-case/
https://theintercept.com/2019/05/10/denaturalization-case-citizenship-kansas/
The second case suggests the policy started before Trump, but he accelerated it.
Seattle Sipper • May 17, 2019 11:45 AM
@parabarbarian: You say
The conspiracy theory is that it is Deep State obstructionism: There are people in the State Department that hate Trump so much they will take any opportunity to embarrass his administration.
I suggest a third “OTOH”. Rather than Deep State subterfuge or bureaucratic stupidity, I see intentional subversion of the process through subtle means. If I change the regulations to restrict immigration and visitation, there is a well-defined process of publication and public review. That would be bad because it would expose me and it takes a long time to effect the blockage I desire. Instead, I throw sand in the procedural gears and let the process slowly grind to a halt. Since I can’t change the regs, I merely reinterpret them. If denial of visa would produce measurable results (e.g., rejection rates rise), I just delay and defer so that the visa request gets withdrawn, cancelled, or made irrelevant. This is great for plausible deniability – “I didn’t reject the application, the candidate withdrew it while it was under review.” The end result is the same – the applicant is kept outside the borders – and there’s no blame!
James • May 17, 2019 11:51 AM
@Z.Lozinski: Almost everything has at least dual uses. A knife can be used to slice bread, or to stab somebody. A gun can be used for self defense, or to kill innocent people. Same goes for cars and almost everything else that we use in the “modern” world.
However most lawmakers have no problem understanding knives, guns, cars or things alike, but they (and indeed most people) have problems understanding encryption. Encryption is mostly maths, you cannot legislate maths. You cannot say “this formula will work like that in this case, but in a different way in another case”. It’s like trying to legislate weather.
Keith • May 17, 2019 11:51 AM
Perhaps cryptographers encrypt their email and documents which means the NSA has a hard time seeing what they are discussing with other people all over the world. In the eyes of the NSA that normal (expected) behavior looks suspicious
David • May 17, 2019 12:00 PM
Some African delegates to the 2019 United Methodist Church conference also had problems obtaining visas. This probably wasn’t political interference from the right, as the African delegates were generally inclined to vote on the conservative side of the main issue (LGBTQ clergy and marriages).
“Officially, General Conference was to have 864 delegates. But of the voting delegates, 31 were absent, primarily because they were unable to gain visas, the Rev. Gary Graves, secretary of General Conference, reported Feb. 25.”
https://www.umnews.org/en/news/beginning-to-look-ahead-after-gc2019
James • May 17, 2019 12:03 PM
@Keith: I doubt the NSA has anything to do with denying entry. Most likely those denials are decided by much less educated people, to put it like that …
name.withheld.for.obvious.reasons • May 17, 2019 12:07 PM
@ m
Ah, so you’re not just a cryptographer, you know how to write as well.
The truly horrifying risk is that one can read.
My visceral, gut reaction to this issue is “Where was everyone when it was mathematicians?” First they came for the nuclear scientists, I said nothing. Next, they came for the mathematicians and I said nothing. Now…
This insanity that is U.S. policy of discrimination, using various list upon list upon list, has long been out of hand. We’ve conned ourselves into believing that codifying the “who” will give us the “what, where, when, and why” making this whole exercise a fools errand. Our collective hubris, arrogance, and stupidity surely means that we will suffer the indignity that is commensurate for the positions we have taken.
Might makes fright, fear shrinks will, and fight to the last dumb idea–this is the new mantra.
Clive Robinson • May 17, 2019 1:09 PM
@ Bruce, Ross,
As Ross will confirm, last century anyone holding a British Passport had no trouble what so ever turning up for a flight and landing in America for a spontanious weekend in The Big Apple or similar.
The US they changed the rules, and “criminals” had to apply via the US Embasy for a visa, then it was changed again to if you had ever been arrested. Now, not even “God Alone Knows” applies.
I have two friends who independently of each other either own a US business or have a subsiduary in the US. Neither has been arrested let alone taken to a police station or taken to court or been convicted. Yet because their companies are “high tech” and easily beat the native US competition when it comes to innovation, both have discovered they can not fly to the US, but wierdly one flew to Mexico and was alowed across at the US boarder as a tourist on their UK passport…
From conversations with others who have had similar issues it looks like it might actually be a Trump Administration policy based on “Not Invented Here” syndrome.
So if you are smart or employ smart Non-US people and rapidly inovate faster than the supposed “native US talent” I’d kind of get used to the idea of being discriminated against simply because some twerp thinks you are puting “The Great USA” in a bad light. As @parabarbarian suggests it might be State Dept insiders taking “any opportunity to embarrass his administration” or as @Seattle Sniper thinks it might be a deliberate “throw sand in the procedural gears and let the process slowly grind to a halt.” it’s hard to tell…
My personal view point whilst I was still medically alowed to fly, became that the US was no longer a place I wished to visit after I was treated like a criminal at the boarder when I had to be fingerprinted and bio-metric photographed…
I think an increasing number would agree that “The US” is now most certainly neither “The Land of the Free, nor “Home of the Brave” it’s citizens have been cowed by crooks and thugs who hide like roaches out of the light as they steal the citizen’s birthrights through those they have bought and paid for on the hill…
albert • May 17, 2019 1:12 PM
@Seattle Sipper,
“…I see intentional subversion of the process through subtle means….”
Indeed, and this is exactly how The System works. If you can’t change the law or the policy, ignore the policy/law. Failing that, extend the processing until the given issue becomes irrelevant.
The fact that well known cryptographers, UK and Israeli citizens, were denied visas is telling. Both countries are US allies. None of the applicants cited are known security risks. I suspect that the visa applications are screened by software, and not the sort of even elementary Ai. This situation may be the result of under-staffing. I suspect that there are thousands of visa requests. The US is a very popular destination. Just ask the thousands of Europeans(and others) who ‘move’ here on tourist visas.
With Trump in the White House, I suppose anything is possible.
. .. . .. — ….
James • May 17, 2019 1:19 PM
@Clive Robinson : my point exactly (kind of). I’m not American, and obviously not a native English speaker, however i have visited the US on several occasions. Now, i don’t want to do it, because i don’t likw the probability of being humiliated at the border by a stupid agent that a few years ago was a pizza delivery guy and now he demands the passwords for my devices. Really, no.
Alejandro • May 17, 2019 1:35 PM
The problem in my view is the secrecy.
The government should have a valid reason to deny entry, and articulate it.
Simon • May 17, 2019 1:36 PM
People are quick to blame Trump, and his administration whether directly (an alleged formal policy to hinder cryptographers entering the U.S.) or indirectly (a consequence of the shutdown) but forget Adi Shamir was previously subject to an almost identical ridiculous “delay” for his U.S. visa in … 2013, when he wanted to attend Crypto 2013 conference to present his paper.
Last I checked there was a different administration in power at the time.
Cryptographers are under attack. Those that write, research or promote encryption or related technologies are targets and it’s politically agnostic. Call it “the deep state” or whatever but this policy of hostility will not change for the foreseeable future and is unaffected by elected politics.
Irritated • May 17, 2019 1:39 PM
@tim
Sometimes yesterday’s conspiracy theories become tomorrow’s facts
RedWoman • May 17, 2019 2:28 PM
@Clive – I’ve found the UK to be no better. They too take fingerprints and photos. Customs on the Continent seems much less intrusive overall.
vas pup • May 17, 2019 2:38 PM
@Irritated • May 17, 2019 1:39 PM.
Sure. When E.Hemingway claimed he was spied by feds, everybody called him paranoid, but in reality (after some files were declassified)he was spied upon for about 25 years.
Is it resonate on recent discoveries related to POTUS?
Even paranoid has own enemies, and paranoid ideas of yesterday become facts of tomorrow.
A90210 • May 17, 2019 4:55 PM
@vas pup
“Is it resonate on recent discoveries related to POTUS?”
I don’t know, but the following do:
https://www.washingtonpost.com/politics/2018/09/13/president-trump-has-made-more-than-false-or-misleading-claims
“President Trump has made more than 5,000 false or misleading claims”
https://www.democracynow.org/2016/7/13/headlines/donald_trump_has_sued_or_been_sued_3_500_times_since_1970
“Donald Trump Has Sued or Been Sued More Than 4,000 Times Since 1970
Ruth Bader Ginsburg isn’t the only judge Donald Trump has recently tangled with. The Republican presidential candidate is a prolific litigator. According to a USA Today investigation, Donald Trump and his companies have been involved in more than 4,000 lawsuits since 1970. Since Trump began his presidential campaign a year ago, he has become involved in 70 new lawsuits. One of the current cases alleges that Trump University has defrauded its students.”
SpaceLifeForm • May 17, 2019 5:25 PM
@James
Did you see that CIA is now embracing TOR?
Maybe because their double encryption failed.
Clive Robinson • May 17, 2019 6:17 PM
@ Z.Lozinski,
The telecommunications network has always been subject to lawful intercept – “wiretapping” in popular culture, thought it hasn’t been done that way since the 1930s.
It is a little ironic that by 1935, not only did we know in theory how to make a computer (Church-Turing) but some interesting limitations to them (Gödel) we also knew how to make unbreakable cipher systems (Vernam-Shannon).
All we lacked was the ways to make them conveniently (having made a few logic gates out of relays, I can fully understand Konrad Zuse’s difficulties).
A decade later theory had very much become practice, and Turing was quite pointed about the fact that all computers should have what we would now call Digital True Random Number Generators (D-TRNGs) in them when he was up in Manchester.
So the automation of the printing of One Time Pad and Code pairs was in effect trivial even though it would have been initialy expensive, but rapidly dropped. By 1980 however relitively inexpensive home / personal computers and dot-matrix printers and cabon copy fan fold paper ment anyone could print out document pairs at home to their hearts content. The only other thing need required just a little work with not even a handfull of components[1] and a soldering iron to make a TRNG.
Then there was that Byte Magazine with not just the explanation of how RSA worked but real example code (I still have my copy in my dead tree cave).
So the “common clay” that are the evereryday citizens had the opportunity to have all the communications security they wanted. Some of us wrote our code and made it available by Freeware or Shareware, with great expectations… Even “geeks” didn’t want it you had to be a very real “Crypto-Nerd” but that term was yet to be.
In some ways little has changed, by far the majority of people don’t actually want let alone need communications security outside of financial transactions. If you remember back, it took a publicity campaign of “let’s encrypt” to get people to use what security was already available to them…
But an App with a “cool name” and cred just a download away, that’s desirable 😉
So the Five-Eyes SigInt’s, and LEO’s and Government agencies are “Getting their panties in a wad” over “lib-cred” and a “cool name”… You couldn’t make it up.
[1] Which are a zenner diode a current biased transistor three resistors and a couple of capacitors to make a noise source. Which you then feed into the likes of a 74LS13 Schmitt Nand gate that you then feed to an input pin on a Centronics printer port, or with another transistor in Open Collector arrangment with a cap a few diodes and a couple of resistors would enable you to use an RS232 input. All in a “Gold Flake” tobacco or “Altoids” mint tin.
Clive Robinson • May 17, 2019 7:01 PM
@ James,
I’m not American, and obviously not a native English speaker
Whilst I kind of guessed you were not American 😉
Trust me it is very far from obvious that English is not your native language.
In fact a small bet, I’m in the South East of London currently and it will be “Club Kick Out” here in an hour, I reckon if I listend to fifty voices as they went out the door, the chance of just one with your eloquence is going to be 50:50 at best.
Prof. James McNelis • May 17, 2019 7:32 PM
Happening at academic conferences generally. Numerous attendees denied entrance visas for Inteenational Congress on Medieval Studies at Western Michigan U last week.
Clive Robinson • May 17, 2019 7:55 PM
@ RedWoman,
@Clive – I’ve found the UK to be no better.
That would not surprise me, as for fingerprints and photos, I’ve no idea on that. I stopped intercontinental travelling by air[1] just four days after the US implemented it’s fingerprinting and photographing when I flew back via BA from Seattle. Appart from flights to the N.W. of the EU that was it for commercial jets[1].
If I go to the EU these days it’s generally via sub-surface transportation[2], which over all is often faster, and you can stretch your legs so DVT risk is much lower. Unless I travel in a sail boat, which is a hobby I do indulge in despite the seasickness for the first two or three days (what’s a good “chunder” between mates 😉 The reason I mention it is that the last time I sailed to the EU and back I need not have taken my passport, nobody checked, even on returning to the UK…
[1] Medically I’m no longer cleared to go mountain climbing lest I get PE’s or CE’s again which is realy annoying as it’s something I enjoyed. It also rules out flying in most commercial jets as they generally depressure with some going to the equivalent of 8000ft ASL. However helicopters and light aircraft in UK air space are generally OK if I’m up on the blood thinners…
[2] Yup you did read “sub-surface” right, just like a high speed mole. I look on it as an extension to the “London underground” even though many call it the “Chunnle” still.
Sed Contra • May 17, 2019 7:59 PM
@several posters
One should distinguish between President Trump and the State Department bureaucracy. They are generally and in any random case probably at odds. It’s the Department that handles the visas. One has to ask what is the politics of the bureaucracy.
Nathan Myers • May 17, 2019 8:21 PM
It is well-publicized that the State Department is badly understaffed, evidently by design. Whether State are deliberately excluding competent people, or just incompetently failing to include them, may not make much difference, in practice, but it’s a predictable consequence of policy.
Clive Robinson • May 17, 2019 8:24 PM
@ sed contra,
One has to ask what is the politics of the bureaucracy.
There appears to be a growing number of “unnamed sources” from the “bureaucracy” talking to journalists, the jist of their communications is that they are in effect “resisting the outsider” every which way they can. Alledgedly to “protect America”…
Personally I think –if the journos can be believed– that those unnamed sources might, if “protect America” is their real intent, be of more service stopping John Bolton and Mike Pompeo, before the body bags start piling up again.
C. L. Dodgson and E. V. Rieu • May 17, 2019 10:26 PM
Apropos the main post and Prof. McNelis’s:
What is another reason a cryptologist is like a medievalist ?
Ans: Because there is a “b” in both.
JonKnowsNothing • May 18, 2019 1:11 AM
@All, and Clive
While the ins and outs of crossing borders is applied unevenly and clearly the process shows how poor the software systems are that we rely on to Finger the Bad Hombres and Hombrettes, there is another aspect that meanders through the process which sits a bit deeper down than the shallow application of a Wrong Check Box or Wrong ID without Recourse to Correction.
There is much to be said about Education and what it means to learn from Teachers of all types and knowledge bases. One thing is clear and that is in spite of our collective statements that Education Matters and Students are Tomorrow’s Leaders and Innovation Greases the Greasy Gears of World Economics, we don’t really mean it.
We sabotage the process at every opportunity. That’s the Metaphysical Almighty We-They. We do not really want to have an educated population and we certainly do not want “our ideas” going anywhere else. Nor do we want “other ideas” polluting the sterile environments we call “higher education”.
It’s not all that new, it goes along with no longer being able to write “long hand”. Or the ability to read anything more than The Cliff Notes Version. Critical Thinking is a non-starter. There is a great benefit to some in restricting access to “adverse” information. Which is any information We-They do not condone or approve.
I’ve learned more reading comments from Clive Robinson than I did in years of tech work or even University work. I’m just sorry that it took so long to find the posts and I hope some how he collects them puts them all into a book.
Restricting known and respected members of their fields may be as much about who and where they come from as it is about what they know and what will they say.
Don’t Ask. Don’t Tell. Don’t Think. Just Don’t.
Jake • May 18, 2019 8:47 AM
Travel is a Privilege
In times past people could compartmentalize their lives: what you say or do would depend on the current context, surroundings, associations and circumstances. Thankfully it was soon forgotten.
But now in this surveillance age nothing is forgotten[0]. Former secrets are now documented and shared in your lifelong Planitar type dossier.
Throughout the world EVERY government is further developing its own tailored Foreign Credit System using these external dossiers[1]. Will you be an asset to the country you wish to visit[2]?
Besides the EU’s GDPR there are virtually no laws against National Security Agencies gathering foreigner activity data like email contacts and contents, purchases, phone calls, lawsuits and social media posts[3] .
I’m amazed at the emotional responses here. Its all administrative rulings folks with no due process and zero transparency. There is currently extensive sharing of your data between trusted [4] international partners.
The bottom line is guests have no entry rights when entering a foreign country[5]. Will you be an asset or a risk? Are there activities which are legal in your own country but not in the country visiting[6]?
This higher-level implication is the younger you are, the more repressive big-data AI systems will make YOUR critical career choices affecting you and your family for the rest of your life. All without your knowledge or consent.
Giving up your privacy restricts human freedom to learn from our mistakes, grow and advance. and to make your own choices. Instead your opportunities are automatically assigned without informed consent. It is a brutal, profit based system, one without essential human qualities of understanding, empathy and mercy.
So don’t be shocked, angry or upset. Young people today should sanitize their lives as if walking on eggshells. Everything you say and do, can and will be used against you[7].
[0] For example if you were a radical college student or lead a secret life
[1] To control citizens internally western hi-tech monopolies are following China’s Social Credit System. Both systems incorporate the ominous No Fly List
[2] As a crazy example, the British Parliament spitefully sought to deny The POTUS entry, even after hugely interfering in the 2016 USA elections. Six Italian national security agencies heads who also politically interfered, are resigning
[3] Even a misdemeanor charge from 20 years ago is enough to deny access
[4] Everything is classified and shared only with trusted partners. Rationalizations or not, sharing is forbidden on untrusted 5G networks
[5] Many people are restricted elsewhere its just that they are not aware of it
[6] like purchasing/smoking marijuana? Or labeled as a distracted driver or smart-phone addict?
[7] unless you have been granted PRIVILEGED EXEMPT status
Clive Robinson • May 18, 2019 10:20 AM
@ jake,
Travel is a Privilege
Actually it’s not, if that were the case you would not be able to move from the place you were last put.
If you have the feet to walk or run you can move thus travel, if you have the hands to swim or make tools to make a raft or boat then you can travel across water. With more skills space is open to you.
It’s the old “King Game” that gives us the “might is right” attitude of a few sociopaths expressed through “authoritarian following” “guard labour” to establish the faux boundries of nations and thus citizens within them.
People then develop the “castle mentality” where they build a prison to live in and keep others out of.
Now ask yourself again, who has the right to deny you the freedoms that nature has given you via hand and foot?
Steve • May 18, 2019 5:21 PM
Perhaps the most likely explanation is given by “Hanlon’s Razor”, to wit
Never attribute to malice that which is adequately explained by stupidity.
Works for me.
TIARA GNOME • May 18, 2019 8:13 PM
@ Steve
There is a lot of truth to that. The various Hydra heads of U.S. government entities, with their small brains, do not always cooperate when it is time to feed. That is why they created the Director of National Intelligence position.
@ James
You basically said it: encryption is bad. Therefore, cryptologists are bad too. People like Mr. Schneier pose a direct threat to the budget of a certain organization, especially with that article about how they threaten national security.
I am proud of my former career working for Uncle Sam. I am proud of having been "On Watch" all those years, and for my awards and retirement, for that opportunity to lead. I like to reflect on great men like General Odom. Look up the videos on YouTube in which he spoke. He embodied the decency, wisdom, and intelligence of what the effort used to be.
The bad treatment is not that bad right now. Horst Feistel got arrested when he came to America, and then he got citizenship and immediately joined the team.
Speaking of teams, empires come to an end, and so we must face it. Like Darwin's finches, they can morph bit-by-bit until they are no longer what they were. I used to be worried about the U.S. Constitution being subverted, like General Odom did. Now I am worried about Gestapo 2.0--its power, depth, and the buffoons who will run it. The real INGSOC, with real doublethink--and an American flag pasted to it.
It depends on events, and those events could be sudden.
TIARA GNOME • May 18, 2019 11:14 PM
Whatever is the case about blacklists or target lists, that is certainly classified information. Perhaps almost every country in the world has such lists, and presumably those lists are often shared between national partners. This brings me to the phrase “public-interest technologist”.
Which public are we speaking of? Why not say “national-interest technologist”? In China they have “hongke” with are “red guests”, which are a kind of “heike” or “black guest”, a hacker who is motivated by patriotism to protect domestic networks and hack outsiders. So what does the U.S. really amount to when the technologists who actually have America’s best public interest at heart (the patriots) are actually targets near the same level as al Qaeda members? Can I have French fries with that?
You might think Shamir’s case is some act of intimidation against folks at the RSA conference. You might be right. Other people would surely notice that Adi Shamir’s seat was empty, the seat at the front. But don’t think too much into this. It is highly unlikely that a plan was actually created and realized. After all, two 9-11 terrorists got their passports issued to them after they had died in the attack; Chinese agents were paid by the U.S. to scoop up the all the data they could in the Office of Personnel Management Leak, one of the worst counter-intell failures in American history, etc., ad nauseum. Not a whole lot of thinking going on.
Prominent cryptologists certainly are targeted, but one wonders whether it is to learn about any breakthroughs they may have reached, or is it just a bit of malice, or both? Or is it just the need for enemies to justify budget?
If anything can cause people in D.C. to stop slumbering it is the threat of having their pay lowered. A certain organization almost got its pee pee smacked by Congress because of the Snowden leaks. No more sippy cup; that caused some momentary incontinence and hair adjustment.
What to do? Learn more cryptography. Learn more about the work of Shannon, Feistel, Merkle, Vernam, Hellman, Diffie, Schneier, etc. Whatever you really know about making cryptography work, share it. Develop new cryptographic software and hardware if you can; improve what already exists. Help people to use it correctly. Educate people. Harden your system, harden any networks you can, and learn how to play hardball.
It is not all bad news. In fact, things are not so bad at all really, as long as you are not in Yemen or Syria or Niger or Afghanistan or Pakistan,etc. Not yet, and let’s hope Gestapo 2.0 does not appear inside the U.S. It may be a good idea to get involved with one’s representatives in Congress so that Gestapo 2.0 does not get a budget. A real INGSOC inside the U.S. is what we do not want to happen, and what has already transpired amounts to steps along the way towards a real nightmare, one that the Founding Fathers tried to prevent: “factions” and “tyranny”.
George • May 19, 2019 2:58 AM
@James wrote, “Now, i don’t want to do it, because i don’t likw the probability of being humiliated at the border by a stupid agent that a few years ago was a pizza delivery guy and now he demands the passwords for my devices. Really, no. ”
Funny pun. The easy way is do not bring any sort of devices that requires a password. These days, there is a lot you can do with cloud storage and software,so that you never have to bring a device on your travels.
Wesley Parish • May 19, 2019 4:46 AM
So the general consensus is that travel has grown more difficult over the years because – it would appear – politicians and bureaucrats are either playing to the paranoid, or are the paranoid themselves.
I’m sure a good part of it is explained by Eric Bogle:
https://www.youtube.com/watch?v=f-jWIBRRRdA
And every night at twelve o’clock to show that we’re not slaggards
We’ll stand and sing our national song, “Advance Australia”, backwards!
Or if you are in the United States of America, the appropriate song – the new national anthem – would of course be : “Please Fence Me In”
I want to sit in the cage where the West commences
And howl at the moon till I lose my senses
And I only stare at hobbles when I’m tied to fences
Please fence me in
quite unlike this dangerous heretic:
TIARA GNOME • May 19, 2019 7:45 AM
Who knows if cryptographers are scrutinized person-by-person in these busy days in the U.S., by the U.S., but you can bet they are certainly looked at closely by folks in a few tech savvy countries that don’t care for America.
If you do research on quantum computing, for example, and have figured out something new, you could probably bet that guys and gals in a list of foreign cities know how many scoops of sugar you put on your Corn Flakes this morning, what kind of porn you like, your favorite operating system, and whether you use cryptographically secure passwords. It’s just a guess.
The more I think about what happened to Mr. Shamir, the more it bothers me. This is also, de facto, an attack on free speech, and that is very disturbing indeed.
Intimidation and limiting free speech are not the dark path America wants to go down.
I keep talking about Gestapo 2.0–it’s like the first one, but data heavy, and knows all about you and all your friends–and INGSOC, driven by doublespeak, and purely concerned with one thing: exercising power.
Don’t think it can’t happen in America or Great Britain. It can happen rapidly. One event, one major event, and that atmosphere of fear will breed something worse than the PATRIOT ACT, and the tools are all there.
We are going step-by-step in the wrong direction.
vas pup • May 19, 2019 2:14 PM
@A90210.
I got your point, thank you!
But I was interested in another angle.
“Power corrupt, absolute power corrupt absolutely.”
That is why ALL folks from LEA/IC communities who utilized/utilize/will utilize their power to promote own political agenda should be reminded of:
https://en.wikipedia.org/wiki/Church_Committee
I mean if you want utilize your security skills to promote own political agenda, it is fine with me, but do it in private capacity only not using taxpayers money.
I just recall one federal prosecutor who put for corruption in club fed two state governors: one republican, one democrat (I may not agree with sentencing – to many years in prison), but that is how judicial system including judges should work in sense of political neutrality.
Yeah, and last but not least, crime going first always, not a person.
Everybody has their own skeletons in the closet, so by allocating sufficient resources it is possible to find some dirt on anybody in particular going back decades ago up to kindergarten.
I hope you’ve read ‘All King’s Men’. That was clear formulated in that book.
So, do we just want to have angels as politicians? then we should get them from heaven, not from earth.
JonKnowsNothing • May 19, 2019 3:43 PM
While the focus of the topic is why Highly Regarded Persons are denied entry to a Country that promises Freedoms of Movement, Thought, and Association as well as countries that do not promise any of the above, there is one mirror aspect to the policy:
No Right To Return
This policy allows a person to leave normally without hindrances or notice of anything unusual about their residency status, they find out when the try to return to their normal places of abode.
It renders some folks to a semi-stateless status. In the case of dual nationals and many people are not aware they are dual nationals (see the fall out in Australia over Dual Nationals who didn’t know of their historic claims), these folks may end up residing in countries they have never lived in nor speak the language and in which they are not considered legal residents.
In the case of deliberate exclusions see the ongoing horrors of The Windrush Generation in the UK.
There are of course many normal reasons to deport someone but this mirror case is to deny Re-Entry.
Not that long ago, a PhD at Stanford U in California spent years trying to navigate the labyrinth of National Security claims to re-enter the US after going to a conference at the request of the University. *
So, in one sense Our Honored Person may have dodged a more serious problem of not being able to return to their normal home of residence.
I am sure many folks give second thoughts now about going to an Embassy. Such things happen in US Embassy’s too: these are called Proxy Detentions and you won’t find too many reports on them. It’s bad for Disneyland’s No Stay Income.
@vas pup • May 19, 2019 3:43 PM
@vas pup
“That is why ALL folks from LEA/IC communities who utilized/utilize/will utilize their power to promote own political agenda should be reminded of [the Church Committee] …”
Church Committee, CoIntelPro, Trying to get Martin Luther King to commit suicide, perhaps cocaine in LA, Iran-Contra, Aldrich Ames, Robert Hannsen, Wen Ho Lee, etc., may remind readers of some CIA’s, FBI’s (or other Law Enforcement Agencies’), or other Intelligence Community (IC) members’ history.
I find it absurd at times, when I find myself defending the FBI, LEAs or ICs, knowing full well both parts of their imperfect past and how I have argued differently.
Of course it is possible that Attorney General (AG) William Barr wants to get to the bottom of the Counter Intelligence investigation(s) of Trump et al, but I suspect he is a partisan hack.
Of course, I know neither what Barr will tell us nor what evidence he will provide to support his future claims.
A90210 • May 19, 2019 3:50 PM
@vas pup
“That is why ALL folks from LEA/IC communities who utilized/utilize/will utilize their power to promote own political agenda should be reminded of [the Church Committee] …”
Church Committee, CoIntelPro, Trying to get Martin Luther King to commit suicide, perhaps cocaine in LA, Iran-Contra, Aldrich Ames, Robert Hannsen, Wen Ho Lee, etc., may remind readers of some CIA’s, FBI’s (or other Law Enforcement Agencies’), or other Intelligence Community (IC) members’ history.
I find it absurd at times, when I find myself defending the FBI, EAs or ICs, knowing full well parts of their imperfect past and how I have argued differently in the past.
Of course it is possible that Attorney General (AG) William Barr wants to get to the bottom of the Counter Intelligence investigation(s) of Trump et. al, but I suspect he is a poitical hack [1].
Of course, I know neither what Barr will tell us nor what evidence he will provide to support his claims.
[1] https://en.wikipedia.org/wiki/Political_hack
“”Political hack” is a pejorative term describing a person who is part of the political party apparatus, but whose intentions are more aligned with victory than personal conviction. The term “hired gun” is often used in tandem to further describe the moral bankruptcy of the “hack”.”
George • May 20, 2019 2:15 AM
@JonKnowsNothing wrote, “No Right to Return”
The right to turn is an important issue among some middle eastern circles. This implicitly applies to the right to leave as well. As we all know, humans are transient beings. The adherence to a locale is in many ways based on reasons such as economics, convenience, and religion.
The law of the land is the rules that one must go by. Any such laws based on right to return (or no right) is in solemn control of the land’s sovereignty. Any attempt to override such sovereignty creates what we commonly call a humanitarian crisis at best and all out war at worst.
JonKnowsNothing • May 20, 2019 8:18 AM
@George
I am not sure the US version of No Right To Return has the same “legal” basis as that used in other countries. The legal basis in the US is very shaky at best and can only exist in our Kangaroo Court System:
Ex-Parte, Grand Jury and FISA-FISC
The US may have other secret courts within the Military Establishment but these are not mentioned in detail in civilian news. We do know the Gitmo Court is one of them.
The US version is absolutely arbitrary and applied without meaningful oversight or ability to contest it. It’s applied to Honored Persons as well as Neighbors, Friends and Family. You can be OK and then NOK.
Once you are Tagged NOK then you are in extreme difficulty because … well … that’s the point of it.
The Right of Return may not be the same as Right to Re-Enter.
Both are of importance but perhaps Right to Re-Enter is a better term to avoid the collision between meanings.
ht tps://en.wikipedia.org/wiki/Kangaroo_court
ht tps://en.wikipedia.org/wiki/Ex_parte
https://en.wikipedia.org/wiki/Grand_jury
ht tps://en.wikipedia.org/wiki/United_States_Foreign_Intelligence_Surveillance_Court
MarkH • May 20, 2019 9:05 AM
For personal reasons, I have been paying attention to US law in this area.
Legally, US immigration officers cannot deny entry to any US citizen. If a US citizen did not renounce their citizenship while abroad, or have that citizenship revoked by the State Department, that citizen’s right to enter is guaranteed.
For all aliens, whether traveling on the Visa Waiver Program, on a US visa, or as legal residents, there is no right of entry. Immigration officers have the authority to refuse their admission at any port of entry.
Name (required) • May 20, 2019 10:02 AM
Surely the way to analyze the issue properly is to learn about the circumstances of each case and identify any correlations between them?
JonKnowsNothing • May 20, 2019 10:38 AM
@MarkH
Legally, US immigration officers cannot deny entry to any US citizen.
While it may be “illegal” this is done under the US Border Interpretation of a 100 mile zone that exists along all US borders and ports of entry. Within this 100 mile zone those that used to be known as Officers of the Peace, can and do enact many detentions and other activities. These can be applied to any person or persons or families or children that are traveling with what they were told is Valid Documentation such as a US Passport with Citizenship noted.
One thing that many do not appreciate is that there is a No Man’s Land at every port of entry. You are neither In nor Out: You are in fact No Where. Within this distance there are No Rights for anyone including US Citizens. At an airport, it starts at the first security gate and may end when you exit the airport at your destination. It may not end there because of the 100 mile zone claimed by Officers of the Peace.
@Name (required)
Surely the way to analyze the issue properly is to learn about the circumstances of each case and identify any correlations between them
It would be a good thing, except in the USA this all comes under our National Security Protocols and no one is really allowed to know what transpires. At best we get an Altered View of Reality from an “anonymous Official” or a statement of SoSorryWeDidntMeanIt.
Our Honored Person, the focus of our topic, may have dodged way more than the embarrassment of No Travel to the USA but a far worse outcome.
justinacolmena • May 20, 2019 11:10 AM
@MarkH
or have that citizenship revoked by the State Department
On what legal grounds is that even possible, pray tell? Are you Feds out of your freaking minds on racial supremacy and nationalism?
EvilKiru • May 20, 2019 2:02 PM
@justinacolmena • May 20, 2019 11:10 AM: I think it’s only possible to revoke the US citizenship of foreign-born nationals who later became US citizens. In a case I recently read about, the revocation was based on lying on the application form.
MarkH • May 20, 2019 3:37 PM
@Jon:
Obviously, CBP cannot “deny entry” to any person within the 100 mile deep constitution-free zone, as they are already on US soil.
When they detain a person they can ascertain to be a citizen as an unlawful immigrant — which I know sometimes happens — their conduct is certainly unlawful.
The law is not identical to what uniformed officers do in any country, and in the US this divergence is often nauseating.
@justina:
If you think I’m one of the “Feds,” you’re mistaken.
I have alien family members, so the letter of these laws is of deep and practical concern to me.
As EvilKiru wrote, revocation is limited to naturalized citizens (those who acquired citizenship by way of an immigration process).
The cruel xenophobic sadists now in power have greatly increased the tempo of revocations, taking the citizenship of people who have lived peacefully and successfully in the US for many years, on the basis of minor discrepancies which in the past were not considered worthy of attention.
Those same sadists may be the answer to Bruce’s question: after many years of shrieking “Illegal immigrants! Illegal immigrants!” they revealed their bait-and-switch once Trump came to power: they also announced their determination to cut LEGAL immigration by 50%, and they are well on their way toward this goal.
The “illegal” part was always bull$hit. They simply hate the foreign-born with mindless vitriolic passion, with exceptions for pure Nordic types beloved of Hitler’s SS, or Slavic fashion models.
If you want to know the truth, ask immigration attorneys in the US: in recent years, how have immigration outcomes changed for people who follow all of the laws and rules?
Anssssss • May 20, 2019 5:04 PM
@JonKnowsNothing, what are you trying to prevent when you fractured that URL above? You said “URL fractured to prevent autorun”, just curious what that is about.
EvilKiru • May 20, 2019 6:43 PM
@Anssssss • May 20, 2019 5:04 PM: It prevents your browser from automatically following the link as soon as it encounters it.
Alyer Babtu • May 21, 2019 12:52 AM
Conferences are nice for their human side, but perhaps the real work gets done elsewhere, at one’s desk, and as long as it can be published somehow, there is no great loss in missing a conference. And some scholars avoid conferences and awards because they feel they tend to corrupt the life of the field.
fajensen • May 21, 2019 5:00 AM
Maybe it just happens that the financial data-trail for cryptographers (lots of foreign payments for conferences, hotels, travel, car hire) is sufficiently similar to that of “known threats” for Machine Learning to spot?
When applying for entry into the US, one has to go through ESTA. One must pay with a personal credit card. This means that financial data is obviously used for the classification and having it is very important for “the system” to work.
Of course one would automate this, applying Magic IT-Fairy Pixie Dust: Have MIL-SEC contractors like Palantir build an AI / Machine Learning System that shall automatically sniff out all “threats” and then put them on secret no-travel, no-entry lists. Because those lists are secret, no-one will spot the errors in them and very few will know the procedures for correcting the errors? This is a common pattern in IT: Only automate the “normal path”, the “failure paths” are all manual and gruelling work to unwind!
The problem with MI/AI being of course that the set of “known threats” is so short that I, and anyone actually an expert in the subject, would absolutely doubt any kind of machine learning model that was tortured from that dataset.
The current crop of Machine Learning needs millions of examples to generalise properly, tens of thousands are not going to cut it, everyone knows this, but the US government probably went ahead and did it anyway because collateral damage is not an issue for these fine folks.
A90210 • May 21, 2019 10:37 AM
@vas pup
I apologize for a post where I used your name, above at 19 May 2019 3:43 pm.
vas pup • May 21, 2019 2:53 PM
@A90210: No problem! We all human and make mistakes.
Per you comment “I find it absurd at times, when I find myself defending the FBI, LEAs or ICs…”
For me its is like this: I never doubt necessity of existence of those structures and Government as a whole. As James Madison said “If people were angels, we don’t need government” but I am strongly object any their activity beyond scope of prescribed by law and Constitution their jurisdiction in particular never being assigned to them function of Thought Police like in “1984”.
Alyer Babtu • May 21, 2019 11:45 PM
From a mid 1990s interview with Vladimir Arnold
https://www.ams.org/notices/199704/arnold.pdf
some remarks on the visa process:
“My friend Vershik recently tried to obtain an American visa in Paris. “What is your salary in St. Petersburg?” asked the staff at the American consulate. After hearing his honest reply, the staff asked, “Do you wish to persuade us that you intend to return to St. Petersburg at such a salary?” Vershik answered, “Of course. Money is not all!” The staff was so shocked that Vershik was given the visa immediately.
“I was applying for a visa a week earlier, and they put me on a waiting list for three weeks. Their reasoning was that my papers must be checked in Washington since I am a “donkey”. I asked for an explanation. “Well,” they replied, “we have such names for every crime: dog, cat, tiger, camel, and so on.” They showed me the list, and “donkey” is a pseudonym for a Russian scientist.”
Anssssss • May 22, 2019 12:29 PM
@EvilKiru, regarding “browser from automatically following the link as soon as it encounters it”, I’ve never heard of that. I don’t know why a browser would do that either (why waste time/resources following a link that the user did not click?). Don’t want to derail this thread, so can you refer me to some page describing such behavior?
PolWatcher • May 22, 2019 2:14 PM
Cryptography places restrictions on the power of government. And that seems vaguely evil to politicians.
Weather • May 22, 2019 2:39 PM
Ansssss
If there’s a bug in the html parse a .js link can be fetched, < type stuff, the web browser will do it on page load, there could be server side(asp php) or mitm, or cross site scripting.
Clive Robinson • May 22, 2019 4:26 PM
@ PolWatcher,
And that seems vaguely evil to politicians
As the hobble does to the camel that want’s to push it’s nose in your tent.
The other solution of beating the camel’s nose with something both weighty and solid I’m sure would also work on politicians…
However they appear to belive they have more rights than a camel’s nose let alone the product of it’s bum you might otherwise associate them with. Thus they kind of get upset if you treat them the way they rightfully deserve…
As many a Pythonesque comedy sketch would have it, the reply to politicians at all times should be “A damn good thrashing would be wasted on you”… Best said in that “Fiery old Colonel from Surrey” voice, before ‘having at them’ with a riding crop or similar 😉
EvilKiru • May 22, 2019 6:57 PM
@Anssssss • May 22, 2019 12:29 PM: It’s just something I’ve inferred from reasons that have been given as to why various people take action to ensure their links won’t auto-convert to actual hyper-links in comments.
JonKnowsNothing • June 4, 2019 9:54 AM
This popped up yesterday a new new undocumented but enforced requirement for a USA Visa: Social Media Handles at least the last 5 years of them.
This requirement has been floating about as a “possible” and numerous corporations now demand this information as a “employee vetting” criteria and also for Reputation Cleaning, but now it’s a de facto requirement for a Visa.
The controversial policy seemingly came into force on Friday. As far as we can tell, it will require people to provide the URLs or handles of social media accounts – from Twitter and Tumblr to LinkedIn, Instagram, and Facebook – they have used in the past five years as well as email addresses. No passwords are requested.
This information must be declared on their DS-160 application forms, which need to be completed to apply for non-permanent visas to stay and work in the United States. These are the forms on which you normally fill out your personal information, such as your passport details.
Perhaps our honored person was part of the Test Deck and forgot to list something from a long time back.
I would expect that the Test Deck would not be able to tell John Smith from John Smith from John Smith, because most cannot and do not.
It wouldn’t be a surprise to find that the exclusion was related to a different John Smith rather than THIS John Smith.
Of course, we will not know for decades, at best case.
A 2 part report:
ht tps://www.theregister.co.uk/2019/06/03/us_social_media_visa_immigration/
ht tps://www.theregister.co.uk/2019/06/03/us_social_media_visa_immigration/?page=2
(url fractured to prevent auto-run)
Steve Holden • June 15, 2019 10:22 AM
I observed some time ago that those with knowledge of information systems security were the possessors of critical information, and might expect to be treated unfairly simpy due to the technical knowledge they were party to and the activities which dishonest people could undertake if they chose.
It looks like that time is here. I won’t be visiting the US any time soon.
Subscribe to comments on this entry
Sidebar photo of Bruce Schneier by Joe MacInnis.
Wilheln Tell • May 17, 2019 6:45 AM
The Cryptographers are among the elites of the workforce. They can afford to move abroad. — And after a while the US has to buy these services from China.