"But when the software could be used closer to home, they target developers like they are one step away from terrorists. The hypocrisy is... challenging"
So you see this border interrogation as part of a systematic policy to intimidate developers entering the United States with expertise in cryptographic dev? Gotta be honest, that seems like a wild and illogical extrapolation to me based on this anecdotal story. So the end game of the United States government is what exactly, in this effort? To keep people with cryptographic talent outside of the US?
1) Why? I presume your point is that the government is attempting in a very, very, very round-about way to stifle free speech? Please inform me if this is not your point, I don't want to put words in your mouth.
2) What would that accomplish. We live in an era of instant communication and transportation of software. Developers can work on products from anywhere in the globe. If this man was denied entry to the United States, what is stopping him from simply working for his company from abroad? The answer: nothing.
It would serve pretty much zero purpose to run a campaign of intimidation against an incredibly small subset of the developer population... Programmers with cryptographic expertise who frequently travel in and outside of the United States... I don't get it. What about all of those with crypto experience who are already in the US and don't travel. Aren't they a threat? Are they being targeted? Where are their stories?
Doesn't the government, when they are looking to either break or make these same crypto software, draw from the same talent pool as private industry here in America? Why would they run that talent out of town?
If the US government wanted to suppress cryptographic research or otherwise circumvent it in an effort to subvert Free Speech, don't you think there are more precise and non-haphazard-and-idiotic ways of doing it?
This goes against the general sentiment of comments I've seen in this article, but I just have to say it. I think the idea is ridiculous and above all, completely inefficient for the goals everyone is ascribing to the border agents and the government here.
Logic doesn't really back this up. I can't imagine the point of this. I am not naive enough to think the government doesn't do some shady stuff, but I simply don't see the point and don't see this as an effective tool in whatever their war on developers is supposed to be.
>So you see this border interrogation as part of a systematic policy to intimidate developers entering the United States with expertise in cryptographic dev? Gotta be honest, that seems like a wild and illogical extrapolation to me based on this anecdotal story.
This is not the only inference you can make. Something that I've noticed about domestic law-enforcement, which I think successfully extrapolates and pertains to the DHS and TSA, is that outlying behavior is discouraged, especially outlying behavior associated with volatile keywords. How many times have I done something unusual, and stopped when the police come by because I just don't know if it's legal or not, and I don't want to get hassled?!
The law is so extensive and arcane that enforcement relies almost entirely on precedent and patterns rather than direct application, especially when dealing with rarer violations.
The result is systematic harassment with no end-game required. It's a policy that kind of sneaks up on institutions as big as the US Govt: discourage interesting, dissenting behavior; encourage boring, mainstream behavior. It doesn't require passing a law - it's an emergent behavior that only requires extra scrutiny of behavior that is outside the experience of the enforcer. This will tend to get worse with scale and the application of technology because a) more people are scrutinized and b) more of their life will be scrutinized, increasing the risk of finding outlying behavioral points.
"So you see this border interrogation as part of a systematic policy to intimidate developers entering the United States with expertise in cryptographic dev? Gotta be honest, that seems like a wild and illogical extrapolation to me based on this anecdotal story. So the end game of the United States government is what exactly, in this effort? To keep people with cryptographic talent outside of the US?"
I could probably mount a plausible argument that the end-game is to discourage talented developers/cryptographers from contributing to the sorts of projects that could be seen as "sticking it to the man". Especially since this isn't a singular isolated anecdotal story (and I know the plural of "anecdote" isn't "data", but still…)
If making that argument (and I'm not yet sure I'm convinced of it's "rightness"), I'd probably also point out it doesn't need to be on the scale of "the United States government" to exist or to be effective - it could be emergent behaviour of law enforcement agencies without being publicly chosen or acknowledged policy. A diligent "national security" agent might very well think it's entirely within their remit to "investigate" software like CryptoCat, and the Chinese Whispers propagation of that "I wonder what algorithms CryptoCat uses?" curiosity could easily end up with the observed "The NSA needs to know about your software" interrogation/intimidation behaviour by the minimum wage airport security staff.
And as a long term play - putting even a little pressure on young up-and-coming developers when they're deciding what projects to start or contribute too would "work". "Should I contribute to this borderline subversive open source crypto project? But what if I get a startup off the ground later that requires a lot of travel? Maybe I should work on my commercial mobile app idea instead…"
If the interrogator has 22 years of 'computer experience' and is asking about specific algorithms I sincerely doubt that they're minimum wage airport security staff.
"I could probably mount a plausible argument that the end-game is to discourage talented developers/cryptographers from contributing to the sorts of projects that could be seen as "sticking it to the man". Especially since this isn't a singular isolated anecdotal story (and I know the plural of "anecdote" isn't "data", but still…)"
I addressed this in one of my earlier points: I don't quite understand what you are talking about. We are computer programmers. We can build a product from anywhere in the world. Why would physical borders stop us?
So you see this border interrogation as part of a systematic policy to intimidate developers entering the United States with expertise in cryptographic dev? Gotta be honest, that seems like a wild and illogical extrapolation to me based on this anecdotal story.
See the many other similar stories of detentions on this thread.
But also, just following the question of what's "wildly implausible", assuming the event happened, what's more plausible, that this was a sanctioned action based on US policy or that low-level airport security people have the ability to detain whoever they want based on criteria they make up and that they just happened to choose a crypt expert based on their personal interests in the subject?
In my view, untog had a perfectly reasonable and simple explanation.
True, I am assuming a certain level of logic and you are right, the world doesn't always work that way. But the above poster makes a lot more sense to me than some idea of a very, very, very ineffective campaign against crypto devs. The idea that we are targeting crypto devs really doesn't hold up when you think about it, it doesn't make a single ounce of sense.
And is it really that hard to believe that this man, whose job it is to monitor the flow of people and properties in and outside of the united states, would be interested? Is it a stretch to imagine any number of scenarios, including one where this man was simply overzealous? I understand the obvious sympathies we have to this man as a fellow programmer... I just don't see anything "there" there.
So you see this border interrogation as part of a systematic policy to intimidate developers entering the United States with expertise in cryptographic dev? Gotta be honest, that seems like a wild and illogical extrapolation to me based on this anecdotal story.
Agreed. This is simply a case of border control agents going overboard. I'm not defending it for a second (as a US visa holder, I despise the process I have to go through every time I enter the country) but these agents aren't technically inclined in any way.
When you arrive at their desk, they ask "what do you do for a living and what does your company do?". If you answer "The company makes chat software", you'd walk straight through. If you say "The company makes encrypted, secure chat software" then they are going to ask further questions. I wouldn't be surprised if they have a watchlist of words to listen out for, and "encryption" is one of them. Encryption is subject to export controls:
This is simply a case of border control agents going
overboard
Again, and again, and again, and ... ? It's not an accident that these are the people being harassed. Again and again people involved in computer security, certain political campaigning and other 'dangerous' occupations are harassed. Far too often to be incidental.
Suggesting it's because of something they said is ludicrous and aggravating. That's the same argument as suggesting that if someone didn't want to get raped, she shouldn't have dressed skimpily. While you don't even know what she was wearing.
It's an emotionally loaded comparison, even if you're referring to the argument and not the act.
I think untog brings up a good point, which is that we don't know what the interaction was. And we do know that what you say can cause you to be further questioned.
It's highly unlikely that so many smart people are being harassed 'because they said something unwise'. These people know very well to keep their mouth shut at the border, which is a sad thing in itself. How often is the person being harassed an accountant and how often is it a security researcher? Joe Random also complains on Reddit about being harassed and their stories are upvoted just as much. Still a few categories stick out. I can't explain that, unless they are being harassed, because of what they do or believe in when not travelling.
Of course, this harassment doesn't accomplish anything. If these people were truly a threat, the FBI would stake them out, the CIA would make them disappear or the NSA would hire them. Them being harassed at the border once more illustrates the weirdness of the TSA and border patrol. Their employees seem to suffer from the group delusion that harassing people will keep them from doing security research or being a danger to the United States. I don't understand their motivation. They give the US a bad name and they achieve nothing.
The actual security agencies know better than that. You may disagree with their practices and beliefs, but they at least give the impression of being mostly competent and efficient in achieving sensible goals. The current news around a 0-day cryptographic breakthrough being incorporated in Flame doesn't result in "I never expected that", but in "Go figure".
That's just contradicting me, by stating !::, where I'm obviously stating ::.
I think it's the best known example, and hence the best illustration, of 'blaming the victim'. I would have used that description, were it not for the fact that I couldn't remember the name of the fallacy at the time. I remembered it after a good night's sleep. If you wish to attribute my usage of an example to lazyness, so be it.
I wasn't going to let "You get temporarily detained at the border? Well, you must've said something that alerted them." slide and I don't see how it is logically different from "You got raped? Well, you must've worn something that aroused them."
So you see this border interrogation as part of a systematic policy to intimidate developers entering the United States with expertise in cryptographic dev? Gotta be honest, that seems like a wild and illogical extrapolation to me based on this anecdotal story. So the end game of the United States government is what exactly, in this effort? To keep people with cryptographic talent outside of the US?
1) Why? I presume your point is that the government is attempting in a very, very, very round-about way to stifle free speech? Please inform me if this is not your point, I don't want to put words in your mouth.
2) What would that accomplish. We live in an era of instant communication and transportation of software. Developers can work on products from anywhere in the globe. If this man was denied entry to the United States, what is stopping him from simply working for his company from abroad? The answer: nothing.
It would serve pretty much zero purpose to run a campaign of intimidation against an incredibly small subset of the developer population... Programmers with cryptographic expertise who frequently travel in and outside of the United States... I don't get it. What about all of those with crypto experience who are already in the US and don't travel. Aren't they a threat? Are they being targeted? Where are their stories?
Doesn't the government, when they are looking to either break or make these same crypto software, draw from the same talent pool as private industry here in America? Why would they run that talent out of town?
If the US government wanted to suppress cryptographic research or otherwise circumvent it in an effort to subvert Free Speech, don't you think there are more precise and non-haphazard-and-idiotic ways of doing it?
This goes against the general sentiment of comments I've seen in this article, but I just have to say it. I think the idea is ridiculous and above all, completely inefficient for the goals everyone is ascribing to the border agents and the government here.
Logic doesn't really back this up. I can't imagine the point of this. I am not naive enough to think the government doesn't do some shady stuff, but I simply don't see the point and don't see this as an effective tool in whatever their war on developers is supposed to be.