Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

8/16/2006
01:45 AM
Patricia Keefe
Patricia Keefe
Commentary
50%
50%

Banned On Board: The Ripple Effect Of High-Tech Travel Restrictions

Last week's foiled airline bomb plot, and the subsequent fallout for business travelers--here and abroad--got me to thinking that necessity isn't just the mother of invention, it's also a driver of change, and sometimes, the spark needed to ignite struggling markets and launch new trends.

Last week's foiled airline bomb plot, and the subsequent fallout for business travelers--here and abroad--got me to thinking that necessity isn't just the mother of invention, it's also a driver of change, and sometimes, the spark needed to ignite struggling markets and launch new trends.While the most draconian travel restrictions have so far been limited to the U.K., domestically we also saw a tightening of carry-on policy, and subsequent confusion about whether portable electronics, chief among them laptops, could be carried on board. After banning gels, liquids, and some solids in carry-ons last week, FAA and Homeland Security Officials made it clear that more changes will likely be in the offing, though no hints were given as to what they might be, or when they'd be announced. Of course, we're all expecting to see more, not fewer, restrictions, right? It's not like the nutcases who like to blow up planes are going to go away, or get any less inventive, any time soon! In an interview Sunday on ABC's "This Week," Homeland Security Secretary Michael Chertof left the issue hanging when he said, "I don't see us moving to a total ban on hand baggage at this point."

In the meantime, though, we could see partial bans, and the most logical place to start swinging the security axe has got to be in the digital suitcase.

The average business traveler today is probably packing a minimum of a laptop with wireless connectivity, at least one battery pack, one or more cell phones and requisite chargers, possibly a pager and/or a BlackBerry, and, oh, some form of music--be it an MP3 or CD player. There are also digital cameras, headsets, video players, detachable keyboards, external drives, personal air cleaners, personal fans--even backpacks with built-in speakers and solar chargers. Self-combusting lithium-ion batteries aside, there's a lot of potential firepower there for the resourceful MacGyvers of the terrorist realm.

It's the smart IT department that will start reviewing its mobile and security policies and technologies now, spinning out what-if scenarios and solutions. For example, what happens if laptops and other portable technologies are banned from carry-ons? It's not for nothing that burned into the brain of every business traveler is the first commandment of the road: thou shalt not check thy laptop. Bad things happen to good laptops when they meet baggage handlers and conveyor belts. We all know not to go there. But what if we have to, then what?

Corporate America needs to think this through, as far in advance as it can. Remember all those passengers who showed up for their flights last Thursday, only to find out that they could not carry on what they had brought with them? No one wants to be caught that flat footed--especially when expensive equipment is involved. Since we don't know when the next attack will be, we need to plan ahead.

Various scenarios and questions are already running through my head:

* Will a huge window of opportunity open up for the overnight delivery companies as travelers unable to carry on their laptops and other digital tools, and unwilling to check them, mail them on ahead? It's not so far fetched--we travel with laptops for a reason: so we can give presentations, demos, crunch numbers, respond to memos, write reports and stories etc. And if we can't fly with them in our possession, and we can't be sure they'll arrive when we do, then we'll have to find an alternative mode of delivery. The FedExes, UPSes, and DHLs of the world, meanwhile, would have to come up with packaging and procedures that will guarantee the safety of all those laptops, ironically winging their way through the same airspace as their owners in many cases.

* Will we see a new market opportunity open up for ruggedized or "field" laptops and other equipment? Ever watch baggage being loaded or unloaded? If laptops and other handhelds are banned, and if we have to pack them in our suitcases, it might well be prudent for corporations to consider whether it's time to invest in sturdier equipment.

* Will we see exploding growth in the nascent biometric security industry? With all those laptops floating around between checked luggage and overnight packages, some are bound to get lost or stolen. Corporations may play it sloppy and loose with our personal data, but I'm certain they'll be a lot more interested in protecting their own information. Biometric access controls on laptops and other gadgets should keep most bad guys out, and corporate risk down.

* And what about virtual laptops and e-mail? From online software that gives users a desktop in the browser window through any PC (Sun is a good example), to hard drives that can be slipped into generic machines, to online services that provide access to key office applications (Zimbra is one example), options already exist for travelers who don't want to deal with the hassles of traveling with a laptop. Such services could even be cheaper than outfitting everyone with a laptop and applications. This is a market opportunity that could take off regardless of whether laptops are banned on board.

* Will the ever-a-bridesmaid videoconferencing finally come into its own? If enough people start looking for ways to avoid travel, or cut travel costs, videoconferencing might finally start to catch on in a big way.

* Will we see a drop in productivity, and a rise in social interaction? All that time previously spent hunched over a precariously positioned laptop pecking away between flights and on tray tables might morph into time spent interacting with fellow travelers and passengers. Or, I suppose, even more time spent on cell phone calls. (Perish the thought).

* Will we see new advances in portable technologies and their security come about driven by the need to keep one step ahead of creative terrorists? And will it be difficult, if not impossible, to stay that step head--much as it seems to be with standard computer security today?

* And finally, some of you may be thinking you might as travel naked at the rate this is going. Certainly some travelers will feel naked, if stripped of their digital accoutrements. But, in fact, we will be traveling naked, sort of, and sooner than you think. Remember those special "backscatter" X-ray machines that were being tested about a year ago? You know, the ones that virtually strip you down to your birthday suit? (I guess those comic book X-ray glasses weren't so far off the mark afterall). Initial demos drew complaints and concerns about privacy and modesty issues. We haven't heard too much about them since, but I'm betting we'll be hearing a lot more about them, and soon.

What would you do if your electronics could not be carried on board? We're curious to know what your coping strategies would be in a more restrictive travel environment, and whether your IT department is already looking ahead and thinking about these issues now.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32697
PUBLISHED: 2021-06-21
neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form F...
CVE-2020-19510
PUBLISHED: 2021-06-21
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.
CVE-2020-19511
PUBLISHED: 2021-06-21
Cross Site Scriptiong vulnerability in Typesetter 5.1 via the !1) className and !2) Description fields in index.php/Admin/Classes,
CVE-2021-21422
PUBLISHED: 2021-06-21
mongo-express is a web-based MongoDB admin interface, written with Node.js and express. 1: As mentioned in this issue: https://github.com/mongo-express/mongo-express/issues/577, when the content of a cell grows larger than supported size, clicking on a row will show full document unescaped, however ...
CVE-2021-0532
PUBLISHED: 2021-06-21
In memory management driver, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-185196177