[3420] in cryptography@c2.net mail archive
Re: US Secret Service checking laptops at airports
daemon@ATHENA.MIT.EDU (Matt Blaze)
Mon Oct 5 15:28:40 1998
To: "Sidney Markowitz" <sidney@communities.com>
cc: cryptography@c2.net
In-reply-to: Your message of "Sat, 03 Oct 1998 18:26:52 PDT."
<001601bdef36$11b46770$145da8c0@siddhi.sidney.com>
Date: Mon, 05 Oct 1998 15:21:28 -0400
From: Matt Blaze <mab@crypto.com>
> A friend of mine recently traveled from one of the Washington DC area
> airports to Ireland and reports that US Secret Service agents checked her
> laptop for the domestic 128-bit crypto versions of Netscape Navigator and
> Microsoft Internet Explorer at the metal detector station. She said she saw
> about six other people who were checked as she was going through. As is now
> common, anyone carrying a laptop computer was asked to boot it up,
> presumably to demonstrate that if the case hid a bomb at least it was
> programmable with a reasonable looking user interface. But in her instance,
> people who identified themselves as Secret Service agents had her start up
> her web browser so they could check the encryption level, and made her
> uninstall her 128-bit Navigator.
Several aspects of this story lend an "urban legend" character to it that
seems implausable. In particular, I checked Sabre, and could find no
nonstop flights from WAS to BFS, DUB or SNN (the major Irish airports),
and further noticed that all of the recommended routings to those cities from
the three WAS airports (DCA, IAD, BWI) have as their first leg a US
domestic flight (to either JFK or EWR in most cases). Of course, I could
have missed somthing (some flights are seasonal, I may have missed an
Irish airport, it could have been a charter flight), however, even there
this seems implausable. Although I can't speak with absolute authority
about BWI (having only used that airport a couple of times), at least
at IAD there is centralized security screening at the enterence to the
terminal, and no per-flight screening. Since a large portion of the
travelers passing through the security checkpoint are domestic US, it would
seem a very poor choice of a place to screen international travellers for
crypto. In fact, the only US airport I've seen with per-flight security
screening is the old "IAB" at JFK, and even that only for a few flights
(again, of course, there could be others - I've not flown *that* much).
And of course, for US people under most circumstances, taking crypto out of
the country for personal use (with the intent to bring it back, etc), is
*legal* and requires only personal recordkeeping after the trip.
That said, I *have* heard of export checks at airports (not just for
crypto), but in every case I've heard of, it's been done in the jetway
at the pax enter the aircraft, and always by US Customs, not the Secret
Service.
I'm not saying this didn't happen, but perhaps you can supply more
details?
-matt
