Update on bloggers threatened by TSA over security directive leak


Update, 3:50pm PT: One of the two bloggers reports that the TSA has dropped its subpoena against him.

An update on the case of the two travel bloggers who received holiday visits by armed TSA agents (with matching Homeland Security subpoenas!) after publishing a leaked copy of the "Christmas Day incident" security directive.

Chris Elliot has an attorney now, and more time to respond to the subpoena.

Steven Frischling got his laptop back from the Special Agents who demanded it, then imaged his hard drive, but the laptop no longer works (paranoid commenters suggest one explanation could be the installation of keylogger software, but that's just one of many possibilities.)

Annie Jacobsen of TheAviationNation.com has posted an interview with Frischling here. Why, Jacobsen asks in that piece, is Homeland Security going after these guys so hard?

[I found] my answer in a pre-recorded message at the FBI's Detroit Metro Bureau to which press are referred. The message there states that anyone seeking information about "the Christmas Day event at Detroit metro airport" should call the Department of Justice in Washington.

Wait. A Christmas Day "event"? The FBI makes the attack against Northwest Flight 253 sound more like a shopping sale or a rock concert than the terror strike that it was. Trying to kill 298 airline passengers, destroy an airplane, and crash it into the suburbs of Detroit is now called an "event"? Could the jackbooted TSA visit to blogger Steven Frischling's Connecticut home be just another trickle-down result of DHS Secretary Janet Napolitano's insistence that terrorist attacks be referred to as "man-caused disasters"?

You see, in the TSA directive which Frischling's posted online, the TSA was caught calling a spade a spade: "INFORMATION: On December 25, 2009, a terrorist attack was attempted against a flight traveling to the United States."

For bloggers reading this story in horror, here's a helpful resource: The EFF's "Surveillance Self-Defense" website. Here's a relevant section:

Q: What should you do if a government agent (or anyone else) shows up with a subpoena?

Update items at NYT, another at Firedoglake which addresses the need for a federal shield law to protect professional bloggers. (Huh? OK, then go read this, too). Snip:

As one federal prosecutor told Wired, "it strikes me that they're more aggressive with this reporter than with the guy who got on this flight."
Previously: TSA subpoenas, threatens two bloggers who published non-classified airline security directive

Related reading: Miles O'Brien: Captain Underpants and the Illusion of Security. (Thanks, Glenn Reynolds / image: Elliot.org)



  1. “…then imaged his hard drive, but the laptop no longer works”.

    Well, duh.

    If you image any WinTel computer using WDS on a standard Win2003 or later server, it will render the computer being imaged inoperable. That is, until you then restore the image back onto the HD of the imaged computer.

    Nefarious? Hardly.

    Malicious and all-too-human laziness? Oh, boatloads.

    But unless they used a forensic expert specializing in copying drives without altering data the lawyer of the blogger is going to have a field day over tampering with and altering evidence.

    1. 1MacGeek, you missed the part where he says he’s using a macbook, and as far as copying drives without altering data, pretty much every drive cloning software does this by default. What they probably did do was removed his hard drive, cloned it onto a similar crappy drive and then put that one back into his macbook keeping the original for themselves to send off for forensic data recovery so they can sniff through everything he’s ever had on his HD. This may also explain why it won’t sync, Time Machine might be hanging on the HD’s serial number.

  2. This story deserves a lot more coverage than it’s gotten in the legacy press.

    The creative use of “subpoenas” to try to bluff people into immediate compliance is a tactic that deserves to be exposed so that it can never be used again.

    Not to mention threatening a blogger with being put on a secret “watch-list” if they don’t comply with government demands.

    This whole story is pretty much a huge post-9/11 “I told you so”.

  3. Very important point, that seems universal in “law enforcement scenarios”:

    Do not talk to them.
    Do not comply with any directives
    Do not let them in
    Do get a lawyer and assert that fact, and only that fact.

    It’s surprisingly hard to do when you’re used to being polite and cooperative, but is so important that you don’t roll over for these guys.

  4. I am sorry I missed the point about the MacBook. However, it does prove my point about a forensic expert taking the data without modifying it. The lawyer is now going to have a field day because the data on the drive was provably modified. A forensic expert at data recovery wouldn’t make such a rookie level mistake. It was probably given to a low-level IT grunt and not an certified expert. If that is what the SS calls an ‘expert’ they should probably be the laughing stock of the intelligence world right about now.

    That being said, I dunno what the bitch is about the MacBook not working. Re-install OS X and save the user settings. Back up and running error-free in an hour. It’s far easier to do on a Mac than on a PC.

    But Disk Utility? Please ! You would have better luck doing nothing. Back when it was called ‘Disk First Aid’ we called it something else – Doesn’t Fix Anything. Get a real utility if you are concerned about your data. Free stuff is always priced precisely and exactly what it is worth. And if your data is worth nothing, then use a program that costs nothing.

    1. Back up and running error-free in an hour. It’s far easier to do on a Mac than on a PC.

      Oh, really?

      Keep /home on a separate partition and a Linux re-install is ~20 minutes. And always less than an hour. And yes, I use a “PC.”

      But then again, a Mac is a “PC.” Unless you believe a Mac is not a “Personal Computer.”

      If you mean “Windows,” say “Windows.” Otherwise, you look kinda amateurish to be dispensing computer forensics tips.

      BTW, dm-crypt encryption means they can image anything they want, but will have to use some pretty expensive compute cycles to actually glean anything of value.

      Apologies if this comes off as somewhat smug, but dang 1MacGeek, it’s really, really hard to resist the target you painted on your back.

  5. Hey, everybody, do we really need this thread to fill up with my-OS-is-better-than-yours dick-waving? I’m thinking we don’t.

  6. ‘Wait. A Christmas Day “event”?’

    I hope they keep going in this direction. Terrorist “events” should get 3 lines on page 4 and no more.

    Terrorism is using violence to instill fear with the desire of changing the victim’s or victim’s countries policy, way of life, etc.

    With that in mind what they want and NEED is publicity and fear. Deny them that and they have almost no power. In other words, no sensationalism by media or the government. I’m not saying the government or the media is deliberately aiding and abetting the enemy… But They are doing so for their own reasons.

    Media is easy, fear and sensationalism drives up ratings.

    Government, at it’s most benign likes things easy and compliant, needy citizens are easier to deal with. Citizens asking questions and demanding answers are not. You don’t need a conspiracy theory, just plenty of government workers who given a choice will go with what makes their job easier.

    Get over being the victim, terrorism isn’t a big deal, you are in MUCH more danger backing out of your driveway in the morning. Don’t give them the publicity and fear they need. And…. Let the media and government know your are tired of the victimization BS.

  7. FYI – I flew from DC to Amsterdam on the 29th, and didn’t notice any extra security. In fact, my wait at the security station was under 5 minutes. (Sure – shoes off, belt off, laptop out – but otherwise it was a breeze.)

    I also used my iPhone and laptop (both in airplane mode, no wifi, etc), and no one minded.

    Only thing weird was that the entertainment system wasn’t working. And I remember from my (pre-pants bomber) trip to the US that the entertainment system had communication features (text and voice).

    The airline said it was malfunctioning. I’m guessing that was true, but I do wonder if other people had the same thing. At the end of the flight, the airline gave us compensation vouchers ($50 towards the cost of a future flight). Fair enough.

  8. Terrorism is all about using violence and threats of violence to instill paralyzing fear. When looked at in that light the ‘Failed’ Christmas Day Event was not a failure, because it has had knock-on negative effects upon infrastructure, procedure, and has impeded the free flow of everybody who flies the skies.

    Whenever these terrorists strike, the media assists the Terrorists in their purpose by making damn sure that the event is overblown and hyped to the max. By all means do everything to destroy the Terrorists as they sleep in their beds, cut off sources of funding to them, or at least prevent them when possible from attacking.

    However if elimination and prevention fail, and there is another “Event” like this just downplay, and if they want wider publicity let them take out Superbowl adverts like every other attention seeking whore who is hawking their product out there.

    Terrorists are selling Fear, and we are the customers being targeted by their advertising campaign, so I say to the Media. No Freebies for Terrorists, cause it just makes them happy in their pants!

Comments are closed.