Wired News: "Dropbox, one of the most popular ways to share and sync files online, says the accounts became unlocked at 1:54pm Pacific time Sunday when a programming change introduced a bug." Four hours later, the hole was closed. — Read the rest

In an interview with Wired's Danger Room, Sen. Ron Wyden (D-Oregon, photo above) said the Patriot Act is worse than you've probably heard.

Congress is set to reauthorize three controversial provisions of the
surveillance law as early as Thursday. But Wyden says that what
Congress will renew is a mere fig leaf for a far broader legal
interpretation of the Patriot Act that the government keeps to itself
— entirely in secret.

Blogger and security researcher Christopher Soghoian has filed a complaint with the FTC over Dropbox's recent data privacy flipflop. Here's the PDF. [Wired News]

Facebook is reported to have hired public relations firm Burson-Marstellar to generate negative stories about Facebook competitor Google— specifically, "urging [journalists] to investigate claims that Google was invading people's privacy." Well that's rich.

One of their targets was Christopher Soghoian, a security researcher and blogger, who is no chump. — Read the rest

Christopher Soghoian says:

Ever since TSA's creation after 9/11, passengers willing to undergo a pat-down and hand-search have been able to fly without ID. This rarely discussed, and little used right was documented by the courts in Gilmore v. Gonzales. While mostly just a way to assert your rights, the technique often had the added benefit of allowing the traveler to skip to the front of the security line.

Supporters of Star Simpson — the 19-year-old MIT student who inadvertently caused a total freaking flipout at Boston's Logan International Airport last week for wearing a sweatshirt with an attached homemade light-up device — are selling these t-shirts to help cover her legal fees. — Read the rest

Over at CNET, Chris Soghoian (huh, he's blogging there now) blogs:

In a recent blog posting, a German operator of a Tor anonymous proxy server revealed that he was arrested by German police officers at the end of July. Although he was released shortly afterwards, information about the arrest had been kept quiet until his lawyers were able to get the charges dropped.

Facebook has implemented fixes that should prevent this from happening again, but — tech journalist Thomas Crampton experienced an unfortunate side effect of that Facebook personal profile bug I blogged about here yesterday. Thomas says:

A misguided attempt to increase our privacy backfired horribly a few days ago, just weeks ahead of our wedding.

Christopher Soghoian, whose name you may remember from that huge boarding pass terror freakout last year, has discovered that Facebook's advanced search features can provide you with access to users' names, pictures, religion, or sexual orientation, even if you don't have permission to view their profile. — Read the rest

BoingBoing reader Kevin says the new chair of the subcommittee on Internet and IP is in the pocket of the MPAA and RIAA. Snip from Kevin's blog post:

In the wake of the Democratic win in the House of Representatives, some chairs will be rearranged.

John Adams says, "This is a reimplementation of [Christopher Soghoian's] Northwest Airlines Boarding Pass Generator in javascript. It can now be run in a browser without a web server. (Only tested in firefox)." Link.

PREVIOUSLY:
* NPR "Xeni Tech": update on FBI raids fake boarding pass website

* Ceci n'est pas un fake boarding pass (10-29-06)

* Congressman on Boarding Pass Generator guy: Uh… oops? — Read the rest

It was a dark and stormy night, when agents pounded on the door of Christopher Soghoian's apartment and shouted, "boo!"

OK, it's not a Halloween story at all. But for today's edition of the NPR News program "Day to Day," I spoke with host Alex Chadwick about the recent online controversy surrounding the "The Northwest Airlines Boarding Pass Generator" (cache link) website, and the late-night federal raid that followed. — Read the rest

Following on the rapidly-evolving saga of Christopher "Fake Boarding Pass Generator Website" Soghoian, BB reader Jason Eppink scrawls the legally dubious item you see above (full-size) and says:

Here's a fake boarding pass for Continental Airlines. Let me be clear in stating that I in no way endorse using the use of this boarding pass to attempt to bypass TSA security screening, or to commit fraud.

Last Friday, Rep. Edward Markey (D-MA) called for the arrest of Christopher Soghoian, and the takedown of his "Boarding Pass Generator" website which illustrated an airline security hole documented on the web for several years. Hours after the congressman's statement, Soghoian says FBI agents visited his home, then returned a second time after he'd left — in the middle of the night — with a search warrant signed at 2AM, and seized Soghoian's computer(s) and other belongings. — Read the rest

Christopher Soghoian's stated intent with the "Boarding Pass Generator" website was to illustrate a well-documented airline security weakness that airlines and government failed to address — not to commit fraud or help terrorists. IANAL, but people who are lawyers are no doubt examining the laws that may apply to his case, now that he has been visited by FBI agents bearing a search warrant, his computer and other belongings seized. — Read the rest

(Story background here). Christopher Soghoian today blogs that the FBI returned to his home last night in his absence with a search warrant, and seized computers and other belongings. The 24-year old computer science student is the creator of a website that generated fake airline boarding passes to illustrate a security flaw which has been documented on the 'net since (at least) 2003. — Read the rest

Christopher Soghoian, who created the Fake Boarding Pass Generator website, claims to have been visited by FBI agents this afternoon at his home in Bloomington, Indiana, according to a security researcher with whom he was instant-messaging at the time.

This news comes just hours after Rep. — Read the rest

Congressman Edward Markey (D-Mass.) is alarmed by the Northwest Airline Boarding Pass Generator mentioned yesterday. He issued a statement demanding that security researcher Christopher Soghoian be arrested.

"The Bush Administration must immediately act to investigate, apprehend those responsible, shut down the website, and warn airlines and aviation security officials to be on the look-out for fraudsters or terrorists trying to use fake boarding passes in an attempt to cheat their way through security and onto a plane," Markey said in a statement.