Security

You’d think something with a name like ATS or Automated Targeting System is a fire-and-forget military weapon. Instead, the implications of ATS are quite sinister and somewhat scary, especially if you are leaving for, or have traveled to, the land of the free: the USA.

According to the Federal Register Volume 71, Number 212, the ATS is designed to collect and evaluate PNR (Passenger Name Record) information. Briefly, ATS collects and number-crunches such items as:

PNR record locator code,
Date of reservation,
Date(s) of intended travel,
Name,
Other names on PNR,
Number of travelers on PNR,
Seat information,
Address,
All forms of payment information,
Billing address,
Contact telephone numbers,
All travel itinerary for specific PNR,
Frequent flyer information,
Travel agency,
Travel agent,
Code share PNR information,
Travel status of passenger,
Split/Divided PNR information,
Identifiers for free tickets,
One-way tickets,
E-mail address,
Ticketing field information,
Automated Ticketing Fare Quote (ATFQ) fields,
General remarks,
Ticket number,
Seat number,
Date of ticket issuance,
Any collected APIS information,
No show history,
Number of bags,
Bag tag numbers,
Go show information,
Number of bags on each segment,
Other Supplementary information (OSI),
Special Services information (SSI),
Special Services Request (SSR),
Voluntary/involuntary upgrades,
Received from information, and
All historical changes to the PNR

At least they’re modest in their information requirements! Data is collected and evaluated by a computer to assign a risk assessment per passenger to US border officials. Once they have your fingerprints, photographs and answers to their tedious questions, they may then elect to continue with further screening based on the outcome of the evaluation.

The US also insists on retaining the data for 40 years and that you, as the data owner, may never see what they’re collecting. That just makes for a real warm, fuzzy feeling…

Unbelievable but true: my shipment of free DVD’s arrived from the United States Postal Service. What’s crazy about this sentence? Two things: free DVD’s from the USA and the fact that they arrived in my postbox without South African Post Office employees intercepting them.

Before anyone gets too excited, the DVD’s contain short movies relating to security issues, such as identity theft, Internet fraud and telemarketing scams.

The runtime of each is roughly 15 minutes, yet they provide an interesting angle on current issues and may be valuable for small companies to entertain and educate their employees.

Get yours now!

I don’t like banks. But once in a while, they do something right. Just had a call from ABSA’s credit card division. Seems some maladjusted human gained access to my credit card number and did some shopping on the Internet. Thankfully no large amounts! ABSA picked it up and immediately informed me. Sure: I need to get a new card and fill out some paperwork, but at least they showed some initiative!

A serious vulnerability has been discovered in M$ Windows, allowing damaging code to be included in image files. Since the code sits within the image itself, care should be taken when opening such items in E-mail applications and instant messaging software. Microsoft has been criticized for taking some time to release a fix, and the official update from Microsoft will be released only on 10 January.

One way of reducing the vulnerability is to unregister the DLL shimgvw.dll. Since few computer users know how to do this, it’s hardly a practical response from Microsoft. If you want to try it at your own risk, do the following:

• open a command prompt
• run the command regsvr32 -u %windir%\system32\shimgvw.dll

The result is that the fax and image viewer won’t be launched – to re-instate that functionality, register the DLL again:

• open a command prompt
• run the command regsvr32 %windir%\system32\shimgvw.dll