• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Customs Wants Your Password – Daily Security Byte

February 9, 2017 By Corey Nachreiner

I’m sure you’re aware of the immigration controversy currently happening in the U.S. due to a recent executive order. Though the politics around that issue are outside the realm of information security, a recent development does affect our industry. In a recent Congress hearing, Department of Homeland Security (DHS) Secretary John Kelly said his agency was considering requiring immigrants from certain countries to hand over their social media passwords as part of a vetting process. In today’s video, I talk about why this is a horrible idea, not just for the obvious privacy violations, but security as well.

Episode Runtime: 3:49

Direct YouTube Link: https://www.youtube.com/watch?v=zUJrTd_JBsM

EPISODE REFERENCES:

  • Customs agents could demand your social network passwords – Engadget
  • US border agents may want your password – CNET
  • Executive branch immigration order explained – PBS

— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes Tagged With: Infosec news

Comments

  1. Bill says

    February 10, 2017 at 11:34 am

    Why not just ask them for the account usernames and then use the legal process to gain access to the records?

    Have the person sign an authorization form then send a NPR (Non-Party Request) for the information. In this way you can still gain access to all needed information and you don’t have to rely on insecure practices. Yes, I know they may not all be US based companies… but one would expect that would be the correct approach to handling this type of issue.

    Reply
  2. Tom Harger says

    February 10, 2017 at 12:14 pm

    Obviously, someone in the government is not thinking clearly. Even if they can force people to give up their password, what’s to keep people from having two different FB accounts? One for family & friends, the other for “I’m a freaking terrorist”. They’d just give the “family” account info and the other would be a secret.

    And people could always say, “I don’t do FB or Twitter. I don’t like social media sites.”

    Reply
  3. James B says

    February 13, 2017 at 9:40 am

    Great message.

    how about these places that use 2-Step authentication via Cellphone or other means?
    How is Gov USA going to be able to ‘log-in’ to their social media without the other form.

    Either way, the whole world has gone crazy over the last decade 🙁

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity’s Toll on Mental Health
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
  • Successfully Prosecuting a Russian Hacker
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use