IT and data storage of WBI machines
 

As I was writing about WBI machines this morning it occurred to me that there is a lack of understanding around the data aspects of whole body imaging. I'm not an IT guy, but know a lot of you work in that field. Would you help us all understand? Here's my line of thinking:

* We already know TSA was lying about the machines not being able to store or send data
* You can't create an image without some sort of file being created, right? Even when I open a pdf email attachment there is a file created (Temporary Internet Files for Windows users). When Comrade Janet talks about "erasing" the image - you can't erase something that doesn't exist. So a file IS created. How is it being erased? Just trashed/recycled or actually over-written?

Which leads to the following questions:

* What is the storage capability on these machines? Is it so small that every new image over-writes that last one? Or enough to hold a day's, week's or month's worth of images?
* Who has access and control over retrieving these images?

Would love a technical perspective on this.

As I understand it when you delete a file on a computer the file data is still there but the info of the files location is deleted. That is why software is available to recover deleted files.

I would not accept anything put out by TSA as truth.

FWIW, I have still have not received a response from Bob at the TSA Blog, despite having repeated the question several times over the last three months...

Would the TSA be stupid enough to install a system that could detect criminal activity, i.e. concealed explosives or weapons, and not provide a means to save the evidence obtained that led to the detaining for suspicion of criminal activity? They would actually destroy the evidence of probable cause? They would initiate an invasive body search with photographic evidence that is not capable of being retained?

Yes, I think they may be this stupid, but in this case I can not believe they were. It is incredulous to suggest that the data is not capable of being archived in specific situations and on demand.

Has anyone did a FOIA on any of the NOS`s??
Maybe get the technical stats on it?

I'll cover this point by point.
For the image to be visible, I'm going to guess that some sort of image is created, probalby a .tif image, which has better resolution. When it is "erased", all that's removed is the pointer to the data in the Master File Table. Any forensic Computer tech with a modicum of knowledge could very easy recover the image from whatever medium is used for storage, even if its temporary, as long as the data isn't overwritten.

That would depend. I know if I were making the specifications, I'd demand anywhere from 500gb to 1tb of storage, as .tif images can get large. That would allow, easily, 30 days of images. I'm going to guess there is some sort of remote, mass storage device that the images could be ported to, probably off site, a 2-3 tb device removable to an offsite storage facility. Drobos are good for this type of storage.
That's the $64k question. I'm going to guess a TSA systems administrator with a decent clearance, the FSD, DHS mucky-mucks. I'd limit it as much as possible if it were me.

The NoS would be a mini-computer, similar to whats on your desk, driving the scanning device and the CPU to turn that image into what the TSO sees on his screen, then saving it.

The CPU would prolly be higher end, I wouldn't want Windows as the OS, 4gb of RAM minimum.

But then again, I don't want them at all. :)

I do Level II/III Desktop support, and have spec'ed out systems for all sorts of things...feel free to post more questions. :)

Big thanks to mikemay for a great technical perspective.

And that's pretty much exactly what I thought it would be: files are created, probably stored (whether or not 'deleted') and no one knows who has access to these images or what privacy safeguards (if any) are.

Utterly disgusting. It's nothing but TSA taking a piss on the idea of privacy and liberties. They are dangerously close to crossing a red line, if they haven't already.

It would all depend on how the system is set up. It could be set to delete the image, then destroy it by overwriting it's data with nonsense data, making it impossible to recover. That's real easy to build into the machines.

It would make sense that the image was deleted every time somebody was given the clear signal, or the last five minutes or whatever, much like many police cars cameras, while always on, only store the last 90 seconds to when the flashing lights come on or they activate the camera, saving only the previous 90 seconds and everything going forward from that point.

So the technology is available to do those things but it's just a question of is it being implemented or not.

I would believe not, if you want to prosecute somebody, you will need to match the image of them going through the checkpoint to the scanned image. There's gonna be some xplainign to do the first time a case goes to court and they pull up all the images they say they don't have.

I agree in principle, but since the TSA doesn't ever catch any actual terrorists it will never come up.

The more I think about it, it will probably come up in a drug/contraband case, since TSA loves mission creep so much. Let's hope the public catches on and they have a LOT of explaining to do.

EPIC has this document that discusses specifications of WBI.

http://www.ectnews.com/shared/storye..._FOIA_Memo.pdf

Let me give you my perspective as an engineer. And this is an engineering question, not an IT question. Note that this is how I would design it, not knowing the actual requirements that TSA set.

Of course it can save/store images. From a development perspective, this is a necessity. That doesn't mean this feature will be available or accessible to TSO's, or anyone else who doesn't have access to the device's "engineering mode" for that matter. I would be very surprised if there wasn't some sort of persistent memory like flash or a standard hard-disk, both to store code and to store debug information like test images.

You assume however that it is based on a modern PC operating system like Windows or Linux. This isn't necessarily the case. Many devices like this are based on "embedded" operating systems like VXWorks or QNX. Regardless of OS choice, writing to disk is inefficient. Windows only does that because it has to share the file between applications. Most likely on these devices, the image is only stored in volatile memory - RAM. Anything in RAM doesn't stick around. Once it's deleted, it's gone. I would be VERY surprised if the machines, as delivered to TSA, store the images to disk. Even if it does run Windows, it's probably one application that does all of the processing. Again, no need to store to disk.

There's no way to tell. It's probably tailored to customer requirements. A customer like TSA who does not store images probably has minimal persistent memory. Other customers who do store images will have larger storage needs. Like I said though, since the images are most likely stored in RAM and not disk, there would be no way to recover them once they are no longer displayed, unless the user has some sort of "save to disk" functionality. As incompetent as I think TSA is, I doubt they are lying when they say that TSO's cannot do this.

If the device is designed (as TSA states) to not store these images, the only people who can make would be the engineers who built it or anyone else who the device maker grants access to. And again, it would have to save them to disk, which I would say is unlikely.

Like I said, I'm assuming that the TSA specified in their requirements that the images would not be stored (as they state) and that the engineers at the manufacturers like L3 are halfway competent.

As a fellow engineer I agree with this architectural approach - to store only in RAM. On the assumption that they don't need to produce the image at a future point in time for whatever purpose (to provide a legal basis for a further intrusive search, etc...) then storing in RAM is the way to go. In other words, I agree with InkUnderNails comments about a business requirement existing for storage of images. Which is disappointing but I suspect reality.

Even RAM has its drawbacks - depending on the OS RAM can be written to disk. Which isn't as easy to extract contents from than a plan filesystem, but it's still an attack vector.

The document linked above says it's an XP9(e) machine with USB ports. Access is controlled by user level, with a super user (Level Z) being able to access way more than they are telling the public, including the ability to disable the privacy filters.

When in test mode, they can store and transmit images per their specs.

The specifications also state they will have a high capacity read / write drive, and ethernet ports. The official answer is all that stuff will be disabled before installation, but of course, why have it in the first place then?

No need for probable cause as this is an administrative search, so no need to store images for use as evidence later. Have you ever heard of x-ray monitor images being stored and used later in a trial?

And what is the constitutional justification or exception for an administrative search of ones physical person?

I know the courts have found that an administrative search is acceptable. They did that back in 1967 and it applied to searches of buildings for code violations and such. I also know that after 9/11 the TSA got permission for increased administrative searches of stuff going on the aircraft. But, I could not find a court decision or legislative action that extended the administrative search to ones body.

I readily admit I am not a legal expert, but I try to research these matters. Please inform me.