Last Build Date: 2017-01-18T00:17:45-08:00
Exactly three weeks after a public demonstration of the insecurity of public Web gateways to computerized reservation systems (CRSs) -- a threat to travellers that I've been writing, speaking and telling the CRS operators about for more than 15 years -- one of those companies has responded to my request for comment, but without answering any of my questions.
Here, in its entirety, is the statement I received late Tuesday from Amadeus (which hosts PNR data for airlines and travel agencies and operates the CheckMyTrip.com for viewing PNR data), followed by my comments:
Much of my work for the last decade as a consultant to the Identity Project (PapersPlease.org) on travel-related civil-liberties and human rights issues has focused on requirements to obtain government permission and/or show government-issued ID credentials in order to travel by common carrier.
The TSA tells travellers they have to show government-issued ID to fly, harasses those who decline to do so, and sometimes has them arrested by local police on trumped-up (will that word now have new meaning?) charges.
But people with no ID at all fly every day. "We have a procedure for that," the TSA says whenever its demands for ID are challenged in court.
Now the TSA has proposed -- in a backhanded way calculated to evade public or Congressional debate or judicial oversight -- to impose a new official requirement for all airline passengers either to show government-issued ID or to certify that they live in a state that the DHS deems sufficiently compliant with the REAL-ID Act 2005. This ID requirement would be an additional prerequisite before the TSA will give them "permission" to pass though its checkpoints or board airline flights.
For more on what's wrong with this proposal, see the comments filed this week with the TSA by the Identity Project and this post from the Identity Project blog.
Since the recent public demonstration of some of the security and privacy vulnerabilities of airline reservations systems that I've been writing and speaking about for more than 15 years, people have been asking me, "What can I do to protect myself against stalking, harassment, surveillance, and fraud when I travel?"
Here are some answers from an interview I gave last week to Lucia Blasco of the BBC World Service:
2016-12-30T21:13:07-08:00[In the middle of the presentation by SRLabs at 33C3 on Tuesday, Nemanja Nikodijevic discovered that Amadeus had taken its "CheckMyTrip.com" PNR-viewing Web site offline to prevent the vulnerabilities of the site from being demonstrated in real time. Screen capture from CC3C video by permission of SRLabs. Click images for larger versions.] This past Tuesday at the 33C3 conference in Hamburg, Germany, Karsten Nohl and Nemanja Nikodijevic of SRLabs publicly demonstrated that airline reservations systems still have the same fundamental insecurity, in the same ways that I have been writing and speaking about for more than 15 years. Lest there be any doubt, while the the team from SRLabs was inspired to investigate this subject in part by an interview with me on a German IT news site, I had no contact with them and was entirely unaware of their work until they contacted me last week. They worked entirely independently of me, and had no access to any information from me except my published writing and public speeches. When they contacted me last week to let me know that they would be giving a presentation on this topic at 33Cc, their research was already complete. I thought that expert security researchers might have found more vulnerabilities than I had found. Perhaps they did, but haven't yet discussed them publicly. But all of the attacks they demonstrated in their public presentation at 33C3 exploited the lack of real passwords on public Web gateways to Passenger Name Records (PNRs) operated by computerized reservation systems (CRSs/GDSs) for itinerary viewing, and by airlines for online booking, ticketing, check-in, changes, and cancellations. These specific vulnerabilities have been publicly reported and discussed in print for at least 15 years, starting around the time Amadeus began its beta test of CheckMyTrip.com. In light of some of the statements attributed to Amadeus -- the target of most of the sample exploits demonstrated by SRLabs -- in other news stories this week, it's important for the public and for government officials with authority over privacy and data protection to understand that this was not a demonstration of new vulnerabilities or anything that wasn't already well-known to Sabre, Amadeus, and Travelport (the current owner of both Galileo/Apollo and Worldspan). Amadeus' reported responses have focused on the brute-force attack on PNR record locators, but the real problem, which has long been known, is the use of the record locator as though it were a password and without telling travellers that they need to keep it secret like a password that can't be changed if compromised. In many real-world targetted attack scenarios, the attacker will have other ways than trial and error to obtain a record locator. And real-world attacks are likely to be targetted: There are easier ways for hackers to obtain credit card numbers or money. The motivation for hacking a CRS/GDS or obtaining PNR data is to find out where someone will be, and when, so that the cyber-attacker can stalk their victim, surveil her, harass or attack her physically, rob her home while she is away, kidnap her and/or her children, or kill her. To set the record straight, below is more detail than I would normally go into about the chronology of my reporting on this subject, followed by my recommendations for action and the questions I have asked Amadeus.[...]
2016-12-27T02:54:15-08:00[Some of the privacy and security threats to PNR data and the CRS network, from my testimony in 2013 as an invited expert witness before the Advisory Committee on Aviation Consumer Protection of the U.S. Department of Transportation. Click image for larger version.] Video, slides, and blog post of presentation by SRLabs at 33C3 (27 December 2016, Hamburg, Germany) Who's watching you while you travel? (details of this vulnerability published on my Web site, 18 April 2002) Flight booking systems lack basic privacy safeguards, researchers say (by Eric Auchard, Reuters, 27 December 2016) Reisedaten: Betrug mit Buchungscodes ist zu einfach (by Patrick Beuth, Zeit, 26 December 2016) Unsicherheit bei Flugbuchungen: "Greift mehr Legacy-Systeme an" (by Hauke Gierow, Golem.de, 28 December 2016) Une étude alerte sur les failles des réservations de vol (by Alexis Orsini, Numerama.com, 28 December 2016) 33C3: Gravierende Sicherheitslücken bei Reisebuchungssystemen (by Stefan Krempl, Heise Online, 28 December 2016) Amadeus-Sicherheitsproblem: Einladung für Cyber-Vandalen (by Frank Patalong, Der Spiegel, 27 December 2016) Today at the 33rd Chaos Communication Congress (33C3) in Hamburg, Germany, white-hat hackers from Security Research Labs inspired by news reports in Germany about my work will publicly demonstrate their ability to access and alter other people's airline reservations (PNRs) by exploiting vulnerabilities including ones that I wrote about and called to the attention of all of the four major Computerized Reservation Systems in 2002, but that the CRSs have made a deliberate choice not to close because (a) government authorities have not enforced existing data protection laws (in other countries than the USA, which has no such laws) against CRSs, airlines, or travel agencies, and (b) these travel companies put their profits ahead of passengers' privacy and security. There's been some advance coverage in German print (mentioning my work) and television news media. (Zeit, Handelsblatt, Der Spiegel.) But the CRS exploits discussed in these news stories are not the most serious of those that I expect the folks from SRLabs (well-known for their previous public exploits) to demonstrate at 33C3. Watch the livestream here at 21:45 CET in Hamburg, 12:45 p.m. PST in San Francisco. Recorded video will be posted later, but I don't know how soon. I'll add a link once it is available. As I wrote in my book, The Practical Nomad Guide to the Online Travel Marketplace, which was published in early 2001 before 9/11, "Privacy is the Achilles heel of Internet travel planning." In that book (page 121), I also wrote about the vulnerability of the public Web gateways operated by CRS companies -- the vulnerability exploited in today's demonstration at 33C3, of which the first was Sabre's VirtuallyThere.com: If you make reservations through Travelocity.com or any other Sabre travel agency, you can view your itinerary at Sabre's "Virtually There" Web site (www.virtuallythere.com) by entering your last name and the six-character "record locator"" for your reservations. This is good if you've misplaced your printed itinerary, but at present is dangerously insecure. Anyone who sees your name and record locator on an itinerary (through a window envelope, for example, or over your shoulder in an airport check-in line) can find out your home address, the exact dates you''ll be away, where you are staying, etc. Properly secured, it could be a great feature, and hopefully Travelocity.com will have secured it before you read this. If they haven't, don''t make any reservations in Sabre until they do, unless you want every detail of your trip to be public. At the time that this was written and this book went to press in 2000, I was already in active discussions with Sabre about this issue. Eventually Sabre made some partial improvements, which I reported on in 2002, but they were insufficient and in any event proved to b[...]
I'm quoted at length in a story today in The Verge and on CNBC about the DHS "Analytical Framework for Intelligence" (AFI), a data-mining and profiling system outsourced to a company founded by a member of the Trump transition team and used to "vet" immigrants, foreign visitors, and US citizens, to decide whether or not they are allowed to travel and how they are treated when they travel, on the basis of an aggregated database of government and commercial information:
"When Trump uses the term 'extreme vetting', AFI is the black-box system of profiling algorithms that he's talking about," says Edward Hasbrouck of the Identity Project, a civil liberties initiative that focuses on the rights of travelers. "This is what extreme vetting means."
Are Government Fines Really Improving Air Travel? (by Christoher Elliott, Huffington Post, 5 December 2016):
The Department of Transportation fined airlines $4.5 million in 2016 for infractions ranging from lengthy tarmac delays to failing to compensate passengers for lost luggage, almost double last year's amount and the highest since 2013.
The DOT's Aviation Consumer Protection Division, which is responsible for ensuring that airlines follow federal regulations, issued 23 consent orders -- voluntary agreements worked out between the agency and an airline that generally have the same effect as a court order -- in 2016, up from 15 last year....
But it isn't clear whether these actions are benefitting the passengers they're supposed to protect. Industry watchers say the numbers don't tell the full story....
Industry critics are ... unhappy with the size of the DOT fines, saying they are not a significant deterrent. Airlines collect about $250 billion in revenue each year for travel to, from and within the United States, which means their DOT fines represent about 0.002 percent of their profits....
Consumer advocates say that while they're encouraged by this year's enforcement actions, the DOT has focused on some issues while ignoring others.... More needs to be done to keep them informed, says Charlie Leocha, president of Travelers United, an advocacy group for air travelers. He thinks that the DOT needs to begin posting some of the rules that deal with lost-luggage compensation and denied-boarding statements at airports, so passengers will know their rights.
"It would keep the airlines honest," Leocha says.
But would it make air travel any better? It's hard to tell.
"Given the puny financial settlements, the real test of effectiveness should be whether airlines comply with the promises in these consent agreements," says consumer advocate Edward Hasbrouck. "But there's no evidence of DOT follow-up audits of compliance with these consent decrees, or of enhanced penalties for repeat violations -- even though violating a consent agreement is contempt of court."
Sadly, most of what I said in the first year of the Obama Administration about the need for DOT action to protect consumers is still relevant in the final lame-duck days of President Obama's second term. And with the former owner of a (failed) airline moving into the White House, we can scarcely expect his Administration to sympathize with passengers against airline owners.
Travelers United and other consumer advocates for travellers will need your support more than ever.
["Hasbrouck" is a French Huguenot name, presumably of Flemish etymology, meaning "Rabbit Marsh" or, as a Belgian customs man once told me, "Swamp of the Bunnies". It's spelled differently in France, South Africa, the USA, and the Netherlands. One evening on the way back to my hostel from a concert at the Orgelpark, I found myself on "Hasbrouck Street" (photo above) in Amsterdam, which I hadn't known existed.]
Travel for me is always a mix of business and pleasure. Here are some of the travel and other lessons from my latest trip: two and a half weeks in Amsterdam, Brussels, and Istanbul, representing the National Writers Union at international meetings.
Terrorism and travel bargains
[Billboards and banners with nationalist and anti-terrorist slogans -- seen here in Taksim Square, near the site of one of the bombings earlier this year -- are currently ubiquitous throughout Istanbul.]
Within the last year, there have been terrorist bombings in the check-in areas of both the Brussels (Zaventem/National) and Istanbul (Ataturk) airports, in downtown Brussels, and repeatedly in central Istanbul, as well as an unsuccessful attempted military coup in Turkey.
These events have scared off many foreign tourists, forcing down hotel prices and creating bargains for opportunistic visitors in both cities, especially Istanbul.
As with natural disasters or financial crises, it may seem ghoulish to seek out sites of terrorism for our subsequent vacations. But one of the tactics of terrorism is to scare off tourists as a way to inflict economic damage on the government, businesses, and the local population. In the wake of such an attack, local people are often more eager than ever to to show that they welcome visitors (and their spending) and don't share the terrorists' antipathy to foreigners. The welcome mat is out, prices are low, museums and monuments are less crowded, and often the government sponsors special promotions to woo back frightened tourists.
I've been elected to the Board of Directors of the International Federation of Reproduction Rights Organizations (IFRRO). For the next three years, I will hold the sole seat on the Board reserved for a representative of journalists, authors, and other writers worldwide.
Although the name sometimes leads to confusion, IFRRO has nothing to do with abortion or reproductive rights. It's the global coordinating and standard-setting body for "reproduction rights organizations" (RROs) -- rights management agencies that license photocopying and other "secondary" uses of published written and printed works.
I was nominated for the IFRRO Board by the National Writers Union (NWU) and the International Federation of Journalists (IFJ). The IFJ represents more than 600,000 journalists in 140 countries. The NWU is one of the US affiliates of the IFJ, although the NWU also includes many other types of writers as well as journalists. At the IFRRO annual general meeting in Amsterdam where the IFRRO Board was elected, I represented both the NWU and the IFJ.
Enough with the alphabet soup. What am I doing on the IFRRO Board, and why should writers (or readers) care?
2016-10-30T01:26:42-08:00I'm honored to be among the former U. of C. students from "Generation X" featured in a thoughtful article by Hannah Edgar in the current issue of the student newspaper, the Chicago Maroon, Generation X': A Brief History of Dropouts and Transfer Students at the University of Chicago. (The title of the article is an insider pun on the way the U. of C. refers to alumni like myself as "ex-degree", with an "X" and the year we left the University, in lieu of our degree and year of receiving it.) Congratulations to Hannah Edgar for digging so deeply into this underreported (for reasons some of which she explores in the article) topic, and for including me in this distinguished company along with others including Andrew Patner, my classmate and, much later, one of Ms. Edgar's mentors. And thanks to the U. of C., in all seriousness, for a profoundly valuable educational experience. One of many issues Ms. Edgar and I talked about that didn't make it into the article was to what degree the inability of the U. of C. to deal with its "image problem" was, and perhaps still is, related to homophobia and/or Asperger's Syndrome. When I read a description of the longstanding negative stereotype of a U. of Chicago student quoted from a former President of the U. of C. in a recent history of the College, my reaction was, "Is this a description of a stereotypical faggot? Or of a stereotypical person with Asperger's? Or both?" The answer, of course, is "both". But no matter how obvious that answer is, it's one the U. of C. has yet to confront. Here's the U. of C. student stereotype. You be the judge of what it means: Every high school principal and college counselor knows precisely the kind of student they think we want, and they endeavor conscientiously to urge these students to come to the University of Chicago. The stereotype varies a bit in different parts of the country, but it adds up pretty well into a certain kind of youngster. First of all, he must be odd and not accepted in games and social affairs by the other students. He must be bright, not necessarily in the conventional sense of high I.Q., but in some extravagant and unusual way. He must have read and pondered esoteric things far beyond his years. He draws a sharp breath when reference is made to Aristotle, St. Thomas, John Donne, and James Joyce. He wears glasses, does not dance, deplores sports, and has advanced ideas on labor and the theory of relativity.... The converse of this stereotype is also the case. As one college counselor phrased it to me, "It simply does not occur to any of our normal students to go to the University of Chicago." We have insisted that the purpose of a university is to train the mind, and the inference has been drawn that the rest of the person may go hang so far as we are concerned. We have deplored fun, snorted at anyone who wanted to develop himself physically, and sneered at anyone who conceived of a college education as having any vocational or practical significance.... The stereotype which emerges is thought to be the only person who would be interested in or profit by our system of education." [U. of C. President Lawrence Kimpton, address to the faculty, 1954; quoted by Dean of the College John W. Boyer, Chicago Occasional Papers on Higher Education XXII, 2012, pp. 82-83.] I can't say whether there was any larger a proportion of queers at the U. of Chicago than anywhere else -- I arrived on the Quads as a 17-year-old sexual naïf who was completely oblivious to such matters even though there were already some out gay students in the College. I wouldn't have a concept of bisexuality, much less the sexual self-awareness to be able to recognize it in myself, until a year or two after I left Chicago. But looking back on my time in Hyde Park, it seems clear that a (mostly) deeply closeted, un[...]
2016-10-25T09:28:32-08:00Testimony of Thomas Emmett Hayden Before the National Commission on the Causes and Prevention of Violence 23 October 1968 First of all, I should say very frankly that I don't come here with any expectation of a dialogue or understanding being achieved or with any belief in the legitimacy of the commission. Frankly, I think that it is very difficult for a person in my position to believe that you are actually prepared to study the real causes of violence as I see them in the country. There are no young people on the commission, no student activists, no draft resisters, no outspoken critics of the draft.... My only purpose is for coming here, therefore, are twofold, and they have to do with simply stating for the official record, first, that the sources of violence in this country are to be found in the war on Vietnam which you should be studying rather than in student protest movements, draft resistance, or the antiwar movement. And in a deeper sense violence in this country stems from a system which is sick, which is racist, which apparently has a boundless ambition to police the world, which is therefore losing authority and legitimacy in the eyes of millions of young people in this country and many millions more of people around the world, a system which relies more and more on the use of force, and the use of police to maintain itself rather than relying on consent or persuasion or traditional techniques of democracy. The second statement that I would like to make is that the antiwar movement, the draft resistance movement is not a nihilistic handful of true believers, that our position is composed of actual human beings with actual needs that we believe are denied, it illegally and him morally denied. This solution to the war cannot be pacified with trick solutions, nor will it be eliminated through repression, because the opposition is composed of people who do not want to die or live in constant disorder, but who will not become "good Germans" quietly accepting an insane, immoral order of things. There is nothing sinister incomprehensible about the opposition, about young people, about students in this country, except to their enemies who think their own authority is beyond question and challenge.... Look at the situation of a student facing this problem. He has no vote. His voice does not count in the democratic manner. Attempts to work within the system have been frustrated, and a student is not able to avoid the war for two basic reasons in particular, two basic ways in which the war is brought to him: first, the draft, and second, the transformation of the university into an instrument of American foreign policy, including policy in Vietnam. For many students, the draft represents the most tangible form of oppression that they have experienced in their sheltered, middle-class lives Originally, the protest against the draft came from the protest against the war. But the more that students understood the draft, the more they realized that they had to objections to it. First of all, through the draft the American state interferes with what the students consider to be an inalienable right, the right of the individual to decide what he will die for. Second, the draft, we see, is an instrument of social management and manipulation. In the words of Selective Service documents, official documents called A Memorandum on Channeling, the draft and the deferment system are used to keep students working in acceptable careers, acceptable to the makers of the war and to the government of the United States. It is not primarily or exclusively used to supply manpower for wars but is used as a device to regulate the ambitions of American youth according to a national interest defined by men for whom the youth can only fight but not vote. If you want that m[...]
2016-10-19T06:30:34-08:00Writers shouldn't have to choose between protecting our privacy and protecting our copyrights. But existing and proposed laws in the US and other countries are forcing us to do so. They should be, and can be, changed to remove this unnecessary and unfair dilemma for working writers. That's the message of comments I helped draft, as part of my volunteer work as a member of the National Writers Union (NWU), which were filed this week with the U.S. Copyright Office by the NWU and the American Society of Journalists and Authors (ASJA): Writers are being forced to choose between revealing their identities and personal information or risking the loss of some of their rights. We should not be forced to choose between protecting our privacy and protecting our copyrights.... We urge Congress and the Copyright Office to address the causes of this dilemma, and repeal the registration requirements for enforcement of copyright and remedies for infringement (17 U.S. Code Â§411 and Â§ 412). And, in light of the privacy issues highlighted by this NPRM [Notice of Proposed Rulemaking], we encourage the Copyright Office to reconsider and withdraw its proposal for legislation to categorize rights to any work as "orphaned" and fair game for unauthorized and uncompensated copying if an author has not chosen to make public sufficient information that they may be contacted by would-be licensees, or deliberately or inadvertently does not respond to licensing requests, regardless of how actively they are exploiting the rights to their work. Privacy and copyright are fundamental rights. Writers should not have to choose between them. I work on privacy issues with the Identity Project and as a consumer advocate for travellers, and I work on copyright issues as a member of the NWU (and, through the NWU, of the International Federation of Journalists and the International Authors Forum). But despite fundamental similarities and -- in at least some legal systems -- common conceptual roots of privacy rights and writers' rights, the relationships between these rights, and their effects on each other, have often been overlooked in policy-making. British novelist, blogger, and activist for writers' rights Nick Harkaway remarked on this in his book, The Blind Giant: Being Human in a Digital World: I don't think it's a coincidence that privacy and intellectual property are major battlegrounds in the shaping of our digital environment, but I do find it odd that so many privacy campaigners are also uncomfortable with the idea of IP [Intellectual Property].... To me, the issues are closely related. Privacy and IP share to my eye a common conceptual basis, and the problems that they both face in the age of digital reproduction are problems in common.... Intellectual property, more than ever, is a line drawn around information, which asserts that despite having been set loose in the world -- and having inevitably, been created out of an individual's relationship with the world -- that information retains some connection with its author that allows that person some control over how it is replicated and used. In other words, the claim that lies beneath the notion of of intellectual property is similar or identical to the one that underpins notions of privacy. It seems to me that the two are inseparable, because they are fundamentally aspects of the same issue. This commonality is even more evident, as Harkaway notes, if writers' rights are conceptualized as human rights rather than property rights. In Continental European law, authors' rights ("droit de l'auteur") are human rights of the creator, some of which (such as moral rights) are inalienable. Copyright in the USA and UK is a property right that can be freely traded, completely separated from its [...]
The 1935 novel is prescient even in its details. I've re-read it several times in the last year, and I've been recommending it to everyone I know.
It's rightly known as an anti-fascist work, but it's also a paean to the power of the pen. The protagonist is the social democratic editor of a small-town newspaper in northern Vermont, and his role in the resistance to American fascism is as a propagandist.
Lewis himself was commissioned by the Federal Theatre to adapt his novel for the stage. In 1936, as one of the Federal Theatre's experiments in using the arts to promote popular national discourse, it was produced simultaneously in more than 20 cities throughout the country.
(The Federal Theatre was a WPA arts project directed by my great-aunt, Hallie Flanagan Davis. It was eventually defunded and shut down by Congress for allegedly purveying Communist propaganda, after Aunt Hallie was unrepentant in her testimony before the House Un-American Activities Committee.)
I was disappointed when I learned that the Berkeley Rep has written a new staging of the novel, rather than using Lewis' own script. But the new adaptation is both excellent and faithful to the book -- it wasn't necessary to change even the details to make it timely and relevant.
In the spirit of the original Federal Theatre national production, the Berkeley Rep has instigated a national staged reading of the new version of "It Can't Happen Here" this coming Monday, October 24, 2016. Dozens of professional and amateur theater companies, libraries, etc. are participating.
I encourage any of you who are able to attend one of these readings. (And if you are in the Bay Area, try to make it to the Berkeley Rep, in spite of the price. Trust me, this show is worth it, if you can afford it.) It's a chance to celebrate engaged journalism, and to be reminded that while fascism has its American face, so does resistance to fascism.
2016-10-13T07:41:32-08:00Over the last month, Amtrak has quietly rolled out a major upgrade to its services for transporting bicycles on long-distance trains: Amtrak has added bike racks or hooks for unboxed bikes in the baggage cars of almost all of its long-distance trains. Kudos to Amtrak, whose headquarters isn't always so highly regarded for marketing savvy or customer responsiveness. (Amtrak's front-line staff, especially onboard, on the other hand, are known among regular riders for going the extra mile to accommodate passengers.) This changes makes Amtrak a better choice than ever for bicycle transport across the USA compared to planes, buses, DHL, Fedex, or the U.S. Post Office. But the latest change has gotten remarkably little fanfare from either Amtrak or cycle-touring organizations such as the Adventure Cycling Association, which is why I'm bothering to call it out here. Intermodal transport of bikes on trains is long established as a way for cyclists to get to and from their rides, whether using a bicycle for the first and/or last miles of their daily commute, putting their bike on a train to get out of the city for a Sunday ride in the country, or getting to the start or home from the finish of a cross-country tour. As members of the WarmShowers.org hospitality network for touring bicyclists, we get many cycle-touring guests in our home in San Francisco who are riding up or down the West Coast or across the USA. San Francisco is often the start or end of their ride, and we often find ourselves talking with our visitors about options for getting themselves and their bikes across the country or back up or down the coast. Our answer to, "What's the best way to do this?" is usually, "If you have the time, Amtrak." There are racks for two or three bikes on many city buses in the US, and a tired cyclists can sometimes use a local bus as a "sag wagon" if it has a bike rack. But bikes on buses don't scale if there are a lot of cyclists travelling together. You can slide your bike on its side into the luggage compartment under a long-distance bus, but it's vulnerable to damage en route unless you dismantle, pad, and box it. With some exceptions, bringing a bike with you as airline luggage is expensive (US$150 per bike, one way, is typical for a boxed bike checked as airline luggage on a flight within the USA) and requires you to partially dismantle and box it. Sending a bike as unaccompanied air cargo is even more expensive, and also requires boxing it. Within the USA, shipping a boxed bike by UPS or Fedex Ground is cheaper than sending or bringing it with you by air, but still not cheap and still requires boxing to meet package size limits. Some of these fees and restrictions can be avoided by getting a bike with S&S couplers so that the frame can be split in half. You can even get couplers retrofitted in an existing steel frame, for a price. But breaking down a bike with couplers to fit into airline luggage is still a non-trivial task that requires finding or cutting down a box to exactly the right size. A train (or in most cases a ferry) has room for many more bikes onboard than a bus or plane. If there's a dedicated baggage car, it's relatively easy to fit it with racks, hooks, and/or straps to secure numerous unboxed bikes. And for both historical and business reasons, passenger railroads around the world generally charge much less to transport bikes than do most airlines or other cargo shipping companies. What does this mean if you want to bring your bike with you, or ship it unaccompanied, on an Amtrak train?[...]
2016-08-10T12:49:29-08:00An outage of some computer systems or components on Monday led to cancellations and delays of Delta Air Lines flights. Once planes and crews are out of position, it takes time to get them back to where they are needed. New crews and/or planes may have to be sent out if the original planes and/or crews have exceeded their safety time limits for periodic equipment maintenance or crew rest. Only today, Wednesday, are Delta flights getting back on schedule and back to their normal capacity. Last month Southwest Airlines flights were similarly cancelled, delayed, and disrupted for several days after a computer system component failed. What caused the problems with Delta flights? The "outage" that affected Delta operations has been attributed to an equipment failure that cut power to some components of Delta's computer system. But neither the nature of the problem nor the specific component(s) that were affected have been clearly identified. My guess is that the equipment that lost power was part of the interface between some components of Delta's in-house IT systems including its departure control system (DCS) and flight management system, and the Worldspan computerized reservation system (CRS). Was this a result of problems with Delta's reservation system? No. Other airlines that use Worldspan had no problems. One thing we know for certain is that this was a problem internal to Delta's own systems (or those of some other Delta service provider) or related to the Delta-Worldspan interface, not to any core or shared Worldspan functionality. Where would you point the finger of blame? I don't yet have enough information to be sure, but the underlying cause is likely to turn out to be a combination of (1) over-reliance on technology (see more on that below) and (2) the inability of airlines like Delta to make a clear, long-term commitment either to outsource their operational IT systems or keep them in-house. The interface between in-house and outsourced IT systems that failed only existed because Delta chose take some parts of its systems in-house while outsourcing others. Prior to that, Delta's IT systems had been integrated, first wholly in-house and then wholly outsourced to a single company, Worldspan. Delta has an unnecessarily complicated relationship with Worldspan. Worldspan was originally developed in-house by Delta, but was spun off and eventually acquired by Travelport, a holding company which also bought the competing Galileo/Amadeus CRS. Throughout that time, Delta's systems continued to be operated by essentially the same team of people in the same facilities. But recently, Delta has taken some IT functionality in-house, while continuing to outsource database hosting to Worldspan. Given the changes back and forth between Travelport's Worldspan division and Delta over operational and legal responsibility for elements of the airline's IT systems, it's scarcely surprising that the interfaces grafted on to connect but separate Worldspan and Delta (a digital corpus callosum between the halves of its logical brain) are among the least well-tested and most vulnerable components of the complex and formerly unified system. Was this a result of airlines using "old-fashioned" computer equipment? No. There's no basis to claims like the headline today in the Wall Street Journal, Delta Meltdown Reflects Problems With Aging Technology. One of the biggest advantages of "mature" software and systems is that they have had time for bugs to manifest themselves and be corrected. Legacy systems are often kept around and preferred because of their reliability. The major CRSs are no exception, and one of the many reasons most airlines outsource reservat[...]