Forgot your password?
typodupeerror
Security IT

US Blocks Entry For German Black Hat Presenter 348

Posted by kdawson
from the officious-nonsense dept.
bushwhacker2000 alerts us to the dilemma of Thomas Dullien, a prominent security researcher who has been a fixture at the annual Black Hat security conference. Dullien was denied entry into the US on his way to this year's conference. Dullien, a German reverse-engineering expert known in hacker circles as "Halvar Flake," said he was blocked from entering the US on the technicality that he had (years ago) signed a contract with Black Hat as an individual, not as his company. Customs agents said he would need an H1-B visa to perform the contracted two days of training at Black Hat, and put him on the next plane back to Germany.
This discussion has been archived. No new comments can be posted.

US Blocks Entry For German Black Hat Presenter

Comments Filter:
  • Hurrah! (Score:5, Insightful)

    by zmollusc (763634) on Sunday July 29, 2007 @05:09PM (#20034699)
    Another evil terrorist plot foiled! Tax me some more so i can be even safer!
    • Thousands of government computers mysteriously crashed today. Official spokesman stated "sunspots" as the probable cause.
  • Technicality? (Score:5, Insightful)

    by kcurtis (311610) on Sunday July 29, 2007 @05:11PM (#20034709)
    How is this a technicality? He didn't have a visa to do the work here that he had contracted for.
    • by Lars T. (470328)

      How is this a technicality? He didn't have a visa to do the work here that he had contracted for.
      Neither did he have one the other times he did the exact same thing. Now either this is a technicality, or US customs is seriously SNAFU. Hey, he told them what he was going to do, and they waved him through each time until now?
    • Re:Technicality? (Score:5, Insightful)

      by JimBobJoe (2758) <.moc.liamg. .ta. .traehtfiws.> on Sunday July 29, 2007 @05:32PM (#20034905)
      How is this a technicality? He didn't have a visa to do the work here that he had contracted for.

      Because at its very essence the visa wasn't needed--all that was needed was a piece of paper saying that he was working for a company in Germany who was sending him, instead of going over and being "employed" by a company as a trainer in the US.

      This is dictionary definition of technicality. One sentence needed to be worded slightly differently even though both sentence variants meant, in terms of the business relationship, basically the same thing. One variant makes the immigration bureaucracy happy, the other blows a multi-thousand dollar trip.
      • by QuantumG (50515)
        Yeah, ok. I don't think you know the details. You're just speculating.

        If the people in the US were paying his company in Germany for him to present then he is a contractor, working in the US.

        Personally, whenever I go to the US, I stand at the border with no visa and say "yep, I'm here to attend meetings with my employer, catch up, that sort of thing" and they wave me through.

        • What they should've done was offer to buy some stocks in the German company on the international market and then let his company cut him in on a few priveleged options when he returned home. That's the way international players conduct their money-laundering.

          A security researcher should definitely know how to get around such simple rules, don't you think?
        • Re: (Score:2, Insightful)

          by JimBobJoe (2758)
          Yeah, ok. I don't think you know the details. You're just speculating.

          What details are you suggesting I missed? Unless he is fibbing in his blog entry (linked in the summary) it had all the information necessary. No need to speculate.

          If the people in the US were paying his company in Germany for him to present then he is a contractor, working in the US.

          Under the Visa Waiver Program, an individual working in such a scenario is not considered "working in the US" until they hit 90 days. "The Visa Waiver Progr
          • by QuantumG (50515)

            What details are you suggesting I missed? Unless he is fibbing in his blog entry (linked in the summary) it had all the information necessary. No need to speculate.

            Exactly. There's two sides to every story. As for fibbing, that's often the first thing people do when confronted by border security. They think if they tell just a little white lie they'll get through the screen process faster. The result is the opposite, should they catch you in that lie.

            "Will you be doing any work in the US?"
            "No."
            "Says here you are presenting at a conference."
            "Uhh, yes, that's right."
            "Are you being paid to present at this conference?"
            "Umm, no."
            "Well the documentation you've given m

            • by JimBobJoe (2758)
              There's two sides to every story.

              I actually believe that he told the truth straightforward. The technicality was sufficient to prevent his entry to the US (though, it's probably not enforced regularly.) He doesn't claim that he was treated unfairly (as I recall) just that the technicality is a bit arcane and stupid overall.
          • by westlake (615356) on Sunday July 29, 2007 @07:58PM (#20036331)
            Under the Visa Waiver Program, an individual working in such a scenario is not considered "working in the US" until they hit 90 days. "The Visa Waiver Program (VWP) enables nationals of certain countries to travel to the United States for tourism or business for stays of 90 days or less without obtaining a visa

            Q: Who Is Eligible to Use the VWP?
            A: To qualify for the VWP, you must:

            * Intend to enter the United States for 90 days or less;
            * Have a passport lawfully issued to you by a VWP country that is valid for six months beyond your intended visit;
            * Be a national of the VWP country that issued your passport;
            * Have been checked using an automated electronic database containing information about inadmissible aliens to the United States;
            * Have a return trip ticket to any foreign destination other than a territory bordering on the United States or an adjacent island unless:

            1. You are a resident of an adjacent island,
            2. This requirement is waived by the Attorney General under regulations, or
            3. You are a visitor for business who arrives aboard a private aircraft that maintains a valid agreement guaranteeing to transport you out of the United States, if you are found to be inadmissible or deportable;

            * Present to the U.S. Customs and Border Protection (CBP) officer a completed and signed Form I-94W, Nonimmigrant Visa Waiver Arrival/Departure Form. (Please see "How Do I Get an Arrival Departure Document?" for more information about arrival/departure records.);

            * Not pose a safety threat to the United States;
            * Not have failed to comply with the conditions of any previous admission under the Visa Waiver Program;
            * If arriving by air or sea, you must arrive aboard a carrier that signed an agreement, "signatory carrier", guaranteeing to transport you out of the United States if you are found to be inadmissible or deportable;
            * Convince the examining CBP officer that you are clearly and beyond a doubt entitled to be admitted and that you are not inadmissible under section 212 of the Act. For reasons that would make you inadmissible, please see the Immigration and Nationality Act at INA 212 (a);
            * Waive any right to review or appeal a CBP officer's decision as to your admissibility, other than on the basis of an application for asylum or an application for withholding of removal under the Convention Against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment; and
            * Waive any right to challenge your removal, other than on the basis of an application for asylum or an application for withholding of removal under the Convention Against Torture and Other Cruel, Inhuman or Degrading Treatment or Punishment. Overview of the Visa Waiver Program (VWP) [cbp.gov]

    • by SnowZero (92219)
      When a hacker finds some flaw and announces it with a zero-day exploit, some want us to call that "security research". So, when an immigration official finds a way to keep a hacker out of the country using existing laws (which apply equally to everyone), shouldn't that just be called "legal research"?

      So, a hacker got owned; I for one think that is pretty funny. Just like a hacker might say to regular programmers, "next time he should be more careful."
    • Re:Technicality? (Score:5, Insightful)

      by belmolis (702863) <billposer@@@alum...mit...edu> on Sunday July 29, 2007 @05:34PM (#20034939) Homepage

      It's a technicality because he wouldn't have needed a visa had the contract been between Blackhat and his company. What determines whether he gets in is whether he signed the contract as an individual or as the CEO of his company.

      What bothers me about this is not so much that they picked up on this rather minor technicality but that the response is extreme and inflexible. Why not let him fix the technical flaw making the contract with his company? The reason they gave was that he couldn't do this because he had already applied as an individual. So what? That may be immigration policy, but its a stupid, inflexible policy. Similarly, it is ridiculous to bar him forever from using the visa waiver program, though they are indeed applying their normal policy to him. The assumption is that any violation of the rules should be treated as evidence that the individual is untrustworthy and should therefore have to go through the full visa application process. That is an obviously unsound assumption - there are plenty of cases like this one in which the violation is trivial and/or unintentional. Exclusion from the visa waiver program should be restricted to serious, intentional violations.

      • It's a technicality because he wouldn't have needed a visa had the contract been between Blackhat and his company. What determines whether he gets in is whether he signed the contract as an individual or as the CEO of his company.

        That's actually incorrect. If he is coming under those circumstances he still needs a work visa, but instead of an H1-B it may be an E-1 or similar other classification that doesn't require as stringent an application process.

        • by belmolis (702863)

          That may be true, but according to his post it isn't Halvar's understanding of the situation.

          • Maybe so, but the INS has many resources freely available that describe what is necessary. They are pretty explicit that you cannot legally come to the US and get paid for something you do without getting an appropriate visa type. Tourist visas don't allow someone else to pay you while you are in the US.

    • Yeah right. Please send a custom officer to each academic conference to arrest those evil foreign professors who "illegally" delivers workshops in advance of the main conferences. As long as the conference is truly international and world class, the officer can be guaranteed to catch a few Indian, Chinese, Japanese, German or Brits "work illegally without a permit".

      As far as I know nearly every single one of them fills in the entry form as an individual who travels to US to attend a conference/ workshop.
      • I am sure that academics traveling to the US generally realize what visa they will need. For example here is a web page provided by Duke Unversity that describes what is needed for visiting professors.

        http://www.internationaloffice.duke.edu/int_visa_c lass.html [duke.edu]

        The fact is this guy didn't do his homework, and was was caught up. He screwed up.

      • by belmolis (702863)

        Surely just about everybody knows that if you're being paid to give a workshop you are working and probably need a visa that permits you to work. Of course, often presenters at workshops are not paid, or they are given a relatively modest "honorarium" that doesn't count as pay.

  • by Anonymous Coward on Sunday July 29, 2007 @05:12PM (#20034717)
    It's clear that this kind of conference is now impossible to gather in the US, so relocate it in a free country. Why not Mexico, South Am, East Asia, Russia ?
    • by hacker (14635)

      Why not Mexico, South Am, East Asia, Russia ?

      Because by the time the next conference happens, the US will have already shut its borders for anyone "suspect" of leaving the country to attend this conference, from attending.

      And do you think they'll let you back into the country?

      "What is the nature of your visit?"

      "I'm speaking at a hacking conference."

      "A what? Turn around and get back on the plane and don't come back."

      • Re: (Score:3, Interesting)

        by Lars T. (470328)

        Why not Mexico, South Am, East Asia, Russia ?

        Because by the time the next conference happens, the US will have already shut its borders for anyone "suspect" of leaving the country to attend this conference, from attending.

        That may not be the wisest of ideas:

        "The largest part of the attendees of the trainings are US-Government related folks, mostly working on US National Security in some form. I have trained people from the DoD, DoE, DHS and most other agencies that come to mind."

    • by Lally Singh (3427)
      Frankly, a lot of people wouldn't feel as safe there, nor would the conference seem as legitimate. Justified or not.
    • Because America is seen as "safe" (How safe is a country full of firearms and short tempered people..?) where as most of the above have a slight problem with lawlessness and some murder/kidnapping history.
    • Perhaps you should check the 'liberal' immigration and visa laws in Mexico before you make sweeping statements like that.

    • by belmolis (702863) <billposer@@@alum...mit...edu> on Sunday July 29, 2007 @05:39PM (#20034993) Homepage

      Actually, this incident doesn't demonstrate any kind of problem with holding conferences in the US. If he had merely planned to attend the conference, he wouldn't have been denied entry. What got him in trouble was his plan to do training for two days prior to the conference, that is, to work in the United States. Granted, he was denied entry on a technicality that he should have been allowed to fix, but what that means is that if you want to work in the US you have to be careful.

    • by westlake (615356)
      It's clear that this kind of conference is now impossible to gather in the US, so relocate it in a free country. Why not Mexico, South Am, East Asia, Russia?

      What makes you think that border guards are trained - or inclined - to be less rule-bound and unsympathetic elsewhere? I'll pass on the chance to sweat out the arrival of the American consul at a Nicaraguan lock-up.

  • by toQDuj (806112) on Sunday July 29, 2007 @05:15PM (#20034743) Homepage Journal
    This is the reason I don't want to go to the US anymore.

    Now I have to fear that the people here did not do their work properly (i.e. gave me the wrong visa application), and that I'll be rejected at the gates after standing in a huge queue before immigration at the airport.

    The other reason is that after providing the security services with boatloads of personal information, fingerprints and other biometrics, some flag will go up in some obscure system, and I'll be (hopefully) sent back straight away by unnamed guys, and if I'm unlucky, get deported to the happy camp of Guantanamo inc. to have all human rights stripped from me for reasons unknown.

    B.
  • by Rix (54095) on Sunday July 29, 2007 @05:20PM (#20034799)
    They've made it quite clear that they don't like "furriners", so why are people still pressing the issue? Canada is a free and open society, and just to the north. We have lots of conference space in environments much more conducive to rational thought.
    • Yeah, except you can't take paid speaking engagements up here without a work visa either.

      He wasn't denied because the session was on security, he was denied because he's NOT ALLOWED TO WORK THERE without proper approval.

      He would have been deported from Canada for the exact same reason had he told them the same story. In fact, if he wasn't a member of the EU he would have also been deported from Ireland, the UK, Spain, Italy, Germany, Switzerland, etc, etc, etc....

      So while Canada is cool and all [hey I live
      • In fact, if he wasn't a member of the EU he would have also been deported from Ireland, the UK, Spain, Italy, Germany, Switzerland, etc, etc, etc....

        Utter BS. Where do you get that kind of information?!

        • Because I've been to Ireland, UK, France, Romania, and Switzerland.

          In all but France have I been told that working is strictly forbidden. So unless he lived in a country that had a treaty, he probably wouldn't be able to work there [hence the non-EU comment].

          Tom
          • It's a conference. If you want to attend a conference in Europe, you present your invitation and are issued a visa.
            • Re: (Score:3, Interesting)

              by tomstdenis (446163)
              Um, only if it's not for work.

              My stamp from the UK explicitly states "Employment and Recourse to public funds prohibited." I think that means I can't get paid to work there... fairly certain :-)

              And for the record, the UK customs is just as nasty as the americans. Worse yet because usually I'm so f'ing tired I just don't want to deal with them. At least in the states I'm so close to home that I can put up with their asinine questions and all that.Though to be fair I've also had just as much trouble with C
          • by badfish99 (826052)
            TFA states that he is German. So he can work in any EU country, without any need for a visa. Except for the UK, he wouldn't even need to show a passport at the border.
      • And I'll let you have it *real* cheap.

        Of course he was denied because the session was on security. He'd been allowed to do this for years, and was only stopped when they looked at his literature.
      • Re: (Score:3, Insightful)

        by Hemogoblin (982564)
        Disclaimer: I'm an Immigration Officer with the CBSA, but this post only contains my personal opinion and I don't represent the Government of Canada.

        I'm not sure why you were modded information, since you're spreading false information.

        In Canada, Public speakers at seminars or conferences that do not go longer than 5 days do not require a work permit, nor do they require a visa if they come from a visa exempt country. Please see the IRPA regulation 186(j) [justice.gc.ca] and the Temporary Foreign Workers policy manual sect [cic.gc.ca]
        • Re: (Score:3, Interesting)

          by eli pabst (948845)
          Sure about that? I just looked at the documentation you linked and this seems identical to the issue in the US (From R186(j)):

          Commercial speakers have a vested interest in the event at which they are speaking. Typically, they rent commercial space in a hotel, advertise, charge admission, deliver the event and then leave Canada. If they are doing this for no more than five days on one trip, they can enter under R186(j). This regulation covers situations where the speaker is speaking to multiple groups, as long as the duration of the speaking events is no more than five days, not counting travel time in the case of multiple engagements. Not included in R186(j) are commercial speakers who are hired by a Canadian entity to provide training services. In these cases, other entry options must be explored including HRSDC LMOs or the NAFTA Professional category which allows for professionals to provide training services under some circumstances.

          So if he went to Canada and said he was being paid by a Canadian company to provide training services, he would need a visa.

          • Re: (Score:3, Informative)

            by Hemogoblin (982564)
            Yes, I realize that exception exists. However, I don't think that applies in this case.

            I'll give you an example of "training services": A large insurance company in Canada decides to implement service oriented architecture. They contract a consultant from the USA to come up to the company and give a few training sessions to the IT department. In this case, they would have to apply for a work permit.

            I'm not really familiar with how Blackhat works, but assuming Blackhat is just a regular conference where memb
    • by Graff (532189)

      They've made it quite clear that they don't like "furriners", so why are people still pressing the issue? Canada is a free and open society, and just to the north.

      Too bad we really do like "foreigners" (I guess you Canadians spell it differently) here in the USA. However, you try getting bombed a few times and then we'll see just how flexible things will be in Canada.

      The reality of the situation is that once you have a serious terrorist attack or two on your soil then everything gets clamped down a bit more. No one wants to be the person who lets the next would-be terrorist into the country. This means that everyone from the top down doesn't have any desire to be

      • by macshit (157376)
        The reality of the situation is that once you have a serious terrorist attack or two on your soil then everything gets clamped down a bit more. No one wants to be the person who lets the next would-be terrorist into the country.

        I don't think it has much to do with terrorism actually (except to the extent that "terrorism" is the current administration's general purpose excuse for just about everything).

        It's really easy to get a U.S. tourist or student visa, and they're every bit as useful to a potential terr
  • just sneak across the Mexico-US border. That's how everyone else gets in. Planes and paperwork? Pfffft, old school.
           
    • Re: (Score:3, Insightful)

      by tomstdenis (446163)
      Or just lie and say it's free. Honestly, if you're only gonna be there a few days it probably won't hurt the economy ANY to just lie. Of course don't get caught :-)

    • just sneak across the Mexico-US border. That's how everyone else gets in. Planes and paperwork? Pfffft, old school.

      You expect this guy to hack the border control system? Who do you think he is? ... oh, wait.
  • Not A Good Sign (Score:5, Interesting)

    by Effugas (2378) * on Sunday July 29, 2007 @05:33PM (#20034921) Homepage
    Halvar's been kicked out of the US?

    This is not good. It's my understanding that once you've been kicked out, it's much, much, much harder to get back in.

    That leaves me rather scared. I've known Halvar for almost six years; we were in Singapore together at Black Hat Asia. He's a very intelligent engineer, doing very good research, and has done more than almost anyone to make people realize that obfuscation is not security. We, as an industry, need his voice. (A bit cynical, but seriously, we as an American industry want his talents put to work here, rather than overseas.)

    Simple arguments like -- nobody could figure out how this works, they'd have to be able to read code -- have been destroyed because of Halvar's work. You may not realize it, but without concrete examples of attacks, software developers simply cannot comprehend attacks against their code that they can't do themselves. Halvar is a critical innoculation against technically inept but vaguely plausable excuses why something must be impossible.

    Halvar does the impossible regularly. Seriously, he's an artist, and the American security industry is directly harmed by not being able to learn from him. What's the story going to be? That Halvar can only do training in India, and China, and in Europe? Yes, that sounds like a wonderful idea. Everyone else's code gets more secure while ours rots on the vine.

    The only thing more embarrassing than this was when Xioyun Wang, the Chinese professor who cracked MD5, was denied entry to the US. Oh well, Halvar, I guess you're in good company...

    --Dan Kaminsky
    • by Iron Condor (964856) on Sunday July 29, 2007 @06:49PM (#20035705)

      [...] What's the story going to be? That Halvar can only do training in India, and China, and in Europe? Yes, that sounds like a wonderful idea. Everyone else's code gets more secure while ours rots on the vine.[...]

      Given that all US software development will be outsourced to India and China anyways, it makes sese to give these folks an advantage in learning about software security.

    • Halvar's been kicked out of the US?

      Denied entry for not having a visa is not the same as being kicked out.

    • Absolutely right (Score:5, Interesting)

      by fv (95460) * <fyodor@insecure.org> on Sunday July 29, 2007 @08:19PM (#20036523) Homepage

      Absolutely right! Halvar is extraordinarily talented and it will be a terrible shame if his class [blackhat.com] is canceled. But it starts on Monday, so unless they do it by video conference I can't see him making it. I still hope to see him when I fly to Vegas on Thursday, but the odds aren't good :(.

      I'd like to know just what the immigration department expects US conferences to do when bringing in foreign speakers. Halvar says they wanted to treat him like an "employee" of BlackHat and get an H1-B visa [wikipedia.org]. But that is a ridiculous as it is a multi-year process. Halvar thinks coming as a representative of his own German company will help, but we shouldn't have to require that foreigners incorporate just to give a simple presentation or training class here.

      I'm an American who has been paid to give presentations and training in many countries, including Germany. And I've never been hassled by their immigration dept. or received any special visas. So its embarrassing and harmful that the US subjects visitors to our country to all of this crap (including the fingerprinting and pushing other countries toward RFID passports). Its no wonder that many conference producers, including BlackHat, have been increasing the number of cons held offshore. The US just isn't seen as a welcoming place.

      Pardon the long rant, but I hate seeing my friends put through this. And I'm sure similar things happen to thousands of people we don't know every day. Also, if those of us in the US don't fix our system, other countries might copy it and then we'll have to deal with this shit when we travel.

      -Fyodor
      Insecure.Org [insecure.org]

  • by Hangtime (19526) on Sunday July 29, 2007 @05:48PM (#20035081) Homepage
    every country has this issue. All countries don't like foreigners taken their jobs. Look into any work visa program in any country and it is extremely difficult to gain authorization and very easy to make mistakes. When I was traveling back and forth to Canada with my company I was ALWAYS sure to brief the customs people that I was not there "for work" but rather "attending business meetings." There is a large difference.
  • DMCA (Score:2, Funny)

    by spoonist (32012)
    Well at least he wasn't denied entry and/or sent to Gitmo [wikipedia.org] on DMCA [wikipedia.org] grounds.
  • by geoff lane (93738) on Sunday July 29, 2007 @06:04PM (#20035239)
    Thank god, the US has no need of foreigners coming in and teaching. If that kind of crazy idea caught on, all hell would break loose. The population might become sufficiently educated to start to question the silly rules.
  • by Joebert (946227) on Sunday July 29, 2007 @11:14PM (#20037841) Homepage
    Some hacker this guy is, can't even socially engineer his way into the country.
  • by smeek (617646) on Monday July 30, 2007 @02:08AM (#20039115)
    About a month ago, some of my coworkers attended a conference on molecular spectroscopy in the US. One of the scheduled talks there was canceled because the speaker was denied entry to the US. Apparently, when the border control asked him about his profession, he said that he's an "atomic physicist".

    I think if this sort of thing continues, more and more conference organizers will simply opt to hold their conferences in countries that are a bit more free.
  • Don't Go (Score:5, Interesting)

    by Tom (822) on Monday July 30, 2007 @04:03AM (#20039677) Homepage Journal
    Halvar, seriously: Don't go to the US anymore.

    I've avoided them ever since DeCSS (I was a named defendant) and I don't plan to change that. As I see it, for a foreign national in the computer security business, pretty much anything you do while, before or potentially-might-do-after your trip can result in them locking you up indefinitely.

    And the real horror is: A couple years ago, people even on /. would've labeled me paranoid and anti-american for that statement. Today, I fear, most will agree and some will post details of the relevant laws.
    • Re: (Score:3, Funny)

      by Library Spoff (582122)
      I'm not sure what's cooler -
      The 3 digit /. Id or the fact you were a named defendant in the DeCSS debunkle!

      I bow to you sir! :)

There's got to be more to life than compile-and-go.

Working...