Schneier on Security

It would be nice if those in charge would take this as a wake-up call.

At least in my own world they would...Now if they only would in reality...

It's rather scary that it is so easy to smuggle weapons onto a plane, but I wonder what can be done about this.

The baggage goes through an X-ray machine, but the problem seems to be that human screeners get tired and bored, and overlook the devices, while a computer can basically only try to match the image to a pre-defined pattern.

In this case, having TSA officers look for people that appear to be nervous isn't going to work, as there red team members know they aren't going to get in real trouble when they get caught, and they've done it a thousand times before, so they're probably a lot less nervous than the "average" real hijacker.

So the question remains: in what why should the passengers and luggage be screened to make it harder to smuggle such things onto a plane?

Conspiracy Theory: The TSA is deliberatly crippled in the hope of a successful attack being made on an airliner, which will allow the government to implement much more draconian restrictions on movement within the USA.

I used to try to avoid these things, but Occam's Razor has made me a conspiracy nut.

The real test is how long a TSA screener stare at a monitor before dozing off or even just having blurred vision?

It's nice to see "Security Theater" enter the common vernacular. It's a useful, memorable phrase that carries a powerful meme as a payload. To the extent that people need to think in bumper stickers, that's a bumper sticker that can do much useful work.

Am I the only person who read this:

"Dzakovic was a Red Team leader from 1995 until September 11, 2001."

and wondered whether his 90% statistic was pre-9/11 or post-9/11, since after that he wasn't running a Red Team anymore, but was doing other stuff?

(Although I have seen enough other reports of TSA failures to agree with his assessment that the real security level isn't any better since).

Must ban books!

We will not be safe until all books are banned!

Interesting Dzakovic actually used the term "security theater". I thought Bruce invented the term; could it be that he is actually reading this blog, or attended one of Bruce' speeches, or is the term spreading trough the security industry?

@Sparky-

I get about 94,600 hits with Google. In the top 10, about half of them aren't directly by Bruce, or quoting him. It seems more prevalent in the technology press than outside it, although I've noted it in political discussions as well.

I think that the interesting issue here is the plan to cover up - not to fix things.
Again - it is better to shoot the messenger ...

I use the term "security theater" whenever possible. When people hear it for the first time, it really makes them think. It so clearly explains the problem with all the TSA BS.

I have to say that even more worrying than the 90% and the fact that no one was surprised is that the guy apparently in charge, TSA Security Directory Earl Morris, is excusing the results as acceptable. He says they have other tests that they pass most of the time, and a "very robust program of which we are very proud."

Perhaps that's where the problem lies. They are so proud of their system, that they aren't accepting of criticism. Things like a 90% failure rate just don't register with them.

Do they think the "Red Team" is somehow "cheating"? Do they think the real terrorists are going to follow the rules?

Another choice quote from Morris: "If they miss something that's obvious, often times that could happen, we will pull them off the line and retrain them." How *obvious* were the boxcutters that were hidden on the planes ahead of time? How obvious was that first guy's shoe bomb? How obvious is any sneak attack?

And how obvious are all of the flaws Bruce keeps publicizing on this blog, yet they never seem to do anything about them?

From the article: "The terrorists can pretty much do what they want when they want to do it"

So... why aren't airplanes exploding or being hijacked on a regular basis? There's a bit of a gap between this statement and observed reality.

I can think of only a handful of explanations.

Option A: There aren't any active terrorists.
Option B: Terrorists are no longer interested in attacking airplanes.
Option C: Security theater is more effective than we think.
Option D: ?

Truly effective security would make flying quite inconvenient and more costly.

The airlines want nothing further to interfere with being able to offer the $99 special to Vegas or Miami

I think the problem is a very difficult one. The goal is to reduce to zero a situation that's already got a very, very low probability (attack on a plane), out of a very, very high sample count (people who travel by airplane). The state is too difficult to detect with software, so human beings are required.

However, the human detectors and the general populace they're protecting both know that the situation is rare, and they're more concerned with the day-to-day problems of the detection process (getting to their gate on time, getting people through the security line without having them freak out).

Meanwhile, the detection process is easy to analyze, since it's so public, so vulnerabilities are relatively easy to find. (That's what 9/11 attackers did, after all -- found a way to route around existing detection with undetected ceramic weapons.) Attackers are highly motivated personally; detectors are not so personally motivated.

Finally, attackers only have to succeed once to "win", but defenders have to defend thousands of flights every day.

Just how effective the "security theater" is depends on the psychology of the particular terrorist. Is the payoff worth the risk? Even with the Red Team attackers, who are probably intimately familiar with air security, there is a 1 in 10 chance of getting caught.

Is this good enough? Not being a terrorist, I don't know how they think. My guess would be that, for a highly organized group like Al Qaeda, it is not. For some random nutcase, who knows?

@Richard Braakman

"why aren't airplanes exploding or being hijacked on a regular basis?"

If my memory is correct, Bruce has already offered the theory that only two things have improved since 9/11
- Passangers know that they must fight back
- The cockpit doors have been strengthened
Perhaps that is enough.

Why bother with airplanes anyway? The Madrid train and London underground bombings have demonstrated that there are lots of other soft targets.

@Evan Prodromou
"(That's what 9/11 attackers did, after all -- found a way to route around existing detection with undetected ceramic weapons.)"

Box-cutters aren't ceramic. Before 9/11, they weren't prohibited, either. Nor was any knife with a blade less than 4 inches long.

What 9/11 showed was that the willingness to execute a crew-member (box-cutter slashes jugular or carotid in victim's throat) early in the attack will put enough fear in all the passengers and crew that a cockpit takeover can occur.

In short, a simple weapon used in a ruthless way could hijack a plane. It was the tactic more than it was the weapon.

@bob

Don't forget also that on the morning of 9/11, all previous hijackers wanted either money, a free trip to Cuba (or another country), and/or their friends released from jail/prison. They did not really want to die. By noon on 9/11, we learned there are hijackers willing to die.

This changed how we looked at hijackers, leading to the changes Commenter mentions.

And now that we know their tactics, most illegal items would not allow a hijacker to take over a plane.

I suspect the main reason for the 90% failure rate is the mind-numbing tedium of the job, and the exceedingly low rate of true positives. A big help would be to present more positives to the screeners. Make a large library of images of bombs/guns/knives hidden in luggage. About one time in 1000, present one of these images to the screener. Provide instant feedback as soon as they pass or fail these images. Put the screeners away from the imaging machine, so they can't tell which images are fake because they don't match the luggage which went into the machine.

I agree that TSA (and many other "security" measures) are so muxh window dressing, but the whole problem isn't inept, inattentive, or asleep TSA agents. The problem is that, properly planned and carried out, it's darned difficult to make out the components of explosive devices or weapons with current equipment. Sure, if someone tries to smuggle a complete pipe bomb or a handgun through, anyone should be able to catch it. But when you break those things down to their component parts, it's another thing entirely.

Today's airline security is trying to solve a non-problem. The risk of dying on a plane because terrorists took it over was always less than the risk of dying in an ordinary plane crash. Reduce the security to what it was before 9/11.
As for the risk of dying in a building because a terrorist flies a plane into it, reduce that by enforcing building codes. The fire escapes in the 5-floor building I work in (in Switzerland) are wider than the fire escapes were in the WTC. But even in the USA in the year of 9/11, your chance of dying in a road accident on the way to work was higher than your chance of dying because a plane hit your office. Trying to eliminate insignificant risks is pointless.

I think that too often it is blamed on human error. If it was only that simple! According to human-tech scientists errors are provoked by humans because the technology they use is designed poorly and does not take into account human behaviour and psychology. Of course like in the medical world we blame humans for the error instead of technology which simplifies the debate before a judge!

@nostromo
I can't agree more. The risk is completely insignificant: every month(!) road accidents in the US claim more lives than 9/11 (NHTSA data 2002: 44,065 deaths as result of motor vehicle traffic crashes).
Still you don't want to have hunddres of flying bombs in the air that can be targeted at will, but especially the cockpit reinforcements do their work there. The question remains whether the pilots are cold blooded enough not to open the door when a hijacker threathens to cut the throat of that cute flight attendant....

The question remains whether the pilots are cold blooded enough

Oh, sure they are. Considering that their other choice is to become a ballast in a flying bomb. All they need is to be cowards.

I think the main reason for those security failures lies in the fact that the screeners are undermotivated, understaffed and underpaid for the highly important job they have to do. Bruce blogged some rather good inside reports some months ago about bullying supervisors and screeners that are only trained to find The TSA TestBomb[tm], not any actual threats, and we are now seeing the result of this mistraining. Is it really a wonder that it turned out that way?

@Richard Braakman

Despite the media impresion that the terriorst are everywhere, there is simply not many of them. And even less that are willing or stuipid enough to die. If we did *nothing* since 11/9 theres a dam good chance that there would not have been any attacks either.

Another point. Poilts don't lock the doors. My friends have a photo of one of there kids in the cockpit of a 747 from 2005. It was flying from New Zealand to LAX.

@Greg "And even less that are willing or stuipid enough to die."

If you follow the news about the almost daily suicide bomb attacks in Iraq (jan-march 2007: 108) *] I'm sure you could find a few willing or stupid enough when offered a plane ticket.

*] http://en.wikipedia.org/wiki/Suicide_bombings_in_Iraq_since_2003

People tend to value things that cost them something, in terms of money or time or pain or inconvenience. (This is why organizations that want serious loyalty from their members often make them go through some kind of hazing or hardship to join.)

I suspect that the value of security theater is partly based on its inconvenience. It's easier for people to believe that the security is working because it (mostly pointlessly) inconveniences them. It feels like they've paid for extra security. The fact that this security isn't worth much against a real attacker is irrelevant.

The biggest change post 9/11 is that everyone knows that hijacked planes might be used as low-tech cruise missiles. This changes the incentives for *everyone*--flight crews and passengers are willing to fight back against hijackers, air force officers are willing to give the order to shoot down hijacked planes (and the fighter pilots will obey the order now), etc.

Of course the airport security is just theater. The entire Bush Administration is all about smoke and mirrors. I mean, this is the party that pushed through changing the start and end dates of Daylight Savings Time as a way to conserve energy.

They're not seriously interested in keeping us safe; they're interesting in keeping us afraid. A security process that actually worked would make us less afraid.

"The security chief says he expects screeners to fail the Red Team tests because they are difficult."

Well at least they are living up to their expectations. I mean these are only simulations right? It's not like a terrorist would use a bomb, knife, or taser, right? They wouldn't lie or try to hide them. They all wear turbans, have long beards, and wear bandoleers when getting on planes, right?

If this security theater were real theater, the actors would have been pulled, the directors fired, and the audience would have walked out in the first act.

@Greg "And even less that are willing or stuipid enough to die."
@Kees: "If you follow the news about the almost daily suicide bomb attacks in Iraq (jan-march 2007: 108) *] I'm sure you could find a few willing or stupid enough when offered a plane ticket."

The fact remains that terrorist attacks in America are few and far between. The TSA appears more like an agency for conditioning Americans to accept increasingly intrusive surveillance by the government, than an organization designed to secure air travel.

@Kees:
"If you follow the news about the almost daily suicide bomb attacks in Iraq (jan-march 2007: 108) *] I'm sure you could find a few willing or stupid enough when offered a plane ticket"

No, I'm afraid you're missing the point there. The difference is that in Iraq the suicide bombers are defending their own country, familiy, culture, honour, religon, traditions and oil against an invasive power. That is something completely different than be suicidal for the more abstract idea of Islamic Jihad. Fortunately there are only few that are willing to dy for that idea.

@Filias

I agree, but you need to incentivise it, say 50 cents or a dollar per catch. Whatever would amount essentially to alertness causing a 25% or so increase in salary. Maybe only 15-20 percent if we don't care that much.

But specifics aside, the idea does have merit, if we needed the security, but economically speaking, in terms of trade offs, I think the right answer is _less_ security than we have now (At least cut out the crap), and spend that money where its easy to save lives, with vaccines or housing or what have you.

Interesting:

"Most test results, including results from the Red Team, are secret, classified as SSI or sensitive security information. Morris says they do not make them public because they could point out holes in the system."

Security by obscurity strikes again?

"Occam's Razor has made me a conspiracy nut."

Great quote.

Unless it's a fully automatic machine gun, a weapon on a plane is pretty much useless anymore. Ever since flight 93 its a given that if you try to take over a flight by force a crowd of angry passengers will overwhelm you, even if some of them die trying.

Bombs on a plane are a threat because if you blow up enough planes people will quit flying commercially from A to B and the entire airline industry would possibly collapse.

But seriously folks, the days of using a pistol or knife to hijack a plane are pretty much over. TSA just sells "theater" to give you the false impression that someone actually cares enough to keep you safe.

Yeah, I was not impressed with the security at Seatac or Reagon National (DC) recently.

My opinion might be unpopular but i suggest to simply stop all these control madness and revert to prior relaxed security standards. There can't be absolute security and all the increased security measures are only bad for all people involved and examples like this show that they are for no good anyway.

Yes, there might be a risk that some bad guy would bring some weapons into a plane or do some bad stuff but tough luck. This risk was always there and it is negliable compared to all the hassle and downsides of current practices. Even such events like 9/11 are tragic on the other hand, but even a few thousand people killed are in reality not that much compared to traffic deaths etc. This does not mean that i condome 9/11 or have no mercy for those who lost relatives, but i just think that we are overreacting on a gross scale. By allowing terrorist threats to limit our freedom and lives the terrorists have already won.

Really, i prefer freedom over security madness and i'm willing to accept the negligibly small risk of being killed by a terrorist attack. All these stupid and overly security measures are only still there because most people are sheep (and mind-numbed by media and people who make money with such nonsense) and overestimate the risk for themselves by magnitudes.

I'm sick of all these war on terror etc. I'm a german, and we had terrorism some 30 years ago as well and yet i was never worried about my security because it is still more likely by far to be killed by an accident doing my normal daily routine.

Why don't you ask me, I am TSO and I am doing everything possible to keep everyone on those planes safe.
But I have message for you, simple passenger, not a terrorist, just a regular passenger; why do YOU have to make it so hard on us? Why do we have to spend 30 minutes explaining why you can't take liquids and or must take off your shoes, and in mean time we might miss out on real terrorist passing by. Why do you simple and regular passenger have to load everything you posses in your carrion so we have to spend another 30 minutes searching your bags? Why do you dear passenger have to put every piece of jewelry on you owe and we have to spend another 30 minutes trying to eliminate and clear all alarms you make by walking through the metal detector, just because you refuse to take of your watch, your belt, your bracelet and even your cell phone, you delay the whole process. Why do you always run late and try to blame us, why do you refuse to work with us and help us look out for real danger, but instead you are going to do everything possible to make it harder on us just so you have something to write on blogs about.

Make it simple and don't allow these passengers to take all this crap on the planes. Oh, that would upset the travelers and airlines who are not worried about safety, but not being hassled and making $. True security means cooperating with the screeners and more $ for better technology. The next time you travel have a little respect for the individuals who are trying their best to keep you safe, instead of whining about the idea of being screened or running into delays. How quickly we all forget 9-11. Perhaps one day people will realize that the world does not revolve around you and help us become the country we once were.

Remember 9-11? Perhaps if the airlines were not so worried about $, and travelers not so self absorbed, real security could be implemented. In my opinion people should not be allowed to carry all this crap onto planes to begin with. Oh, but I can't check my bags, that would be to inconvenient! The reason that security is not what you expect is because that in this media friendly world, you would complain about the measures needed to ensure success. I fly frequently and am shocked at peoples reactions to being screened. These people are trying to keep us safe. The bottom line is we need to cooperate and fund better technology in order to keep an event like 9-11 from repeating itself. If you don't like the security measures--take a Greyhound bus.

Have there been other attempts thwarted? Can't tell you, they are SSI. Only what command allows is reported...and has been reported...
Can say this...there are enough idiots with weapons...not terroists...who forget to take their gun out of their carry on, or their hunting knives, butcher knives, mace. That alone makes it important to insure someone is there watching and removing these items.
Then there are those who are pushing the limits...seeing if they can carry a gun in...to harm someone, yes...not necessarily terroist in todays way of thinking...but, we would be terrified if he were sitting next to us.

Do I believe in what I am doing, yes. Safety and security comes first for the flying public. The next thing is great customer service for passengers...even the cranky ones.
I do not know if before you came to me you had a hard day, a bad taxi ride, a bad deal with ticket agent, an argument with your spouse. (I have had one womans husband leave her at the checkpoint, literally). And, I cannot take your displeasure personally...I just figure you are having a bad day.

I take this job seriously, I am here to alleviate concerns passengers have. I do my utmost in assisting passengers...BUT, above all, security comes first...I do not want another 911.
People have very short memories...six months after I was asked if we are 'still' doing this 'crap'.

As to what does the tests shows? Real simple....we need more training. We will always need more training. As in anything of deep serious nature...there is always ongoing education...always.

I am a TSA screener and let me give you the honest truth. It is the Red Team's job to try to get stuff through. THEY WORK FOR TSA!!! People seem to forget that they train with our technology and have a copy of our procedures. A terrorist does not have our technology and they don't know our procedures. 99.999 percent of the public have no idea how bombs look on an x-ray machine. Certain kinds of IEDs are so hard to see that it is virtually impossible to detect them...even to someone that has been working with the technology for 5 years.

People don't understand that the Red Team knows the exact limitations of TSA's technology. So you can be sure that they will get stuff through most of the time.

FYI...I caught my first Red Team tester within 2 weeks after I was certified with TSA. Most of us are pretty good at what we do...its just that the media doesn't report the good ones because they are so focused on bashing TSA.

I also have trouble believing that 90% figure because at my airport we catch almost every Red Team tester that comes through.

And I doubt that guy is really a TSA inspector because he SHOULD KNOW that releasing such a figure would get his ass fired because information like that is Sensitive Security Information. That guy better be careful because he can get thrown in jail for releasing security information of that nature.

Follow this page down and listen to the people who claim(not saying you don't)to work for the TSA.If people would just be a little nicer and do the simple tasks that they are asked to do,we would all benefit from increased security in what ever small form it may be.If you have a better idea then sell it.The people in this world that believe the rules are for everybody else and not them,continue to cause trouble for the rest of us "sheep"
If you have flown more then once,then you know what to expect,so quit bitching about taking your shoes off.Get off your stupid cell phone and pay attention and things will flow faster for all of us that do.And I agree quit packing everything you own to travel out of town for one day on some crappy buisness trip that was probably a waste of somebodys money anyway.If you can't carry your diet coke or your fancy bottle of water through security,you just can't ok.
I have a news flash for you...you can't walk in to a movie or a restaraunt with them either,but you can with your cell phone,I know because you annoy the rest of "sheep" everytime you do.It's not just about you!So quit taking it so personal or blaming it on George Bush.
Bush didn't fly an airplane in to the Twin Towers or the Pentagon,even though he probably could.
Someone wrote on here they are sick of the "War on Terror"...what an idiotic thing to say.Do you really believe that the entire world isn't? Except for religous zealots that are jealous of the freedom we do have as Americans.
The TSA can do whatever they want,if it keeps one fanatic,or someone that has had to much to drink off my plane then I say God Love Ya!
Of course it's not perfect,what is?

I'm also a TSA, and let me tell you that the airline industry is only concerned about the passengers line going down quick. They pressure TSA in rushing. So that tells you that they don't care about security. It is all about money for them. Items need to be carefully screened and not rushed. We are on high alert and the red carpet treatment has to end. America is too spoiled. People also, have to respect security officers while they perform their tasks. We risk our lives early in the morning to keep the public safe. Some screeners start as early as 4am, a dangerous time for commuters, yet no one appreciates our commitment and effort. We are at the mercy of a management and their offbeat policies we do not create. At many airports, we are short of staff, making it a burden to handle extreme volumes of passengers, resulting in exhaustion and poor focus. We are human too. so please consider this fact, you have to be there in order to talk.

I am really amased that TSA can keep people at 14 dollars an hour, work you part time and fire you anytime during your first two years for any sustandard performance. They try to tell you how important your job is but give the officers no backing and let Lockheed martin contractors test their officers and if they fail fire them. Officers can,t appeal or grieve these procedures. This should be on the Americas most dirty jobs show so the public can find out how their tax dollars are being wasted.