The Technology of Homeland Security

Reuters has an article on future security technologies. I’ve already talked about automatic license-plate-capture cameras and aerial surveillance (drones and satellites), but there’s some new stuff:

Resembling the seed of a silver maple tree, the single-winged device would pack a tiny two-stage rocket thruster along with telemetry, communications, navigation, imaging sensors and a power source.

The nano air vehicle, or NAV, is designed to carry interchangeable payload modules—the size of an aspirin tablet. It could be used for chemical and biological detection or finding a “needle in a haystack,” according to Ned Allen, chief scientist at Lockheed’s fabled Skunk Works research arm.

Released in organized swarms to fly low over a disaster area, the NAV sensors could detect human body heat and signs of breathing, Allen said.

And this:

Airport screening is another area that could be transformed within 10 years, using scanning wizardry to pinpoint a suspected security threat through biometrics—based on one or more physical or behavioral traits.

“We can read fingerprints from about five meters…all 10 prints,” said Bruce Walker, vice president of homeland security for Northrop Grumman Corp (NOC.N). “We can also do an iris scan at the same distance.”

For a while I’ve been saying that this whole national ID debate will be irrelevant soon. In the future you won’t have to show ID; they’ll already know who you are.

Tags: , , , , , , , , ,

Posted on September 26, 2007 at 6:13 AM44 Comments

Comments

CJ September 26, 2007 6:27 AM

That last one seems odd – how do you do remote fingerprint sensing? The article doesn’t say any more than Bruce quoted; anyone have more details?

John Davies September 26, 2007 6:51 AM

“We can read fingerprints from about five meters…all 10 prints,” said Bruce Walker, vice president of homeland security for Northrop Grumman Corp (NOC.N). “We can also do an iris scan at the same distance.”

And in other news – gloves and sunglasses sales have rocketed …

Roy September 26, 2007 6:53 AM

Using biometrics on masses of people is going to produce virtually nothing but false positives. Imagine the predicament of a someone whose face contours match a suspected terrorist, but whose height is off by six inches, whose eyes and hair are the wrong color, and whose age is off by fifteen years. How long will it take for the security people to figure out they’ve made a mistake, and then how much longer will they take to correct their mistake? Most likely, he will be held prisoner, incommunicado, for hours or days, but, depending on the incompetence, and the viciousness, of the people holding him, he could get years of torture in prison, simply because the technology accepts a nearly-so as exactly-so.

Merijn September 26, 2007 7:16 AM

Sam Lowry: Do you want to see my ID?
Porter – Information Retrieval: No need, sir.
Sam Lowry: But I could be anybody.
Porter – Information Retrieval: No you couldn’t sir. This is Information Retrieval.

Anonymous September 26, 2007 7:55 AM

@John Davies: gloves would probably help (and thus, you’d probably be asked to take them off), but would sunglasses? Unless they’re completely light-proof, I’d assume that an iris scan would still be possible (if more difficult).

Anonymous September 26, 2007 8:14 AM

I believe this makes the ID debate all the more relevant. It is not about the card; it’s all about getting your biometrics into the database. The card is just to make people feel good about it.

Alan September 26, 2007 8:36 AM

“. . . they’ll already know who you are.”

Actually, all they’ll really know about you is whom you represented yourself to be when the biometric was captured.

Fraud Guy September 26, 2007 8:37 AM

On the upside, this may stop the push to implant chips in people…

And who knew that binge weight loss might prove useful someday for your political health…

And as Anon at 8:14 said…the danger is in the data, not the expression. And based on the recent reports on the security of government databases, I would trust none of it.

the flame September 26, 2007 8:41 AM

This is all getting ridiculous. Homeland Surveillance. Why not implant biosensors in every newborn after obtaining a DNA sample for the national database.

The word “security” doesn’t mean anything anymore. Everything is for the sake of “security.”

Andy September 26, 2007 8:56 AM

Bruce, I thought you’d have classified them all as ‘Snake Oil’. Don’t they all reek as salesman after DHS’s grants?

FP September 26, 2007 9:06 AM

@the flame: “Why not implant biosensors in every newborn”?

We’re getting there, just wait a generation or two.

First, parents will insist on the implant out of fear that their child will be switched at the hospital. Then the parents will keep the implant installed through childhood to be safe from the child-snatching predators that live all around us. Then they’ll keep it through the teen years to make sure that their kid doesn’t mingle with the wrong crowd. Think of the children!!

By adulthood, the children have become so used to constant tracking that they see no reason to remove the device, but insist that their children wear one as well.

This is getting off topic.

Me September 26, 2007 10:06 AM

Submit to the inevitable. Privacy is doomed.

No, wait. Flee for the wilderness, while there still is a wilderness. You may eke out another generation or two of privacy there.

Chris S September 26, 2007 10:11 AM

@FP: “Then the parents will keep the implant installed through childhood to be safe from the child-snatching predators that live all around us.”

It’s not as off-topic as you think. Woven throughout this is the idea that if we could only know where everyone is all the time, then we would all be safe all the time.

It’s already been noted in the media that today’s children have a substantially reduced area of independent travel – from 6 miles, down to 1 mile, down to 300 meters, over the last three generations.

With this technology, we can cut that another one or two orders of magnitude – now parents will know if the child leaves the backyard, or – if they come within 2 meters of the hot stove.

Read a bit…

http://www.schneier.com/blog/archives/2007/06/childhood_risks.html
http://www.schneier.com/blog/archives/2007/04/childhood_safet.html
http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=462091&in_page_id=1770
http://news.bbc.co.uk/2/hi/uk_news/education/6720661.stm
http://portfolio.prblogs.org/2007/06/19/creating-media-exposure-for-child-monitoring-system/

We’re not only creating the technology of continuous monitoring, we’re creating a generation that expects it. (Note that last link – the monitor assumes that children will remain within 30 feet. My small yard is bigger than that!)

In the future, perhaps it will be at all times illegal to fail to indicate your location or to misrepresent your location.

Joe Huffman September 26, 2007 10:19 AM

I used to specialize in biometrics and was underwhelmed at the actual capabilities compared to the marketing hype. And that was with people that weren’t even actively engaged in trying to defeat the technology. If someone really wants to defeat it the odds of success are very close to 100%.

“Novelty??? contact lens easily defeat iris scans. Remote fingerprint scanning can be defeated with Band-Aids (or just the sticky tape part of it). More sophisticated/determined people will use contact lens with someone else’s iris pattern and be wearing someone else’s fingerprints.

Anonymous September 26, 2007 10:27 AM

@Joe Huffman, hopefully pranksters will organize flash mobs of identical fake identities to overwhelm the system.

Novel attacks will evolve, either stealing identities by swapping the database contents, or denial of service by deleting them – think of guerrilla attacks against the system by just deleting random identities, what happens to the poor victims?

It’s the cost of security, a little bloodshed just provides fertilizer for the garden of eden we’ll be promised, right?

George September 26, 2007 10:40 AM

@Roy: Most likely, he will be held prisoner, incommunicado, for hours or days, but, depending on the incompetence, and the viciousness, of the people holding him, he could get years of torture in prison, simply because the technology accepts a nearly-so as exactly-so.

Or, more likely, because the people holding him or their bosses need a monthly quota of “terrorists” to justify the effectiveness of their Biometric Security Office. The people who keep the metrics don’t care whether the people the system flags are actually “terrorists” or any threat at all. Any warm body the system flags will do, as long as it contributes to continually increasing numbers that indisputably confirm the system’s effectiveness at keeping the Homeland secure.

@joe huffman: “Novelty??? contact lens easily defeat iris scans. Remote fingerprint scanning can be defeated with Band-Aids (or just the sticky tape part of it).

Which is why the legislation (or preferably the classified Executive Order) that sets up the biometric system will make possession of such items a terrorist offense (the statistics from which are to be counted as part of the tally of “terrorists” the system flags).

Bryan Feir September 26, 2007 10:41 AM

@FP:

Dang, I’m reminded of a webcomic from some years back, mid to late nineties… an odd one that stopped updating a while ago, but which included such oddities as ‘Fluffy had acquired a taste for diplomats’ with a giant cat nosing into the U.N. building. My mind is telling me it was a four-word title or acronym. Wish I could remember it so I could post the link.

Anyhow, the strip in question showed a kid walking along with a pair of high-tech ‘sunglasses’ and earphones stuck in his ears; in the background you saw dotted outlines around blank spaces in the shapes of a prostitute leaning against a lamppost, and one guy punching out another one. The caption was something along the lines of: ‘Parents started installing V-chips in their children’s heads to shelter them from the world. An entire generation grew up without moral referents. You have no idea what monsters their children turned out to be…’

elizilla September 26, 2007 10:57 AM

I work with this type of equipment. Also I know I’ve seen Bruce talk about this before. The biometrics aren’t useful for identifying people; they’re only good as a cross-check that the person is who they say they are.

People present a token (something they have or something they know) and then they present the biometric (something they are) to confirm that they are who they claimed to be.

People’s fingerprints change depending on the humidity of the day, whether they’ve been sweating, whether they’ve applied hand lotion, traumas to the skin, etc. They don’t match 100%. And without 100% matching, you can’t use just a finger print to identify someone. You can only express a probability that they are who they claim to be.

I’m sure the technology will only get better. But the technology is already showing us that the fingerprints are not static and fixed, that they do change and that the range of variation on one individual is sometimes enough to give overlap between individuals.

Shad September 26, 2007 11:29 AM

George: I see collateral damage from multiple groups. E.g., atopic eczema or other kinds of dermatitis can wreak nice havoc with fingerprints. Also, working with various equipment, e.g. belt sanders, can wipe parts of the prints as well.

Like with the glorious War on Drugs, the War on Privacy will bring more innocent people in trouble. Do we still wonder that the American version of freedom and democracy is not universally accepted as a gold standard anymore?

Carlo Graziani September 26, 2007 11:36 AM

I wouldn’t have thought that the aerodynamics would scale down very well. How well do aspirin-sized aircraft deal with strong breezes? They can’t rely on a lot of inertia, so presumably the answer is a (relatively) outsized power-plant. Can they really be made that efficient?

Geo. Orwell September 26, 2007 11:41 AM

Can we upload the camera and microphone feed to a website? ‘Cause then we can “program” an infinite number of “Reality TV” shows!

You could watch your neighbor on one channel while he/she watches you on another. 😉

Oh…and be sure to phone in if you see anyone doing anything illegal!

CantWait September 26, 2007 12:25 PM

“Why not implant biosensors in every newborn”?

“We’re getting there, just wait a generation or two. … By adulthood, the children have become so used to constant tracking that they see no reason to remove the device, but insist that their children wear one as well.”

Ha. Better yet, in our great capitalist driven society, people will be given financial incentives to get/keep implants by corporations that want to track everyone’s every move for marketing purposes, and the government will be right behind them because they will benefit from these massive corporate biometric people tracking databases (like they do today).

Why bother with that XYZ corp points card, with an XYZ bio implant your account will automatically be credited just by walking into a store, or past a billboard, or can automaticaly be read by the checkout, etc. Its just so simple and easy to get awards/discounts!!

Can’t wait.

Roy, again September 26, 2007 12:26 PM

There is a separate inescapable issue here which would render any solution, or combination of solutions, unreliable: government agents need to be able to operate under identities that are either (1) fictitious, belonging to no one, or (2) authentic, belonging to someone who is not the agent it. Users of the fictitious identity will automatically get passed through and thus this provides an open door to anyone who knows how to work the mechanism. And owner of the real identity will suffer the consequences of the misdeeds of the agent using his identity — a good thing to know for assassins.

dragonfrog September 26, 2007 12:39 PM

@ Roy

“Using biometrics on masses of people is going to produce virtually nothing but false positives. Imagine the predicament of a someone whose face contours match a suspected terrorist, but whose height is off by six inches, whose eyes and hair are the wrong color, and whose age is off by fifteen years.”

They could on the other hand turn the process around, and it would be both effective, and magically align with the economic incentives of the people deploying the systems: Nevermind “is anyone in the stadium a terrorist” – tell me “is everyone in the stadium a ticket buyer”?

At the moment, you can buy a ticket, find you won’t be able to use it, and scalp it online to get most of your money back. If arena operators started checking (biometrically or otherwise) whether a ticket has been transferred, and refusing entry where it had, they could sell more tickets.

It’s the same as checking IDs against boarding passes – it doesn’t make us more secure against attacks, but it lets the airlines oversell their flights by a few extra percent. Funny how those things work…

Doug September 26, 2007 1:38 PM

@the flame: “Why not implant biosensors in every newborn”?

@FP: We’re getting there, just wait a generation or two.

Why wait for that when cell phones exist today. You have one. I have one. We are all locatable all the time. And we can be reached with voice, text, image, and video.

And we even pay for the ‘service’.

CantWait September 26, 2007 2:31 PM

@Doug
“Why wait for that when cell phones exist today. You have one. I have one. We are all locatable all the time. And we can be reached with voice, text, image, and video.”

One could still not bring their cell phone (reducing effective marketing tracking), or give it to someone else (creating problems for “loyalty” programs).

Nah. The “real progress” will be when the cell phone SIM card (or its future equivalent) becomes part of a trackable bio implant. The person would then “work” with any generic communications type device that is compatible and in range with their SIM/tracking implant.

At this point, people would really be “owned” by the corporation, not that they aren’t today anyway. It would just be a bit harder to switch companies when a SIM is a bio implant.

The even crazier part is that people would likely line up to get these SIM/Tracking implants if the company offered significant discounts/rewards for using the SIM/Tracking implant technology.

Can’t Wait.

Kashmarek September 26, 2007 6:19 PM

That is what is great about the natural world…life adjusts to survive or dies. Sooner or later, the life that adjusts the best might be the machine. In the end, nature, or geological time, will win. And we still won’t have gotten off this planet because we are wasting our time on this other nonsensical trash.

Anonymous September 26, 2007 8:47 PM

A two-stage rocke thruster that fits on something the size of a maple seed? And doesn’t give it the aerial attributes of a brick?

Wow, the energy density must be huge.

How about putting that in a laptop power-cell the size of a AAA battery? Nah, never mind. You’d never be able to get it on an airplane.

'Postle September 26, 2007 10:54 PM

  1. My first thought was to ask “where’s my flyswatter?”
  2. While I’d certainly not want to interfere on a ‘disaster recce’ flight, if one (or more of these buggers flies up behind me — or gets in my face in a public space — I’ll definitely be interested in deploying ACTIVE countermeasures. All scanners can be jammed. All mobile craft can be forced to “bulk up” on counter-measures. Who’s ready to hack?
  3. Finally — here’s a mashup: a “flier” that reads the chip implanted on your person. (Think hostage situation…get a read on who’s — QTY and ID — in behind those closed doors …)

Kashmarek September 27, 2007 11:48 AM

Follow the money trail. Its all about getting money from the government, in this case Homeland Security. The think tanks are likely spinning out these proposals by the dozens, peddling them to those with contacts, who can then get a couple of hundred thou’ for startup, research, and move to a new office to start the cycle again.

derf September 27, 2007 2:13 PM

What are they remotely iris scanning with? It’s not a flashlight. I’d put money on America being a society of blind, obese, cancer ridden mice within 10 years.

quiller September 27, 2007 10:39 PM

Implanting someone’s medical and even psychiatric records scares me more than simple personal identification. Who WOULDN’T want the hospital be able to get a full read-out on you before any diagnosis under emergency conditions? An easy sell until they know what fears you had as a kid, that can manipulate you now through targeted marketing.

Convenience drives society. Doctors will demand those records and lawmakers will comply, all the while lying that the data is truly secure, yes indeed it is. Uh huh. Tell that to the insurance companies eager to trim potential expenses by dumping people who fit selected profiles. Tell that to the selected terrorist targets who did nothing wrong except being alive and in such a crack-able system.

Dwindling geographic area translates to only running around with approved friends, which leads to watch-lists. Who knows? That final-generation implant may even Taze you, bro, if Someone Up There doesn’t like your choice in pals.

Freedom of assembly, my unwashed sweaty backside. We have a nation to defend. Get with the program or you’ll be reported—hear?

That’s a lot of future fear-induced self-control, all because we now fear things like an Amber Alert.

Pasi September 28, 2007 1:37 AM

I’ve worked with PKI infrastructures for a while and the problematics of registration, identification and authentication are similar in biometrics as well.

We’re focusing on the authentication part here quite a lot but forgetting that the opponent always tries to find the weakest point in the chain.

If you remember how foreign spies used to get to UK in the past you’ll notice that this biometric technology is not going to be very helpful. Back then, the foreign spies, terrorists and other villains obtained ID records from church records. They selected people who were registered in the records but were for some reason “usable” identities. For example, people who reside permanently in mental institutions would be perfect. After this, they visited the Registration Authority (RA, the Police?) with the certificate and received valid ID papers.

The point?

Even if we have a perfect identification and authentication mechanism in place we can not control the RAs in different regions and countries. If you want to go around this control, just travel to some banana country, buy an identity and off you go!

This weakness can’t be solved with technological trinkets.

Anonymous October 1, 2007 5:44 PM

Just use guns! That’s what the security contractors rely on to get the point across. “Oct. 1 (Bloomberg) — Blackwater USA employees shot innocent Iraqis and paid off one victim’s family at the urging of State Department officials who wanted to put the “unfortunate matter” behind them, according to a congressional report.”

From http://www.politicalfriendster.com
“Blackwater’s government contracts, obtained by The Nation, from September 8 to September 30, 2005, Blackwater was paid $409,000 for providing fourteen guards and four vehicles to “protect the temporary morgue in Baton Rouge, LA.” That contract kicked off a hurricane boon for Blackwater. From September to the end of December 2005, the government paid Blackwater at least $33.3 million-well surpassing the amount of Blackwater’s contract to guard Ambassador Paul Bremer when he was head of the US occupation of Iraq.”

At least here in the U.S. the people they’re guarding are already dead.

Leave a comment

Login

Allowed HTML <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre> Markdown Extra syntax via https://michelf.ca/projects/php-markdown/extra/

Sidebar photo of Bruce Schneier by Joe MacInnis.