Schneier on Security
A blog covering security and security technology.
« The Pentagon's World of Warcraft Movie-Plot Threat |
| Unlocking Doors Over the Internet »
September 19, 2008
TSA Employees Bypassing Airport Screening
Airport screeners are now able to bypass airport screening:
The Transportation Security Administration (TSA) rolled out the new uniforms and new screening policy at airports nationwide on Sept. 11.
The new policy says screeners can arrive for work and walk behind security lines without any of their belongings examined or X-rayed.
"Lunch or a bomb, you can walk right through with it," said Mike Boyd, an aviation consultant in Evergreen. "This is a major security issue."
Actually, it's not. Screeners have to go in and out of security all the time as they work. Yes, they can smuggle things in and out of the airport. But you have to remember that the airport screeners are trusted insiders for the system: there are a zillion ways they could break airport security.
On the other hand, it's probably a smart idea to screen screeners when they walk through airport security when they aren't working at that checkpoint at that time. The reason is the same reason you should screen everyone, including pilots who can crash their plane: you're not screening screeners (or pilots), you're screening people wearing screener (or pilot) uniforms and carrying screener (or pilot) IDs. You can either train your screeners to recognize authentic uniforms and IDs, or you can just screen everybody. The latter is just easier.
But this isn't a big deal.
Posted on September 19, 2008 at 8:01 AM
• 48 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I have to disagree here
"But you have to remember that the airport screeners are trusted insiders for the system: there are a zillion ways they can break airport security."
This still should not make the ways to break security easier for them to do so. If we wanted to put a 100% trust for insiders, then we should trust every person that works in IT without monitoring.
@Ryan: if we trusted all people working in the airport, then it would be like trusting anybody who works in the IT. Trusting only the screeners, is like trusting only the security people in IT. Also, it would be unfeasable to screen every screener every time they take a break, or for any reason go back and forth from a security area.
I am in favour for EVERYONE being screened. That way you don't rely on the integrity of each individual person to ensure security because you would have to have more than one person involved in the security breach.
Ideally they should be screened by people at a different entrance or gate to where they work at the start of their shift. It doesn't guarantee that there won't be a conspiracy but it makes it harder to be successful.
Maybe the management should encourage a certain amount of competition between the different groups to ensure the workers are properly checked (get out the gloves?)
@NP - Not sure what you are saying.
I do agree some people must be trusted, but these should be a select few. Definitely not all of the screeners.
Man, I wish I had a TSA uniform.
But who screens the screeners? they can let anything pass they want. Even more than 100ml of liquid!
Also we must trust a lot of people. What about all the people working on the plane? They won't even need to bring anything bad through, they just need some mechanical faluire to happen.
Bascialy nothing in security really works unless there is someone that is trusted.
everyone is equal, but some are more equal than others.
@Greg: Airports have staff screening areas at the landside/airside boundaries (at least they do in the UK). The security staff should use them to go airside then move back to the gate they are working at.
Its always better security to have a system which requires two or more people to be turned than a single person before it fails.
This TSA rule appears to be based more on convenience than security.
Screening everyone including screeners is like RFID baby-bracelets in maternity wards; mostly useless but it makes people feel better.
On the other hand, maybe this is a good thing; the first step towards the realisation that screening is mostly for show.
A malicious screener could conspire with others and let them pass through the checkpoint despite the wired cheese and the (gasp) 4 oz flask of whiskey in their backpack.
If screeners aren't to be trusted, the entire system stops working.
Sure, you could lower that "risk" by randomizing where screeners are deployed (so that the "bad guys" don't know when and where their buddy works), or by double staffing each checkpoint, but that's hardly practical.
I mean that, during his job, a screener will need to get out of the "secure area" (the one after security check) and get back in many times, so it would be unfeasable to have a screener screened every time he leaves and then gets back in the security area.
I'm in favor of everyone being screened so that everyone gets annoyed equally.
Over the long term, it might result in less screening.
But in the end the point remains that if they are not an actual screener, they're getting through un-screened. I agree that the screeners must be trusted in order for the system to work, but if anyone wearing a screener uniform can walk through unchallenged, that's a pretty big security risk.
I can, grudgingly, go along with letting them bypass the scanner every time they go back and forth while they are actively working at a checkpoint. In theory anyway they have, at that point, been authenticated and are being independently supervised.
But there is no way that they should be allowed to arrive to work and lug whatever they darned well please to the supposedly "sterile" side of things without having to put up with the same crap that the rest of us do. If I have to stand in line, have my id scrutinized under a light and magnifying glass, take off my shoes & belt, put my single tiny tube of toothpaste in a baggie and empty my pockets then so should they. A fake cop uniform, a pretend badge and a bad attitude is not proof of trust-worthiness.
This crap is never going to end if those who impose it are exempt. The President of the USA, every member of Congress and, most of all, every DHS employee from the top down should have to stand in line and put up with these jerks too. No cutting to the head of the line either. It would change real fast if they actually had to face the consequences of their policies.
An additional reason to screen everyone is "dogfooding." The screeners are the people with the most immediate power to make the screening experience better for the rest of us. If they have to go through themselves, they will be more inclined to improve it.
I have to disagree. I believe that you have stated that security is like a chain and when ANYONE can walk through the detector without setting it off, the entire process is invalidated. Just because these folks have been previously validated doesn't mean they can't change their minds. If I kidnap your family and have one of them call you on your way to work, you are likely to do whatever I want to get your family back, i.e. the movie Firewall.
Screening should be (well, eliminated; but if they are going to have it at all then they should have it) for everybody.
That way renting/stealing/fabricating a uniform isnt a free ride through.
They've had background checks? So what? In the military I've had more background checking done on me than probably an entire class-C airport worth of screeners has had collectively; does that mean I shouldnt need screening each time I get on a plane? (please say yes)
They cant screen them because of metal badges? OMG! What @#$! moron decided it was a good idea to give these K-Mart rejects badges? They do ->NOT
I definitely fall on the side of making them be screened. Even a real trusted actor has multiple ways of violating the system. And they don't have to conduct an attack themselves. With the current setup (or something like it that works) it would be hard to let your friends smuggle contraband thru the xray machine or metal detector, as others are often watching. But failing to check uniform, lunches, etc. makes each, individual screener COMPLETELY trusted. Even a cursory hand-search would alleviate this. Even a receipt system to note when screeners bypass security might give enough pause that monitoring is going on. But /nothing/?
(Remember, a lot of contraband is hidden under a veil of secrecy and cash; just because someone helps smuggle doesn't mean they want to be smuggling bombs onto planes.)
Also, this doesn't seem to be an issue at a number of airports. They have hard barriers, and there are inside screeners and outside screeners. And everything is scanned. I've seen adding machines and monitors x-rayed, which were being installed just 18" inside the secure line.
I am sure it would be a burden for some smaller facilities, and certain layouts. But either we believe in the security policy, or we don't.
Indeed, i'd have to disagree, too.
You have always said that a uniform is identification. Even if you were to trust each individual screener, you'd still have to verify that the person standing in front of you actually is a trusted screener.
I don't see why they would be going "in and out" of security, they could just move from one place to the next while staying in the sterile zone, especially when they're carrying stuff around.
Of course there will always be trusted insiders, but the number should be kept as small as possible. Also, one should try to prevent creating single points of failure.
I can imagine an aircraft mechanic is not allowed to work on anything critical alone, or without the work being checked by a supervisor afterwards. This not only reduces that chance of accidental screw-ups, but also eliminates the single point of failure if any one mechanic wanted to do harm.
I would favor everyone being screened just for the sick pleasure of seeing a TSA agent be put in the "random" extra screening box and miss their shift change because of it.
if the screeners are inconvenienced by standing in line, then maybe TSA would do something to make the lines more effecient.
I would read this as a tacit admission by the TSA's "leadership" that airport screening is so inconvenient and so ineffective that there's no justification for imposing it on their own employees.
I know that's unpatriotic and plainly aids the enemy, but what other conclusion could we draw from such a policy?
Every screener should be screened before being allowed to his/her station in the secure zone. But then who screens the first screener to show up for work in the morning?
Whooo... this is almost religious... a question of faith
I understand all of ur POVs. I am a TSA employee and I don't trust ome of my coworkers. I have no problem going thru security if we had to. but they have random unannouced screenings set up where tsa is not exempt. just like many other airport employees are randomly screened. so are tsa employees
@TomL: Sjeez, don't you understand anything?
President Bush himself, the only man in the US that can be trusted, and never needs to be screened, will screen the first screener, who can then screen other screeners before they screen the screeners who go to work screening the passengers!
Except the 'Barney' in this case is more Barney Fife, anyway.
Not screening on arrival is just asking for trouble. Especially at big airports where it's quite likely that all the screeners will not know each other by face or name. And of course the big airports are the most tempting targets.
The 19 hijackers of September 11 were trusted. That was how they got through security. Trust is a matter of faith, and faith can be misplaced, it can be betrayed, and easily so because is it based solely on wishful thinking. The point of checking is to take the guesswork out of knowing things.
There is also the issue of fairness. If paying customers have to endure frustration and humiliation, then turnabout is fair play.
The number of people talking about fairness in this thread shows just how thoroughly we see screening as security theater. If it were perceived as an important, effective safeguard, there would be a lot less complaining about whether letting certain people through was fair or not. (As opposed to complaining about whether it was safe.)
This will last until the first TSA employee goes postal and uses a smuggled gun to massacre his coworkers.
Sed quis custodiet ipsos custodes?
paul: People who post comments here are a self-selected population, possibly more inclined than most Americans to be critical of the TSA.
I would suggest soliciting the opinions of the roughly 30% of Americans who still support President Bush. I think they'd be more likely to see TSA screening as reassuring proof that our Commander-in-Chief is aggressively fighting the War on Terror. They'd probably agree that the screeners deserve an exemption so they won't be distracted from their awesome task of vigilantly protecting aviation. And they probably think the new uniforms are great.
What? No more totalitarian obedience training for the flunkies? They may start getting ideas.
(Anyone know a place selling Vaseline in 3 oz containers? May come handy next time one of us serfs have to travel by air.)
I do not see why they are not being screened. To save time?
1) Does it really save that much time? I'd rather pay the few seconds or even minutes extra for the security.
2) Forcing an efficiency model into screening is not a bad thing. They have little incentive to speed passengers through screening, other than public outcry, so why not introduce a real financial metric to help drive innovation.
Screening the screeners should help spur innovation.
In fact, I think they should be screened on the way out of work as well as coming to work.
That would be more like how insiders are treated at secure companies.
Since the screening is mostly facade, it's hard to get worked up about not screening as being 'unsafe'. It does seem that some conclusions can be made, however. If the screening isn't important for low wage airport workers, then the TSA management fully understands the facade nature of what they are doing, they are not competent, or a mixture of the two.
Hmmm. I think that is a high risk strategy for this group. Someone might just take up your offer and make some comments.
TSA screening should be mandatory not just for everyone entering an airport it should also be mandatory for anyone entering any government facility.
This would, of course, include the White House in Washington DC, and all the various Congress buildings.
The sight of presidents, senators, and congress beings lined up for their (at least) second shakedown of the day, just after lunch, will send a clear message to all terrorists: the US puts safety above convenience for all its citizens and alien workers.
I realize that the TSA as such is only concerned with transport, not government facilities. But a simple rider to any current bill can change that to the GTSA.
"Since the screening is mostly facade, it's hard to get worked up about not screening as being 'unsafe'."
I won't get worked up about it being unsafe. I'll get worked up about the plain double-standard in the acting out of this security theater. Or maybe I'll just act like I'm getting worked up, since it's all just theater.
I'm not even reading all the comments before I make my own.
The screeners being exempt from screening is simply absurd. Ridiculous even. Almost unconscionable.
I have worked in corporate data security for 10 years. One of the things that has been pounded in to me over and over is that security must be subject to the same rules as everyone else in order to be taken seriously.
In a corporate world, if you start taking short cuts and bypassing protections just because you can, you lose support from other departments and management.
I've been working under a "log whatever I do whenever you want; I'm doing my job" mentality for a long time.
It'd be trivial to fly under the radar, reading other people's emails, bypassing the proxy server, sniffing traffic to snatch credit card numbers, using admin-level / non-roles-based access to grab privileged info and sell it on the black market.
But I don't because that completely undermines the effectiveness of security.
The TSA doesn't have to worry about cooperation from other departments or management. They can detain you if they feel like it while blatantly violating their own rules. Who is going to stop them? The person working next to them?
I think Bruce's logic here is solid but based on a faulty premise. Skipping screening doesn't apply to the TSA screeners and airport staff, anyone with a TSA employee badge gets to skip. I was tempted to get on a TSA just for this perq.
To Nomen Publicus-does the name Alvin Crabtree ring any bells w/you? Tried to bring a loaded gun to work @ DIA w/him about a year ago (came up w/a pretty lame excuse for having it) & was ONLY caught because he had to go thru screening. Was he intending to go postal? Probably not, but if someone who SHOULD have known better & SHOULD have known he'd get caught tried to bring a gun w/him, I'd say the odds just went up dramatically that someone else WILL do it now that the smurfs know no one is checking them upon arrival. BTW-Alvin apparently had his SIDA badge revoked for 30 days but that was it.
And the TSA wonders why they are one of the most despised gov't agencies in existence today? Idiots.
This is another reason the whole system doesn't work-there is no way to prevent against an inside job. It doesn't matter if anyone is screened or not, for it is only insurance considerations which are central in all transportation matters, whether by car, plane, train, bus or taxi.
The Federal Government has blown this thing way out of proportion to reasonable risk, and based on the thousands and thousands of flights each day, it is clear that the security equipment contractors and congressional lobbyists have habituated the government security contract authorizers into one deal after another, whereas the insurance company calculated risk factors are the same as they always have been. The U.S. Congress and Courts have failed in their job of protecting the general public from use of police state measures by the government in the business place of our airports. The Airline companies and executives of same are equally responsible for lowering the standards
of air travel , through their acceptance of the unconstitutional "frisking" measures. To put our entire nation out of uniform and in unprofessional "frisking" situations in public at the airport is to achieve a goal of our enemies, and quite a few otherwise intelligent executives and public figures are proving to be the scapegoats of this illegal use of technology and personnel.
Also, if you are in the military, the TSA won't make you remove your boots for X-Ray. The reason I got when I asked was that it would "slow the line down too much to unlace them all the way, take off, and put back on." The exception was steel toe boots, because they made the metal detector beep. That makes it obvious.
So, it covers a few areas. 1) Govt doesn't apply rules to itself that the great unwashed masses have to jump through, 2) it's considered rude or "unpatriotic" to question why soldiers aren't being scanned the same way, and 3) it helps move things along which makes the masses happy so they don't complain too much.
I can say that as a screener I to have to go through the same as if I am flying. Once you are tested on the start of your shift and you do not leave the screening area then you are safe to go in and out of the screening process. You leave for lunch you are back to square one.
But there are more important issues that need the publics attention and when someone starts a conversation about the processes I will add my opinion. BUt until then stay alert and always do your part in keeping our skys safe.
I just saw the article about the new policy and what a joke. Back ground checks. I know a screener that was convicted of domestic violence, child abuse and bragged about it and when it was discovered to be true the response was, if it happened outside of 10 years of the back ground check he was good to go. No mind he had no other qualification for the job. Now they give free passes.
Just so you know, although screeners are exempt when they enter the area for work, they are subject to random screening at any time, including their bags and all other property. This is without notice or recourse. If anything that is prohibited is found, it is immediate termination and possible charges. As such, even though it might seem we get a free pass, that is not the case. And yes, I am an officer at a US airport.
A TSA employee came through the detector right after me setting it off as loud as possible and they let him pass. I asked the supervisor 'what gives' and I got a stern look as she pointed out that 'we have these badges!' like that means something, like no one could be compromised that owned one of these .. I summed it up with 'those don't mean shit' and I almost got arrested .... power corrupts. I definitely do NOT feel safe with TSA folks making $10 an hour being able to go right through the screening. What a crock.
each cosplayer's motive is to demonstrate need to have a personality, or perhaps in sensing just like a character in character, attempting to get so that they are that's player. this specific cosplayer happens to be related staying a fan and is actually as well as as an official otaku. other functions may well be an loving ways and less focus to account information and top notch. this kind cosplayers are additionally possible to evaluate the persona's are recognized to and numerous other criticise lacking cosplayers for an entire facts and strategies associated with, or you cannot besides applying appeal habits.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.