Schneier on Security
A blog covering security and security technology.
« Gift Cards and Employee Retail Theft |
| Post-Underwear-Bomber Airport Security »
January 7, 2010
Another Contest: Fixing Airport Security
Slate is hosting an airport security suggestions contest: ideas "for making airport security more effective, more efficient, or more pleasant." Deadline is midday Friday.
I had already submitted a suggestion before I was asked to be a judge. Since I'm no longer eligible, here's what I sent them:
Reduce the TSA's budget, and spend the money on:
1. Intelligence. Security measures that focus on specific tactics or targets are a waste of money unless we guess the next attack correctly. Security measures that just force the terrorists to make a minor change in their tactics or targets is not money well spent.
2. Investigation. Since the terrorists deliberately choose plots that we're not looking for, the best security is to stop plots before they get to the airport. Remember the arrest of the London liquid bombers.
3. Emergency response. Terrorism's harm depends more on our reactions to attacks than the attacks themselves. We're naturally resilient, but how we respond in those first hours and days is critical.
And as an added bonus, all of these measures protect us against non-airplane terrorism as well. All we have to do is stop focusing on specific movie plots, and start thinking about the overall threat.
Probably not what they were looking for, and certainly not anything the government is even going to remotely consider -- but the smart solution all the same.
Posted on January 7, 2010 at 10:53 AM
• 43 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
We'll see if they like my suggestion. It's pretty crazy, but very possible and plausible. There's half the battle.
Here's the question. We are told his father had tipped us off, and that there was intelligence out of Yemen that a Nigerian was planning to attack us. But we are also told that about 1600 tips come in a day, and that he was one of 550,000 people on the watch list. So how do we know which tips are worth following and which aren't?
@Enlightened: "But we are also told that about 1600 tips come in a day, and that he was one of 550,000 people on the watch list. So how do we know which tips are worth following and which aren't?"
Like many other incidents before it, both failed and successfull, 9/11 being the most prominent example, after the fact things seem far more predictable/preventable than they actually were.
your suggestions won't work Bruce because then there wouldn't be any security theater and people would think that the TSA isn't doing their job!!!
Something the police used to do, at least the drug squad here in London did, was to pay people a visit as soon as there was good intel that someone had started dealing drugs or moved up the supply chain.
5 minutes saying 'we hear you're moving up in the world!' shifted hundreds of people back towards the straight and narrow.
Did it work on the hardcore - no, but police developed a feel for it so they knew who to concentrate on.
In terms of terrorism - whilst it obviously wouldn't be appropriate for all, it would be more effective than having the FBI infiltrate and organise every wannabe terrorist group with a collective IQ of less than 50 and help get the no fly list down to a more manageable figure.
@robert b: "our suggestions won't work Bruce because then there wouldn't be any security theater and people would think that the TSA isn't doing their job!!!"
I know what you said is more of a joke, but the sad fact is it unfortunately too true.
I don't like taking off my shoes and think it is a waste of time, but I don't think it measures how the notoriously panicky and paranoid public would react if we didn't, and how many false (paranoid) fears of "he's got a shoe bomb" would happen on flights.
"A person is intelligent. People are stupid and panicky." -- Tommy Lee Jones in Men in Black
Bruce's suggestions won't be adopted because they do not require enough spending for products manufactured by the defense industry.
What if you screen the heck out of 5 guys to make sure they're weaponless, only to find out that all 5 are world renowned kung fu experts who are also terrorists? What then? When they beat down the entire body of passengers with kihaps and hiyas? Got a FAM on board to mow them down? Good luck.
Takeaway message: Lock the cockpit!
Also, BAN KUNG FU!!!
I can generate FUD all day, like a machine.
"Terrorism's harm isn't in the reaction to the actual attack, but to the on-going perception of the threat of attack (i.e.: the reduction in our liberties as reaction, 'security theater')."
The on-going perception of the threat of attack is also a reaction to an actual attack. If no attack had initially been attempted, the on-going fear of attack would not be perpetuated as systemically.
Case in point, pre-9/11 newscasts were not laden with FUD campaigns regarding terrorist activities and what liberties we need to give up to protect ourselves from them. Whereas nowadays, you can't turn anywhere in the US without hearing the word or something related, despite it still being statistically less of a threat than being struck by lightning while holding the winning lotto ticket.
Eliminate screening. Eliminate databases. Eliminate ID requirements.
Instead, require every passenger to be armed with a loaded weapon of some sort. Firearms, rubber bullets, tasers.
Passengers have been the only line of defense.
The real lesson of "Underwear Gate" is that not only did intelligence agencies "not connect the dots", but that there don't appear to be too many sharp crayons in the pack.
Make all the guys dress like this.
(Stolen from Dave Barry.)
Why doesn't anyone advocate tolerance anymore. Not the hippie love your neighbor kind, rather the were going to fail sometimes so make the system tolerant to local failures. Note: this isn't 'defense in depth' crap. This is - if someone gets through how do we minimize the damage/affect to other portions of the system.
Its one of the things I evangelize constantly, but no one wants to hear it. Especially in the Gov't circles. Trying to explain that tolerance is the natural order of things in the universe to a congress critter or staffer is nearly impossible. Talking about it to a 1 or 2 star is simplistic. *sigh*
Until the USA stops scapegoating all airlines major mistakes, we will be basically idiots.
Whats up with the USA? Alliteration always everywhere now, doublespeaking dangers!
Seriously now, Schneier's 1,2,3 points are right on.
Until tools for handling intelligence are more widespread, failures will increase. It is hard to develop when much of open source is now JUNK, unless pay for play and you have lots of contacts.
Look at FreeBSD recent alerts, ntpd,not good, reminds me of Microsoft slammer type purposefull problems.
FreeBSD zfs, 07777, that is freaking four systematic sevens, not cool! Until the DOD, Darpa, NSF, NSA, CIA, FBI, ETC TLA, stop "collecting" intelligence, and start working and solving problems, we are all stuck with cascading computer crap. No security = no action, pass the buck and do not collect $200. And trusted computing is NOT the answer. /usr/sbin/EndOfRant
I like your answers Bruce.
As far as crazy ideas go. I think it would be interesting to de-centralize radically...
Instead of having security at airports ... have
regional light rails or even trucks take passengers from a dozen nearby locations directly to a boarding area.
Each transport could have several trusted people to ensure no one officer could compromise the chain of trust.
The vehicles would only be allowed in the airport during a brief window before the flight. This local station would get compensated at flat rate by the airline per passenger. Amenities would be provided here at the way station. Stations would compete for passengers on quality of experience.
Basically minimize the number of people concentrated at any time and try and provide a nicer experience and a competitive one around each airport. I believe this system would be harder to disrupt since their would be no huge single difficult to maintain perimeter or target with huge numbers of people or difficult to replace structures. Locations would need to be audited randomly and a failure at one, should affect all centers operated by one company.
I think a system like that with a controlled network could process people faster, safely, and people would gladly pay more for it.
Of course it will likely not happen. I think it is _more_ likely the US will loosen the current rules when the crazy security rules threatens the industry more than crazy fears.
A practical suggestion:
Fix checked-luggage security. Checked-luggage security is so lax that to pack any fencible electronics is to lose it. So we *must* carry onboard our laptops, cameras, etc. This increases the volume and variety of carryon baggage, providing more opportunity for explosives to slip through.
Instead of misspending billions expanding the TSA but still living in fear every time we fly, Americans can save hundreds of thousands of lives every year by eating a diet low in saturated fat, exercising on a regular basis, quitting smoking, screening for cancer, wearing our seatbelts, designating a driver, wearing helmets when biking, changing the batteries in our smoke detectors annually, treating depression promptly, drinking only in moderation, taking our blood pressure medicine as indicated, funding research into a cure for Parkinson’s, removing ourselves from a violent criminal sub-culture, providing quality prenatal care, and having our children immunized against preventable diseases. Source: National Vital Statistics Reports, Vol. 57, No. 14, April 17, 2009.
1. Cut down the aviation watch lists so they are small enough that people on them can be watched and so they include only genuinely dangerous people.
1a. Overhaul the watch lists by including enough specific data to identify specific hazardous unpersons rather than just specific hazardous names. There are half a million names on the aviation unperson list but many millions of people are regularly deemed hazardous because the unperson list makes no distinction between a 6'2" alleged terrorist named John Smith and an 8 year old with the same name.
1b. Prison sentences for TSA and other agency employees who misuse watch lists for partisan purposes. There is no security reason for Janet Reno, Naomi Kline or the late Ted Kennedy to be on the aviation watch list, but they are/were there--almost certainly because one or more Republicans within the security apparatus liked the idea of using the system to harass Democrats and leftist intellectuals.
1c. Establish a procedure to remove names from the watch lists if no ongoing evidence of intent to do harm can be found. An automatic pruning process is necessary to prevent the watch lists from growing to ever larger sizes as more intelligence is gathered.
2. Crack down on abuses of power by TSA agents. There is no security purpose for checkpoint agents to be photocopying passenger's documents, reading their emails, detaining passengers for carrying books with depictions of bombs on the front cover, or arresting people for wearing Arabic T-shirts. All of these abuses have happened, and in all cases the responsible agents should have been fired and subject to criminal charges.
2a. Remove the discretionary privileges of TSA agents to confiscate items not specifically prohibited by law or regulation. An agents who wants a pack of cigarettes should not be able to spontaneously invent a cigarette ban in order to get himself some free smokes.
3. Publish the entire list of prohibited items.
4. Remove the gray area of prohibited items that will be confiscated but won't result in an arrest. If the TSA has to arrest everyone who carries any contraband, they're going to think very hard about banning nail clippers.
5. Make the TSA liable for damages (including airfare etc) if they interfere with a passenger who is traveling in good faith and is found to be clean. If you miss your flight because the TSA's agents are too poorly trained to tell the difference between a Macbook Air and a bomb, the TSA should be required to pay compensation.
6. Subject all TSA rules to a cost-benefit analysis conducted in public under the supervision of the judiciary.
Slate's comment box for this context has a 150 word limit. The stupidity of trying to address a complex problem in 150 words is on par with the stupidity of the average TSA agent....
So, is airplane the only possible target? It amuses me how much money gets spent in the airport/airplane security.
And like you said, car accidents killed much more people. If that money was diverted to build better roads we might save more people in the long run.
PS: Yes, I do use the airplane often.
Box cutters = metal detectors.
Bomb in sneaker = everybody take your shoes off.
Bombs in underwear = full body search.
The current approach to airport security is "defense in depth," i.e. reacting to and every new threat as it surfaces by buying new equipment and implementing new procedures. This just adds layers on top of layers of complexity and increases the cost of air travel.
Wouldn't it be more efficient to find and defuse the bad guys before they get to the airport? Impossible, you say? The recent DARPA network challenge makes me think that early identification of bad buys might just be possible. They moored 10 red balloons across the US to see how people would organize and use viral networks to find them.
MIT took less than one day to solve the puzzle.
Change the contest from find the "red balloon" to "find a potential bad guy." Add an incentive. Use business intelligence analytics to sort through the real time data streams coming in to filter for key bomb making materials, countries whose citizens may be more statistically predisposed to do such cowardly acts, certain behaviors, and so forth.
Defense in depth is eventually going to cripple the air travel industry as it results in excessive cost and inconvenience. We're spending billions of dollars to protect against a few bad guys. Let's think about a different approach.
"Eliminate screening. Eliminate databases. Eliminate ID requirements." (Anonymoose)
Nah. Eliminate passengers.
I predict that TSA's ultimate response to the underwear bomber will be:
1. Steal underwear
okay, maybe TSA isn't run by the Underwear Gnomes, but they might as well be.
Robert says: "your suggestions won't work Bruce because then there wouldn't be any security theater and people would think that the TSA isn't doing their job!"
I think that might be a good thing, if done right. Make security seem lax, then catch those who attempt to exploit that. Obviously using techniques as detailed by mr. Schneier, not by dressing up a WTMD as a limbo pole or something like that.
The day the 'terrorists' start using MANPADs will be tragically funny. I wonder what TSA will do to all the innocent passengers then. The only way to protect them from that particular threat is to not allow them to fly. Game over..
Whee. Isnt this game fun.
My non-serious suggestion was to make the process more pleasant by staffing checkpoints with supermodels.
My serious suggestion was to think of it like baseball. In-depth (as in multiple layers), flexible (able to move). If the batter gets a hit, don't focus on that, but on keeping him from advancing. Set up the double play, throw a pitch-out, etc.
Don't worry about the no-hitter/shut-out, because those are rare, and pitchers aren't thinking about that when they're on the mound. Ask Nolan Ryan or Tim Lincecum.
Mix up our pitches: fast, slow, curve, changeup, knuckleball, inside, outside, etc.
I know, I know, some humorless government drone will say, "IT'S NOT A GAME!"
WTF: 150 word count!
They couldn't ask the question in 150 words; it took them 205 words. Schneier's response is over the line at 158.
I actually put some thought into fleshing out my idea but it seems like submiting there is pointless so I will leave the mechanics of raw idea here. In short I am warming up to the idea of making the TSA optional.
I have a theory that the best way to improve airline security -- as evaluated on the criteria of effectiveness, efficiency and pleasantness -- is to concentrate on the low hanging fruit of pleasantness.
I happen to know that if I were given the choice of flying on a plane full of non-TSA inspected passengers and also eliminating the TSA inspection of myself then I would take this option and even pay extra for it. I am of the opinion that there are many more "passers": people like myself.
So I would like to see a study funded to statistically estimate the number of passers. If this study indicates a significant number of people in the passers group then I believe the estimations can be further tested by designating, at first, one terminal per major airport as a passer zone.
Passers would be driven by TSA agents on golf carts past the TSA security lines and dropped into a passer zone which is essentially a chain link caged terminal that keeps them from leaving the passer zone to access the secure part of the airport. Another TSA agent would watch the passers to ensure nobody leaves the passer cage.
They would fly together on a specially designated passer flight and then upon deplaning be taken in golf carts outside the secure area of the airport.
If this pilot program is a success then I would like to slowly add more terminals into the passer zones and reach out to a larger number of airports.
If, at some point after continually expanding passer areas, the passer cages reach some threshold of success then I suggest the general public has accepted that passers will be around to stay. In this event I see two things happening. First is the TSA getting its funding from non-passer ticket taxes. Second, I see airport architecture incorporating passer areas to eliminate the cages and golf cart rides.
There it is. I still have unresolved issues with the basic idea making the TSA optional and some of the mechanics of the idea I have but I hope it at least interesting enough to have read.
@Bruce: pretty much exactly what I would have suggested, the indoctrination is obviously working ;-)
@peri: my wife suggested this very solution a couple of years ago. Of course, given the fact that TSA is using the "prevent previous specific attacks" mantra, this could never be ... they'd be afraid of a 9/11 do-over.
Personally, I'd like to go back to pre-9/11 European standards ... the shoes off and liquids ban are nonsense, as is the requirement to take a laptop out (X-rays go through nylon), but the metal detector is sensible security.
You bring up a good point! I am not yet entirely convinced no screening is the best way to go.
I actually started out hoping that the TSA might end up being a regulator of many private security firms, each selling their own vision of "sane security screening." The problem is that if every possibility was allowed then given N choices you would need 2^N separate security areas in an airport. So if you get to answer only 3 questions: "take off shoes?" , "liquids?" and "X-rays?" then we already need 8 separate security zones. Since technology advancing gives us options N is itself is growing exponentially with time.
One other benefit with no screening is that I would hope that "implied consent," the source of any TSA agent's power, would evaporate for passers.
Bruce, I know you're a really smart guy, so you must understand that the root causes of these particular problems have to with our foreign policy. Yet, I never see you mention it. I'd love to hear your defense against this criticism. If you're simply taking it as a given that some group of people will always be pissed at us, I don't buy it. It's still worth mentioning as the #1 reason always: Constantly reasses how your actions are affecting others. I know it's a political hot potato to even mention that our behavior in the Middle East might be instigating some of this terrorism, but I would expect you to be tough enough to handle it. So, please, tell why I'm wrong or stupid or both. Thanks.
I wanted to sketch out what I see as the strongest argument against the passer idea. Thousands died in the 9/11 attacks and only hundreds were passengers. It is one thing to allow people the choice to take on any extra risks involved in being a passer but it is another when a couple hundred people's dislike of airport security allows a plane to be used as a weapon against innocent people who aren't flying.
I don't worry about the use of a plane as a weapon for two reasons:
1. We've hardened the doors. If they can't get in to the cockpit, the most they can do is blow up the plane in the air. Two incidents: Lockerbie - 11 killed on the ground, NYC (2 airplanes collided) - 6 killed on the ground. That's it. Not a lot beyond the plane
2. Anyone attempting this now will get the snot beat out of them by the passengers. No more sitting around because we'll "negotiate" - now it's "we're going to die anyway, let's kill him first."
@ John Langlois,
'The current approach to airport security is "defense in depth," i.e. reacting to and every new threat as it surfaces..."
Hmm No I'm not sure what you are trying to say but "defense in depth" is not what you are describing with,
"i.e. reacting to [each] and every new threat as it surfaces by buying..."
That is reactive security which has nothing to do with defence in depth, the concepts are compleatly different.
The whole point about defense in depth is to stop (amongst other things" reactive security.
As Bruce knows but rarely says these days (time for an OpEd me thinks ;) defence in depth consists of "broad overlaping" defences that are desigend in such a way that the gaps between orthagonal defenses are covered and importantly the individual defences lock together.
We often talk about defense in depth as being like the "layers of an onion", "leaves on a cabbage" or "filo pastery" when trying to describe it by analogy.
That is each defence layer is very broad but thin and may have imperfections and holes in it. However multiple such layers provide an overal depth that can be quite flexible. But importantly the result is that small weaknesses or holes in one layer get covered by other layers.
However this is insufficient in of it's self,
Firstly if the individual layers or defences are not broad but specific they actualy accomplish little. As Bruce has noted in the past "overly specific" defences are like "50ft spikes in the ground, that are easy to walk around"
Likewise a mismatch in the capabilities of an individual defence causes issues. Hence the comment Bruce has repeated often about "safe doors on a tent". Or the much older "strong posts alone do not strong fences make".
You started your post by giving three examples,
You present all three of these are "reactive measures" caused by a specific threat. In atleast one case the measure was already in place (metal detectors) and although they worked for 9/11 they failed to stop the attack due to "no penalties". (yeah you've got a cheap knife in your pocket, so what, on you go).
However some of them are good and some are bad you need to consider if each defence is,
1, Broad or Specific and in what way.
2, Orthagonal to other defences in use.
3, Interlocking to other defences in use.
4, Defence is not mismatched to other defences in use.
5, Defence is not mismatched to known threats.
6, If a defence mitigates issues with other defences and how.
7, If each defence produces appropriate responses.
8, If the actual defence (not it's type) is appropriate to where/how it is being used.
Before you can argue if it is as part of "defense in depth" or not.
The first example you give,
"Box cutters = metal detectors."
The metal detectors worked and did pick up the "box cutters".
However it's defence potential was negated by the "so what" threat evaluation. Which arguably was a failing of point 5.
The 9/11 terorists had actualy tested the systems on a number of occasions and realised that there was no penelty with carrying a box cutter. Thus it failed on Point 7 above.
Your second example,
"Bomb in sneaker = everybody take your shoes off."
This is a prime example of failing at point 1 above. The threat "bomb in sneaker" was a specific sub class of the more general "bomb in apparal" which is a sub class of "person has hidden explosives" which inturn is a sub class of "person has a prohibited item" which in turn is a subclass of "person has a dangerous item" which in turn is a sub class of "person has an item".
We saw atleast one publicaly known examle (Ass Bomber) of a higher class (person has hidden explosives) threat, but it was not taken on board. So within a couple of days we have "Capt Underpants" and "Dr Blowup" so "shoes off" also failed on point 5.
Arguably the problem was that after 9/11 working at the "person has an item" class was considered but the issue of point 8 came up (we half joke about getting through the screening "butt naked with a black rubber glove hanging out of a bodily oraface").
Which brings us onto your third example,
"Bombs in underwear = full body search."
We are not yet, nor are we even close to a full body search even for the external body surface (thank god)
Arguably it is currently going to fail point 8 in the way our "mass transport" systems are organised...
We then get onto your analysis/complaint of,
"by buying new equipment and implementing new procedures. This just adds layers on top of layers of complexity and increases the cost of air travel."
Yes it does but these acts are not indicative of "defense in depth" they are just as indicative of the last moments of a chicken after it's head has been choped off. It runs around and flaps it's wings so appears to be "multi-tasking" but provably there is no "directing mind" in charge.
Thus it is what we more often call a "Knee jerk reaction" that is it is unavoidably and mindlessly reacting to a previous "insult".
Please note I'm not saying your actual analysis above or conclusion,
"Defense in depth is eventually going to cripple the air travel industry as it results in excessive cost and inconvenience. We're spending billions of dollars to protect against a few bad guys. Let's think about a different approach."
is wrong (they are quite close to being correct) just that you have incorrectly labled it "defense in depth" which it is not.
The sad thing is the current POTUS is reputed to be an analytical thinker not a "knee jerker". What we needed to stop the stupidity was for POTUS to stand up and say "Yes we missed this one and we cannot avoid missing future ones unless we make radical fundemental changes" then ask the people to think long and hard about how the rest of the world view the US and why and what they want to do about it.
Because it must have dawned on quite a few Americans by now that the "why us" question is not just about how the terrorists see the US but how a rapidly increasing percentage of the worlds population sees the US and it's policies since the 1950's.
Instead POTUS sucumbed to the "beat up a burecrat to protect the status quo" merchants and their "talking heads" who are happily profiting from this irrational and blinkered view point that lines their pockets one way or another at the worlds expense (not just that of the US tax payer and consumer).
And before I get the "red card" from the "Moderator" for "politics" not "security" let me put it this way,
We are talking about trade offs in "National Security" which need to,
A, have a chance of working, and
B, be acceptable /equitable to those they effect not just in the US but world wide.
That is if the US want other countries to pay for the "US border defence" then they had better come up with a real good argument as to why, and none fielded so far are anything but laughable to many outside of the US.
And saddly that is where the "National Security" of all Nations hits the reality of "International Politics" you can not have one without the other...
And thus you have occasionaly to acknowledge "politics" when discussing "security".
1: no cargo on passenger planes
2: all passengers will have to be provided with new clothes at the airports(provided by the USA) that have been screened.
3: no personal equipment on the planes.
4: that is all forks
5: Allow Baganda to Smile in there own country
@anon: both are good points!
************ Important info ********** Sir or mam would u please get the word out about seriouse " SERCURITY BREECH" at Delta Airlines JFK Terminal wich was coverd up in the last couple of days by CEO Richards............."Please go to Black Star.com.......wich is a well known up to the minute news source for the NY. area on line.........There was a terrible cover up involving an Delta employee that blew the whistle on a possible dessaster in the air at JFK....this employee was fired as a result of going to the CEO of Delta and later telling the "Black Star News.......There is an big cover up at Delta Airlines..............
The attack on 25th Dec has achieved at least two goals, knee jerk reaction and hysteria from some parts of the media and population.
Going back quite a way, terrorist activity relating to the 'Troubles' in Northern Island dropped off significantly when the 'doers' ended up dead :)
Of course, this approach, based largely on intelligence relating to known suspects, would violate modern day principles. This would explain why it was never implemented in Northern Ireland, The Regiment from Hereford was never deployed there, but attacks dried up :)
One thing's for sure, the security checks are bound to increase in the short term, someone's got to make money.
I have a very simple and effective way to improve aircraft security: As passengers board the plane, give each and every one of them a Taser.
--The flight crew now have locked doors, so they can't be incapacitated.
--Any individual (or even a group of 5) who tries to endanger the plane will meet with swift and immediate "democracy in action."
--Flight attendants, similarly armed, would be able to mete out immediate judgment on those they believe are endangering the plane...no more turning around the aircraft because someone just got nervous about what someone was wearing.
Sure, there will be a period of adjustment. But between a few quiet flights and a few law suits to establish protocol and etiquette, I think flying would be as safe as humanly possible...at least when you have crowds of humans on board.
You don't even have to worry about safety: Tasers are "non-lethal". Just ask the company!
...and think of the entertainment value!
Really, it's time to put aside the fiction that 'racial' (really, ethno-religious) profiling is bad. Blind people aren't alowed to drive, teenage males are risk-rated for insurance and Canadian Blood Services doesn't allow homosexuals to donate blood. Yet we persist in the politically-correct fiction that 20-40 year old Muslim males mustn't be 'profiled' as terrorist risks. Aside from some silly rumours leaked recently (no doubt, by Islamist disinformation artists), female suicide bombers are NOT part of al Qaeda's MO (unlike, say, the LTTE). And the vaunted Israeli 'behaviour profiling' is also used along with racial profiling.
We also have to look at who is allowed to work in airport security, or maintenance and baggage handling. The Canadian Air India bombing was a spectacularlly tragic example of the dangers of politically correct hiring practices. (What made this worse is that the Mulroney and Chretien governments--anxious not to offend the growing Sikh voting bloc--threw the prosecution against the Babbar Khalsa terrorists.)
Oh, I almost forgot...
Years ago, I had a prof, of Indo-Dravidian extraction--very dark complexion, heavy accent. When he travelled to Northern Ireland (during the Troubles), over the Eire border, the guards quicky waved him through. However, white men with Christian/Celtic names got the full latex glove treatment.
Ethno-religious profiling, along with 'geographical profiling' (i.e., what countries one's visited) works and saves lives. Islam isn't a 'race', but has telltale names and behaviors, &c. For instance, only Richard Reid had a non-Muslim name, among all the Islamic airline terrorists. Also, some signs of an imminent suicide attack (wearing of normally-haram perfume, visible depiliation, reciting the Shahada) are so Islam-specific that watching for them could be construed as a form of 'profiling'.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.