Schneier on Security
A blog covering security and security technology.
« Home-Made Wi-Fi Hacking, Phone Snooping, UAV |
| Zodiac Cipher Cracked »
August 5, 2011
German Police Call Airport Full-Body Scanners Useless
I'm not surprised:
The weekly Welt am Sonntag, quoting a police report, said 35 percent of the 730,000 passengers checked by the scanners set off the alarm more than once despite being innocent.
The report said the machines were confused by several layers of clothing, boots, zip fasteners and even pleats, while in 10 percent of cases the passenger's posture set them off.
The police called for the scanners to be made less sensitive to movements and certain types of clothing and the software to be improved. They also said the US manufacturer L3 Communications should make them work faster.
In the wake of the 10-month trial which began on September 27 last year, German federal police see no interest in carrying out any more tests with the scanners until new more effective models become available, Welt am Sonntag said.
However, this surprised me:
The European parliament backed on July 6 the deployment of body scanners at airports, but on condition that travellers have the right to refuse to walk through the controversial machines.
I was told in Amsterdam that there was no option. I either had to walk through the machines, or not fly.
Here's a story about full-body scanners that are overly sensitive to sweaty armpits.
Posted on August 5, 2011 at 6:22 AM
• 30 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Interesting comment about Amsterdam. I flew to China from Amsterdam a month ago and there was no Body scanner to go through. Just your regular electronic scan gate.
So maybe they only use it for travels to the US.
In the EU it takes years for the individual countries to adapt the policies made by the European parliament.
So its not surprising that you had to go through the scanner, Bruce.
oh no, American Freedoms migrating to Europe - you are free to chose to walk through the full body scanner or walk away.
Hopefully the European Parliament ruling will not be ignored as they often are.
Don't confuse the regular 'gate' detectors with the full-body scanners.. they only take some people to them and that's after they've passed the gate detector ... in a full body scanner you assume a funny position you are told and stand still while it does its job... had the experience on Heathrow...
I flew Amsterdam to Newark a few weeks ago and turned down the full body scanner. They asked me why, and I replied that I just did not want to go thru the machine.
They sighed, tried to explain that it was a different machine from the ones we Americans were so upset about, but they let me thru with a cursory pat down and the metal detector. And a lot of grumbling in Dutch. :-)
I think there are only full-body-scans at Amsterdam-Schiphol when you fly to the US with an US Airline: the checks are then much more thorough, including a personal interview. It's my knowledge that is done on request of the US government and/or US airlines.
As I flew to the US with KLM (Dutch), the check-in was quite normal.
So, if you don't want the full body scanner on Amsterdam-Schiphol, fly a non-US airline. ;-)
At Hamburg (Germany) airport the full body scanner was an opt-in option, which I choose. It was slow and cumbersome, and I had to be checked 'by hand' afterwards.
I also flew from Amsterdam to the US rejecting a body scanner, and after some discussion got a pat down and metal detector. They even had leaflets there explaining the body scanners, and it said somewhere you could refuse.
@John: Actually, in the US you are not free to walk away. The law says that once you enter the scanning area, you must submit to scanning even if you then choose not to fly (or whatever the activity involved is). There have been several stories about this law being enforced in various silly ways.
there have been stories about people being threatened with prosecution for "walking away" from being groped in the security lines.
Got any actual prosecutions to cite? I don't think TSA wants to try and defend their practices in front of a judge, so all they do is bluster and threaten. Then quietly back down.
@Snarki - I don't keep track of these things, or follow up to see if the prosecutions actually happened, so no cites.
I do know that at one point the govt talked of (and had detailed plans for) moving the Buffalo border crossing onto Canadian territory, because there happened to be more space available. However, Canadian law allows one to walk away from a check at any time. The US govt wasn't willing to accept that, so they figured out a way to expand on the US side.
When my brother was refused entry into the US (for completely silly reasons I won't go into here) he was not allowed to just walk away - he had to submit to fingerprinting, lots of questions (including names and addresses of relatives completely uninvolved in the issue), etc.
Like Volker already pointed out above, the 35% failure (i.e. false-positive) rate is already the re-scan/second scan rate, after a first false alarm. The initial scan failure rate is 70%, while 10% of all alarms can be attributed to motion or incorrect position of the person in the scanner. And since some people like to get off on calling them "pornoscanners", it should be pointed out that the devices tested at the Hamburg airport were second-generation, producing only "stick figure" symbolized scan images with alarm areas that require manual pat-down re-checks marked up.
Another thing that seems to be largely missing from translated versions like the AFP piece is that, reportedly, German police is significantly unpleased with the scanner manufacturer (L3Communications) because they agreed to provide various fixes and improvements, but then failed to deliver them.
Markus is correct about the stick figures. When I went through Schipol and set off the scanners there were higlighted areas on the stick man to indicate where things were amiss.
It turned out to be the zippers on the removable legs of my cargo pants.
Just regarding the scanners at Schiphol, they're not only for US-bound flights. I went through one before boarding a flight to London.
I have the same problem. My clothes have cargo pockets - even the velcro-like closures confuses the machine. The elastic hair tie (has a metal clasp to hold in a ring, unlike a rubber band that doesnt) will set it off. some of my pants have plastic zippers (with a bit of fabric that lays over the zipper for fashion reasons) to detach the lower part (converts them to shorts) - this also confuses. therefore if I wear these convertibles with cargo pockets and a shirt with comparable pockets I invariably get patted down and wanded (sometime a few times) just on one entry through security. And the same thing happens on the way back.... So my next invention will be making explosive velcro!
On one hand, excessive false-alarms desensitizes screeners (TSOs) to the alarm event, increase the risk that they will miss a threat.
On the other hand, a high false-alarm rate where large numbers of pax are subject to additional screening increases the risk of detection for a would-be malevolent actor. Having more than 10% of passengers go through "extra" screening is effectively making it apply to everyone.
My take on it is that the price of a few terrorist attacks and some occasional bombings should be accepted as the price we have to pay for economic and social freedom. The enormous cost of security in society is not just in convenience and liberty, but real expenditures and opportunity cost (e.g. time) that translates into financial losses.
Various attempts to quantify the cost of e.g. airport security, in dollars, have been made by researchers, and various figures postulated. What the figures have in common, though, is that they are very, very high.
Well, just that they are useless does not mean that we are not going to deploy them.
We have a gouvernment, too...
I have gone through the full body scanners at Amsterdam's airport several times and have no problem with them.
They show the result of the scan in a way that I can see them, and it's just a (rounded) stick figure with areas of unusual density highlighted. I do not see any privacy concerns with these machines.
The machines used in the US appear to be very different (needless privacy invasion - could probably be argued a 4th amendment violation because better machines do exist), and chances are the ineffective machines in Germany are different again.
I think the point about the Amsterdam scanners that wasn't mentioned, is that they have a high sensitivity to stoners.
When the stoners go through, a little mist of ultraviolet paint is projected at their person. They've calibrated this stream so successfully, it's almost always dead on to the center of their backpacks.
Then a security person approaches them with a blacklight wand and asks the stoner to open their pack. But the stoners are usually so enraptured by the blacklight, they can't function to open the backpack. But they're agreeable folk usally, and let the security personnel open the bag while the stoner plays with the blacklight.
Only in Amsterdam :)
"I was told in Amsterdam that there was no option. I either had to walk through the machines, or not fly."
my guess is that the dutch are especially sensitive about the body scanners because NL was the origin for the "underwear bomber" who flew into the US. i have had several conversations with TSA employees who cited the "underwear bomber" as the justification for the scanners.
imo the passive millimeter-wave scanners in the UK are a much more sensible idea. i would expect the germans to recognize that any unnecessary incremental radiation exposure is bad.
Regarding body scanners at airports; there's a main reason I'm against them (others should join me) & have never been in one, it's the radiation that they produce & therefore give users a dose of!
Please read this: http://www.tgdaily.com/hardware-features/...
Doctor Oz does not consider these scanners to be safe for the following 4 groups: cancer survivors, pregnant women, children, and elderly, and he recommends that they should avoid being scanned at airports.
Check around 4:10, also at 1:30 as well.
As a survivor of cancer, I have always opted for the "enhanced" pat-downs. I have lots of visible scars from surgery and happy show them to TSA agents when they ask me why I am refusing the scans.
It is not fair that the Europeans are not providing the same option NOW in the entire EU zone for people in those groups that need to fly for business trips or family visits, without having to risk their lives in the name of security theatre.
[they don't work]
However, this surprised me:
[they will probably be deployed anyway]
Why is that surprising?
The decision to deploy them is based not only on actual effectiveness, but perceived effectiveness as well as a whole lot of unrelated stuff that we'll just label "politics".
You yourself were talking about a little security theater being acceptable if it brings perceived risk in line with actual risk. You're surprised someone is doing that?
> The decision to deploy them is based [on ...] perceived effectiveness
And who is measuring "perceived effectiveness"? obviously people who will get more money if the measure is favourable.
But in Schiphol (Amsterdam) airport they are looking for another problem, probably people building a bomb inside the airport - so you have a search when you exit the plane, when you go to the transfer area and when you embark the next plane.
Unfortunately there is still no "www.IHateSchipholAirport.com" web site to leave a comment.
I am just someone who will not go in (for instance a free entry) museum if the entry security measures generates a large group of people waiting at the entrance, so that if there were a terrorist around he will have an obvious target *outside* the secure area.
Anyway I do not even believe there is a terrorist around, with an acceptable definition of the word "terrorist".
What surprises me is that the report was actually published. Our police is just as big on security theater as yours is, and our version of the freedom of information law is so hollowed out it is practically nonexistent (requests can be denied for pretty much any reason, including gut feelings of the public servant).
Probably is is because our police is pissed off at L3.
Flew from Amsterdam to US end of last year. I told the security person I didn't want to go through the scanners. She asked why, I replied I fly a lot and was concerned about the radiation. She went to talk to her superior, came back and I got a patdown, but no problem at all.
It was funny because everyone I saw going through the scanners got a patdown as well... so I can confirm a high number of false positives and would have estimated even higher.
@Seiran: "Various attempts to quantify the cost of e.g. airport security, in dollars, have been made by researchers, and various figures postulated. What the figures have in common, though, is that they are very, very high."
The TSA's responses to GAO audits indicate that the TSA and the Homeland Security bureaucracy consider themselves impervious to any sort of cost-benefit analysis. They are so determined to avoid blame for (inevitable) failures that they will spare no expense reacting to past breaches so their posteriors are always securely covered. And of course, that expense is not merely in dollars, but in time, civil liberties, and now basic bodily integrity. And questions about cost-effectiveness can always be dodged with "Remember 9/11!"
That also would seem to explain why believe that security should be as visible, intrusive, and painful as possible for everyone found guilty of wanting to fly. Part of it may be an assumption that if they create enough arbitrary hassles for innocent travelers, they will create even more difficulty for terrorists, thereby "protecting the public." That assumption may have some validity, but the Question That Must Not Be Asked is whether whatever (unclear) benefit it provides justifies the very clear burden. But the main reason for defining "effective security" as "maximally intrusive security" is to show everyone involved how thorough and committed the TSA is to "protecting the public." In other words, security theatre.
I happen to believe that the best security is distinguished by its invisibility to the innocent and selectivity to the guilty. But that requires a level of intelligence and competence that is surely impossible to find in a secretive bloated bureaucracy like the TSA. The best they can do is a blunderbuss approach that treats everyone like a convicted felon. That's mainly because they have no reliable way of identifying the actual one-in-a-billion threat. But it's also because many people buy into the security theatre. If the TSA makes them take off the coats and shoes, confiscates their liquids, and hustles them into a high-tech scanner, it MUST be effective protection! And to anyone who questions this belief, "Remember 9/11!"
If so many people are going to get groped when the scanner flags their false positive, why not just bypass the scanner and the unknown risk of radiation and go straight to the groping?
Of course, the TSA is well known for defining a false positive as a "success." Each zipper, hair band, pocket, or sweaty armpit it flags is incontrovertable proof of the scanner's effectiveness at detecting hidden explosives, should someone carrying them ever happen to walk through a checkpoint. Blogger Bob would surely remind us that critics who use the German tests to attack the TSA are misinterpreting the results. Rather, the tests prove that the scanners reliably detect "anomalies" that could signal a threat to aviation, thereby providing highly effective protection against the Underwear Bomber. That should give everyone complete confidence that the scanners provide highly effective protection against terrorist threats. For anyone who persists in doubting this fact: "Remember 9/11!"
We have them over here in Europe and if you do refuse to go through one, the overzealous security staff well decide to give you a 5 min pat down . They seem to take it as some kind of a personal front that you should refuse to get in one of these machines, Lets the security staff to see you with absolutely nothing to hide as it were. Well its all about perceived risk minimisation rather than actual minimisation so maybe its works on that front.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.