Bruce Schneier

 

Blog

Crypto-Gram Newsletter

Books

Essays and Op Eds

News and Interviews

Audio and Video

Speaking Schedule

Password Safe

Cryptography

About Bruce Schneier

Contact Information

 

Schneier on Security

A blog covering security and security technology.

« U.S. Exports Terrorism Fears | Main | USB Drives and Wax Seals »

May 16, 2012

Security Vulnerabilities in Airport Full-Body Scanners

According to a report from the DHS Office of Inspector General:

Federal investigators "identified vulnerabilities in the screening process" at domestic airports using so-called "full body scanners," according to a classified internal Department of Homeland Security report.

EPIC obtained an unclassified version of the report in a FOIA response. Here's the summary.

Tags: , , , ,

Posted on May 16, 2012 at 6:15 AM15 Comments

To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.

Comments

Clive RobinsonMay 16, 2012 7:02 AM

I know you should not argue backwards from effect to cause... But does anyone know what the eight improvments are so we can get an aproximation of what the likely defects are?

Dave C.May 16, 2012 8:08 AM

It is a good thing to do the analysis looking for weaknesses, admit there are some and to specify appropriate improvements.

AndrewMay 16, 2012 8:41 AM

There is legitimate reason to keep the methodology of testing and details of specific vulnerabilities out of public view.

The results of testing, such as the number of airports tested, the number of tests conducted, and percentage of detections versus fails .. keeping that secret is just politics and nothing to do with keeping the public safe.

KevinMay 16, 2012 9:52 AM

Seriously, when are we going to stop funding the TSA?

Snarki, child of LokiMay 16, 2012 10:33 AM

@Kevin: "Seriously, when are we going to stop funding the TSA?"

When the AQ-TSA chapter is up and running, or half past never, whichever comes first.

NobodySpecialMay 16, 2012 10:47 AM

"Seriously, when are we going to stop funding the TSA?"

When you accept that sort of treatment everywhere and the Transport Security Administration is absorbed into the general Security Administration or just SA

GeorgeMay 16, 2012 11:54 AM

I can't wait to see Blogger Bob's response to this. Probably something like "Study proves Advanced Imaging Technology is highly effective at detecting hidden explosives like the Underwear Bomber!"

Dirk PraetMay 16, 2012 11:59 AM

Irrespective of the nature of the identified vulnerabilities, the solution will be to either upgrade or replace the existing devices at the usual "modest fee".

"Seriously, when are we going to stop funding the TSA?"

Not going to happen until such a time that a majority of the population turns against it (ref. slavery, civil rights movement, Vietnam etc.) The TSA in its current incarnation has nothing to do with security, but everything with a priviliged elite making its fortune by exploiting the commoner's fear of a tiny group of religious extremists whom - for all practical purposes - they have created themselves.

ScaredMay 16, 2012 12:37 PM

@NobodySpecial. Or you could call it State Security or just SS?

FigureitoutMay 16, 2012 1:24 PM

My "trolldar" is picking up something...

Nice summary, in typical PR fashion it tells me something and nothing at the same time...

when are we going to stop funding the TSA?

Well, think about who "we" is...it's not you or I so maybe we should fix who "we" is...but honestly who has the time/motivation to actually do that?

NobodyMay 16, 2012 3:10 PM

The report only mentions: "We identified vulnerabilities in the screening process (...) " and not necessarily security vulnerabilities in the scanners themselves. Where does the information come from that te scanners themselves are vulnerable?

MeMay 16, 2012 3:58 PM

Wow, I think this sums up the summary:

Never heard someone talk so much, but say so little.

FloydMay 16, 2012 5:08 PM

Dirk Praet hit it, three points from the key

MatthewMay 16, 2012 8:38 PM

Just saw this today, wondering what your take on this woul be.

http://www.wired.com/threatlevel/2012/05/...

Wonder what the effects of this will be.

John CampbellMay 17, 2012 11:36 AM

Hmmmm... I guess these vulnerabilities were needed to ensure others the ability to download nude photos of the subjects ... and allows the obfuscation to be bypassed, allowing high definition magazine quality photos to be retained.

(smirks)

Post a comment




E-mail is optional and will not be displayed on the site.


Remember Me?


Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Powered by Movable Type. Photo at top by Geoffrey Stone.

Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.

 
Bruce Schneier
Subscribe
Atom Feed Facebook Twitter E-Mail Newsletter (Crypto-Gram)
Subscribe via Kindle
Blog Menu

Search

Powered by DuckDuckGo


blog only
essays and op eds only
whole site

Blog Home Page
100 Latest Comments

Archives by Date

2013 J F M A M
2012 J F M A M J J A S O N D
2011 J F M A M J J A S O N D
2010 J F M A M J J A S O N D
2009 J F M A M J J A S O N D
2008 J F M A M J J A S O N D
2007 J F M A M J J A S O N D
2006 J F M A M J J A S O N D
2005 J F M A M J J A S O N D
2004 J F M A M J J A S O N D

Tags

more tags

Support Bloggers' Rights!
Defend Privacy--Support Epic
Latest Book
Liars & Outliers
more books by Bruce Schneier