Schneier on Security
A blog covering security and security technology.
« Secure Flight Privacy Report |
| OneDOJ »
January 2, 2007
Me on Airline Security
I get to make fun of airline security in The New York Times.
Posted on January 2, 2007 at 9:57 AM
• 37 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Note to islamic terrorists:
To maximize the disruptive potential of your failed plots, have your next plot employ butt-plugs made out of plastic explosive.
You are so on the do not fly list!
I agree with the general statement you make in the article. Security theater stops nothing and costs billions. I'd like to see more people discuss this and make the discussion national.
We have a problem though, and its a lack of critical thinking in the public.
I just don't think we're going to see people get elected to important positions that are going to be publicly in favor of scrapping security theater. Reasonably intelligent people from all walks of life really do believe that if there was a plot to bring an explosive liquid on a plane, then you should ban liquids.
Many people really do believe its better to be wrong every time and confiscate items that clearly can not be used in any plot of any kind than to be right every time and take the security measures that actually improve security.
Someone who talks about security for what it is will never get elected. Instead, we'll continue to elect people who want to spend more on less, tax more so we can spend even more, and spend even more beyond that, just so we can say we are doing all we can.
Then, if something bad does happen, we'll spend more billions on commissions to identify why the tactic used wasn't thought up and who we should blame for not guessing the successful tactic.
I'm beginning to think that the "ultimate" terrorist plot would be to plan to make clothing out of explosives. You wouldn't have to take the plan very far; the idea wouldn't even have to work, but you'd still force everyone in that country to fly nude for the next decade or so.
>have your next plot employ butt-plugs made out of plastic explosive.
The ultimate sexual experience!
How about to get women with infants as the next terrorist recruits?
White women with gel filled explosive bra, an infant filled with an explosive butt plug, and with over 100 ml of explosive infant formula ....
Please do not tell the authorities about a plot of Twelve Monkeys. Otherwise even empty containers will become suspicious/forbidden.
Anyway, we can look forward to a future of secure travel. My "recommendation" would be going through a standard screening first, then x-rays scan, personal background checks and polygraph interrogation before each and every flight. During the flight you will be put to a sleep using anesthetics and for the sake of even higher security handcuffed for possible sleepwalking prevention. Being held in check by a trigger-happy armed guard would be an option as well.
And then some completely different target will blow up :-/
Bruce, didn't you get the "underwear bomber" joke from Lewis Black? I saw him use that line on the Daily Show at least a year ago.
Is there any legal recourse to challenge the arbitrariness of the TSA? Isn't there a possibility of a class action law suit by some civil liberties and oversight group? I know the ACLU challenged the TSA about the No Fly list in 2004 -- has it gone anywhere?
I don't believe education by the written word, even with outright mocking and hilarious imagery like the monkey's wee-wee check are going to help.
My angst is not about the inconvenience to us, nor the abuse of authority. It is about the staggering dollars involved that will be repaid by our children. Its security theater with gilded toilet seats included in the price of admission.
The so called airport security which you call "security theater" is just a waste of time and money. It makes it difficoult for us who have to travel regurarly, but the chances that they actually stops any terrorist threat is minimal. I am glad you are highliting this on a regular basis, so that (with any luck) some security officials might see it, and think twice before implementing another security feature.
Working in shipping I fear the next security measure targeted on shipping, but I know it will come to us aswell. ISPS gave us a load of new paperwork (with minimal compensation) without doing anything special to reduce the terror threat to commercial shipping.
How anyone can fly anonymously for free (based on the observations of a frequent flyer):
1. Print a fake boarding pass at home with anyone's name and itinerary for a flight later today.
2. Stand near the public printer in a nice hotel and observe a traveler print out their boarding pass. Memorize the passenger name, confirmation number, and flight number. Ideally this would be someone who is obviously not checking a bag.
3. Go to the airport and provide the stolen information to the ticket agent, explaining that you lost your wallet and don't have ID.
4. Ticket agent provides you with a valid boarding pass that displays SSSS (mandating secondary screening) and writes "NO ID" on the boarding pass in pen, then circles it.
5. Show the "NO ID" boarding pass to the ID checker at the entrance to the security checkpoint.
6. While waiting in line, put the "NO ID" boarding pass in your luggage and take out the one you printed at home. Show this one to the TSA officer at the metal detector. This just saves you the hassle of secondary screening.
7. Use the "NO ID" boarding pass to board the aircraft, making sure to board before the person your stole the information from.
Step 1: You would actually print out several fake boarding passes, one for a flight in each possible terminal at the airport since you don't know which terminal you will get in step 2.
Step 5: In some airports you will be asked to go to a special line for secondary screening. You can either sneak out of the line or just submit to the extra screening. Might as well get your money's worth, eh?
Step 7: The only risk of detection occurs AFTER you board the aircraft, since the person who matches your boarding pass will probably be stopped by the computer as having already boarded, causing confusion at the gate. Obviously there is no chance of success on a full flight as passengers will fight for their seats (easier to get away with on airlines with non-assigned seating like Southwest). Another potential problem is the head count performed by flight attendants just before leaving the gate. Also be aware that there will be video footage of you at the security screening area, and possibly the ticket desk as well. Of course you never showed your real ID, so no one knows who you are anyway. You did wear a disguise, right?
"Is there any legal recourse to challenge the arbitrariness of the TSA?"
Heh, part of the current administration's platform is to turn legal recourse into a parody of itself.
Consider the time when Bush tried to put William Haynes on the 4th Court of Appeals. Some folks pointed out that Haynes had a record of arguing up was down, left is right when convenient. Note his position when it came to debating how to protect valuable assets from permanent destruction:
"Seeking an exemption from the Migratory Bird Treaty Act in order to enable the military to resume bombing on a remote Pacific island as part of live-fire training exercises, Haynes prepared a legal brief arguing that even though the island is an important nesting site for such migratory birds as great frigate birds, red-footed boobies and Pacific golden plovers, bird lovers should have no problem with the bombing.
Indeed, argued the Haynes brief, conservationists would actually benefit from the destruction of such birds, because it makes the birds rarer - and 'bird watchers get more enjoyment spotting a rare bird than they do spotting a common one.' Moreover, Haynes noted, the bombing is good for the birds, too - because it keeps the island free of other 'human intrusion.'"
Apparently Bush has been pushing for years to have this guy and similar spoilers sit on the bench. If a tree falls in a forest, and only Bush's appointed judges hear it...
Take one suicide bomber and a packet of constipation pills . Take a few condoms, put some nitroglycerin in each, tie tightly and carefully swallow.
Carefully walk up to the security check and pass through it without any problems. It might be a good idea to have an old prescription for nitroglycerin tablets just in case they have a working explosives detector.
Once on the plane, take the constipation pills and wait for nature...
In the plane toilet, extract the nitro, soak it up with some toilet tissue or news paper and stick the mess to the window or external wall. Hit the stuff with a shoe.
Some experimentation would be needed to get the timing correct and a suitable replacement for a latex condom might be needed.
Unless they xray or use ultrasonic scanners at the boarding security checks, this technique is close to undetectable.
Would it work? I have no idea, but it is way more practical than the supposed binary liquid explosive threat we were all subjected to last year.
Common Sense: your victim shows up at the airport, and he has an ID and a boarding pass. He gets all the way to the gate. The boarding agents say there must have been a mistake, check his name, check you. They find that there is a big "NO ID/SSSS" written on your boarding pass, but your victim appears legit. They call the cops and take you to jail.
This whole liquid thing reminds me of an episode of the BBC classic radio comedy series, "The Goon Show", where Britains were advised by the government to walk backwards carrying gas stoves on their heads, as a measure to prevent boot explosions.
One shoe bomber and everyone has to take off their shoes going through security for the rest of time.
God I'm looking forward to the first BRA-bomber. :grin:
Cant see it since it is not accessible
Joe Buck: agreed. Your end-game is one of the risks I outlined in caveats for step 7. The scheme is not foolproof if your objective is flying for free.
However, it does reliably get you on an airplane completely anonymously. You could plant something on the aircraft and then leave. While I'm sure they are trained to be observant, gate agents are supposed to monitor who gets ON the aircraft, not OFF.
The countermeasures for these vulnerabilities (boarding pass scan and head count) are not managed by the TSA, they are managed by the airline (whose objective is profit, not security). The point of Bruce's blog entry is to make a mockery of airline security, and I hope that I have demonstrated that all the TSA's efforts are easily bypassed with the exception of the personal metal detector and baggage x-ray (i.e. pre-9/11 security).
Aside from just adding new reasons for minimum wage ophiles to fondle random women and children, by ramping up what will be confiscated the TSA is actually trying to cut cost. These stolen ...err... "confiscated" items are sold on eBay.
Right, so let's say one of those snowglobes was a bomb and could be remotely detonated (or be on a timer). Sure, it didn't get on the plane but hey, there's loads of people standing around and it's surrounded by glass globes (aka sources of shrapnel).
If this was actual security there would be some sort of chute where you drop stuff into a pit and crush/burn/shred it far from crowds.
"...there would be some sort of chute where you drop stuff into a pit and crush/burn/shred it far from crowds."
Oh, you mean different than checking your luggage? That's been my opinion of the general handling routine I've experienced at some airports. I'll never forget the time someone threw a surfboard lengthwise onto a belt...the crunch was awful, with fiberglass bits flying into the air.
The solution to this ban is so simple...
Remove the liquid from your snow globe and hide it in a used tooth paste tube. :)
>White women with gel filled explosive bra
No where does is say the bra has to be worn by a woman. Or that it has to be worn at all. You could easily load up your carry on with 10 gel bras filled with explosives.
Security officer: Why do you have so many bras?
You: They're for my wife/gf. I got a good deal on them.
“It’s a good thing the shoe bomber wasn’t an underwear bomber.��?
Did you actually say that? It's straight outta Seinfeld!
The entire liquid bomber plot is almost certainly fictional.
The plot itself would have been almost totally impossible to pull off from a technical standpoint.
The suspects never made it to the airport. They didn't have airplane tickets/visas.
Persons of interest in the case gradually keep being released because of lack of evidence.
This is NOT great "intelligence and police work". It's stupidity, secrecy and subversion.
Anyone here believe this plot was real?
I was traveling over thanksgiving with my two 12 month old baby girls. It's already a big enough production getting the stroller and everyone through security. This time though, they made us take off their tiny little leather shoes. It was utterly, utterly ridiculous.
Common Sense, in case you check back again: you're right that you can board airplanes annonymously via your method, but really all it is is fraud. It's not really that much of a vulnerability anyway (as a cheapo) because you will almost undoubtebly be caught after you've gotten on the plane (you stipulated that you would board before your victim), when e.g. stewardesses walk the aisles asking for people's names, apologizing that there is a stowaway. The system notices the duplicate board, and obviously you without ID are at a strict disadvantage.
As a terrorist, its only an advantage to the extent that its easier to forge a boarding pass (or acquire one through fraud and social engineering) than it is to simply not have a "history" and buy one yourself. History doesn't suggest this to be an issue, but I suppose _forcing_ people on planes to have clean histories of course isn't unreasonable
@Sean: Not all airport systems are very good at capturing duplicate boardings; there has in fact been several cases here in Norway the last year or so of people accidentally boarding the wrong plane. The error was not caught (in some cases) until the plane arrived at it's destination.
@All: But why bother breaching security when you can just target the lines at the security checkpoint instead? Per definition, it is outside the secured area and usually has decent-sized lines. You also score extra terror-points for subverting the security system.
@Geoff Lane: those are some very effective pills you are talking about. Most laxatives take 8 hours so you are talking long-haul, right?
Or hey - someone could use non-dairy creamer in their infant formula bottle :
Sodium alumionosilicate: Known to potters as albite feldspar (a ceramic glaze and strengthening agent), sodium alumionosilicate is used in foods as an anticaking agent. Powdered nondairy creamer is flammable, and if it gets too anticaked (dispersed in the air like a cloud), it can explode. Just one spark, and – kaboom!
You miss the goal of taking the shoes off your 12 month old daughters. The goal is to enforce the "no shoes" rule. The structure of the rules is such that the staff enforcing them do the minimum amount of thinking. Thinking might require a more expensive sort of worker. Sure, it might work better, but "working better" doesn't serve the TSA agenda. The TSA agenda is not safer air travel, it is air travel where the TSA cannot me blamed for the problem.
At the ONT airport Monday the TSA folks were telling passengers, "We're here for an 8 hour shift. We'll don't care how long it takes you to get to your plane, we live here. You should just do what we say the first time, and don't try to figure out the rules." Apparently they do this to cut off conversations with passengers. The supervisors see the behavior, and don't seem to see a problem with it.
Until we measure and record Type II errors by the TSA, the number of such errors will grow without bound. This weblog has abundant prior discussion of the terrorist density influence on error rates. Since the terrorist density is zero, for practical purposes, every TSA seizure is a Type II error.
That's why they don't report statistics like the # of people searched and the # of items seized.
All you "odd scenario" people are missing the real point behind security theater: it's just theater.
Nearly every test people make of smuggling regular weapons on board get passed the screeners. The FBI and others continue to show that security rarely catches a determined smuggler of regular weapons.
Much of this occurs because, as Bruce mentioned, too much time is spent searching people who are not likely a threat.
If such security were good, we'd randomly search all cars all the time, and search homes, too. By being random, we'd not be subject to "profiling" complaints, even though profiling is exactly what's needed when trying to find a bad guy in a crowd of good guys.
When time and money is spent searching the wrong people for the wrong items, that time and money is not spent looking for real bad guys.
We've never heard of the TSA securing us from an actual terrorist attack. Plots are thwarted from time to time, but they are done using real security, not the waste perpetuated by the TSA.
Sneaking on a plane: perhaps this could be improved by sitting on a different seat (since the rightful owner of the original seat will almost certainly show up). If that seat is also taken, apologize and try another seat. If you clash too many times, perhaps have a fake boarding pass for a different flight ready, so use this as an excuse to leave the plane, and to escape. Maybe carry broken glasses, to add credibility to your apparent confusion.
Still sounds rather complicated to me.
Non-dairy creamer: nice one :-) Maybe the real terrorist plot is a little more sophisticated than we all thought: 1) set up some barely credible terrorist threat, 2) tell the police and make some nebulous remark about "liquids", 3) lean back and enjoy the brief panic, 4) lean back and enjoy the hilarious long-term countermeasures even more, 5) give people time to think about them and how to subvert them, 6) collect the best ideas that would actually work from the Internet, 7) send your real team to carry out the attack, this time without prior warning.
Memo to self
Subject: 007/Austin Powers movie plot?
Agents of SPECTRE/Virtucon infiltrate the production facilities of the leading manufacturer of breast implants ....
Wonder if this booby trap will fly?
Various Airline Security Plots ...
#1. Make a concerted effort to get the most common names of the most common passengers on the no-fly list. Wait for the fur to fly.
If this goes no further it becomes a failed terrorist plot, because no one is terrorized. However, a pile of secondary objectives are met.
If security is changed, this might facilitate a real attack.
#2. Make a concerted effort to get a substantial number of the names of people in "Who's Who?" and similar lists of important, famous, and near-famous people on the no-fly-list.
Most passengers might won't be greatly affected and possibly they will be somewhat amused at the possibility of CEO's, polititians, and celebrities being singled out for closer ispection.
Wait for the TSA to fix the problem and probably introduce another security hole in passenger screening.
Exploit the security hole.
The down side of this for a terrorist would be if this caused a major rethink of airline security.
I just caught up on my VCR backlog. This week's Boston Legal had an entire thread on the Firm taking Homeland Security to Court to get Denny Crane off the No-Fly-List.
Not sure if all of the revelations were true, but they are even more bizzare than has been discussed on Bruce's various blogs/comments.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.