Kip Hawley Responds to My Airport Security Antics

Kip Hawley, head of the TSA, has responded to my airport security penetration testing, published in The Atlantic.

Unfortunately, there's not really anything to his response. It's obvious he doesn't want to admit that they've been checking ID's all this time to no purpose whatsoever, so he just emits vague generalities like a frightened squid filling the water with ink. Yes, some of the stunts in article are silly (who cares if people fly with Hezbollah T-shirts?) so that gives him an opportunity to minimize the real issues.

Watch-lists and identity checks are important and effective security measures. We identify dozens of terrorist-related individuals a week and stop No-Flys regularly with our watch-list process.

It is simply impossible that the TSA catches dozens of terrorists every week. If it were true, the administration would be trumpeting this all over the press -- it would be an amazing success story in their war on terrorism. But note that Hawley doesn't exactly say that; he calls them "terrorist-related individuals." Which means exactly what? People so dangerous they can't be allowed to fly for any reason, yet so innocent they can't be arrested -- even under the provisions of the Patriot Act.

And if Secretary Chertoff is telling the truth when he says that there are only 2,500 people on the no-fly list and fewer than 16,000 people on the selectee list -- they're the ones that get extra screening -- and that most of them live outside the U.S., then it is just plain impossible that the TSA identifies "dozens" of these people every week. The math just doesn't make sense.

And I also don't believe this:

Behavior detection works and we have 2,000 trained officers at airports today. They alert us to people who may pose a threat but who may also have items that could elude other layers of physical security.

It does work, but I don't see the TSA doing it properly. (Fly El Al if you want to see it done properly.) But what I think Hawley is doing is engaging in a little bit of psychological manipulation. Like sky marshals, the real benefit of behavior detection isn't whether or not you do it but whether or not the bad guys believe you're doing it. If they think you are doing behavior detection at security checkpoints, or have sky marshals on every airplane, then you don't actually have to do it. It's the threat that's the deterrent, not the actual security system.

This doesn't impress me, either:

Items carried on the person, be they a 'beer belly' or concealed objects in very private areas, are why we are buying over 100 whole body imagers in upcoming months and will deploy more over time. In the meantime, we use hand-held devices that detect hydrogen peroxide and other explosives compounds as well as targeted pat-downs that require private screening.

Optional security measures don't work, because the bad guys will opt not to use them. It's like those air-puff machines at some airports now. They're probably great at detecting explosive residue off clothing, but every time I have seen the machines in operation, the passengers have the option whether to go through the lane with them or another lane. What possible good is that?

The closest thing to a real response from Hawley is that the terrorists might get caught stealing credit cards.

Using stolen credit cards and false documents as a way to get around watch-lists makes the point that forcing terrorists to use increasingly risky tactics has its own security value.

He's right about that. And, truth be told, that was my sloppiest answer during the original interview. Thinking about it afterwards, it's far more likely is that someone with a clean record and a legal credit card will buy the various plane tickets.

This is new:

Boarding pass scanners and encryption are being tested in eight airports now and more will be coming.

Ignoring for a moment that "eight airports" nonsense -- unless you do it at every airport, the bad guys will choose the airport where you don't do it to launch their attack -- this is an excellent idea. The reason my attack works, the reason I can get through TSA checkpoints with a fake boarding pass, is that the TSA never confirms that the information on the boarding pass matches a legitimate reservation. If all TSA checkpoints had boarding pass scanners that connected to the airlines' computers, this attack would not work. (Interestingly enough, I noticed exactly this system at the Dublin airport earlier this month.)

Stopping the "James Bond" terrorist is truly a team effort and I whole-heartedly agree that the best way to stop those attacks is with intelligence and law enforcement working together.

This isn't about "Stopping the 'James Bond' terrorist," it's about stopping terrorism. And if all this focus on airports, even assuming it starts working, shifts the terrorists to other targets, we haven't gotten a whole lot of security for our money.

FYI: I did a long interview with Kip Hawley last year. If you haven't read it, I strongly recommend you do. I pressed him on these and many other points, and didn't get very good answers then, either.

EDITED TO ADD (10/28): Kip Hawley responds in comments. Yes, it's him.

EDITED TO ADD (11/17): Another article on those boarding pass verifiers.

Posted on October 23, 2008 at 6:24 AM • 69 Comments

Comments

bobOctober 23, 2008 6:32 AM

"...Even if “all” we do is stop dumb terrorists, we are reducing risk...."

Actually that has been where my hope resides, that all terrorists are dumb. It reminds me of the air traffic control system in the US before those 2 airliners collided over the Grand Canyon; it was called "big sky" theory (ie its a big sky and airplanes are small, so what are the odds of 2 colliding).

AlbatrossOctober 23, 2008 6:49 AM

It's clear that Hawley and Chertoff and all the rest of them are simply marking time until they're replaced under the next administration. Chertoff's numbers are so transparently lies that I'm surprised he didn't introduce them with "Would you believe..." ala Maxwell Smart.

If all the next president does is replace these incompetent cronies with competent professionals, he'll have improved our nation's security right there.

BillOctober 23, 2008 7:01 AM

@bruce
Typo - 'intervied' should be 'interview'

Uh oh, James Bond is not a terrorist (he kills baddies and saves goodies) and starting rumours like that in the week before the opening night may encourage a heavy knock on the door from 'The Studio'. ;)

CGomezOctober 23, 2008 7:11 AM

The Congress controls the TSA and our congressmen are not security experts. They will continue to appoint bureaucrats who are not security experts, and we will continue to get security theater. This is because security theater sounds good to these non-experts and it looks good to the citizen non-experts. It all derives from the voting public. How many times have you heard someone say: "Whatever it takes to keep us safe." With that attitude, people see long lines, mysterious scanners, and ID checks and think: "Well, this seems good. It'll keep the bad guys out." They vote, and the people they vote for say the same things, so we continue and will continue to get non-security experts in charge of these things.

It's possible a smart president could use the bully pulpit to sway Congress towards a security oriented direction, but considering this is not a campaign issue, it won't happen.

Maybe all "terrorists", wherever they are, are stupid. To wait so long not to try and do something again is either brilliance or stupidity. It's brilliant if the plan was just to get the country to waste money. It's stupidity if the plan is "we have an infinite future, we only have to attack every ten years." Well in the past seven life returned to normal. Heck, it returned to normal in a few months. Terrorists who really wanted to terrorize would conduct small, seemingly-random attacks everywhere and anywhere. Even if they killed no one, they would terrorize. Didn't take much for the DC sniper to scare the hell out of a region.

Even the so-called brilliant plan isn't so brilliant after all. Why even bother terrorizing to get us to "waste money" when we can do it just fine ourselves. We'll extend credit to unworthy individuals for a few decades and our banks will collapse, causing the government to spend or promise over 2 trillion dollars in a matter of weeks. Makes the brilliant plan look awfully small time, doesn't it?

The number one question I think the US Government should answer is, "Where are the terrorists and why don't they attack?" I don't care who is president... someone answer the question.

Jacob AppelbaumOctober 23, 2008 7:16 AM

I'm curious how they're planning to implement these encrypted boarding passes. I'm also curious how the airlines will secure systems that have the keys for those encrypted boarding passes.

I'm thinking the answer is probably "badly" in both cases.

MateOctober 23, 2008 7:21 AM

' Even if “all” we do is stop dumb terrorists, we are reducing risk '. Therefore it is worth it. Also, please let us monitor all phone calls and all internet traffic, since if all it will do is to reduce risk, it is worth it.

Oh, and I forgot, please let us also put a policeman at the entry of every shopping mall, looking out for people carrying toothpaste, baby milk and coke, as they might in fact be carrying ingredients to make bombs, and that is a threat. And if all this will achieve is to reduce risk, it is worth it...

A nonny bunnyOctober 23, 2008 7:22 AM

"Stopping the ‘James Bond’ terrorist "

Turning of the TV typically works for me.
They're not even pretending not to go for movie plot threats anymore, do they. (Not to mention the villains in a James Bond movie haven't usually struck me as very smart.)

RyanOctober 23, 2008 7:42 AM

The real question is how would they stop Jaws from the Bond Movie biting a hole in the side of the plane during takeoff?

Michael AshOctober 23, 2008 8:15 AM

I have to disagree with the conclusion about encrypted boarding passes. Eight airports is not nonsense, it's just testing. You really can't deploy that sort of thing system-wide instantaneously. It makes much more sense to deploy to a few airports, make sure the system works, then deploy it everywhere. While it's only at a few airports it has essentially zero security value, but that's not the intent.

And once it is deployed everywhere, it's still useless, because the no-fly list is stupid even when it's difficult to bypass. Using a fake ID or simply using an agent who isn't on the list will get around it, so it doesn't really matter how difficult they make it to use your particular attack.

I'm not THAT Robert JohnsonOctober 23, 2008 8:29 AM

Encrypted boarding passes? Meh. That means little to the whole theatrical production whereby posession of a simple prop (TSA uniform) can put one in a position to open dozens of luggage items going on each flight. Talk about opportunity.

Extra identification prior to flying is fine, for passengers...I'll appreciate the opportunity to make my proof ahead of time after being detained for "additional screening" again and again. However, I know enough now to realize that I am no safer for it. I just fly with a bit less hassle.

So can anyone who is good at identity theft.

Jason R. CoombsOctober 23, 2008 8:47 AM

"Ignoring for a moment that 'eight airports' nonsense..."

Obviously, security measures are ineffective unless applied universally (or randomly and undetectably).

But you have to recognize that novel new technology deserves a pilot launch to determine its impact and local effectiveness.

I think Hawley's point is that they are working on a solution and that the solution is in pilot phase, not that they've "secured" eight airports.

ErichOctober 23, 2008 8:54 AM

@CGomez: "The Congress controls the TSA and our congressmen are not security experts. They will continue to appoint bureaucrats who are not security experts, and we will continue to get security theater."

Except the day is coming in which the guys who know they are not experts and are willing to bring in the best experts to run the TSA, will have a majority and possibly a supermajority in Congress.

Then, no more "Heckuva job, Brownie!".

bobOctober 23, 2008 9:10 AM

We should have an annual award for the best security theater! Call them Security Tony ("Stoner"?) awards!

Each year issue a statue of a passenger with no shoes and someone else walking off with his laptop, wearing the "sad" face mask as he is being cavity checked by a uniform wearing stooge in the "happy" face mask.

Richard VeryardOctober 23, 2008 9:17 AM

Statistically impossible? I don't think so. If we assume that the No-Fly list has not been drawn up completely at random, then the list is going to contain some clusters - although of course these clusters may have nothing to do with actual terrorism. Maybe there are some very persistent (and thick-skinned) people on the list, who keep trying to get onto planes. It isn't statistics that tells us to distrust this hypothesis, it is common sense. (Not the same thing at all.)

ZachOctober 23, 2008 9:36 AM

Erich:

Don't count on the opposition party to fix everything. Remember, they voted in droves for the patriot act and the iraq war, too.

This whole situation is really a failing of nearly everyone in government, in one form or another.

JBOctober 23, 2008 9:38 AM

What if a terrorist thinks he is living beneath the radar but is secretly being monitored by the government? If he goes to the airport and is denied boarding because he is on the no-fly list, doesn't that tip him off that he is under suspicion?

JasonOctober 23, 2008 10:01 AM

Clearly "terrorist-related individuals" includes anyone on their list of terrorist-related individuals (no-fly list, anyone?).

SudonymOctober 23, 2008 10:08 AM

Count your blessings, at least Kip Hawley listens, knows how to use a computer, is communicative, and relatively honest.

I fear the day when he gets asked to resign ("to spend more time with his family", of course), and gets replaced with some standard Bushian bureaucrat.

I don't agree with Kip Hawley, but I applaud his character and openness.

Clive RobinsonOctober 23, 2008 10:09 AM

@ Bruce,

I read your UK Gaurdian IT section lead today...

I wonder what response that will get ;)

EasyWindOctober 23, 2008 10:13 AM

ElAl's security works primarily because of an ethnic quirk: something like Rove's permanent Republican majority, Israel's pretense at democracy involves a "permanent Jewish majority", which is sustained at all costs.

The costs include ethnic profiling, intimidation of possible co-conspirators, and their stab at behavior deduction (which relies not on any course that is taught by professional trainers but rather, on hiring available screeners from the correct upper class families. These people have a lifetime of reading ethnicity ingrained into them, and do it very well indeed. It's akin to getting a Belgian to figure out who speaks Flemish or French by looking at them - the cues are perfectly obvious to the Belgian, invisible to others.)

People flagged as not quite kosher (and I do mean that literally) get a very thorough review. People identified as "just another Jew on business" get waved through. The best bet of someone wanting to put a terrorist on ElAl would be to pick an ashkenazi Jew.

ElAl's system requires a social compact that agrees that certain narrow class of people are ok, and everyone else merits extra levels of review. Everyone else includes Christian pilgrims (who get the thorough-review treatement), tourists (I heard of shoe ex-raying in 1994, from a South African back-packer), and others.

I contend that this system cannot work in the U.S. because there is no class of people that is visually identifiable as "our kind of people" - the U.S. is wonderfully diverse, and the equality guaranteed under law is a precious part of that wonderful quality. Moreover, I would hate to have the U.S. Israelified, because the next steps of becoming more like Israel involve a loss of social cohesion (Intifadas 1 and 2) when the classes discriminated-against (not only in airports, of course) change the venue for the explosive tactics. Airports too secure? How about mass ground transport?

The problem in the U.S. (to the extent that a problem exists, which is not clear) is very different from the Israeli ones.

MaxOctober 23, 2008 10:26 AM

The TSA can't even prevent their own employees from stealing from passengers. How can they stop terrorists?

charlieOctober 23, 2008 10:47 AM

As I said before, we should make TSA charge everyone their $5 at the security checkpoint -- cash only please, and no change -- to make everyone realize what a inane and wasteful mess we've created.

RE: politics. Liberman was a big TSA guy (others are guilty as well). When January comes around we'll boot his ass as far away as possible. Not that the D are better on this issue, but we are talking about one specific politician.

GroanOctober 23, 2008 11:01 AM


I wonder how would a TSA luggage screener react when they open up a suitcase, only to see, packed right on top, is a TSA uniform.

The question is, is it a real one?

derfOctober 23, 2008 11:36 AM

Yeah - the TSA "identify dozens of terrorist-related individuals a week and stop No-Flys regularly with our watch-list process". Way to go! Good job Kip! Keeping 6 year old kids from flying to their grandpa's funeral is a wonderful way to waste our time, effort, and tax dollars.

Mark1October 23, 2008 11:47 AM

@derf: The problem with not doing it right the first time is that now we carry the errors forward with us. A story in the newspaper today about six year old John Doe who gets stopped by TSA and can't go to his grandfather's funeral becomes tomorrow's security hole. TSA has to worry that next time a six sear old john doe gets on the plane he'll be a plant strapped with explosives because bad publicity took his name/age off the list.

RowanOctober 23, 2008 11:53 AM

@charlie

I am not sure, but I think that when you buy a plane ticket, the receipt shows a charge for 'security' or some such thing.

(May be wrong, haven't bought a plane ticket in a while).

Clive RobinsonOctober 23, 2008 12:01 PM

@ Bruce,

"It does work, but I don't see the TSA doing it properly. (Fly El Al if you want to see it done properly.)"

No, El Al may do it considerably better than anybody at US airports but "properly" I think not.

Aside from the fact that it's a developing field and it takes some considerable time to train people, importantly you need some considerable time with those you need to check out. And you are not going to get this at any airport for two reasons the obvious one being cost, the second is passangers will not put up with it.

The real reason El Al can do it is firstly the few number of passangers, and that people accept they are flying into "a war zone".

The reason El Al are apparently successfull at it is for the very reason you pointed out about Air Marshals, mystique and theater...

BernieOctober 23, 2008 1:09 PM

Schneier said, "Like sky marshals, the real benefit of behavior detection isn't whether or not you do it but whether or not the bad guys believe you're doing it."

You mean I wasted my money on this 65536-bit XOR encrypted flash drive?

Nomen PublicusOctober 23, 2008 1:11 PM

Sorry, but it's all garbage. There are many more airports that do not require boarding passes because they are cargo or private. But as I said the other day, flying a fully fuelled cargo plane into a skyscraper is just as effective as flying a fully fuelled passenger plane.

But if I wanted to really screw up a city, steal a crop spraying plane from some country airport, fill it up with anthrax and spray the city. Hmmm, maybe a movie script there :-)

BlakeOctober 23, 2008 1:18 PM

My roommate is on the selectee list. He had a medical issue discovered while in boot camp and got a medical separation. Since he didn't complete his military service, they consider him higher risk of having issues with the government. So he gets extra screening every time he flies. Nevermind that he wants to go back into the army, they just won't take him.

My dad won't fly anymore. He had the same thing happen with the air force in '69, and he's retired law enforcement and a member of the NRA. So clearly he's a threat to national security and needs to be asked to drop his pants whenever he goes through airport security.

bobOctober 23, 2008 2:52 PM

@Groan: How they react would probably depend on whether the uniform fits that screener or not....

RHOctober 23, 2008 3:11 PM

@ 8 airports: lots of comments have derrided Schneier on this comment. What I think he meant was not that he was unimpressed with "8 airports" but the fact that Kip seemed to feel that "8 airports" was an impressive increase in security. This is defended by the fact that he actually likes the idea and wants to see it implemented.

The encrypted system might actually be a very effective system. Treat it as a signature - all the information is there in plain text, plus a RSA signed hash which is changed every day.

Logic... anyone willing to break RSA to get into the airport would be able to do far more disasterious things by breaking into banks and such.

SteveOctober 23, 2008 4:07 PM

Note that Hawley says that they "identify dozens of terrorists a week" not that they catch any. Nice weasel wording there. The "identification", of course, doesn't even have to be correct -- just add another dozen names to the database, *plonk*, and there you go.

Mission accomplished.

John OleynikOctober 23, 2008 4:13 PM

Going through SEA airport last week the TSA ID check agent scanned the 2D barcode on my boarding pass. I saw the information (my name, date, flight) on the boarding pass come up on the scanner. This is a step in the right direction although I don't think the system actually referenced the airline reservation, it just read the information encoded in the barcode which could have been generated by anyone.

PoOctober 23, 2008 6:33 PM

Bruce Schneier is my hero...keep it up. I hate the TSA and they are the worst federal program I know.

KeithOctober 24, 2008 10:24 AM

The Dublin Airport system is actually nothing to do with security. It's because the two biggest airlines in the airport (Aer Lingus & Ryanair) are both low fare operators who like their passengers to check in online. Therefore, the first check that the passenger has arrived at the airport is when they go into the security screening area. The boarding pass is scanned in order to confirm the checkin for the airline, and the passport is checked to ensure it matches the boarding pass so the airlines don't have to fly people back to Dublin.

Of course, secure solutions implemented without security in mind are just as good as ones that are planned all the way through. As long as they're secure.

I've never seen the security checkers in Dublin Airport actually check what name comes up on the screen when they scan the boarding pass...that's your weakness.

AnonymousOctober 24, 2008 10:27 AM

John Oleynik: "TSA ID check agent scanned the 2D barcode on my boarding pass. I saw the information (my name, date, flight) on the boarding pass come up on the scanner."

Hopefully the barcode is encrypted, but knowing the government, and their many, many failed attempts at getting security 'right', it probably isn't.

Therefore, it will take a tiny bit more effort to re-write the boarding pass with a new, fake name *AND* regenerate the bar code to match.

J.C.October 24, 2008 11:40 AM

"We identify dozens of terrorist-related individuals a week and stop No-Flys regularly with our watch-list process."

Classic double-speak crap. Terrorist-related is sufficiently vague enough to cover any one they don't like the looks of. And they stop No-flys with the list... not dangerous people mind you, just people who's name happens to match one on the list. That doesn't prove its working, only that there are enough false-positives to make the list worthless. He's an idiot.

MarkOctober 24, 2008 2:48 PM

@Nomen Publicus
There are many more airports that do not require boarding passes because they are cargo or private. But as I said the other day, flying a fully fuelled cargo plane into a skyscraper is just as effective as flying a fully fuelled passenger plane.

This almost happened, in 1994. With FedEx 705.

HenryOctober 24, 2008 9:43 PM

I'm glad to see the Atlantic article that attacks this unjust waste of tax dollars square in the eye. My 10-year-old and 7-year-old were recently selected for additional screening both to AND from Disney world. I got to watch the TSA efficiently test their baby dolls, homework, and bubble gum for explosives residues, and pat them down. And yet magazine authors can print their own boarding pass and board with no picture ID. I was told that if I attempt to find out why my spouse, children, and I were selected throughout our journey for additional screening, I will be told that they can't divulge it for national security reasons. I got to hear JetBlue say the TSA selected us, and the TSA say that JetBlue selected us.

Is this 1957 in some Soviet bloc nation, or is this America? It's not the America where I was born, and I hope our next president has the balls to bring it back.

TobyOctober 24, 2008 11:15 PM

"Optional security measures don't work, because the bad guys will opt not to use them. It's like those air-puff machines at some airports now. They're probably great at detecting explosive residue off clothing, but every time I have seen the machines in operation, the passengers have the option whether to go through the lane with them or another lane. What possible good is that?"

-Suppose in the future the TSA could set up a few different kinds of scenarios at an airport like the one listed above. Then an automated system could track individuals whose pathway indicates they are intentionally avoiding those lanes.

what everOctober 26, 2008 6:11 PM

Why do you insist on belittling the jobs of thousands of Americans who take pride in their job? No one process will ever be perfect, and you certainly are not perfect either. Your article and comments sicken me - but even more, reporters sicken me. Reporters find a story, ruin peoples lives, tell the public how to get away with crimes by publishing things that are better left private, etc., etc.... YOU MAKE ME SICK!!! Find something better to do with your time than to come to your own conclusions about others based on your own short sighted thoughts!

Christophe ThillOctober 27, 2008 4:56 AM

- If flying with a Hezbollah t-shirt poses no problem, then I guess flying with a tiny neck pendant in the shape of a pistol is ok too ?

- Have you read the story of the TSA employee who was reselling confiscated stuff (such as an expensive professional camera taken from an HBO team) on eBay? Nice way to build trust...

And finally:
- Who would ever trust a guy named "Kip"?

danielOctober 28, 2008 12:35 PM

Airport security is nothing but fascism. I bet that the persons on the no-fly list is only ordinary people with the name mohammed and that the government has no proof that they are dangerous. We have seen it on those that sat in Guatanamo.

The FACT is that more people die in car accidents then by terrorists hands.
Another FACT is that trains and busses have NO security and they have no larger problems with terrorist then airplanes.

Kip HawleyOctober 28, 2008 12:43 PM

Thank you, Bruce, for the opportunity to continue this conversation on watch-lists and checkpoints. I have to give you credit for the clever squid analogy but would like to use some more ink to clarify some of the issues you raised.

“It is simply impossible that the TSA catches dozens of terrorists every week.”

TSA, through the airlines’ matching systems, does identify dozens of people on the Selectee list every week. Selectees are those identified by intelligence and law enforcement as needing extra attention because of ties to terrorist activity. Think of them as facilitators, or people identified during an investigation. The facts don’t suggest that the person would likely attack a given flight; otherwise they would meet the no-fly definition. We do not ‘catch’ them; we identify their travel and give them a little extra scrutiny when they come through the security checkpoint.

“It [behavior detection] does work, but I don't see the TSA doing it properly.”

Bruce, now you are clouding the water – based on incomplete knowledge of what we do as well as what others do. More than a dozen countries have come to us to help them get started with similar efforts. It works and we are world leaders in deploying behavior detection.

“[T]he real benefit of behavior detection isn't whether or not you do it but whether or not the bad guys believe you're doing it.”

We are doing it alright. We have 2,000 trained Behavior Detection Officers (BDOs) all over the country, plain clothed and in uniform. BDOs detect, by behavior alone, dozens of people a day whose activities require law enforcement involvement. I can practically hear you asking, “OK, but have you caught any actual terrorists or real bombs?” Yes we have. Most publicly, the person in Orlando who came into the airport with everything needed for a working IED. He was identified almost as soon as he entered the airport and was stopped well before he was even close to the checkpoint. And yes, BDOs have alerted on people whom another agency was working and we have had to do a quick 'never mind' so as not to compromise that effort. (Most of the time, when someone of interest is moving in an airport, it is well-coordinated in advance.) We have had BDOs identify at least one person attempting 'suicide by cop' who had a simulated IED on his body, non-terrorist criminals who were escaping from crime scenes, people of counter-terrorism interest carrying large, undeclared amounts of cash, and a regular assortment of drug couriers and others who are attempting to conceal either items or identity. They represent good practice for our BDOs and TSOs who stay sharp on understanding smuggling techniques and how they might apply to terrorist techniques. Any deterrence value is gravy.

“Optional security measures don't work, because the bad guys will opt not to use them.”

Optional security measures do work. The choice is not between getting scanned and just walking straight through; it is a choice between the scan and up-close-and-personal physical screening.
We use what we call ‘decision gates’ to force a terrorist to make a tough choice in as many places as possible. To a terrorist, facing these choices adds unwelcome complexity and generates opportunities for them to make a mistake or get noticed by a BDO. The case you mention, referencing passing through a Whole Body Imager, is a good example. You, like over 95% of passengers, can and do choose to go through the WBI -- quick, no touch, no talk, effective. Or, if you choose not to, you get to talk to us and have the more intrusive, hands-on pat-down and get tested with other kinds of explosives detection technology.

“Fake boarding passes”

We are deploying scanners to help with boarding pass integrity and operating metrics like wait times. To you, eight airports might be 'nonsense,' but to us it’s a welcome start. Since I last wrote, one more airport and airline (Alaska Airlines in Seattle) came on board. Important to note is that the International Air Transport Association (IATA) is requiring all airlines to move to this technology by 2010, so there is impetus beyond TSA to get moving on this.
Secretary Chertoff said last week that, of the fewer than 2,500 actual people who are No-Flys, more than 90% of them are non-U.S. citizens. If someone is on the No-Fly list, they were put there because the intel and/or law enforcement community has good reason to believe they are a direct threat. If one of them is in the U.S., the Joint Terrorism Task Force (JTTF) knows about them (as well as TSA and other agencies) and precautions are taken as necessary.
Since most No-Flys who try to travel start outside the U.S., there are other means to tie identity with the boarding pass. We regularly stop No-Flys who try to get on planes coming here. The system works and we are safer because of it.

“Stopping the 'James Bond' terrorist”

Thanks for not taking a shot at me on my risk management point that even if we are just stopping dumb terrorists, we are reducing risk. You didn’t go for a clever rhetorical gimme, but instead raised the good point about transferring risk to outside the airport environment. That is a worthy discussion for another time.

Thanks Bruce.

Kip


BernieOctober 29, 2008 4:24 PM

Kip Hawley,

Please explain to me why the TSA needs specially trained BDOs. Any (non-rookie) cop worth his/her salt can spot unusual behavior in someone as if the person was hold up a big sign that reads, "Look At Me!" I don't want to jump to the conclusion that airport security personnel is worthless; so, please explain.

Timmy303October 29, 2008 4:34 PM

@Bernie - a lot of TSA personnel don't yet have the training and field experience that a non-rookie cop has, and yet they're forced to play cop-like roles in airports. It makes sense to me that the TSA is playing catch-up with training.

DevinOctober 29, 2008 7:47 PM

@Bernie - How does your cop gain that ability?

He or she is trained for it. Now, in a police department some of that training is formal but most of it is informal, through being on the street, learning from other cops, being exposed to criminals, victims, and so forth.

That's a good way to learn to be a cop. It teaches a lot of skills besides just behavioral profiling. But it's not actually very efficient if you don't care about any other cop skills besides behavioral profiling. It takes a while and in the mean time, you're useful for lots of cop jobs but not many airport ones (you can learn the cop eye while detaining a suspect, securing a crime scene, and so on, but you can't do it if you're assidously watching an X-ray screen rather than the people passing through the gate).

haversianOctober 29, 2008 10:04 PM

"TSA, through the airlines’ matching systems, does identify dozens of people [...] We do not ‘catch’ them; we identify their travel and give them a little extra scrutiny when they come through the security checkpoint."

So if you "facilitate" terrorism, you can expect not arrest, but irritation at the airport? I sure am thrilled to be financially supporting the idiot who thought that plan up.

ice weaselOctober 30, 2008 5:42 AM

Double talk, all of it. The TSA has quickly become the classic government agency scrambling to justify it's enormous budget and extended powers. A brief look deeper and what do we find? Well, some folks who work hard to do just that and not much more. Of course airline security is important but real security, not the theater of banning liquids and ridiculous "watch lists" of dubious accuracy.

And allow me to use the standard republican argument for this, would a private company be able to adequately justify the expense and authority given over to the TSA based on the results they have achieved? I leave the answer a friendly exercise for the reader.

BernieOctober 30, 2008 6:21 AM

@Timmy303 - I don't know if I should be happy that they are playing catch-up or if I should be scared that we are being protected by personnel with so little training and field experience. Either way, thank you for the perspective.

@Devin - That makes sense; staring at an X-ray screen all day does seem like a good way to fall asleep rather than learn behavioral profiling. Perhaps airport security needs more variety in their duties? Well, also along those lines of thinking, wouldn't the BDOs need more variety too? Or is there so much questionable behavior at airports that the BDOs never get bored?

BF SkinnerOctober 30, 2008 6:42 AM

Bruce. Well done!

You've provoked a point by point response from the head of a major beauracracy.

A classic level 3 response (level 1 being ignoring the irritant, level 2 a policy of denial and misinformation, level 4 destruction of character, rights, country, level 5 disappearance)

It's not easy for anyone to get our gov't to respond. Try not to disappear.

Frank Ch. EiglerOctober 30, 2008 9:44 AM

@BF Skinner:
> Try not to disappear.

You should know - you've been dead ~18 years.

StephenOctober 30, 2008 1:24 PM

I still think Kip is smoking some rock (both in approach and their "success" rate), but his willingness to talk to Bruce and especially come here and post on a blog is unprecedented for a senior government official have earned him kudos in my book.

IMHO, the entire DHS is simply a massive waste of time and pork spending that makes us less, not more, safe. But if we can't get rid of it, having people like Kip in charge is better than the alternative.

GelfOctober 30, 2008 2:36 PM

@Kip
> TSA, through the airlines’ matching systems,
> does identify dozens of people on the Selectee
> list every week. Selectees are those identified
> by intelligence and law enforcement as
> needing extra attention because of ties to
> terrorist activity. Think of them as facilitators,
> or people identified during an investigation.
> The facts don’t suggest that the person would
> likely attack a given flight; otherwise they
> would meet the no-fly definition. We do not
> ‘catch’ them; we identify their travel and give
> them a little extra scrutiny when they come
> through the security checkpoint.

Nonsense. It appalls me how stubbornly obtuse you are about this point, sir.

The Selectee List does not identify dozens of people. It identifies dozens of NAMES. By merest coincidence I happen to bear one of those names, and as a result I am hassled every time I need to fly somewhere. The reactions I get from ticket counter agents range from barely contained alarm to sympathy to very pointed eye-rolls and stage mutters about "every freaking common name in the world" as they go through the motions of clearing me. Yeah, that's a system that's working.

The TRIP program is useless, because I, the human being, am not on the Selectee List. My very common name is, and the person who got my very common name onto that list might very well justify keeping it there (to the extent that the list is worth anything at all). I can get all the background checks and whatnot in the world, but it won't matter because those checks clear me the human being, but where the rubber meets the road you still only know my name, and you still think my "John Smith"-grade name represents a Bad Person.

The result, of course, is that I the human being end up trying various methods to avoid the list, by switching up what initials I use, dropping or retaining the suffix and so forth to try to hit upon a combination that doesn't get me hassled. The double irony here is that, first, this is exactly what the Bad Person would do, and if I can get around the list so can he, and second shifting around my ticket-buying patterns, varying my name and so forth just makes me the human being look more arbitrarily suspicious if anyone cares to check. "Normal people" are consistent, so the argument goes.

So not only are you misidentifying me and inconveniencing me needlessly, but your touted ability to keep tabs on the Bad People suffers. If you had enough information to distinguish me from the Bad Person with my name, then you could filter me from selection. Because you cannot filter me from selection, you cannot distinguish me from the Bad Person. Therefore every time I fly somewhere you are obliged to believe that that trip represents a movement of the Bad Person. This is worse than useless intelligence. I can only imagine the noise generated by all the people with my name flying every day, and you trying to identify a signal in that.

This point has been made to you several times I am aware of, and each time you respond with hand-waving spin like the above quoted text that makes uninformed people feel good but utterly fails to address the actual problems that make the system untenable as anything more than a show.

PhilipOctober 30, 2008 2:50 PM

I like the "marsec" security level alerts on the ferries in Puget Sound. Nothing like telling potential terrorists and bombers exactly what level of scrutinty and what protective measures you are or are not exercising at any given time. None of us riding the ferries know what the heck it means, but I bet the terrorists do. I always figure the alerts are really to keep the population controlled, not to deter terrorism.

JohnOctober 30, 2008 2:53 PM

I say, let's have these security measures at all Federal Buildings, first. Starting with Legislators in Congress...

derfOctober 30, 2008 5:01 PM

So parents will have the dubious choice of having their kids physically molested by a minimum wage pedophile or having nekkid pictures of their kids added to some minimum wage pedophile's myspace page?

Thanks, Kip.

ModeratorOctober 30, 2008 7:07 PM

To be clear, Bruce posted Kip Hawley's response here at his (or rather, his press liaison's) request. We have no reason to think that he's actually here reading comments. You're more likely to be able to communicate with him by commenting on his blog posts.

kidrocknrollOctober 31, 2008 11:00 AM

I wager that the boys at TSA, NSA, etc read this blog religiously, if only to confirm their inner voices:"we are not the smartest guys in the room."

Bruce, your analysis is right on point, as are the insights provided by the others. I wonder if WE collectively could devise the right system, or at least contribute to its design? Right now, the only reason another attack using planes hasn't happened is due less to impervious security than to the terrorists' own timetables.

As a person who believes in liberty and freedom dearly, I am more than willing to put up with detailed searches and questioning at the airport. Who wouldn't be if the alternative is to die on board a hijacked plane. But as far as my naked eyes can see, airport security in the US is a joke.

Your cardinal point was in reference to deterrence: that is where you filter out all but the most dedicated/committed terrorists: they will more than likely risk detection simply because it's their "mission."

Maybe TSA needs to create a massive Potemkin Village facade, replete with fake stats, doctored spending records, false staffing numbers,public demonstrations of how the systems work, the works. If every public airport is "covered" and this is made known then the terrorist's behaviour might be altered.

Short of both administering polygraphs to everyone who flies, and assuming the results are unimpeachable, and interviewing/observing passengers closely,is there any other way to screen out all potential threats?

Finally, one poster's comments about cargo planes really puts this into perspective: considering the size of the air cargo industry, there is NO way that anything but a small fraction of freight gets inspected PROPERLY.I am thankful that the terrorists haven't attacked via this way, but man it makes you wonder why not.

frequentflyerNovember 2, 2008 12:27 PM

This is slightly off the topic of overall security measures and strategy, but since Kip Hawley (or at least his staff writer) reads this, I'd like to pose a question: why the rule about laptops being taken out of the bag? It does nothing to find bogus devices. When I go thru screening, I dutifully take out the laptop and put it in a bin. But, remaining inside my bag - and never given a second glance by TSA - are all the components of a laptop computer: 2 hard drives (iPod & portable HD), batteries (a few phones [I work for a telco], iPod, spare laptop battery), LCD displays (phone, iPod), and at least 4-5 devices containing printed circuit boards.

So, if TSA lets me carry all the component parts of a laptop computer inside my bag for screening, why make me take out the laptop itself? If I disassemble the laptop, will you still make me take the empty plastic frame out so you can x-ray the air inside it separately?

expatNovember 3, 2008 12:33 AM

I am accustomed to hearing bureaucrats bullshit in legalese. Its refreshing to see one do so colloquially. I am 99% sure that at least half of the people who read this blog are more qualified to handle Transportation Security than ANYONE at any level of the TSA.

Way to attempt to justify security theater, kip. I live and work in Saudi Arabia and theirs is a model of efficient security. It takes less than 1 minute to pass through airline security here, and these guys have MUCH more to worry about in terms of threat.

The way we handle "security" in the US is more a gimmick to dupe the civilian population into supporting bloated, inefficient, ineffectual, and self justifying jobs for bureaucrats (management) and people who couldn't hold a job at McDonalds (screeners). The whole system should be torn down and rebuilt by someone who actually understands security and cares more about the well being of the users of the US transportation system than they do their own career.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..