Schneier on Security
A blog covering security and security technology.
« Research in Secure Chips |
| Comparing al Qaeda and the IRA »
July 6, 2011
Man Flies with Someone Else's Ticket and No Legal ID
Last week, I got a bunch of press calls about Olajide Oluwaseun Noibi, who flew from New York to Los Angeles using an expired ticket in someone else's name and a university ID. They all wanted to know what this says about airport security.
It says that airport security isn't perfect, and that people make mistakes. But it's not something that anyone should worry about. It's not like Noibi figured out a new hole in the airport security system, one that he was able to exploit repeatedly. He got lucky. He got real lucky. It's not something a terrorist can build a plot around.
I'm even less concerned because I've never thought the photo ID check had any value. Noibi was screened, just like any other passenger. Even the TSA blog makes this point:
In this case, TSA did not properly authenticate the passenger's documentation. That said, it's important to note that this individual received the same thorough physical screening as other passengers, including being screened by advanced imaging technology (body scanner).
Seems like the TSA is regularly downplaying the value of the photo ID check. This is from a Q&A about Secure Flight, their new system to match passengers with watch lists:
Q: This particular "layer" isn't terribly effective. If this "layer" of security can be circumvented by anyone with a printer and a word processor, this doesn't seem to be a terribly useful "layer" ... especially looking at the amount of money being expended on this particular "layer". It might be that this money could be more effectively spent on other "layers".
A: TSA uses layers of security to ensure the security of the traveling public and the Nation's transportation system. Secure Flight's watchlist name matching constitutes only one security layer of the many in place to protect aviation. Others include intelligence gathering and analysis, airport checkpoints, random canine team searches at airports, federal air marshals, federal flight deck officers and more security measures both visible and invisible to the public.
Each one of these layers alone is capable of stopping a terrorist attack. In combination their security value is multiplied, creating a much stronger, formidable system. A terrorist who has to overcome multiple security layers in order to carry out an attack is more likely to be pre-empted, deterred, or to fail during the attempt.
Yes, the answer says that they need to spend millions to ensure that terrorists with a viable plot also need a computer, but you can tell that their heart wasn't in the answer. "Checkpoints! Dogs! Air marshals! Ignore the stupid photo ID requirement."
Noibi is an embarrassment for the TSA and for the airline Virgin America, who are both supposed to catch this kind of thing. But I'm not worried about the security risk, and neither is the TSA.
Posted on July 6, 2011 at 5:53 AM
• 56 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
"advanced imaging technology (body scanner)"...shouldn't that say "imaginary" instead of "imaging"?
Since this person was caught with several other boarding passes as well, shouldn't he be considered to simply be a test by terrorists to see what they can get away with.
While each of those layers was capable of stopping a terrorist, NONE of them stopped this person. If repeated attempts work, a new path for taking an airplane is found. In a sense here, what doesn't kill us makes us stronger, so maybe (only maybe) we got stronger.
This is so typical when humans are involved. Just imagine the scenario of several check-points:
Check-point 2: "Hmm, the ID doesn't match, but it passed Check-point 1, so it's probably fine"
Check-point 3: "Hmm, ID mismatch - but passed check-point 1 and 2, so it's most likely fine"
Check-point 4: "whoo, nasty mismatch, but he passed three other check-points, I don't want to be the silly guy"
... and so on ...
Sloppy mentality is all you need to break layers ... which is kind of a key factor in social engineering. No magic, just stay cold enough and play the unfortunate person who had an unlucky day .... It's amazing what people tolerate, if tackled in a nice and pleasant way.
Many working places require employees to carry badges ... how often have you asked someone you don't know to show their badge when you see them alone in the hallways?
I always thought the photo ID requirement was mostly a benefit for the airline companies (to prevent individuals from re-selling tickets), designed as a political buy-off to get the airlines support for the scanning/groping/etc. Just as I suspect the liquids ban is at least partially kept in place by pressure from airport food vendors.
No one with half a brain and a healthy ridicule/disdain for The Dept of Security Theater is surprised or taken aback. They serve no purpose, real or imagined; are nothing more than a dumping ground for thousands of piacular, mephitic bullies and thugs the agency employs and are the laughing stock of the world. Mica was correct...they are his "Bastard Child."
Millions of people traveling and we naturally key in on the one miss. Mathematically realistic and expected. It is the MO of the sensationalist to hype the miss and make it sound like security in this matter was a catastrophic failure. The fact is the individual was screened and with no weapon introduced into the plane. People arrived safely. In security it is a constant effort to build a better mouse trap. We deal with people.. they are not static creatures. Plus, we are also dealing with a bureaucracy.
It's to fork Cohen's Moral Panic, I suggest simply 'Security Panic'!
A new phenomenon for a new age :-)
I wish the press could do math better. The TSA screens 2 million passengers per day, over 750 million per year. That a mistake, even a huge one, gets through is simple probability. Someone still has a better chance winning the lottery.
Reminds me of the undercover TSA agent that bribed an airline employee... the fact remains that the odds are still overwhelming that if someone tried that they'd be arrested.
I'm required to have a badge at my job. I certainly need it to open doors. But in 6 years of keeping it in my wallet, I've been stopped and asked to produce it precisely once. And that was when I actually was looking fairly hinky; I'd left the gym and had to run back inside while wearing workout clothes.
To those giving tsa a pass, their only purpose is to ferret out the one in a trillion passenger that intends harm. The theory behind their methods is that a suicide bomber will crack under the pressure and give up or the inconsistencies in his actions and/or identification documents will give him away before he gets on the plane.
The fact that they missed this guy just shows they are incapable of doing their assigned job. It also shows that there is absolutely no reason for the flying public to go through the government mandated torture currently in place.
The screening process as it stands is broken. Time and time again we see people somehow circumventing the multitude of layers of security to gain access to a plane. Whether they had a weapon or not is a mute point; it is the fact that they were able to manipulate the system in such a way that they were alllowed access to board a plane.
The TSA screeners are there to screen each passenger for weapons (of any kind including explosives) as well as proof of whom they say they are in relation to the boarding pass being presented. The failure at one layer of security could severely impact the sum of all the layers of security.
The fact that this guy was able to gain access through the three TSA screeners as well as the airlines gate screener says something to the way the man conducted himself. There is a good possibility that he used "social engineering" to help throw the screeners off balance and allowed him to manipulate them in such a way that they were distracted enough to allow him through. Timing is everything.
With a perfected plan based on the events that have transpired, a terrorist would gain access to a plane, they would have an insider to help them out and poof, you write the ending.... Nothing more needs to be said.
You are allowed to fly domestically without an ID. The fact that the ID and boarding pass didn't match isn't a failure, it's a "right" granted to us.
The only failure from the TSA was allowing him through the checkpoint without a valid boarding pass.
The only failure by the airline was allowing him on the flight without a valid boarding pass. That's just stupid.
Many airlines don't check your ID at the gate, only the boarding pass, that's well known. It's trivial to print one boarding pass to get through TSA security with one ID, and then board a different flight (with a valid ticket) under a different name.
I don't think TSA's scanners are effective. I was able to get in a very small Swiss Army Knife that we put around our keys by mistake once on a flight from Dallas to Atlanta & on my return I wanted to check if my keys were really obstructing the scanners, that they missed it. And yes they did miss it completely. I did send an email to TSA explaining the loophole. But haven't got a reply from them yet. Not sure if they are really checking those emails. I'm not sure of any other way to highlight the issue to TSA, so they wld fix it.
I don't agree with Schneier. There seem to be something a terrorits can build a plot around because Noibi wasn't just lucky, he was able to *repeatadly* board a plane with an expired boarding pass. In the story he went across the security check twice in two day with the expired and wrong name boarding pass (that he had apparently stolen in the pocket of another passenger). And the background seem to show this was an habit of him.
The TSA doesn't worry about any security risks. It worries about people realizing that it's a waste of their time and money, and insisting their so-called representatives do something about it.
My former employer required picture badges worn visibly. Security stopped me in the main kitchen and asked, sternly, where my badge was. I looked down, discovered I was wearing an empty lanyard, and replied, "I guess it must be on the floor somewhere between here and my desk." The guard looked confused for a moment (he probably expected me to pull it from a pocket) and told me to make sure I had it the next time I came through there.
(It was on the floor about three feet from my desk.)
jmdesp - but is that an immediate security risk? Apparently not. It might allow a terrorist to get from point A to point B without being tracked, but without the tools of terror in tow, it is simply a vulnerability without a threat in most cases. Had this person been on the no-fly list or a known terrorist, I would be much more concerned about it.
@Troy P: If your fear of a plot involves an airline employee conspirator, then why would an attacker need anything more than a fake ID, and a real ticket matching the name on the fake ID? No matter what the name, one still needs to smuggle one's weaponry/bombs/etc. past security.
The TSA should be very worried about this incident.
Not because it's a significant security breach, but because it casts serious doubt on their continued assertion that the "layers" (which hassle anyone who wants to fly) somehow add up to an Impregnable Bulwark Against Terrorists. In particular, it raises legitimate questions about both the value and effectiveness of "Secure Flight." And by implication, it casts doubt on the value of all the other "layers" that have been shown only to add incremental arbitrary hassles. The incident only increases the severity of the TSA's credibility problem.
And of course, the TSA's propaganda department are responding to this embarrassment in their usual fashion of denying that there's any problem while ignoring the real concerns about the TSA's value and competence. "Nothing to see here, folks. Just give us the blind and unquestioning trust we've always expected you to have, and Believe that our layers provide effective protection."
The purpose of the ID check, and the reason the airlines love it, is that it closed the hole that allowed people to sell non-refundable plane tickets that they couldn't use. In pre- 9/11/01 days classified ads were full of offers to sell tickets (usually with the gender of the buyer specified, since you had to pass as the original name on the ticket).
Okay, we knew that the ID check at the security checkpoint was ineffective at verifying a passenger's authorization to fly. It always has been, especially thanks to print-at-home boarding passes and even more so with reports of TSA screeners accepting Costco membership cards as ID.
What surprises me is the idea that a passenger could board commercial flights on a major common carrier without a valid ticket. Unlike sneaking through the checkpoint, sneaking on board a plane (along with other undesired activity such as use of stolen tickets) causes the airline a loss of potential revenue. As we should all know, money is a big motivator in security, almost as largely as fear is.
Now for a short (?) overview of how boarding passes work.
The airlines have motivation to track which tickets have been actually used to board the plane. This allows for a host of passenger amenities such as loyalty programs, early push back from the gate when all passengers are on board and P.A. announcements at the gate when they are not. Airlines also want to provide easy reissuance of lost and stolen tickets, which was previously troublesome with the paper ticket system, and they want to put a damper on throwaway ticketing and other tricks. These are just a few motivations behind the push for e-ticketing.
To this end, every airline I have flown on in recent years has barcode scanners at the gate. Most boarding passes have a PDF417 barcode. While the format differs between airlines - for example, Southwest's barcode is bigger than United's - they are for the most part plaintext and have at minimum the record locator (XY3Z57) and passenger name string (SCHNEIER/BRUCE). AirTran and Japan Airlines are two exceptions, which use Code 128 and QR Code respectively, and an online search for Virgin America shows a boarding pass with a numeric Code 39 barcode. As the barcodes are scanned, the passenger name is updated on the list as having boarded the plane, and a sound is played over the speakers (SWA gates play the cabin "ding!" sound).
Whether or not these scanners are validating online, doing lookups against an offline list or just collecting information, I do not know, this can also vary between airlines. I know for a fact that presenting BPs out of sequence on Southwest Airlines - accidentally scanning your DEN-SEA flight coupon in Washington on IAD-DEN-SEA - does not work. I haven't decoded one of their barcodes yet, but since the name, PNR and date would match a passenger on the flight, there is definitely flight specific information in the barcode.
It may be worth noting that airlines lose money for every seat they don't sell and overbooking of flights to ensure 100% load is common practice. On a route to Los Angeles it's any wonder how he got a seat at all.
As airline have invested non-trivial amounts of money into tracking the usage of boarding passes, the fact that this can be bypassed so easily is almost unbelievable.
"It's not like Noibi figured out a new hole in the airport security system, one that he was able to exploit repeatedly. He got lucky. He got real lucky. It's not something a terrorist can build a plot around."
I have to disagree Bruce. He could have done that before. We really don't know. This could just be the time we caught him. If he has done it before, he'd be smart to keep his mouth shut about it.
I still think it proves yet again the TSA is an utterly ineffective organization. We should disband it, reduce airport security back to 1990s levels, and continue to lock the cockpit door in flight. That and the fact that passengers will no longer patiently wait for terrorists to do what they want are all that needed to change after 9/11. It would save travelers time and save tax payers money if we'd just acknowledge that and disband the TSA.
I know it won't happen though. We'll expand the TSA to buses and trains, make the nudie scanners mandatory, and just keep expanding the violations of personal rights in the name of security theater.
My driver's license has a barcode. Scan the boarding pass and my license at the checkpoint or gate. If they match, I get through.
The bottom line is that he was screened properly and nothing dangerous got on the plane. Preventing a bad guy without any weapons or explosives from getting on a plane doesn't make it safer. Or am I missing something?
I wish to remain anonymous for reasons of distrust...
I recently flew return from one coast to the other without providing any identification at the airport either. I checked in online, and when I got there they only ever scanned my boarding pass's bar-code.
On the way there I went to make sure I had done things right by asking at the check-in counter, and my passport was checked there but I actually could have skipped that step. On the return flight however, I was never once identified myself with any photo id.
So I was basically 2/2 on not needing ID. I don't think this is such a rare occurrence. Of course the physical screening is the more important part anyways, which was done properly.
A few weeks ago a friend called about her 18 year old daughter who had gone to Las Vegas and lost her ID. And who was in trouble (minor -- no legal issues, just no place to stay, shady friends, etc.).
I bought her a ticket home on the airline where I have status. After talking with them about the issue.
It took 2 tries for her to get on the plane. First try the TSA agent asked her home address and she couldn't remember it. (Her mom had recently moved.) Second try she had her birth certificate. Which proves nothing about ID since they didn't check her foot print. :) They did let her on the flight though.
ID isn't required. It's easier/quicker if you have it but it isn't required for domestic travel.
I am more impressed that he used fake boarding passes to get on the plane.
The TSA allows this guy to fly, but continues to put their hands on 6 year old girls and 96 year old grandmothers.
Great going TSA..
Why don't we adopt the Israeli method of airport screening?
the TSA's propaganda department are responding to this embarrassment.
US: Terrorists look to implant bombs in humans
Published: July 6th, 2011 06:50 AM
There is no intelligence pointing to a specific plot, but the U.S. shared its concerns last week with executives at domestic and international carriers.
But there is new intelligence pointing to a fresh interest in using this tactic, a U.S. security official told the AP. The official spoke on condition of anonymity to discuss sensitive security information.
Talk about double-talk, "New intelligence", "no new intelligence"
World gone mad I tell you.
Seen from Europe, this story is a bit funny.
I fly almost every week back and forth across country (ok, still in Schengen but sill passing some borders) I have never ever been asked to show my ID. This is simply not part of the procedures.
Ok, only once, going to the USA... (in which case procedures are a bit crazy, involving several people asking you at several points who was making your bags and if people asked you to put something else in your bags... involving also the removal of your shoes) and I am not speaking of the passport check which is something else, just the security check.
My personal conclusion is that this ID check is completely useless... But this is not the only useless thing and I think I would prefer to show it and be allowed to have liquid in my bags...
Bruce is just wrong on this one.
This guy managed to defeat various layers of airport security just by being a good con artist. He had numerous boarding passes in his possession. He flew transcontinental at least once and was only caught the second time because of his SMELL. NO ONE knows how many times he has done this in the past BY DEFINITION because they never checked his ID!
"one still needs to smuggle one's
weaponry/bombs/etc. past security."
And you really think that is a problem? As someone above pointed out, what if he had confederates who could smuggle a weapon onto the plane? There are numerous ways this could be done. Airport security is a joke, as Richard Marcinko proved when he got his Red Cell SEAL Team next to Air Force One. Granted, that was pre-9/11 but that doesn't matter. I'm quite certain he could do it again, especially against a simple commercial airliner.
Also, anyone who says this is just "one failure" simply can't back that up. This is "one failure" that got some press. We don't know and can't know how many other times this has occurred. There are thousands of con artists and other types who fake IDs and can easily fake boarding passes.
Bottom line: If you don't know who is getting on the plane - and frankly, you can't - you have no security.
Anyone who thinks someone couldn't physically get on a plane - with weapons - by completely bypassing the security checkpoints simply isn't being realistic. There's absolutely no doubt in my mind that it could be done. It would be a multi-staged plan that required some insider knowledge - but in computer security we know that is not difficult to come by.
THIS guy wasn't a threat. But someone using similar techniques as part of a multi-stage plan certainly could be.
@Richard Steven Hack
"As someone above pointed out, what if he had confederates who could smuggle a weapon onto the plane?"
Well, if indeed he had confederates do all the work of smuggling him a weapon onto the plane, he would surely have bought a ticket and brought his own ID.
Who a person is, isn't a danger to me. I really don't care if I sit between Elvis Presley and Osama Bin Laden on a flight - as long as neither of them is armed.
The impact of this "security" breach was simply that Virgin Airlines was out the cost of his ticket - assuming he had the money and would have bought a ticket if he couldn't fly free. If he wouldn't have flown if he'd had to pay, then the airline isn't even out that much - they wouldn't have made a sale with him anyway.
Dragonfrog: "Well, if indeed he had confederates do all the work of smuggling him a weapon onto the plane, he would surely have bought a ticket and brought his own ID."
Why do you believe that? I definitely wouldn't. I would be using a false ID for sure. Even if I thought I was a suicide case - why give away information to the enemy?
Also, I'm not only talking about confederates smuggling the weapons aboard the plane. I'm talking about confederates who can either 1) get him aboard the plane without passing the security checks, or 2) can provide him with the information he needs to do either.
Remember "Casino Royale"? The terrorist got into Miami airport, switched into a security uniform, used information provided by a confederate (we don't know how that was done, but clearly there are various ways) to access a secure area, retrieved an unsecured firearm from the security area, caused a security incident and used that to access the field and the aircraft area.
There's no reason to believe something similar couldn't be done just to get someone on a plane with weapons or explosives.
The person involved in this incident slept overnight in a secure area of the airport, according to the report. Who knows what he may have done or learned during that time?
What if he planted surveillance devices poised to discover important security information such as the key code to access a secure area as the guy in the movie did? ATM hackers plant surveillance devices next to ATMs to do precisely that. Are airports regularly swept for rogue surveillance devices that might be used to compromise security protocols? I suspect not.
Airport security is another area where "complexity" is the enemy of "security". There are just too many things going on and too many people to ever have "security" in such an environment. It's not a prison where people are watching and movement is totally controlled.
And even in prison, I can tell you from experience that things the controllers don't want to happen do happen every day despite all the controls in place to prevent them from happening.
It's IMPOSSIBLE to secure an airport. Period.
@Bruce I agree with what you have said over the years about security theater. WSJ just had article about the need for stronger x-rays to find surgically implanted explosives and talked about the explosives up the bum attack already attempted.
Sadly, I thought this was going to happen. Maybe, with national health care we can get our prostate exams at same time. The sense of privacy has eroded in many ways over the past 10 years. and people just seem to accept it. sad.
People in security need to read Richard Marcinko's Red Cell book. His Red Cell SEAL Team made mincemeat of military security all over the world. They got within twenty meters of the President's cottage at Camp David, got on to Air Force One, penetrated Point Magu Naval Air Station nuclear weapons lockers, US Naval Intelligence headquarters, on to nuclear subs tied up at Groton Naval Base, and much more.
The time when they reduced Point Magu to utter chaos is a hilarious look at how "security" is a joke.
"It was child’s play to get someone over the fence—even in broad daylight and right next to the main gate. How? Horseface drove by the gate,
honking and cursing at the guards, tossing a couple of cartons of milk in their direction as he went past. Yoo-hoo—everybody watch Horseface.
Meanwhile, ten feet away, Ho-Ho-Ho and Doc Tremblay were vaulting over the eight-foot chain-link fence and jogging away. Doom on you, gate guards."
"Which is precisely why my very own MEP guerrilla, Lieutenant Trailer Court, wearing a purloined commander’s uniform instead of black pajamas and a kaffiyeh, checked in at 1900 Friday evening. He drove up to the gate and explained to the guards he was supposed to report for work Tuesday, but had arrived early so he could spend the weekend at the BOQ and not pay a motel bill. Trailer carried an ID card we’d stolen at a bar two nights before, but it wasn’t necessary: the screwups in Navy Security let him in without checking a thing.
He went straight to the BOQ, jimmied his way into an unused room, and unpacked the weapons, night-vision goggles, radio equipment, and
explosive devices we’d had him smuggle onto the base for us. Then he used his vest-pocket scrambler to call us on the phone in his room to
report the coast was clear. Great. I dispatched Ho-Ho-Ho, Horserace, and Baby Rich, dressed in fashionable basic black, over the fence. No one
saw or stopped them. They went to Trailer’s room, changed into work clothes, picked up their explosives equipment, and went out to steal a
weapons carrier we’d spied sitting by the motor pool the previous day.
The trio drove the WC to the ordnance warehouse, broke in. Jump-started a forklift, and stacked the truck with a palletload of bright blue,
dummy 500-pound bombs they found there. They rigged the bombs with remote-controlled detonating devices and booby traps, covered the bulky load with a camouflage tarp, and drove the whole consignment back to the BOO parking lot where Trailer could keep an eye on it.
Then, looking as innocent as Huey, Louie, and Dewey, they ambled out through the main gate, waving at the rent-a-cops as they went."
"The DOD police caught up with Cheeks and Minister just as they were “planting” explosives. They’d given themselves away by purposely walking across a sensor-rich area. The cops surrounded my boys and took ‘em down. Then, they were quickly frisked, cuffed, thrown into the back of a car, and taken to the DOD police station, which was located outside the Pt- Mugu base perimeter.
Except, they hadn’t been frisked very carefully. Cheeks had a handcuff key in his pocket, and a pistol in a crotch holster.
He was frisked by a female, who was understandably reticent about giving his groin a businesslike grope, especially when Cheeks ragged her about it—“Hey, baby, how about a lube job—come on, just put your hand down
there where it’s hot and hard.”
Big Mistake One. Cheeks was armed and he was dangerous.
He used both key and gun to good advantage once he was inside the station. First, he freed the Minkster. Then, the pair of them took all
the rent-a-cops, as well as their station, hostage. The rent-a-cops now had to call the SWAT team for help."
"On Sunday, we played “Chester Chester Child Molester” with the local police. Horserace, Doc Tremblay, and Ho-HoHo went scrambling through the hallways of an enlisted family housing complex about half a mile outside the main gate. The appearance of three evil-looking guys in black
T-shirts, jeans, and balaclavas, carrying machine guns, brought real screams from mommies and daddies. Dozens of people called 911 to report
the incident. We used the complaints to tie down the local police, a crew of FBI agents who’d shown up to play, the DOD police, and two jeeps
of Bob Laser’s Rambos/Rambettes. It looked like a police convention outside the housing complex: a dozen cars with gum-ball lights flashing, while the quartet of law-enforcement organizations argued long and loud about who the hell was in charge here.
We, of course, didn’t give a rat’s ass who they thought was in charge. We knew who was in charge—us. So, while the cops argued, we set off
smoke-grenade explosives in the main HO building, the power generating station, Gordy Nakagawa’s prized weapons locker, and the fuel depot.
Doom on you, cops."
"It was almost time to go home. But one succulent, irresistible target remained—Air Force One, which was scheduled to depart about midday. It was just too tempting to ignore. Dressed in mechanic’s covecalls, Frank and Cheeks climbed into the weapons carrier that had remained parked all weekend in-the BOO lot and drove it over to the far corner of the field, where the president’s 707 was being fueled and serviced. They climbed out and activated the explosives rigged to the pallet-load of 500-pound
bombs. Just to be extra thoughtful. Cheeks set another charge: he booby-trapped the weapons carrier’s driver’s seat.
Their job completed, Frank and Cheeks sauntered back to the BOQ and changed clothes in Trailer’s room. The three of them packed the car and
got ready to leave. Then they went up onto the roof of the BOQ to watch the results of their handiwork.
As a parting gesture of friendship, we’d also rigged explosives in the SWAT team’s emergency response truck. When Minkster telephoned our
threat against Air Force One to Bob Laser, virtually every one of Bob’s Rambos and Rambettes headed for the truck, which “exploded” in a cloud of smoke.
The umpires ruled ten dead, ten injured. Doom on you. Rambos and Rambettes.
When the SWAT survivors finally discovered the weapons carrier (it took them more than an hour to work their way onto the lot adjacent to Air
Force One), they approached it with great caution. You could see the apprehensive looks in our long-lens video shots. They were going to do
this by the book.
They sealed off the area. They called for EOD — the demolition team. It arrived and there were fifteen minutes of consultation. Then, carefully,
the explosives in the rear were disarmed wire by wire. With the bombs safely defused, a Rambo climbed into the cab to drive the vehicle away.
Ka-boom—our smoke-grenade booby trap went off and exploded the whole pallet-load of 500-pound bombs. It was a Frogman’s dream come true—a living centerfold from the Blaster’s Handbook. Trailer radioed me that the view from the BOQ roof was spectacular.
'Skipper, the only thing missing was the caption ”The End—a Dick Marcinko Production of a Red Cell Scenario.‘ “
By the way, that "handcuff key in a pocket" episode quoted above?
When I was arrested, the cops frisking me pulled quite a bit of hardware off me. One of the cops said, "He's got so much stuff we'd better frisk him carefully, he could have a handcuff key."
And they never found it.
It was in the rear pocket of my money belt.
And my hands were handcuffed behind me. Had I Cheeks' derringer somewhere, I would never have made it to the police station and there would have been two dead cops in a patrol car on the side of the street. But since I didn't have a weapon, there was nothing I could do from the grated rear of a police car with two armed cops in the front. Kicking the door open and trying to run probably wouldn't have worked except to get me shot.
The key was still in the belt when they removed my clothes at the police station.
@John Doe: "Of course the physical screening is the more important part anyways, which was done properly."
None of the physical screening is important. I would feel safer if most of my fellow airplane passengers had guns or knives. That way, if a few terrorists try something, there will be dozens of passengers able to fight back.
"But what about suicide bombers?" The physical checks are worthless against all but the stupidist bomb-carriers. I can think of a dozen ways to get plastic explosives onto a plane. The easiest is a flexible tube in the rectum. The nudie scans are a sick joke on the American public.
The part I'm puzzled about is the ticket scan, not the TSA check for ID. The barcode that gets scanned at the gate is for the ticket - surely the scanning terminal checks with the airline's database of sold tickets to see if the ticket is valid. How did the airline computer decide the 'expired' ticket was valid and signal the gate employee to let them walk down the jetway?
"In this case, TSA did not properly authenticate the passenger's documentation"
And neither did the airlines gate screener. The more technical aspects of the TSA's security theatre aside, I believe we should also factor in the human aspect of such failures. Most of the field troopers the TSA is employing are ill-educated, disenfranchised folks that don't know the first thing about security, probably unable to flip a burger or not connected enough to get a job as a bouncer at the local night club. Chances are high many of them earn minimum wages, are badly trained and poorly motivated. With the exception of the brainwashed and the lobotomised, I can't imagine anyone feeling good about themselves after patting down a 6 year-old or requesting a 96 year-old to remove her diaper all in the name of the "war on terror". It's a totally mind-numbing job going through monkey routines hundreds of times a day, highlights of the job being the discovery of nail clippers, contact lense cleaning solution or grilling Jacob Appelbaum accidentally passing by.
I can't even begin to fathom how it must feel like being forced to make a living for yourself and your family by harassing countless of perfectly innocent people in search for that one elusive terrorist, in the process getting no respect whatsoever, being ridiculed and spat at to the point that you can hardly put up with your mirror image before going to sleep at night. I can only speak for myself, but after a while I would just stop caring, become sloppy and spend my day eagerly anticipating folks talking back to me and giving me an excuse to work out my frustration instead of concentrating on verifying someone's ID and boarding pass.
I think some airlines have more sophisticated systems than others.
The last few times I have flown on WN (Southwest), there was a noticeable delay between scanning the boarding pass and the tone that indicates that the passenger is OK to board. And since WN agents keep boarding passes after scanning them, passengers usually keep on walking ... One time, a person had to be called back, with the agent running down the jetbridge to stop someone. (In this case, I think the person was just at the wrong gate.)
I've also seen agents looking through the boarding passes they have collected to see who was onboard the plane.
I suppose it's possible that if there are a lot of passengers lined up, and the agent isn't paying enough attention, and the computer system continues to validate other boarding passes, it wouldn't be that hard for someone to get on a plane without a valid boarding pass.
Other airlines' computer systems are much more responsive, with the screen displaying my name and tone heard within a second (and since they hand back the boarding pass, passengers don't start walking down the jet bridge right away)
I took two flights with my wife this month. Both times the photo ID she had was her Bank of America ATM card and her BJ's card--which still has her maiden name. Both times she received no extra security screening and was delayed only about 5 minutes, INcluding the time necessary to find a supervisor.
Also -- has anyone actually had the Xray machine operator notice that you left your
@ Rob. If you want to go down that route, an airline employee wouldn't have to go through security if they were an airline mechanic. If the truth was really known about our airlines, many incidents are caught that we are not told about due to the censitivity of the crime. However, I am sure there are many more that go undetected each and every single day. Look at the numerous incidents that have occurred at JFK airport. The only reason why once incident was reported was due to the guy bragging about what he was able to do and how well it could be hidden within the airlines structure.
What I was intending, is that there are numerous checkpoints that should have detected this "false document" that failed to do so. The mere fact that this guy was able to board the plane says something about the airport screening process and airlines he was flying with. Some airports have the scanners that will read the barcode and alert someone to an "expired" ticket, while many others still do not but rely on the airlines to scrutinize any ticket not found to be valid.
TSA refused to post my comment, so I'll put it here.
I find it interesting that the TSA is *certain* that this individual went through the perv naked scanner, yet at the same time insists that the agent/officer/whatever reviewing said scanner results has no idea who is being screened, and that no records are kept.
Loathe though I am to defend the TSA - I actually dont think this is really a security issue.
Who you are, unless you are on what should be a small watch list, shouldnt matter.
Getting a fake ID is almost trivial and unless you are passing a border control point, ID checks are not a security measure. No amount of ID card will prevent a bad person being a bad person.
Checking the ID of passengers, making sure the right person is in the right seat on the plane, is the responsibility of the airline.
Public identity cards do not provide any measure of security.
We have many unknown things here - we dont know how many times this person has done this, or how many other people have - but these dont matter. We all know that security is never 100%, so even *if* Public ID screening was a security measure we should expect breaches. If we jump at the fact we have found one as being evidence the whole system is flawed, we are making a massive, massive mistake.
Having a false ID, while suspicious, is not an indicator of terrorism. It should not (ever) result in an anti-terrorist response. While there are circumstances in which it could be a criminal act, it is not terrorism. Conflating the two is taking us on a road to madness.
In reality, you *should* be able to board an internal flight in a free country without ANY form of identification documents, so who cares if they are forged or not.
I am actually slightly happier that the TSA dont bother paying attention to them - because they shouldnt.
Now, if this person had managed to get a weapon onto the plane while using a false ID, there would be a security risk.
But it would still be the weapon not the ID.
GreenSquirrel: And I re-iterate that it's more than the ID. It's the fact that he got on the plane after spending the night in a secure area of the airport without supervision, and that his possession of multiple boarding passes that were not his own clearly show that he has done this multiple times.
In short, who he was may not be relevant but THAT he was is very relevant.
And yes, IF you are going to maintain a "terrorism watch list" - which means checking IDs BY DEFINITION - then you bloody well better be checking them right along from entry into the airport to the plane, on the plane and out the other end of the flight.
I say again, IF you are going to maintain a "watch list" which is stupid primarily because of the inability to establish who is who with paper in the first place.
perhaps it's just me, but when I hear a TSA drone blathering about their "layers" of security, I hear it in Shreck's voice:
"Layers. Onions have layers. Ogres have layers. Onions have layers. You get it? We both have layers."
Again, I dont see that the ID thing is an issue.
We can agree that watch lists are pretty pointless and trivially easy to avoid.
The fact this person travelled X number of times on a false ID is still not an issue as far as I am concerned.
In most western countries you can change your name as often as you like, so your "identity" is not a way of protecting the other passengers or the aircraft. The most you can do is verify that the person is the person who is supposed to be sitting in that seat - something that hits at the airline revenue model rather than national security.
As for the boarding cards, again, how is it a security risk? Its the same issue, fake boarding cards means the airline is losing revenue - I think it would be wrong for a national security agency to be protecting the commercial revenue of a company with public taxes.
The only way that this "breach" results in a risk to passengers or aircraft is by methods which could just as easily be used to get the attacker through as well rather than rely on the ability to sneak past with fake ID.
There is no security reason to check ID of passengers boarding a plane, so there is no security risk when one boards with fake ID.
@Bruce: But I'm not worried about the security risk, and neither is the TSA.
But of course. Considering that the real terrorists are so very rare (if they exist at all... there's no doubt that false-flag ops exist in reality, though) no person with a functioning brain would be worried about them. If I were in a mood for excessive worrying I'd be more concerned with having a proper lightning rod installed on my roof.
Re: fake ID checking - there's a positive correlation between having a fake ID and being up to mischief (not necessarily of terrorist nature). Checking that the person is who he claims he is has security value - discovery of fake identity would be a good reason for closer scrutiny.
Green Squirrel: I agree with averros above.
You're focusing on the lack of a weapon. I'm focusing on the lack of control of the individual. If you can't control the individual, whether he has a weapon or not is irrelevant.
You can drop a plane without a weapon, if you're smart enough and knowledgeable enough. All you need to do is get into that cockpit. Alternatively all you need to do is get into the avionics compartments. To do either, all you need is smarts, muscle and maybe a tool probably obtainable on the plane.
Grab a stewardess or one or more civilians, threaten to break their necks unless you get into the cockpit. Most of the time that will work, even if the pilots expect a suicide attack. That is because an immediate death threat is likely to sway someone immediately, on the notion that perhaps the end result will be a hijack rather than a suicide attack.
The result of such a tactic, even post-9/11 when passengers may fight back, will be at least one death other than that of the hostage taker. Do this enough times and people will not fly. Even air marshals on every plane can't prevent this sort of attack.
"The most you can do is verify that the person is the person who is supposed to be sitting in that seat - something that hits at the airline revenue model rather than national security."
No, it hits at airline security directly. Again, if you don't know who is in that seat, you can't know if there is a threat to the plane. It's that simple. The fact that there is no way to insure who is in that seat does not change that fact.
Mind you, I'm not saying preventing this is DOABLE. It's not. We agree in that. I'm saying if the government wants to CLAIM their security systems are adequate, they need to prevent precisely this sort of thing as well as preventing weapons from getting aboard.
What's the big deal? In Germany, you don't even have to show your ID. And if you have your boarding pass sent to your mobile and the scanner at the gate doesn't manage to read it quickly enough, they might just ask your name and let you through without even looking at the screen of your cell phone.
Can you include the full text of your posts in your RSS feed? Or is there a new feed?
I should have checked first – I found the full text feed.
I think we may be arguing at slightly cross purposes here.
The first issue is if checking passenger ID adds to security for the plane and its passengers. I dont think that it does and have yet to see a convincing argument. Checking an ID is not controlling an individual - that is done through actual controls, rather than simply checking a document.
In lots of places, it is possible to take internal flights without any form of ID, even in the UK you can fly lots of places with a variety of forms of ID (passports not always compulsory).
All an ID check does is show that the person in front of you has a document with the name they are claiming is theirs. This is poor authentication.
The attack vectors you mention are valid - I am not disagreeing with that. I am saying that checking an ID does not prevent any of those attacks.
ID cards (in all their forms) are so flawed in principle that assigning anything but the most basic level of trust to what they show is a mistake. It is like the madness in the UK of claiming forcing all citizens to carry an ID card would prevent terrorism and other crimes. It doesnt. Ever.
I also dont agree that knowing who is sitting in a seat on a plane gives you any assurance as to whether or not they are a threat to the plane.
"Checking that the person is who he claims he is has security value - discovery of fake identity would be a good reason for closer scrutiny."
Possibly true but we are verging on the boundary of a slippery slope here. Everyone has something to hide and there could be millions of reasons why the person wants to travel under an assumed identity.
If we allow a force designed to combat terrorists to use its powers here we are undermining a lot of the safeguards built into the criminal justice system.
In fact, why stop at false ID. Why not add in a tax check, vehicle insurance etc. All of these things are "wrong" in the eyes of the state so lets throw a counter-terrorist measure against them.
Just to restate my position: You could completely remove all forms of ID check at the security gates and it would not decrease the overall security of the process.
As long as this is the case, I dont believe any major foul has happened here.
This *does not* for one second mean I think the TSA are capable or worthwhile. Just because I think they are an unnecessary burden to the journey, doesnt mean I think they should be pilloried for everything they do.
By the way - on the subject of the TSA, I would say this is a much more significant problem for them than letting someone on a plane with fake ID:
"TSA employee Nelson Santiago was spotted by a Continental Airlines employee as he was stuffing [iPad] into his pants when inspecting luggage at a Florida airport."
Last week, had to fly for a personal trip with my wife. The tiny wire in her bra set off the TSA security scanner and she received the full, enhanced pat down which took 10 minutes. After escaping from the clutches (literally) of the TSA, we walked about 50 yards to a restaurant on the "secure" side of the airport. We sat down for dinner and were each given two stainless steel forks and a stainless steel knife. Not a terribly sharp knife, but a knife for sure. I could have easily placed the knives in my coat pocket and walked out of the restaurant to board the plane. The minimum wage workers in the restaurant certainly didn't have a knife inventory program and I probably could have gotten an extra knife just by asking. Passing out steel knives on the secure side of the TSA checkpoint kinda defeats the entire process, doesn't it?
Sense has never been a significant part of airport security measures (at least since 12 Sept 2001).
Building on what 61north said, here's my experience...
Flying with an infant through Manchester airport last week was hilarious.
Step 1. Pass through the xray check. Stop! Pulled for the following: yogurt and fruit pots, sun cream, water in baby bottles - but none in a plastic "approved" bag.
Put the foodstuffs into a bag and swab it - safe. Drink from one of two baby bottles - safe. Jettison the plastic bottles of water and used nappy - safe. Scan shoes - safe.
Step 2: Get to gate and pass by the glasses and pitcher left before boarding. Hang on, we've passed duty free with all the bottles and other weapons. No plastic bottles for us but all of this stuff that can be easily used as a weapon?
Simple fact is the following: post-9/11 there has been nothing successful in this area - a pair of shoes and underpants notwithstanding. That's what 9/11 has changed - we will kill 1/2/3/4 perps trying to hijack.
I say to hell with it - book all seats on one plane and it's 100 against 5. Sounds like good odds.....
It's all bollocks and what it means is they've won. I would rather drive and sail a boat wasting a day than fly. Except I have to hit the US next week :-o
A few years ago I flew from Edinburgh to London on easyJet, a low-cost but generally reliable airline. This was before machine check-in, we all had ticket and photo ID checked by a person and a personal boarding card issued. After boarding there was a delay and the pilot said he would not take off because there was one more passenger on board than had checked in. This triggered a complete inspection of our boarding cards and passports etc. which took a whole hour. It turned out that there were half-a-dozen discrepancies: a Mr Smith had the boarding card of Mr Smythe, one Robinson had that of Robertson, and vice-versa, and so on. I guess there was one person who totally eluded the system. It is clear to me that inspection of tickets and photo-ID by humans is very fallible. But I agree with your conclusions: as long as it works most of the time, criminals can't rely on it.
Not a surprise to me. My sister-in-law forgot to bring her purse when she went to the airport last Xmas. All she had on her was her ticket, her BJs (it's like Sam's Club or Costco) membership card, and her 2-year old kid. TSA let her on the plane. While her pic is on her BJs card, it is the grainiest, whited-out pic I've ever seen in my life. I could hardly tell it was her. Of course, no self-respecting terrorist would ever try to board a plane just w/a BJs card & a screaming baby, but still, the rules should be followed.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.