Security Vulnerabilities in Airport Full-Body Scanners

According to a report from the DHS Office of Inspector General:

Federal investigators "identified vulnerabilities in the screening process" at domestic airports using so-called "full body scanners," according to a classified internal Department of Homeland Security report.

EPIC obtained an unclassified version of the report in a FOIA response. Here's the summary.

Posted on May 16, 2012 at 6:15 AM • 15 Comments

Comments

Clive RobinsonMay 16, 2012 7:02 AM

I know you should not argue backwards from effect to cause... But does anyone know what the eight improvments are so we can get an aproximation of what the likely defects are?

Dave C.May 16, 2012 8:08 AM

It is a good thing to do the analysis looking for weaknesses, admit there are some and to specify appropriate improvements.

AndrewMay 16, 2012 8:41 AM

There is legitimate reason to keep the methodology of testing and details of specific vulnerabilities out of public view.

The results of testing, such as the number of airports tested, the number of tests conducted, and percentage of detections versus fails .. keeping that secret is just politics and nothing to do with keeping the public safe.

Snarki, child of LokiMay 16, 2012 10:33 AM

@Kevin: "Seriously, when are we going to stop funding the TSA?"

When the AQ-TSA chapter is up and running, or half past never, whichever comes first.

NobodySpecialMay 16, 2012 10:47 AM

"Seriously, when are we going to stop funding the TSA?"

When you accept that sort of treatment everywhere and the Transport Security Administration is absorbed into the general Security Administration or just SA

GeorgeMay 16, 2012 11:54 AM

I can't wait to see Blogger Bob's response to this. Probably something like "Study proves Advanced Imaging Technology is highly effective at detecting hidden explosives like the Underwear Bomber!"

Dirk PraetMay 16, 2012 11:59 AM

Irrespective of the nature of the identified vulnerabilities, the solution will be to either upgrade or replace the existing devices at the usual "modest fee".

"Seriously, when are we going to stop funding the TSA?"

Not going to happen until such a time that a majority of the population turns against it (ref. slavery, civil rights movement, Vietnam etc.) The TSA in its current incarnation has nothing to do with security, but everything with a priviliged elite making its fortune by exploiting the commoner's fear of a tiny group of religious extremists whom - for all practical purposes - they have created themselves.

FigureitoutMay 16, 2012 1:24 PM

My "trolldar" is picking up something...

Nice summary, in typical PR fashion it tells me something and nothing at the same time...

when are we going to stop funding the TSA?

Well, think about who "we" is...it's not you or I so maybe we should fix who "we" is...but honestly who has the time/motivation to actually do that?

NobodyMay 16, 2012 3:10 PM

The report only mentions: "We identified vulnerabilities in the screening process (...) " and not necessarily security vulnerabilities in the scanners themselves. Where does the information come from that te scanners themselves are vulnerable?

MeMay 16, 2012 3:58 PM

Wow, I think this sums up the summary:

Never heard someone talk so much, but say so little.

John CampbellMay 17, 2012 11:36 AM

Hmmmm... I guess these vulnerabilities were needed to ensure others the ability to download nude photos of the subjects ... and allows the obfuscation to be bypassed, allowing high definition magazine quality photos to be retained.

(smirks)

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..