Kip Hawley Comments on the Domodedovo Airport Bombing
This is the first piece of writing I’ve seen from Kip Hawley since he left the TSA in 2009. It’s mostly generalities and platitudes.
Entries Tagged "air travel"
Page 13 of 46
Jury Says it's Okay to Record the TSA
The Seattle man who refused to show ID to the TSA and recorded the whole incident has been cleared of all charges:
[The jury] returned not guilty verdicts for charges that included concealing his identity, refusing to obey a lawful order, trespassing, and disorderly conduct.
Papers, Please! says the acquittal proves what TSA critics have said all along: That checkpoint staff have no police powers, that contrary to TSA claims, passengers have the right to fly without providing ID, and yes, passengers are free to video record checkpoints as long as images on screening monitors aren’t captured.
“Annoying the TSA is not a crime,” the blog post states. “Photography is not a crime. You have the right to fly without ID, and to photograph, film, and record what happens.”
And a recent Dilbert is about the TSA.
EDITED TO ADD (1/10): Details and links.
Domodedovo Airport Bombing
I haven’t written anything about the suicide bombing at Moscow’s Domodedovo Airport because I didn’t think there was anything to say. The bomber was outside the security checkpoint, in the area where family and friends wait for arriving passengers. From a security perspective, the bombing had nothing to do with airport security. He could have just as easily been in a movie theater, stadium, shopping mall, market, or anywhere else lots of people are crowded together with limited exits. The large death and injury toll indicates the bomber chose his location well.
I’ve often written that security measures that are only effective if the implementers guess the plot correctly are largely wastes of money—at best they would have forced this bomber to choose another target—and that our best security investments are intelligence, investigation, and emergency response. This latest terrorist attack underscores that even more. “Critics say” that the TSA couldn’t have detected this sort of attack. Of course; the TSA can’t be everywhere. And that’s precisely the point.
Many reporters asked me about the likely U.S. reaction. I don’t know; it could range from “Moscow is a long way off and that doesn’t concern us” to “Oh my god we’re all going to die!” The worry, of course, is that we will need to “do something,” even though there is no “something” that should be done.
I was interviewed by the Esquire politics blog about this. I’m not terribly happy with the interview; I was rushed and sloppy on the phone.
$100 to Put a Bomb on an Airplane
An undercover TSA agent successfully bribed JetBlue ticket agent to check a suitcase under a random passenger’s name and put it on an airplane.
As with a lot of these tests, I’m not that worried because it’s not a reliable enough tactic to build a plot around. But untrustworthy airline personnel—or easily bribeable airline personal—could be used in a smarter and less risky plot.
Cost-Benefit Analysis of Full-Body Scanners
Research paper from Mark Stewart and John Mueller:
The Transportation Security Administration (TSA) has been deploying Advanced Imaging Technologies (AIT) that are full-body scanners to inspect a passenger’s body for concealed weapons, explosives, and other prohibited items. The terrorist threat that AITs are primarily dedicated to is preventing the downing of a commercial airliner by an IED (Improvised Explosive Device) smuggled on board by a passenger. The cost of this technology will reach $1.2 billion per year by 2014. The paper develops a cost-benefit analysis of AITs for passenger screening at U.S. airports. The analysis considered threat probability, risk reduction, losses, and costs of security measures in the estimation of costs and benefits. Since there is uncertainty and variability of these parameters, three alternate probability (uncertainty) models were used to characterise risk reduction and losses. Economic losses were assumed to vary from $2-50 billion, and risk reduction from 5-10%. Monte-Carlo simulation methods were used to propagate these uncertainties in the calculation of benefits, and the minimum attack probability necessary for AITs to be cost-effective was calculated. It was found that, based on mean results, more than one attack every two years would need to originate from U.S. airports for AITs to pass a cost-benefit analysis. In other words, to be cost-effective, AITs every two years would have to disrupt more than one attack effort with body-borne explosives that otherwise would have been successful despite other security measures, terrorist incompetence and amateurishness, and the technical difficulties in setting off a bomb sufficiently destructive to down an airliner. The attack probability needs to exceed 160-330% per year to be 90% certain that AITs are cost-effective.
EDITED TO ADD (1/26): Response from one of the paper’s authors.
Me on Airport Security
Last week, I spoke at an airport security conference hosted by EPIC: The Stripping of Freedom: A Careful Scan of TSA Security Procedures. Here’s the video of my half-hour talk.
Loaded Gun Slips Past TSA
I’m not really worried about mistakes like this. Sure, a gun slips through occasionally, and a knife slips through even more often. (I’m sure the TSA doesn’t catch 100% of all bombs in tests, either.) But these items are caught by the TSA often enough, and when the TSA does catch someone, they’re going to call the police and totally ruin his day. A terrorist can’t build a plot around succeeding.
It’s things like liquids that are the real problem. Because there are no consequences to trying—the bottle of water just gets thrown into the trash—a terrorist can repeatedly try until he succeeds in slipping it through.
I asked then-TSA Administrator Kip Hawley about this in 2007. He didn’t answer.
The Security Threat of Forged Law-Enforcement Credentials
Here’s a U.S. Army threat assessment of forged law-enforcement credentials.
The authors bought a bunch of fake badges:
Between November 2009 and March 2010, undercover investigators were able to purchase nearly perfect counterfeit badges for all of the Department of Defense’s military criminal investigative organizations to include the Army Criminal Investigation Command (Army CID), Naval Criminal Investigative Service (NCIS), Air Force Office of Special Investigations (AFOSI), and the Marine Corps Criminal Investigation Division (USMC CID). Also, purchased was the badge for the Defense Criminal Investigative Service (DCIS).
Also available for purchase were counterfeit badges of 42 other federal law enforcement agencies including the Federal Bureau of Investigation (FBI), Drug Enforcement Administration (DEA), Alcohol, Tobacco and Firearms (ATF), Secret Service, and the US Marshals Service.
Of the other federal law enforcement agency badges available, the investigators found exact reproductions of the badges issued to Federal Air Marshals, Transportation Security Administration (TSA) Screeners, TSA Inspectors, and Special Agents of the TSA Office of Inspector General.
Average price: $60.
Then, they tried using them:
During the period of January to June 2010, undercover investigators utilized fraudulent badges and credentials of the DoD’s military criminal investigative organizations to penetrate the security at: 6 military installations; 2 federal courthouses; and 3 state buildings in the New York and New Jersey area.
[…]
Once being granted access to the military installation or federal facility, the investigators proceeded to areas that were designed as “Restricted Area” or “Authorized Personnel Only” and were able to wander around without being challenged by employees or security personnel. On one military installation, investigators were able to go to the police station and request local background checks on several fictitious names. All that was required was displaying the fraudulent badge and credentials to a police officer working the communications desk.
The authors didn’t try it getting through airport security, but they mentioned a 2000 GAO report where investigators did:
The investigation found that investigators were 100% successful in penetrating 19 federal sites and 2 commercial airports by claiming to be law enforcement officers and entering the facilities unchecked by security where they could have carried weapons, listening devices, explosives, chemical/biological agents and other such materials.
Websites are listed in the report, if you want to buy your own fake badge and carry a gun onto an airplane.
I’ve written about this general problem before:
When faced with a badge, most people assume it’s legitimate. And even if they wanted to verify the badge, there’s no real way for them to do so.
The only solution, if this counts as one, is to move to real-time verification. A credit card used to be a credential; it gave the bearer certain privileges. But the problem of forged and stolen credit cards was so pervasive that the industry moved to a system where now the card is mostly a pointer to a database. Your passport, when you present it to the customs official in your home country, is basically the same thing. I’d like to be able to photograph a law-enforcement badge with my camera, send it to some police website, and get back a real-time verification—with picture—that the officer is legit.
Of course, that opens up an entire new set of database security issues, but I think they’re more manageable than what we have now.
TSA Inspecting Thermoses
This is new:
Adm. James Winnefeld told The Associated Press Friday that the Transportation Security Administration is “always trying to think ahead.” Winnefeld is the head of the U.S. Northern Command, which is charged with protecting the homeland.
TSA officials had said Thursday that in coming days, passengers flying within and to the U.S. may notice additional security measures related to insulated beverage containers such as thermoses.
Winnefeld says officials responsible for homeland security are always a bit more alert over the holiday season. He says there has been a lot of chatter online about potential terror activity, but nothing specific.
Interview with TSA Administrator John Pistole
He’s more realistic than one normally hears:
So if they get through all those defenses, they get to Reagan [National Airport] over here, and they’ve got an underwear bomb, they got a body cavity bomb—what’s reasonable to expect TSA to do? Hopefully our behavior detection people will see somebody sweating, or they’re dancing on their shoes or something, or they’re fiddling with something. Our explosives specialists, they’ll do something – they do hand swabs at random, unpredictably. If that doesn’t work then they go through (the enhanced scanner). And these machines give the best opportunity to detect a non-metallic device, but they’re not foolproof.
[…]
We’re not in the risk elimination business. The only way you can eliminate car accidents from happening is by not driving. OK, that’s not acceptable. The only way you can eliminate the risk of planes blowing up is nobody flies.
He still ducks some of the hard questions.
I am reminded my own interview from 2007 with then-TSA Administrator Kip Hawley.
Sidebar photo of Bruce Schneier by Joe MacInnis.