Thoughtcrime
We’re developing a “pre-crime detector” that detects hostile thoughts.
Entries Tagged "DHS"
Page 20 of 39
The Two Classes of Airport Contraband
Airport security found a jar of pasta sauce in my luggage last month. It was a 6-ounce jar, above the limit; the official confiscated it, because allowing it on the airplane with me would have been too dangerous. And to demonstrate how dangerous he really thought that jar was, he blithely tossed it in a nearby bin of similar liquid bottles and sent me on my way.
There are two classes of contraband at airport security checkpoints: the class that will get you in trouble if you try to bring it on an airplane, and the class that will cheerily be taken away from you if you try to bring it on an airplane. This difference is important: Making security screeners confiscate anything from that second class is a waste of time. All it does is harm innocents; it doesn’t stop terrorists at all.
Let me explain. If you’re caught at airport security with a bomb or a gun, the screeners aren’t just going to take it away from you. They’re going to call the police, and you’re going to be stuck for a few hours answering a lot of awkward questions. You may be arrested, and you’ll almost certainly miss your flight. At best, you’re going to have a very unpleasant day.
This is why articles about how screeners don’t catch every—or even a majority—of guns and bombs that go through the checkpoints don’t bother me. The screeners don’t have to be perfect; they just have to be good enough. No terrorist is going to base his plot on getting a gun through airport security if there’s a decent chance of getting caught, because the consequences of getting caught are too great.
Contrast that with a terrorist plot that requires a 12-ounce bottle of liquid. There’s no evidence that the London liquid bombers actually had a workable plot, but assume for the moment they did. If some copycat terrorists try to bring their liquid bomb through airport security and the screeners catch them—like they caught me with my bottle of pasta sauce—the terrorists can simply try again. They can try again and again. They can keep trying until they succeed. Because there are no consequences to trying and failing, the screeners have to be 100 percent effective. Even if they slip up one in a hundred times, the plot can succeed.
The same is true for knitting needles, pocketknives, scissors, corkscrews, cigarette lighters and whatever else the airport screeners are confiscating this week. If there’s no consequence to getting caught with it, then confiscating it only hurts innocent people. At best, it mildly annoys the terrorists.
To fix this, airport security has to make a choice. If something is dangerous, treat it as dangerous and treat anyone who tries to bring it on as potentially dangerous. If it’s not dangerous, then stop trying to keep it off airplanes. Trying to have it both ways just distracts the screeners from actually making us safer.
EDITED TO ADD (10/23): A similar article ran in The Guardian.
TSA Employees Bypassing Airport Screening
Airport screeners are now able to bypass airport screening:
The Transportation Security Administration (TSA) rolled out the new uniforms and new screening policy at airports nationwide on Sept. 11.
The new policy says screeners can arrive for work and walk behind security lines without any of their belongings examined or X-rayed.
“Lunch or a bomb, you can walk right through with it,” said Mike Boyd, an aviation consultant in Evergreen. “This is a major security issue.”
Actually, it’s not. Screeners have to go in and out of security all the time as they work. Yes, they can smuggle things in and out of the airport. But you have to remember that the airport screeners are trusted insiders for the system: there are a zillion ways they could break airport security.
On the other hand, it’s probably a smart idea to screen screeners when they walk through airport security when they aren’t working at that checkpoint at that time. The reason is the same reason you should screen everyone, including pilots who can crash their plane: you’re not screening screeners (or pilots), you’re screening people wearing screener (or pilot) uniforms and carrying screener (or pilot) IDs. You can either train your screeners to recognize authentic uniforms and IDs, or you can just screen everybody. The latter is just easier.
But this isn’t a big deal.
Change Your Name and Avoid the TSA Watchlist
Shhhh. Don’t tell the terrorists:
The U.S. Department of Homeland Security wrote a letter to Labbé in 2004, saying he had been placed on their watch list after falling victim to identity theft. At the time, the department said there was no way for his name to be removed.
Although Labbé wrote letters to the U.S. department, his efforts were in vain, prompting him to legally change his name.
“So now, my official name is François Mario Labbé,” he said.
“Then you have to change everything: driver’s license, social insurance, medicare, credit card—everything.”
Although it’s not a big change from Mario Labbé, he said it’s been enough to foil the U.S. customs computers.
My LA Times Op Ed on Photo ID Checks at Airport
Opinion
The TSA’s useless photo ID rules
No-fly lists and photo IDs are supposed to help protect the flying public from terrorists. Except that they don’t work.
By Bruce Schneier
August 28, 2008
The TSA is tightening its photo ID rules at airport security. Previously, people with expired IDs or who claimed to have lost their IDs were subjected to secondary screening. Then the Transportation Security Administration realized that meant someone on the government’s no-fly list—the list that is supposed to keep our planes safe from terrorists—could just fly with no ID.
Now, people without ID must also answer personal questions from their credit history to ascertain their identity. The TSA will keep records of who those ID-less people are, too, in case they’re trying to probe the system.
This may seem like an improvement, except that the photo ID requirement is a joke. Anyone on the no-fly list can easily fly whenever he wants. Even worse, the whole concept of matching passenger names against a list of bad guys has negligible security value.
How to fly, even if you are on the no-fly list: Buy a ticket in some innocent person’s name. At home, before your flight, check in online and print out your boarding pass. Then, save that web page as a PDF and use Adobe Acrobat to change the name on the boarding pass to your own. Print it again. At the airport, use the fake boarding pass and your valid ID to get through security. At the gate, use the real boarding pass in the fake name to board your flight.
The problem is that it is unverified passenger names that get checked against the no-fly list. At security checkpoints, the TSA just matches IDs to whatever is printed on the boarding passes. The airline checks boarding passes against tickets when people board the plane. But because no one checks ticketed names against IDs, the security breaks down.
This vulnerability isn’t new. It isn’t even subtle. I wrote about it in 2003, and again in 2006. I asked Kip Hawley, who runs the TSA, about it in 2007. Today, any terrorist smart enough to Google “print your own boarding pass” can bypass the no-fly list.
This gaping security hole would bother me more if the very idea of a no-fly list weren’t so ineffective. The system is based on the faulty notion that the feds have this master list of terrorists, and all we have to do is keep the people on the list off the planes.
That’s just not true. The no-fly list—a list of people so dangerous they are not allowed to fly yet so innocent we can’t arrest them—and the less dangerous “watch list” contain a combined 1 million names representing the identities and aliases of an estimated 400,000 people. There aren’t that many terrorists out there; if there were, we would be feeling their effects.
Almost all of the people stopped by the no-fly list are false positives. It catches innocents such as Ted Kennedy, whose name is similar to someone’s on the list, and Yusuf Islam (formerly Cat Stevens), who was on the list but no one knew why.
The no-fly list is a Kafkaesque nightmare for the thousands of innocent Americans who are harassed and detained every time they fly. Put on the list by unidentified government officials, they can’t get off. They can’t challenge the TSA about their status or prove their innocence. (The U.S. 9th Circuit Court of Appeals decided this month that no-fly passengers can sue the FBI, but that strategy hasn’t been tried yet.)
But even if these lists were complete and accurate, they wouldn’t work. Timothy McVeigh, the Unabomber, the D.C. snipers, the London subway bombers and most of the 9/11 terrorists weren’t on any list before they committed their terrorist acts. And if a terrorist wants to know if he’s on a list, the TSA has approved a convenient, $100 service that allows him to figure it out: the Clear program, which issues IDs to “trusted travelers” to speed them through security lines. Just apply for a Clear card; if you get one, you’re not on the list.
In the end, the photo ID requirement is based on the myth that we can somehow correlate identity with intent. We can’t. And instead of wasting money trying, we would be far safer as a nation if we invested in intelligence, investigation and emergency response—security measures that aren’t based on a guess about a terrorist target or tactic.
That’s the TSA: Not doing the right things. Not even doing right the things it does.
TSA Follies
They break planes:
Citing sources within the aviation industry, ABC News reports an overzealous TSA employee attempted to gain access to the parked aircraft by climbing up the fuselage… reportedly using the Total Air Temperature (TAT) probes mounted to the planes’ noses as handholds.
“The brilliant employees used an instrument located just below the cockpit window that is critical to the operation of the onboard computers,” one pilot wrote on an American Eagle internet forum. “They decided this instrument, the TAT probe, would be adequate to use as a ladder.”
They harass innocents:
James Robinson is a retired Air National Guard brigadier general and a commercial pilot for a major airline who flies passenger planes around the country.
He has even been certified by the Transportation Security Administration to carry a weapon into the cockpit as part of the government’s defense program should a terrorist try to commandeer a plane.
But there’s one problem: James Robinson, the pilot, has difficulty even getting to his plane because his name is on the government’s terrorist “watch list.”
It’s easy to sneak by them:
The third-grader has been on the watch list since he was 5 years old. Asked whether he is a terrorist, he said, “I don’t know.”
Though he doesn’t even know what a terrorist is, he is embarrassed that trips to the airport cause a ruckus, said his mother, Denise Robinson.
[…]
Denise Robinson says she tells the skycaps her son is on the list, tips heavily and is given boarding passes. And booking her son as “J. Pierce Robinson” also has let the family bypass the watch list hassle.
And here’s how to sneak lockpicks past them.
EDITED TO ADD (8/21): Ha ha ha ha:
Even though its inspector’s actions caused nine American Eagle planes
to be grounded in Chicago this week, the Transporatation Security
Administration says it may pursue action against the airline for
security lapses.
And a step in the right direction:
A federal appeals court ruled this week that individuals who are blocked from commercial flights by the federal no-fly list can challenge their detention in federal court.
Laptop with Trusted Traveler Identities Stolen
Oops. A laptop with the names of 33,000 people enrolled in the Clear program—the most popular airport “trusted traveler” program—has been stolen at SFO. The TSA is unhappy.
Stealing databases of personal information is never good, but this doesn’t make a bit of difference to airport security. I’ve already written about the Clear program: it’s a $100-a-year program that lets you cut the security line, and nothing more. Clear members are no more trusted than anyone else.
Anyway, it’s easy to fly without an ID, as long as you claim to have lost it. And it’s also easy to get through airport security without being an actual airplane passenger.
None of this is security. Absolutely none of it.
EDITED TO ADD (8/7): The laptop has been found. Turns out it was never stolen:
The laptop was found Tuesday morning in the same company office where it supposedly had gone missing, said spokeswoman Allison Beer.
“It was not in an obvious location,” said Beer, who said an investigation was under way to determine whether the computer was actually stolen or had just been misplaced.
Why in the world do these people not use full-disk encryption?
U.S. Government Policy for Seizing Laptops at Borders
Amazing. The U.S. government has published its policy: they can take your laptop anywhere they want, for as long as they want, and share the information with anyone they want:
Federal agents may take a traveler’s laptop or other electronic device to an off-site location for an unspecified period of time without any suspicion of wrongdoing, as part of border search policies the Department of Homeland Security recently disclosed. Also, officials may share copies of the laptop’s contents with other agencies and private entities for language translation, data decryption, or other reasons, according to the policies, dated July 16 and issued by two DHS agencies, US Customs and Border Protection and US Immigration and Customs Enforcement.
[…]
DHS officials said that the newly disclosed policies—which apply to anyone entering the country, including US citizens—are reasonable and necessary to prevent terrorism.
[…]
The policies cover ‘any device capable of storing information in digital or analog form,’ including hard drives, flash drives, cell phones, iPods, pagers, beepers, and video and audio tapes. They also cover ‘all papers and other written documentation,’ including books, pamphlets and ‘written materials commonly referred to as “pocket trash…”
It’s not the policy that’s amazing; it’s the fact that the government has actually made it public.
Here’s the actual policy.
Slashdot thread. My previous essay on crossing borders with laptops, and how to protect yourself.
Although honestly, the best thing is probably to keep your encrypted archives on some network drive somewhere, and download what you need after you cross the border.
TSA Proud of Confiscating Non-Dangerous Item
This is just sad. The TSA confiscated a battery pack not because it’s dangerous, but because other passengers might think it’s dangerous. And they’re proud of the fact.
“We must treat every suspicious item the same and utilize the tools we have available to make a final determination,” said Federal Security Director David Wynn. “Procedures are in place for a reason and this is a clear indication our workforce is doing a great job.”
My guess is that if Kip Hawley were allowed to comment on my blog, he would say something like this: “It’s not just bombs that are prohibited; it’s things that look like bombs. This looks enough like a bomb to fool the other passengers, and that in itself is a threat.”
Okay, that’s fair. But the average person doesn’t know what a bomb looks like; all he knows is what he sees on television and the movies. And this rule means that all homemade electronics are confiscated, because anything homemade with wires can look like a bomb to someone who doesn’t know better. The rule just doesn’t work.
And in today’s passengers-fight-back world, do you think anyone is going to successfully do anything with a fake bomb?
Cost/Benefit Analysis of Airline Security
This report, “Assessing the risks, costs and benefits of United States aviation security measures” by Mark Stewart and John Mueller, is excellent reading:
The United States Office of Management and Budget has recommended the use of cost-benefit assessment for all proposed federal regulations. Since 9/11 government agencies in Australia, United States, Canada, Europe and elsewhere have devoted much effort and expenditure to attempt to ensure that a 9/11 type attack involving hijacked aircraft is not repeated. This effort has come at considerable cost, running in excess of US$6 billion per year for the United States Transportation Security Administration (TSA) alone. In particular, significant expenditure has been dedicated to two aviation security measures aimed at preventing terrorists from hijacking and crashing an aircraft into buildings and other infrastructure: (i) Hardened cockpit doors and (ii) Federal Air Marshal Service. These two security measures cost the United States government and the airlines nearly $1 billion per year. This paper seeks to discover whether aviation security measures are cost-effective by considering their effectiveness, their cost and expected lives saved as a result of such expenditure. An assessment of the Federal Air Marshal Service suggests that the annual cost is $180 million per life saved. This is greatly in excess of the regulatory safety goal of $1-$10 million per life saved. As such, the air marshal program would seem to fail a cost-benefit analysis. In addition, the opportunity cost of these expenditures is considerable, and it is highly likely that far more lives would have been saved if the money had been invested instead in a wide range of more cost-effective risk mitigation programs. On the other hand, hardening of cockpit doors has an annual cost of only $800,000 per life saved, showing that this is a cost-effective security measure.
From the body:
Hardening cockpit doors has the highest risk reduction (16.67%) at lowest additional cost of $40 million. On the other hand, the Federal Air Marshal Service costs $900 million pa but reduces risk by only 1.67%. The Federal Air Marshal Service may be more cost-effective if it is able to show extra benefit over the cheaper measure of hardening cockpit doors. However, the Federal Air Marshal Service seems to have significantly less benefit which means that hardening cockpit doors is the more cost-effective measure.
Cost-benefit analysis is definitely the way to look at these security measures. It’s hard for people to do, because it requires putting a dollar value on a human life—something we can’t possibly do with our own. But as a society, it is something we do again and again: when we raise or lower speed limits, when we ban a certain pesticide, when we enact building codes. Insurance companies do it all the time. We do it implicitly, because we can’t talk about it explicitly. I think there is considerable value in talking about it.
(Note the table on page 5 of the report, which lists the cost per lives saved for a variety of safety and security measures.)
The final paper will eventually be published in the Journal of Transportation Security. I never even knew there was such a thing.
EDITED TO ADD (8/13): New York Times op-ed on the subject.
Sidebar photo of Bruce Schneier by Joe MacInnis.