Entries Tagged "homeland security"

Page 3 of 37

Training Baggage Screeners

The research in G. Giguère and B.C. Love, “Limits in decision making arise from limits in memory retrieval,” Proceedings of the National Academy of Sciences v. 19 (2013) has applications in training airport baggage screeners.

Abstract: Some decisions, such as predicting the winner of a baseball game, are challenging in part because outcomes are probabilistic. When making such decisions, one view is that humans stochastically and selectively retrieve a small set of relevant memories that provides evidence for competing options. We show that optimal performance at test is impossible when retrieving information in this fashion, no matter how extensive training is, because limited retrieval introduces noise into the decision process that cannot be overcome. One implication is that people should be more accurate in predicting future events when trained on idealized rather than on the actual distributions of items. In other words, we predict the best way to convey information to people is to present it in a distorted, idealized form. Idealization of training distributions is predicted to reduce the harmful noise induced by immutable bottlenecks in people’s memory retrieval processes. In contrast, machine learning systems that selectively weight (i.e., retrieve) all training examples at test should not benefit from idealization. These conjectures are strongly supported by several studies and supporting analyses. Unlike machine systems, people’s test performance on a target distribution is higher when they are trained on an idealized version of the distribution rather than on the actual target distribution. Optimal machine classifiers modified to selectively and stochastically sample from memory match the pattern of human performance. These results suggest firm limits on human rationality and have broad implications for how to train humans tasked with important classification decisions, such as radiologists, baggage screeners, intelligence analysts, and gamblers.

Posted on May 24, 2013 at 12:17 PMView Comments

TSA Removing Rapiscan Full-Body Scanners from U.S. Airports

This is big news:

The U.S. Transportation Security Administration will remove airport body scanners that privacy advocates likened to strip searches after OSI Systems Inc. (OSIS) couldn’t write software to make passenger images less revealing.

This doesn’t mean the end of full-body scanning. There are two categories of these devices: backscatter X-ray and millimeter wave.

The government said Friday it is abandoning its deployment of so-called backscatter technology machines produced by Rapiscan because the company could not meet deadlines to switch to generic imaging with so-called Automated Target Recognition software, the TSA said. Instead, the TSA will continue to use and deploy more millimeter wave technology scanners produced by L-3 Communications, which has adopted the generic-outline standard.

[…]

Rapiscan had a contract to produce 500 machines for the TSA at a cost of about $180,000 each. The company could be fined and barred from participating in government contracts, or employees could face prison terms if it is found to have defrauded the government. In all, the 250 Rapiscan machines already deployed are to be phased out of airports nationwide and will be replaced with machines produced by L-3 Communications.

And there are still backscatter X-ray machines being deployed, but I don’t think there are very many of them.

TSA has contracted with L-3, Smiths Group Plc (SMIN) and American Science & Engineering Inc. (ASEI) for new body-image scanners, all of which must have privacy software. L-3 and Smiths used millimeter-wave technology. American Science uses backscatter.

This is a big win for privacy. But, more importantly, it’s a big win because the TSA is actually taking privacy seriously. Yes, Congress ordered them to do so. But they didn’t defy Congress; they did it. The machines will be gone by June.

More.

Posted on January 21, 2013 at 6:38 AMView Comments

I Seem to Be a Verb

From “The Insider’s TSA Dictionary“:

Bruce Schneiered: (V, ints) When a passenger uses logic in order to confound and perplex an officer into submission. Ex: “A TSA officer took my Swiss army knife, but let my scissors go. I then asked him wouldn’t it be more dangerous if I were to make my scissors into two blades, or to go into the bathroom on the secure side and sharpen my grandmother’s walking stick with one of the scissor blades into a terror spear. Then after I pointed out that all of our bodies contain a lot more than 3.4 ounces of liquids, the TSA guy got all pissed and asked me if I wanted to fly today. I totally Schneirered [sic] his ass.”

Supposedly the site is by a former TSA employee. I have no idea if that’s true.

Posted on December 28, 2012 at 12:34 PMView Comments

On the Ineffectiveness of Airport Security Pat-Downs

I’ve written about it before, but not half as well as this story:

“That search was absolutely useless.” I said. “And just shows how much of all of this is security theatre. You guys are just feeling up passengers for no good effect, which means that you get all the downsides of a search — such as annoyed travellers who feel like they have had their privacy violated — without any of the benefits. I could have hidden half a dozen items on my person that you wouldn’t have had a snowball’s chance in a supernova of finding. That’s what I meant.”

“Sir, are you hiding something?” he said, and as he did, I saw three other security guys coming our way. Oh dear.

“Of course not.” I said. “But if I had wanted to, I could have.”

“Why do you have such a problem with being searched?” another security guy said, presumably the first guy’s supervisor.

“Look, I have absolutely no problem with being searched. But if you’re going to do it, do it properly — the plane is no safer at all after this gentleman half-heartedly stroked me for a couple of seconds” I said.

“How do you mean?” the supervisor asked.

“He was stroking me as if he was trying to get me to sleep with him, not as if he was trying to find anything on me.” I said. “I’ve been searched many, many times, and in this case, I could have hidden things in my socks, taped to my thigh, taped to the small of my back, the insides of my upper arms, under my testicles or anywhere on my buttocks.”

“Why have you been searched so many times?” the supervisor asked sharply.

“I’m a police officer. I help train other police officers. When we search someone, we assume that the person who searches us may have a knife or something else they can use to harm us, so we search properly. And yes, this means that you have to take a firm grip of somebody’s groin, yes, this means that you search even the parts that are less comfortable to have searched, and yes, this means that you’re probably going to incur a couple of sexual harassment accusations along the way.” I nodded at the security guard who had searched me. “This fellow here did by far the most useless search I have ever been subjected to, and if I wanted to, I could have smuggled half a dozen knives onto the flight. I don’t have a problem with being searched at all — in fact, if you guys think it’s necessary, I’d be the first to admit that I look a little bit suspicious before I’ve had my first cup of coffee in the morning — but if you’re going to stroke me gently in front of hundreds of people, you’d better buy me a fucking drink first, is all I am saying.”

The security supervisor was standing there, frozen at my rant.

Posted on November 5, 2012 at 6:19 AMView Comments

Hacking TSA PreCheck

I have a hard time getting worked up about this story:

I have X’d out any information that you could use to change my reservation. But it’s all there, PNR, seat assignment, flight number, name, ect. But what is interesting is the bolded three on the end. This is the TSA Pre-Check information. The number means the number of beeps. 1 beep no Pre-Check, 3 beeps yes Pre-Check. On this trip as you can see I am eligible for Pre-Check. Also this information is not encrypted in any way.

What terrorists or really anyone can do is use a website to decode the barcode and get the flight information, put it into a text file, change the 1 to a 3, then use another website to re-encode it into a barcode. Finally, using a commercial photo-editing program or any program that can edit graphics replace the barcode in their boarding pass with the new one they created. Even more scary is that people can do this to change names. So if they have a fake ID they can use this method to make a valid boarding pass that matches their fake ID. The really scary part is this will get past both the TSA document checker, because the scanners the TSA use are just barcode decoders, they don’t check against the real time information. So the TSA document checker will not pick up on the alterations. This means, as long as they sub in 3 they can always use the Pre-Check line.

What a dumb way to design the system. It would be easier — and far more secure — if the boarding pass checker just randomly chose 10%, or whatever percentage they want, of PreCheck passengers to send through regular screening. Why go through the trouble of encoding it in the barcode and then reading it?

And — of course — this means that you can still print your own boarding pass.

On the other hand, I think the PreCheck level of airport screening is what everyone should get, and that the no-fly list and the photo ID check add nothing to security. So I don’t feel any less safe because of this vulnerability.

Still, I am surprised. Is this the same in other countries? Lots of countries scan my boarding pass before allowing me through security: France, the Netherlands, the UK, Japan, even Uruguay at Montevideo Airport when I flew out of there yesterday. I always assumed that those systems were connected to the airlines’ reservation databases. Does anyone know?

Posted on October 26, 2012 at 6:46 AMView Comments

2013 U.S. Homeland Security Budget

Among other findings in this CBO report:

Funding for homeland security has dropped somewhat from its 2009 peak of $76 billion, in inflation-adjusted terms; funding for 2012 totaled $68 billion. Nevertheless, the nation is now spending substantially more than what it spent on homeland security in 2001.

Note that this is just direct spending on homeland security. This does not include DoD spending — which would include the costs of the wars in Iraq and Afghanistan — and Department of Justice spending. John Mueller estimates that we have spent $1.1 trillion over the ten years between 2002 and 2011.

Posted on October 2, 2012 at 9:41 AMView Comments

Stopping Terrorism

Nice essay on the futility of trying to prevent another 9/11:

“Never again.” It is as simplistic as it is absurd. It is as vague as it is damaging. No two words have provided so little meaning or context; no catchphrase has so warped policy discussions that it has permanently confused the public’s understanding of homeland security. It convinced us that invulnerability was a possibility.

The notion that policies should focus almost exclusively on preventing the next attack has also masked an ideological battle within homeland-security policy circles between “never again” and its antithesis, commonly referred to as “shit happens” but in polite company known as “resiliency.” The debate isn’t often discussed this way, and not simply because of the bad language. Time has not only eased the pain of that day, but there have also been no significant attacks. “Never again” has so infiltrated public discourse that to even acknowledge a trend away from prevention is considered risky, un-American. Americans don’t do “Keep Calm and Carry On.” But if they really want security, the kind of security that is sustainable and realistic, then they are going to have to.

There’s a lot of good material in this essay.

And on a related topic, an essay and commentary on overhyping the threat of terrorism at the London Olympics.

Posted on September 12, 2012 at 12:55 PMView Comments

Poll: Americans Like the TSA

Gallup has the results:

Despite recent negative press, a majority of Americans, 54%, think the U.S. Transportation Security Administration is doing either an excellent or a good job of handling security screening at airports. At the same time, 41% think TSA screening procedures are extremely or very effective at preventing acts of terrorism on U.S. airplanes, with most of the rest saying they are somewhat effective.

My first reaction was that people who don’t fly — and don’t interact with the TSA — are more likely to believe it is doing a good job. That’s not true.

Just over half of Americans report having flown at least once in the past year. These fliers have a slightly better opinion of the job TSA is doing than those who haven’t flown. Fifty-seven percent of those who have flown at least once and 57% of the smaller group who have flown at least three times have an excellent or good opinion of the TSA’s job performance. That compares with 52% of those who have not flown in the past year.

There is little difference in opinions about the effectiveness of TSA’s screening procedures by flying status; between 40% and 42% of non-fliers, as well as of those who have flown at least once and those who have flown at least three times, believe the procedures are at least very effective.

Also:

Younger Americans have significantly more positive opinions of the TSA than those who are older. These differences may partly reflect substantial differences in flying frequency, with 60% of 18- to 29-year-olds reporting having flown within the last year, compared with 33% of those 65 years and older.

Anyone want to try to explain these numbers?

Posted on August 22, 2012 at 6:09 AMView Comments

Sidebar photo of Bruce Schneier by Joe MacInnis.