Entries Tagged "overreactions"

Page 7 of 15

Large Signs a Security Risk

A large sign saying “United States” at a border crossing was deemed a security risk:

Yet three weeks ago, less than a month after the station opened, workers began prying the big yellow letters off the building’s facade on orders from Customs and Border Protection. The plan is to dismantle the rest of the sign this week.

“At the end of the day, I think they were somewhat surprised at how bold and how bright it was,” said Les Shepherd, the chief architect of the General Services Administration, referring to the customs agency’s sudden turnaround.

“There were security concerns,” said Kelly Ivahnenko, a spokeswoman for the customs agency. “The sign could be a huge target and attract undue attention. Anything that would place our officers at risk we need to avoid.”

The move is a depressing, if not wholly unpredictable, example of how the lingering trauma of 9/11 can make it difficult for government bureaucracies to make rational decisions. It reflects a tendency to focus on worst-case scenarios to the exclusion of common sense, as well as a fundamental misreading of the sign and the message it conveys. And if it is carried out as planned, it will gut a design whose playful pop aesthetic is an inspired expression of what America is about.

Exactly.

Posted on July 28, 2009 at 4:23 PMView Comments

Second SHB Workshop Liveblogging (7)

Session Six—”Terror”—chaired by Stuart Schechter.

Bill Burns, Decision Research (suggested reading: The Diffusion of Fear: Modeling Community Response to a Terrorist Strike), studies social reaction to risk. He discussed his theoretical model of how people react to fear events, and data from the 9/11 attacks, the 7/7 bombings in the UK, and the 2008 financial collapse. Basically, we can’t remain fearful. No matter what happens, fear spikes immediately after and recovers 45 or so days afterwards. He believes that the greatest mistake we made after 9/11 was labeling the event as terrorism instead of an international crime.

Chris Cocking, London Metropolitan University (suggested reading: Effects of social identity on responses to emergency mass evacuation), looks at the group behavior of people responding to emergencies. Traditionally, most emergency planning is based on the panic model: people in crowds are prone to irrational behavior and panic. There’s also a social attachment model that predicts that social norms don’t break down in groups. He prefers a self-categorization approach: disasters create a common identity, which results in orderly and altruistic behavior among strangers. The greater the threat, the greater the common identity, and spontaneous resilience can occur. He displayed a photograph of “panic” in New York on 9/11 and showed how it wasn’t panic at all. Panic seems to be more a myth than a reality. This has policy implications during an event: provide people with information, and people are more likely to underreact than overreact, if there is overreaction, it’s because people are acting as individuals rather than groups, so those in authority should encourage a sense of collective identity. “Crowds can be part of the solution rather than part of the problem.”

Richard John, University of Southern California (suggested reading: Decision Analysis by Proxy for the Rational Terrorist), talked about the process of social amplification of risk (with respect to terrorism). Events result in relatively small losses; it’s the changes in behavior following an event that result in much greater losses. There’s a dynamic of risk perception, and it’s very contextual. He uses vignettes to study how risk perception changes over time, and discussed some of the studies he’s conducting and ideas for future studies.

Mark Stewart, University of Newcastle, Australia (suggested reading: A risk and cost-benefit assessment of United States aviation security measures; Risk and Cost-Benefit Assessment of Counter-Terrorism Protective Measures to Infrastructure), examines infrastructure security and whether the costs exceed the benefits. He talked about cost/benefit trade-off, and how to apply probabilistic terrorism risk assessment; then, he tried to apply this model to the U.S. Federal Air Marshal Service. His result: they’re not worth it. You can quibble with his data, but the real value is a transparent process. During the discussion, I said that it is important to realize that risks can’t be taken in isolation, that anyone making a security trade-off is balancing several risks: terrorism risks, political risks, the personal risks to his career, etc.

John Adams, University College London (suggested reading: Deus e Brasileiro?; Can Science Beat Terrorism?; Bicycle bombs: a further inquiry), applies his risk thermostat model to terrorism. He presented a series of amusing photographs of overreactions to risk, most of them not really about risk aversion but more about liability aversion. He talked about bureaucratic paranoia, as well as bureaucratic incitements to paranoia, and how this is beginning to backfire. People treat risks differently, depending on whether they are voluntary, impersonal, or imposed, and whether people have total control, diminished control, or no control.

Dan Gardner, Ottawa Citizen (suggested reading: The Science of Fear: Why We Fear the Things We Shouldn’t—and Put Ourselves in Greater Danger), talked about how the media covers risks, threats, attacks, etc. He talked about the various ways the media screws up, all of which were familiar to everyone. His thesis is not that the media gets things wrong in order to increase readership/viewership and therefore profits, but that the media gets things wrong because reporters are human. Bad news bias is not a result of the media hyping bad news, but the natural human tendency to remember the bad more than the good. The evening news is centered around stories because people—including reporters—respond to stories, and stories with novelty, emotion, and drama are better stories.

Some of the discussion was about the nature of panic: whether and where it exists, and what it looks like. Someone from the audience questioned whether panic was related to proximity to the event; someone else pointed out that people very close to the 7/7 bombings took pictures and made phone calls—and that there was no evidence of panic. Also, on 9/11 pretty much everyone below where the airplanes struck the World Trade Center got out safely; and everyone above couldn’t get out, and died. Angela Sasse pointed out that the previous terrorist attack against the World Trade Center, and the changes made in evacuation procedures afterwards, contributed to the lack of panic on 9/11. Bill Burns said that the purest form of panic is a drowning person. Jean Camp asked whether the recent attacks against women’s health providers should be classified as terrorism, or whether we are better off framing it as crime. There was also talk about sky marshals and their effectiveness. I said that it isn’t sky marshals that are a deterrent, but the idea of sky marshals. Terence Taylor said that increasing uncertainty on the part of the terrorists is, in itself, a security measure. There was also a discussion about how risk-averse terrorists are; they seem to want to believe they have an 80% or 90% change of success before they will launch an attack.

Next, lunch—and two final sessions this afternoon.

Adam Shostack’s liveblogging is here. Ross Anderson’s liveblogging is in his blog post’s comments. Matt Blaze’s audio is here.

Posted on June 12, 2009 at 12:01 PMView Comments

Fear of Aerial Images

Time for some more fear about terrorists using maps and images on the Internet.

But the more striking images come when Portzline clicks on the “bird’s-eye” option offered by the map service. The overhead views, which come chiefly from satellites, are replaced with strikingly clear oblique-angle photos, chiefly shot from aircraft. By clicking another button, he can see the same building from all four sides.

“What we’re seeing here is a guard shack,” Portzline said, pointing to a rooftop structure. “This is a communications device for the nuclear plant.”

He added, “This particular building is the air intake for the control room. And there’s some nasty thing you could do to disable the people in the control room. So this type of information should not be available. I look at this and just say, ‘Wow.’ ”

Terror expert and author Brian Jenkins agreed that the pictures are “extraordinarily impressive.”

“If I were a terrorist planning an attack, I would want that imagery. That would facilitate that mission,” he said. “And given the choice between renting an airplane or trying some other way to get it, versus tapping in some things on my computer, I certainly want to do the latter. (It will) reduce my risk, and the first they’re going to know about my attack is when it takes place.”

Gadzooks, people, enough with the movie plots.

Joel Anderson, a member of the California Assembly, has more expansive goals. He has introduced a bill in the state Legislature that would prohibit “virtual globe” services from providing unblurred pictures of schools, churches and government or medical facilities in California. It also would prohibit those services from providing street-view photos of those buildings.

“It struck me that a person in a tent halfway around the world could target an attack like that with a laptop computer,” said Anderson, a Republican legislator who represents San Diego’s East County. Anderson said he doesn’t want to limit technology, but added, “There’s got to be some common sense.”

I wonder why he thinks that “schools, churches and government or medical facilities” are terrorist targets worth protecting, and movie theaters, stadiums, concert halls, restaurants, train stations, shopping malls, Toys-R-Us stores on the day after Thanksgiving, train stations, and theme parks are not. After all, “there’s got to be some common sense.”

Now, both have launched efforts to try to get Internet map services to remove or blur images of sensitive sites, saying the same technology that allows people to see a neighbor’s swimming pool can be used by terrorists to chose targets and plan attacks.

Yes, and the same technology that allows people to call their friends can be used by terrorists to choose targets and plan attacks. And the same technology that allows people to commute to work can be used by terrorists to plan and execute attacks. And the same technology that allows you to read this blog post…repeat until tired.

Of course, this is nothing I haven’t said before:

Criminals have used telephones and mobile phones since they were invented. Drug smugglers use airplanes and boats, radios and satellite phones. Bank robbers have long used cars and motorcycles as getaway vehicles, and horses before then. I haven’t seen it talked about yet, but the Mumbai terrorists used boats as well. They also wore boots. They ate lunch at restaurants, drank bottled water, and breathed the air. Society survives all of this because the good uses of infrastructure far outweigh the bad uses, even though the good uses are—by and large—small and pedestrian and the bad uses are rare and spectacular. And while terrorism turns society’s very infrastructure against itself, we only harm ourselves by dismantling that infrastructure in response—just as we would if we banned cars because bank robbers used them too.

You’re not going to stop terrorism by deliberately degrading our infrastructure. Refuse to be terrorized, everyone.

Posted on June 8, 2009 at 6:15 AMView Comments

Holy Hand Grenade of Antioch Bomb Scare

You just can’t make this stuff up:

Buildings were evacuated, a street was cordoned off and a bomb disposal team called in after workmen spotted a suspicious object.

But the dangerous-looking weapon turned out to be the Holy Hand Grenade of Antioch, made famous in the 1975 film Monty Python And The Holy Grail.

[…]

They evacuated a pub and another building in Tabernacle Street, while office staff in another building were stopped from leaving.

But when the bomb squad arrived, they quickly established there was no danger and the street was declared safe. In the film, the grenade was used to slaughter a killer rabbit. …

Alberto Romanelli, who owns the Windmill pub nearby, said the police action in ordering his pub to be evacuated had been as ridiculous as the film scene. “They evacuated the pub while they were doing X-rays and stuff,” he said.

“It all lasted about 45 minutes before they decided it was nothing—which I thought was pretty obvious from the start. I lost a good hour’s worth of business.”

I used to catalog examples of the war on the unexpected, but stopped because they were just too many of them (see also here and here), but this one is just too funny to ignore.

EDITED TO ADD (3/20): Lest you think this is tabloid hyperbole, here’s the story in a more respectable newspaper.

Posted on March 20, 2009 at 3:10 PMView Comments

Helping the Terrorists

It regularly comes as a surprise to people that our own infrastructure can be used against us. And in the wake of terrorist attacks or plots, there are fear-induced calls to ban, disrupt or control that infrastructure. According to officials investigating the Mumbai attacks, the terrorists used images from Google Earth to help learn their way around. This isn’t the first time Google Earth has been charged with helping terrorists: in 2007, Google Earth images of British military bases were found in the homes of Iraqi insurgents. Incidents such as these have led many governments to demand that Google remove or blur images of sensitive locations: military bases, nuclear reactors, government buildings, and so on. An Indian court has been asked to ban Google Earth entirely.

This isn’t the only way our information technology helps terrorists. Last year, a US army intelligence report worried that terrorists could plan their attacks using Twitter, and there are unconfirmed reports that the Mumbai terrorists read the Twitter feeds about their attacks to get real-time information they could use. British intelligence is worried that terrorists might use voice over IP services such as Skype to communicate. Terrorists may train on Second Life and World of Warcraft. We already know they use websites to spread their message and possibly even to recruit.

Of course, all of this is exacerbated by open-wireless access, which has been repeatedly labelled a terrorist tool and which has been the object of attempted bans.

Mobile phone networks help terrorists, too. The Mumbai terrorists used them to communicate with each other. This has led some cities, including New York and London, to propose turning off mobile phone coverage in the event of a terrorist attack.

Let’s all stop and take a deep breath. By its very nature, communications infrastructure is general. It can be used to plan both legal and illegal activities, and it’s generally impossible to tell which is which. When I send and receive email, it looks exactly the same as a terrorist doing the same thing. To the mobile phone network, a call from one terrorist to another looks exactly the same as a mobile phone call from one victim to another. Any attempt to ban or limit infrastructure affects everybody. If India bans Google Earth, a future terrorist won’t be able to use it to plan; nor will anybody else. Open Wi-Fi networks are useful for many reasons, the large majority of them positive, and closing them down affects all those reasons. Terrorist attacks are very rare, and it is almost always a bad trade-off to deny society the benefits of a communications technology just because the bad guys might use it too.

Communications infrastructure is especially valuable during a terrorist attack. Twitter was the best way for people to get real-time information about the attacks in Mumbai. If the Indian government shut Twitter down – or London blocked mobile phone coverage – during a terrorist attack, the lack of communications for everyone, not just the terrorists, would increase the level of terror and could even increase the body count. Information lessens fear and makes people safer.

None of this is new. Criminals have used telephones and mobile phones since they were invented. Drug smugglers use airplanes and boats, radios and satellite phones. Bank robbers have long used cars and motorcycles as getaway vehicles, and horses before then. I haven’t seen it talked about yet, but the Mumbai terrorists used boats as well. They also wore boots. They ate lunch at restaurants, drank bottled water, and breathed the air. Society survives all of this because the good uses of infrastructure far outweigh the bad uses, even though the good uses are – by and large – small and pedestrian and the bad uses are rare and spectacular. And while terrorism turns society’s very infrastructure against itself, we only harm ourselves by dismantling that infrastructure in response – just as we would if we banned cars because bank robbers used them too.

This essay originally appeared in The Guardian.

EDITED TO ADD (1/29): Other ways we help the terrorists: we put computers in our libraries, we allow anonymous chat rooms, we permit commercial databases and we engage in biomedical research. Grocery stores, too, sell food to just anyone who walks in.

EDITED TO ADD (2/3): Washington DC wants to jam cell phones too.

EDITED TO ADD (2/9): Another thing that will help the terrorists: in-flight Internet.

Posted on January 29, 2009 at 6:00 AMView Comments

Allocating Resources: Financial Fraud vs. Terrorism

Interesting trade-off:

The FBI has been forced to transfer agents from its counter-terrorism divisions to work on Bernard Madoff’s alleged $50 billion fraud scheme as victims of the biggest scam in the world continue to emerge.

The Freakonomics blog discusses this:

This might lead you to ask an obvious counter-question: Has the anti-terror enforcement since 9/11 in the U.S. helped fuel the financial meltdown? That is, has the diversion of resources, personnel, and mindshare toward preventing future terrorist attacks—including, you’d have to say, the wars in Afghanistan and Iraq—contributed to a sloppy stewardship of the financial industry?

It quotes a New York Times article:

Federal officials are bringing far fewer prosecutions as a result of fraudulent stock schemes than they did eight years ago, according to new data, raising further questions about whether the Bush administration has been too lax in policing Wall Street.

Legal and financial experts say that a loosening of enforcement measures, cutbacks in staffing at the Securities and Exchange Commission, and a shift in resources toward terrorism at the F.B.I. have combined to make the federal government something of a paper tiger in investigating securities crimes.

We’ve seen this problem over and over again when it comes to counterterrorism: in an effort to defend against the rare threats, we make ourselves more vulnerable to the common threats.

Posted on January 9, 2009 at 6:54 AMView Comments

Registry of Cell Phone Owners

In Mexico:

Also Tuesday, the Senate voted to create a registry of cell phone owners to combat kidnappings and extortions in which gangs often use untraceable mobile phones to make ransom demands.

Telecoms would be required to ask purchasers of cell phones or phone memory chips for their names, addresses and fingerprints, and to turn that information over to investigators if requested.

At present, unregulated vendors sell phones and chips for cash from streetside stands. It is unclear how such vendors would be made to comply with the new law.

How easy is it to steal a cell phone? I’m generally not impressed with security measures, especially expensive ones, that merely result in the bad guys changing their tactics.

Posted on December 22, 2008 at 12:01 PMView Comments

"Nut Allergy" Fear and Overreaction

Good article:

Professor Nicolas Christakis, a professor of medical sociology at Harvard Medical School, told the BMJ there was “a gross over-reaction to the magnitude of the threat” posed by food allergies, and particularly nut allergies.

In the US, serious allergic reactions to foods cause just 2,000 of more than 30 million hospitalisations a year and comparatively few deaths—150 a year from all food allergies combined.

In the UK there are around 10 deaths each year from food allergies.

Professor Christakis said the issue was not whether nut allergies existed or whether they could occasionally be serious. Nor was the issue whether reasonable preventative steps should be made for the few children who had documented serious allergies, he argued.

“The issue is what accounts for the extreme responses to nut allergies.”

He said the number of US schools declaring themselves to be entirely “nut free”—banning staples like peanut butter, homemade baked goods and any foods without detailed ingredient labels—was rising, despite clear evidence that such restrictions were unnecessary.

“School entrances have signs admonishing visitors to wash their hands before entry to avoid [nut] contamination.”

He said these responses were extreme and had many of the hallmarks of mass psychogenic illness (MPI), previously known as epidemic hysteria.

Sound familiar?

Posted on December 19, 2008 at 6:56 AMView Comments

1 5 6 7 8 9 15

Sidebar photo of Bruce Schneier by Joe MacInnis.