Entries Tagged "security theater"

Page 11 of 20

New TSA ID Requirement

The TSA has a new photo ID requirement:

Beginning Saturday, June 21, 2008 passengers that willfully refuse to provide identification at security checkpoint will be denied access to the secure area of airports. This change will apply exclusively to individuals that simply refuse to provide any identification or assist transportation security officers in ascertaining their identity.

This new procedure will not affect passengers that may have misplaced, lost or otherwise do not have ID but are cooperative with officers. Cooperative passengers without ID may be subjected to additional screening protocols, including enhanced physical screening, enhanced carry-on and/or checked baggage screening, interviews with behavior detection or law enforcement officers and other measures.

That’s right; people who refuse to show ID on principle will not be allowed to fly, but people who claim to have lost their ID will. I feel well-protected against terrorists who can’t lie.

I don’t think any further proof is needed that the ID requirement has nothing to do with security, and everything to do with control.

EDITED TO ADD (6/11): Daniel Solove comments.

Posted on June 11, 2008 at 1:42 PMView Comments

More on Airplane Seat Cameras

I already blogged this once: an airplane-seat camera system that tries to detect terrorists before they leap up and do whatever they were planning on doing. Amazingly enough, the EU is “testing” this system:

Each camera tracks passengers’ facial expressions, with the footage then analysed by software to detect developing terrorist activity or potential air rage. Six wide-angle cameras are also positioned to monitor the plane’s aisles, presumably to catch anyone standing by the cockpit door with a suspiciously crusty bread roll.

But since people never sit still on planes, the software’s also designed so that footage from multiple cameras can be analysed. So, if one person continually walks from his seat to the bathroom, then several cameras can be used to track his facial movements.

The software watches for all sorts of other terrorist-like activities too, including running in the cabin, someone nervously touching their face or excessive sweating. An innocent nose scratch won’t see the F16s scrambled, but a combination of several threat indicators could trigger a red alert.

This pegs the stupid meter. All it will do is false alarm. No one has any idea what sorts of facial characteristics are unique to terrorists. And how in the world are they “testing” this system without any real terrorists? In any case, what happens when the alarm goes off? How exactly is a ten-second warning going to save people?

Sure, you can invent a terrorist tactic where a system like this, assuming it actually works, saves people—but that’s the very definition of a movie-plot threat. How about we spend this money on something that’s effective in more than just a few carefully chosen scenarios?

Posted on June 4, 2008 at 12:05 PMView Comments

The War on T-Shirts

London Heathrow security stopped someone from boarding a plane for wearing a Transformers T-shirt showing a cartoon gun.

It’s easy to laugh and move on. How stupid can these people be, we wonder. But there’s a more important security lesson here. Security screening is hard, and every false threat the screeners watch out for make it more likely that real threats slip through. At a party the other night, someone told me about the time he accidentally brought a large knife through airport security. The screener pulled his bag aside, searched it, and pulled out a water bottle.

It’s not just the water bottles and the t-shirts and the gun jewelry—this kind of thing actually makes us all less safe.

Posted on June 2, 2008 at 2:27 PMView Comments

Airlines Profiting from TSA Rules

From CNN:

Before 9/11, airlines and security personnel—and I use the term “security personnel” loosely—might have let a nickname or even a maiden name on a ticket slide. No longer. If you have the wrong name on your ticket, you’re probably grounded. And there are two reasons for this: security and greed.

The Transportation Security Administration wants to be sure the same person who bought the ticket, and who was screened, is boarding the plane. But when there’s an inexact match, the airline can either charge a $100 “change” fee or force you to buy a new ticket. In an industry where every dollar counts, the exact-name rule is the government’s gift to cash-starved air carriers.

That’s the situation Gordon was confronted with, even when it was obvious that “Jan” and “Janet” were one and the same. There were suggestions that a new ticket might need to be purchased. “We didn’t let it get to that,” he recalls. Instead, he asked to speak with a supervisor who could finally fix the codes so that the ticket and passport matched up. How did all of this happen in the first place? Turns out Jan Gordon had signed up for a frequent flier account under her informal name, so when she booked an award ticket, it also used her informal—and inaccurate—name.

There are two things to get pissed off about here. One, the airlines profiting off a TSA rule. And two, a TSA rule that requires them to ignore what is obvious.

EDITED TO ADD (5/28): To add some more detail here, the rule makes absolutely no sense. If this were sensible, the TSA employee who checks the ticket against the ID would make the determination if the names were the same. Instead, the passenger is forced to go back to the airline who, for a fee, changes the name on the ticket to match the ID. This latter system is no more secure. If anything, it’s less secure. But rules are rules, so it’s what has to happen.

Posted on May 20, 2008 at 6:51 AMView Comments

Sky Marshals on the No-Fly List

If this weren’t so sad, it would be funny:

The problem with federal air marshals (FAM) names matching those of suspected terrorists on the no-fly list has persisted for years, say air marshals familiar with the situation.

One air marshal said it has been “a major problem, where guys are denied boarding by the airline.”

“In some cases, planes have departed without any coverage because the airline employees were adamant they would not fly,” the air marshal said. “I’ve seen guys actually being denied boarding.”

A second air marshal says one agent “has been getting harassed for six years because his exact name is on the no-fly list.”

Another article.

Seriously—if these people can’t get their names off the list, what hope do the rest of us have? Not that the no-fly list has any real value, anyway.

Posted on May 2, 2008 at 7:14 AMView Comments

The Ineffectiveness of Security Cameras

Data from San Francisco:

Researchers examined data from the San Francisco Police Department detailing the 59,706 crimes committed within 1,000 feet of the camera locations between Jan. 1, 2005, and Jan. 28, 2008.

These were the total number of crimes for which police had reports—regardless of whether the crimes were caught on video. The idea was to look at whether criminals stopped committing crimes at those locations because they knew cameras were there.

Using a complicated method, researchers were able to come up with an average daily crime rate at each location broken out by type of crime and distance from the cameras. They then compared it with the average daily crime rate from the period before the cameras were installed.

They looked at seven types of crime: larcenies, burglaries, motor vehicle theft, assault, robbery, homicide and forcible sex offenses.

The only positive deterrent effect was the reduction of larcenies within 100 feet of the cameras. No other crimes were affected—except for homicides, which had an interesting pattern.

Murders went down within 250 feet of the cameras, but the reduction was completely offset by an increase 250 to 500 feet away, suggesting people moved down the block before killing each other.

The final report is expected to analyze the figures in more depth and to include other crimes, including prostitution and drug offenses.

This quote is instructive:

Mayor Gavin Newsom called the report “conclusively inconclusive” on Thursday but said he still wants to install more cameras around the city because they make residents feel safer.

That’s right: the cameras aren’t about security, they’re about security theater. More comments on the general issue here.

Posted on April 7, 2008 at 1:33 PMView Comments

German Minister's Fingerprint Published

This is 1) a good demonstration that a fingerprint is not a secret, and 2) a great political hack. Wolfgang Schauble, Germany’s interior minister, is a strong supporter of collecting biometric data on everyone as an antiterrorist measure. Because, um, because it sounds like a good idea.

Here’s the story directly from the Chaos Computer Club (in German), and its Engligh-language guide to lifting and using fingerprints. And me on biometrics from 10 years ago.

Posted on April 1, 2008 at 2:37 PMView Comments

Amtrak to Start Passenger Screening

Amtrak is going to start randomly screening passengers, in an effort to close the security-theater gap between trains and airplanes.

It’s kind of random:

The teams will show up unannounced at stations and set up baggage screening areas in front of boarding gates. Officers will randomly pull people out of line and wipe their bags with a special swab that is then put through a machine that detects explosives. If the machine detects anything, officers will open the bag for visual inspection.

Anybody who is selected for screening and refuses will not be allowed to board and their ticket will be refunded.

In addition to the screening, counterterrorism officers with bomb-sniffing dogs will patrol platforms and walk through trains, and sometimes will ride the trains, officials said.

This is the most telling comment:

“There is no new or different specific threat,” [Amtrak chief executive Alex] Kummant said. “This is just the correct step to take.”

Why is it the correct step to take? Because it makes him feel better. That’s the very definition of security theater.

Posted on February 22, 2008 at 12:17 PMView Comments

TSA Misses the Point, Again

They’re checking IDs more carefully, looking for forgeries:

Black lights will help screeners inspect the ID cards by illuminating holograms, typically of government seals, that are found in licenses and passports. Screeners also are getting magnifying glasses that highlight tiny inscriptions found in borders of passports and other IDs. About 2,100 of each are going to the nation’s 800 airport checkpoints.

The closer scrutiny of passenger IDs is the latest Transportation Security Administration effort to check passengers more thoroughly than simply having them walk through metal detectors.

[…]

More than 40 passengers have been arrested since June in cases when TSA screeners spotted altered passports, fraudulent visas and resident ID cards, and forged driver’s licenses. Many of them were arrested on immigration charges.

ID checks have nothing to do with airport security. And even if they did, anyone can fly on a fake ID. And enforcing immigration laws is not what the TSA does.

In related news, look at this page from the TSA’s website:

We screen every passenger; we screen every bag so that your memories are from where you went, not how you got there. We’re here to help your travel plans be smooth and stress free. Please take a moment to become familiar with some of our security measures. Doing so now will help save you time once you arrive at the airport.

I know they don’t mean it that way, but doesn’t it sound like it’s saying “We know it doesn’t help, but it might make you feel better”?

And why is this even news?

So Jason—looking every bit the middle-aged man on an uneventful trip to anywhere—shows a boarding pass and an ID to a TSA document checker, and he is directed to a checkpoint where, unbeknown to the security officer on site, the real test begins.

He gets through, which in real life would mean a terrorist was headed toward a plane with a bomb.

To be clear, the TSA allowed CNN to see and record this test, and the agency is not concerned with CNN showing it. The TSA says techniques such as the one used in Tampa are known to terrorists and openly discussed on known terror Web sites.

Also relevant: “Confessions of a TSA Agent“:

The traveling public has no idea that the changes the TSA makes come as orders sent down directly from Washington D.C. Those orders may have reasons, but we little screeners at a screening checkpoint will never be told what the background might be. We get told to do something, and just as in the military, we are expected to make it happen—no ifs, ands or buts about it. Perhaps the changes are as a result of some event occurring in the nation or the world, perhaps it’s based on some newly received information or interrogation. What the traveling public needs to understand the necessity for flexibility. If a passenger asks us why we’re doing something, in all likelihood we couldn’t tell them even if we really did know the answer. This is a business of sensitive information that is used to make choices that can have life changing effects if the information is divulged to the wrong person(s). Just trust that we must know something that prompts us to be doing something.

I have no idea why Kip Hawley is surprised that the TSA is as unpopular with Americans as the IRS.

EDITED TO ADD (1/30): The TSA has a blog, and Kip Hawley wrote the first post. This could be interesting….

EDITED TO ADD (1/31): There is some speculation that the “Confessions of a TSA Agent” is a hoax. I don’t know.

EDITED TO ADD (2/4): More on the TSA blog.

Posted on January 29, 2008 at 3:13 PMView Comments

Security vs. Privacy

If there’s a debate that sums up post-9/11 politics, it’s security versus privacy. Which is more important? How much privacy are you willing to give up for security? Can we even afford privacy in this age of insecurity? Security versus privacy: It’s the battle of the century, or at least its first decade.

In a Jan. 21 New Yorker article, Director of National Intelligence Michael McConnell discusses a proposed plan to monitor all—that’s right, all—internet communications for security purposes, an idea so extreme that the word “Orwellian” feels too mild.

The article (now online here) contains this passage:

In order for cyberspace to be policed, internet activity will have to be closely monitored. Ed Giorgio, who is working with McConnell on the plan, said that would mean giving the government the authority to examine the content of any e-mail, file transfer or Web search. “Google has records that could help in a cyber-investigation,” he said. Giorgio warned me, “We have a saying in this business: ‘Privacy and security are a zero-sum game.'”

I’m sure they have that saying in their business. And it’s precisely why, when people in their business are in charge of government, it becomes a police state. If privacy and security really were a zero-sum game, we would have seen mass immigration into the former East Germany and modern-day China. While it’s true that police states like those have less street crime, no one argues that their citizens are fundamentally more secure.

We’ve been told we have to trade off security and privacy so often—in debates on security versus privacy, writing contests, polls, reasoned essays and political rhetoric—that most of us don’t even question the fundamental dichotomy.

But it’s a false one.

Security and privacy are not opposite ends of a seesaw; you don’t have to accept less of one to get more of the other. Think of a door lock, a burglar alarm and a tall fence. Think of guns, anti-counterfeiting measures on currency and that dumb liquid ban at airports. Security affects privacy only when it’s based on identity, and there are limitations to that sort of approach.

Since 9/11, approximately three things have potentially improved airline security: reinforcing the cockpit doors, passengers realizing they have to fight back and—possibly—sky marshals. Everything else—all the security measures that affect privacy—is just security theater and a waste of effort.

By the same token, many of the anti-privacy “security” measures we’re seeing—national ID cards, warrantless eavesdropping, massive data mining and so on—do little to improve, and in some cases harm, security. And government claims of their success are either wrong, or against fake threats.

The debate isn’t security versus privacy. It’s liberty versus control.

You can see it in comments by government officials: “Privacy no longer can mean anonymity,” says Donald Kerr, principal deputy director of national intelligence. “Instead, it should mean that government and businesses properly safeguard people’s private communications and financial information.” Did you catch that? You’re expected to give up control of your privacy to others, who—presumably—get to decide how much of it you deserve. That’s what loss of liberty looks like.

It should be no surprise that people choose security over privacy: 51 to 29 percent in a recent poll. Even if you don’t subscribe to Maslow’s hierarchy of needs, it’s obvious that security is more important. Security is vital to survival, not just of people but of every living thing. Privacy is unique to humans, but it’s a social need. It’s vital to personal dignity, to family life, to society—to what makes us uniquely human—but not to survival.

If you set up the false dichotomy, of course people will choose security over privacy—especially if you scare them first. But it’s still a false dichotomy. There is no security without privacy. And liberty requires both security and privacy. The famous quote attributed to Benjamin Franklin reads: “Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.” It’s also true that those who would give up privacy for security are likely to end up with neither.

This essay originally appeared on Wired.com.

Posted on January 29, 2008 at 5:21 AMView Comments

1 9 10 11 12 13 20

Sidebar photo of Bruce Schneier by Joe MacInnis.