Entries Tagged "sensors"
Page 8 of 13
Detecting Nuclear Weapons Using the Cell Phone Network
Okay, this is clever:
Such a system could blanket the nation with millions of cell phones equipped with radiation sensors able to detect even light residues of radioactive material. Because cell phones already contain global positioning locators, the network of phones would serve as a tracking system, said physics professor Ephraim Fischbach. Fischbach is working with Jere Jenkins, director of Purdue’s radiation laboratories within the School of Nuclear Engineering.
[…]
Tiny solid-state radiation sensors are commercially available. The detection system would require additional circuitry and would not add significant bulk to portable electronic products, Fischbach said.
I’m not convinced it’s a good idea to deploy such a system, but I like the idea of piggy-backing a nationwide sensor network on top of our already existing cell phone infrastructure.
Locked Call Boxes and Banned Geiger Counters
Fire Engineering magazine points out that fire alarms used to be kept locked to prevent false alarms:
Q: Prior to 1870, street corner fire alarm pull boxes were kept locked. Why were they kept locked and how did a person gain access to ‘pull the box?’
A: They were kept locked due to false alarms. Nearby shopkeepers or beat cops carried the keys.
According to Robert Cromie in The Great Chicago Fire (Thomas Nelson: 1994, p. 33), this may have been one reason for the slow response to the fire:
William Lee, the O’Leary’s neighbor, rushed into Goll’s drugstore, and gasped out a request for the key to the alarm box. The new boxes were attached to the walls of stores or other convenient locations. To prevent false alarms and crank calls, the boxes were locked, and the keys given to trustworthy citizens nearby.
What happened when Lee made his request is not clear. Only one fact emerges from the confusion: No alarm was registered from any box in the vicinity of the fire until it was too late to do any good.
Apparently, Lee said that Goll refused to give him the key because he’d already seen a fire engine go past; Goll said he actually did pull the alarm, twice, but if so it must not have worked.
(There’s more about what sounds like a really bad communications failure, but it’s a little too hard for me to read on the Amazon website.)
But did you know that the fire burned for over half an hour before an alarm was ever sounded? Alarm boxes were actually kept locked in those days, to prevent false alarms!
When the first alarm box was finally opened and the lever pulled, the alarm somehow did not get through. The fire dispatcher was playing a guitar for a couple of girls at the time and he kept on serenely strumming, completely unawares. After the fire had been growing and blazing for nearly an hour a watchman screamed at the dispatcher to sound an alarm, which he did, and the first three engines, two hose wagons, and two hook and ladders were sent out—but in the wrong direction!
At first the dispatcher refused to sound another alarm, hoping to avoid further confusion.
Compare this with a proposed law in New York City that will require people to get a license before they can buy chemical, biological, or radiological attack detectors:
The legislation—which was proposed by the Bloomberg administration and would be the first of its kind in the nation—would empower the police commissioner to decide whether to grant a free five-year permit to individuals and companies seeking to “possess or deploy such detectors.” Common smoke alarms and carbon monoxide detectors would not be covered by the law, the Police Department said. Violations of the law would be considered a misdemeanor.
Why does the administration think such a law is necessary? Richard A. Falkenrath, the Police Department’s deputy commissioner for counterterrorism, told the Council’s Public Safety Committee at a hearing today, “Our mutual goal is to prevent false alarms and unnecessary public concern by making sure that we know where these detectors are located and that they conform to standards of quality and reliability.”
The law would also require anyone using such a detector—regardless of whether they have obtained the required permit—to notify the Police Department if the detector alerted them to a biological, chemical or radiological agent. “In this way, emergency response personnel will be able to assess threats and take appropriate action based on the maximum information available,” Dr. Falkenrath said.
False positives are a problem with any detection system, and certainly putting Geiger counters in the hands of everyone will mean a lot of amateurs calling false alarms into the police. But the way to handle that isn’t to ban Geiger counters. (Just as the way to deal with false fire alarms 100 years ago wasn’t to lock the alarm boxes.) The way to deal with it is by 1) putting a system in place to quickly separate the real alarms from the false alarms, and 2) prosecuting those who maliciously sound false alarms.
We don’t want to encourage people to report everything; that’s too many false alarms. Nor do we want to discourage them from reporting things they feel are serious. In the end, it’s the job of the police to figure out what’s what. I said this in an essay last year:
…these incidents only reinforce the need to realistically assess, not automatically escalate, citizen tips. In criminal matters, law enforcement is experienced in separating legitimate tips from unsubstantiated fears, and allocating resources accordingly; we should expect no less from them when it comes to terrorism.
EDITED TO ADD (1/18): Two commenters pointed to a 1938 invention: an alarm box that locks up your arm until the fire department sets you free. Yikes.
Defeating the Shoe Scanning Machine at Heathrow Airport
For a while now, Heathrow Airport has had a unique setup for scanning shoes. Instead of taking your shoes off during the normal screening process, as you do in U.S. airports, you go through the metal detector with your shoes on. Then, later, there is a special shoe scanning X-ray machine. You take your shoes off, send them through the machine, and put them on at the other end.
It’s definitely faster, but it’s an easy system to defeat. The vulnerability is that no one verifies that the shoes you walked through the metal detector with are the same shoes you put on the scanning machine.
Here’s how the attack works. Assume that you have two pairs of shoes: a clean pair that passes all levels of screening, and a dangerous pair that doesn’t. (Ignore for a moment the ridiculousness of screening shoes in the first place, and assume that an X-ray machine can detect the dangerous pair.) Put the dangerous shoes on your feet and the clean shoes in your carry-on bag. Walk through the metal detector. Then, at the shoe X-ray machine, take the dangerous shoes off and put them in your bag, and take the clean shoes out of your bag and place them on the X-ray machine. You’ve now managed to get through security without having your shoes screened.
This works because the two security systems are decoupled. And the shoe screening machine is so crowded and chaotic, and so poorly manned, that no one notices the switch.
U.S. airports force people to put their shoes through the X-ray machine and walk through the metal detector shoeless, ensuring that all shoes get screened. That might be slower, but it works.
EDITED TO ADD (12/14): Heathrow Terminal 3, that is. The system wasn’t in place in Terminal 4, and I don’t know about Terminals 1 and 2.
Shoe Scanners at the Orlando Airport
I flew through Orlando today, and saw an automatic shoe-scanner in the lane for Clear passengers.
Poking around on the TSA website, I found this undated page. It seems they didn’t pass the TSA tests, and will be discontinued:
The shoe scanning feature on the machine presented for testing on August 20 does not meet minimum detection standards. While significant improvements were made, (in fact a new machine was submitted) the shoe scanner still does not meet standards to ensure detection of explosives.
GE’s been apprised of these results and TSA and GE have agreed to continue working together. TSA and its partners at the laboratory stand ready to further test the GE shoe scanner feature upon completion of additional detection capability enhancements to meet the agreed upon security requirements.
The machine currently in use in Orlando does not meet minimum detection standards and several additional security measures are required by TSA to mitigate the shortfalls of the shoe scanner feature. Accordingly, the prototype shoe scanner used in Orlando will be discontinued, effective October 10. It had been hoped that an acceptable scanner would be available, but given that the lab prototype does not meet all standards, TSA will not authorize the shoe scanner feature for security purposes in any of the airports where it is currently deployed and awaiting use. The GE Kiosks may be used to read biometric cards associated with the Registered Traveler program but will not provide a security benefit.
The Technology of Homeland Security
Reuters has an article on future security technologies. I’ve already talked about automatic license-plate-capture cameras and aerial surveillance (drones and satellites), but there’s some new stuff:
Resembling the seed of a silver maple tree, the single-winged device would pack a tiny two-stage rocket thruster along with telemetry, communications, navigation, imaging sensors and a power source.
The nano air vehicle, or NAV, is designed to carry interchangeable payload modules—the size of an aspirin tablet. It could be used for chemical and biological detection or finding a “needle in a haystack,” according to Ned Allen, chief scientist at Lockheed’s fabled Skunk Works research arm.
Released in organized swarms to fly low over a disaster area, the NAV sensors could detect human body heat and signs of breathing, Allen said.
And this:
Airport screening is another area that could be transformed within 10 years, using scanning wizardry to pinpoint a suspected security threat through biometrics—based on one or more physical or behavioral traits.
“We can read fingerprints from about five meters…all 10 prints,” said Bruce Walker, vice president of homeland security for Northrop Grumman Corp (NOC.N). “We can also do an iris scan at the same distance.”
For a while I’ve been saying that this whole national ID debate will be irrelevant soon. In the future you won’t have to show ID; they’ll already know who you are.
Thieves Steal Drug-Sniffing Dog
Okay; this is clever:
Rex IV, a highly trained Belgian Malinois sheepdog with a string of drug hauls behind him, was checked on to a flight from Mexico City this week with seven other police dogs bound for an operation in the northern state of Sinaloa.
But when the dogs arrived at Mazatlan airport, Sinaloa, their police handlers discovered a small black mongrel puppy inside Rex IV’s cage, with the sniffer dog nowhere to be seen.
Whatever drug lord ordered that hit probably saved himself a whole lot of grief.
EDITED TO ADD (8/29): The dog was found in a park:
Working on a tip, federal police found Rex IV—a highly trained Belgian Malinois sheepdog with a string of drug hauls to its name—tied to a tree in a park in the gritty Iztapalapa neighborhood, a Public Security Ministry spokesman said.
“When they realized the police were onto them, they abandoned him in a park,” the spokesman told Reuters, adding that the dog’s identity was confirmed by scanning an embedded electronic chip.
Why didn’t they just slit the dog’s throat? I take it back: not so clever.
Gun-Shaped Laptop Battery
Seems like bad design:
My laptop bag has scared TSA security personnel at several airports recently, requiring manual bag inspections each time. And when it happened again this week I finally figured out what it is that was freaking them out when the bag went through the x-ray machine—it’s the spare laptop battery I always carry. This would never be an issue if the battery were inside the laptop, but the spare battery (depending on how it is laying in the back) can catch attention. But, TSA issues aside, look at the shape of the battery. You just have to wonder—what on earth was IBM thinking?
The answer, of course, is obvious: it never occured to them.
Conversation with Kip Hawley, TSA Administrator (Part 2)
This is Part 2 of a five-part series. Link to whole thing.
BS: I hope you’re telling the truth; screening is a difficult problem, and it’s hard to discount all of those published tests and reports. But a lot of the security around these checkpoints is about perception—we want potential terrorists to think there’s a significant chance they won’t get through the checkpoints—so you’re better off maintaining that the screeners are better than reports indicate, even if they’re not.
Backscatter X-ray is another technology that is causing privacy concerns, since it basically allows you to see people naked. Can you explain the benefits of the technology, and what you are doing to protect privacy? Although the machines can distort the images, we know that they can store raw, unfiltered images; the manufacturer Rapiscan is quite proud of the fact. Are the machines you’re using routinely storing images? Can they store images at the screener’s discretion, or is that capability turned off at installation?
KH: We’re still evaluating backscatter and are in the process of running millimeter wave portals right alongside backscatter to compare their effectiveness and the privacy issues. We do not now store images for the test phase (function disabled), and although we haven’t officially resolved the issue, I fully understand the privacy argument and don’t assume that we will store them if and when they’re widely deployed.
BS: When can we keep our shoes on?
KH: Any time after you clear security. Sorry, Bruce, I don’t like it either, but this is not just something leftover from 2002. It is a real, current concern. We’re looking at shoe scanners and ways of using millimeter wave and/or backscatter to get there, but until the technology catches up to the risk, the shoes have to go in the bin.
BS: This feels so much like “cover your ass” security: you’re screening our shoes because everyone knows Richard Reid hid explosives in them, and you’ll be raked over the coals if that particular plot ever happens again. But there are literally thousands of possible plots.
So when does it end? The terrorists invented a particular tactic, and you’re defending against it. But you’re playing a game you can’t win. You ban guns and bombs, so the terrorists use box cutters. You ban small blades and knitting needles, and they hide explosives in their shoes. You screen shoes, so they invent a liquid explosive. You restrict liquids, and they’re going to do something else. The terrorists are going to look at what you’re confiscating, and they’re going to design a plot to bypass your security.
That’s the real lesson of the liquid bombers. Assuming you’re right and the explosive was real, it was an explosive that none of the security measures at the time would have detected. So why play this slow game of whittling down what people can bring onto airplanes? When do you say: “Enough. It’s not about the details of the tactic; it’s about the broad threat”?
KH: In late 2005, I made a big deal about focusing on Improvised Explosives Devices (IEDs) and not chasing all the things that could be used as weapons. Until the liquids plot this summer, we were defending our decision to let scissors and small tools back on planes and trying to add layers like behavior detection and document checking, so it is ironic that you ask this question—I am in vehement agreement with your premise. We’d rather focus on things that can do catastrophic harm (bombs!) and add layers to get people with hostile intent to highlight themselves. We have a responsibility, though, to address known continued active attack methods like shoes and liquids and, unfortunately, have to use our somewhat clunky process for now.
BS: You don’t have a responsibility to screen shoes; you have one to protect air travel from terrorism to the best of your ability. You’re picking and choosing. We know the Chechnyan terrorists who downed two Russian planes in 2004 got through security partly because different people carried the explosive and the detonator. Why doesn’t this count as a continued, active attack method?
I don’t want to even think about how much C4 I can strap to my legs and walk through your magnetometers. Or search the Internet for “BeerBelly.” It’s a device you can strap to your chest to smuggle beer into stadiums, but you can also use it smuggle 40 ounces of dangerous liquid explosive onto planes. The magnetometer won’t detect it. Your secondary screening wandings won’t detect it. Why aren’t you making us all take our shirts off? Will you have to find a printout of the webpage in some terrorist safe house? Or will someone actually have to try it? If that doesn’t bother you, search the Internet for “cell phone gun.”
It’s “cover your ass” security. If someone tries to blow up a plane with a shoe or a liquid, you’ll take a lot of blame for not catching it. But if someone uses any of these other, equally known, attack methods, you’ll be blamed less because they’re less public.
KH: Dead wrong! Our security strategy assumes an adaptive terrorist, and that looking backwards is not a reliable predictor of the next type of attack. Yes, we screen for shoe bombs and liquids, because it would be stupid not to directly address attack methods that we believe to be active. Overall, we are getting away from trying to predict what the object looks like and looking more for the other markers of a terrorist. (Don’t forget, we see two million people a day, so we know what normal looks like.) What he/she does; the way they behave. That way we don’t put all our eggs in the basket of catching them in the act. We can’t give them free rein to surveil or do dry-runs; we need to put up obstacles for them at every turn. Working backwards, what do you need to do to be successful in an attack? Find the decision points that show the difference between normal action and action needed for an attack. Our odds are better with this approach than by trying to take away methods, annoying object by annoying object. Bruce, as for blame, that’s nothing compared to what all of us would carry inside if we failed to prevent an attack.
Part 3: The no-fly list
Sidebar photo of Bruce Schneier by Joe MacInnis.