Entries Tagged "TSA"

Page 30 of 31

Failures of Airport Screening

According to the AP:

Security at American airports is no better under federal control than it was before the Sept. 11 attacks, a congressman says two government reports will conclude.

The Government Accountability Office, the investigative arm of Congress, and the Homeland Security Department’s inspector general are expected to release their findings soon on the performance of Transportation Security Administration screeners.

This finding will not surprise anyone who has flown recently. How does anyone expect competent security from screeners who don’t know the difference between books and books of matches? Only two books of matches are now allowed on flights; you can take as many reading books as you can carry.

The solution isn’t to privatize the screeners, just as the solution in 2001 wasn’t to make them federal employees. It’s a much more complex problem.

I wrote about it in Beyond Fear (pages 153-4):

No matter how much training they get, airport screeners routinely miss guns and knives packed in carry-on luggage. In part, that’s the result of human beings having developed the evolutionary survival skill of pattern matching: the ability to pick out patterns from masses of random visual data. Is that a ripe fruit on that tree? Is that a lion stalking quietly through the grass? We are so good at this that we see patterns in anything, even if they’re not really there: faces in inkblots, images in clouds, and trends in graphs of random data. Generating false positives helped us stay alive; maybe that wasn’t a lion that your ancestor saw, but it was better to be safe than sorry. Unfortunately, that survival skill also has a failure mode. As talented as we are at detecting patterns in random data, we are equally terrible at detecting exceptions in uniform data. The quality-control inspector at Spacely Sprockets, staring at a production line filled with identical sprockets looking for the one that is different, can’t do it. The brain quickly concludes that all the sprockets are the same, so there’s no point paying attention. Each new sprocket confirms the pattern. By the time an anomalous sprocket rolls off the assembly line, the brain simply doesn’t notice it. This psychological problem has been identified in inspectors of all kinds; people can’t remain alert to rare events, so they slip by.

The tendency for humans to view similar items as identical makes it clear why airport X-ray screening is so difficult. Weapons in baggage are rare, and the people studying the X-rays simply lose the ability to see the gun or knife. (And, at least before 9/11, there was enormous pressure to keep the lines moving rather than double-check bags.) Steps have been put in place to try to deal with this problem: requiring the X-ray screeners to take frequent breaks, artificially imposing the image of a weapon onto a normal bag in the screening system as a test, slipping a bag with a weapon into the system so that screeners learn it can happen and must expect it. Unfortunately, the results have not been very good.

This is an area where the eventual solution will be a combination of machine and human intelligence. Machines excel at detecting exceptions in uniform data, so it makes sense to have them do the boring repetitive tasks, eliminating many, many bags while having a human sort out the final details. Think about the sprocket quality-control inspector: If he sees 10,000 negatives, he’s going to stop seeing the positives. But if an automatic system shows him only 100 negatives for every positive, there’s a greater chance he’ll see them.

Paying the screeners more will attract a smarter class of worker, but it won’t solve the problem.

Posted on April 19, 2005 at 9:22 AMView Comments

GAO's Report on Secure Flight

Sunday I blogged about Transportation Security Administration’s Secure Flight program, and said that the Government Accountability Office will be issuing a report this week.

Here it is.

The AP says:

The government’s latest computerized airline passenger screening program doesn’t adequately protect travelers’ privacy, according to a congressional report that could further delay a project considered a priority after the Sept. 11 attacks.

Congress last year passed a law that said the Transportation Security Administration could spend no money to implement the program, called Secure Flight, until the Government Accountability Office reported that it met 10 conditions. Those include privacy protections, accuracy of data, oversight, cost and safeguards to ensure the system won’t be abused or accessed by unauthorized people.

The GAO found nine of the 10 conditions hadn’t yet been met and questioned whether Secure Flight would ultimately work.

Some tidbits:

  • TSA plans to include the capability for criminal checks within Secure Flight (p. 12).
  • The timetable has slipped by four months (p. 17).
  • TSA might not be able to get personally identifiable passenger data in PNRs because of costs to the industry and lack of money (p.18).
  • TSA plans to have intelligence analysts staffed within TSA to identify false positives (p.33).
  • The DHS Investment Review Board has withheld approval from the “Transportation Vetting Platform” (p.39).
  • TSA doesn’t know how much the program will cost (p.51).
  • Final privacy rule to be issued in April (p. 56).

Any of you who read the report, please post other interesting tidbits as comments.

As you all probably know, I am a member of a working group to help evaluate the privacy of Secure Flight. While I believe that a program to match airline passengers against terrorist watch lists is a colossal waste of money that isn’t going to make us any safer, I said “…assuming that we need to implement a program of matching airline passengers with names on terrorism watch lists, Secure Flight is a major improvement—in almost every way—over what is currently in place.” I still believe that, but unfortunately I am prohibited by NDA from describing the improvements. I wish someone at TSA would get himself in front of reporters and do so.

Posted on March 28, 2005 at 7:03 PMView Comments

TSA Lied About Protecting Passenger Data

According to the AP:

The Transportation Security Administration misled the public about its role in obtaining personal information about 12 million airline passengers to test a new computerized system that screens for terrorists, according to a government investigation.

The report, released Friday by Homeland Security Department Acting Inspector General Richard Skinner, said the agency misinformed individuals, the press and Congress in 2003 and 2004. It stopped short of saying TSA lied.

I’ll say it: the TSA lied.

Here’s the report. It’s worth reading. And when you read it, keep in mind that it’s written by the DHS’s own Inspector General. I presume a more independent investigator would be even more severe. Not that the report isn’t severe, mind you.

Another AP article has more details:

The report cites several occasions where TSA officials made inaccurate statements about passenger data:

  • In September 2003, the agency’s Freedom of Information Act staff received hundreds of requests from Jet Blue passengers asking if the TSA had their records. After a cursory search, the FOIA staff posted a notice on the TSA Web site that it had no JetBlue passenger data. Though the FOIA staff found JetBlue passenger records in TSA’s possession in May, the notice stayed on the Web site for more than a year.
  • In November 2003, TSA chief James Loy incorrectly told the Governmental Affairs Committee that certain kinds of passenger data were not being used to test passenger prescreening.
  • In September 2003, a technology magazine reporter asked a TSA spokesman whether real data were used to test the passenger prescreening system. The spokesman said only fake data were used; the responses “were not accurate,” the report said.

There’s much more. The report reveals that TSA ordered Delta Air Lines to turn over passenger data in February 2002 to help the Secret Service determine whether terrorists or their associates were traveling in the vicinity of the Salt Lake City Olympics.

It also reveals that TSA used passenger data from JetBlue in the spring of 2003 to figure out how to change the number of people who would be selected for more screening under the existing system.

The report says that one of the TSA’s contractors working on passenger prescreening, Lockheed Martin, used a data sample from ChoicePoint.

The report also details how outside contractors used the data for their own purposes. And that “the agency neglected to inquire whether airline passenger data used by the vendors had been returned or destroyed.” And that “TSA did not consistently apply privacy protections in the course of its involvement in airline passenger data transfers.”

This is major stuff. It shows that the TSA lied to the public about its use of personal data again and again and again.

Right now the TSA is in a bit of a bind. It is prohibited by Congress from fielding Secure Flight until it meets a series of criteria. The Government Accountability Office is expected to release a report this week that details how the TSA has not met these criteria.

I’m not sure the TSA cares. It’s already announced plans to roll out Secure Flight.

With little fanfare, the Transportation Security Administration late last month announced plans to roll out in August its highly contentious Secure Flight program. Considered by some travel industry experts a foray into operational testing, rather than a viable implementation, the program will begin, in limited release, with two airlines not yet named by TSA.

My own opinions of Secure Flight are well-known. I am participating in a Working Group to help evaluate the privacy of Secure Flight. (I’ve blogged about it here and here.) We’ve met three times, and it’s unclear if we’ll ever meet again or if we’ll ever produce the report we’re supposed to. Near as I can tell, it’s all a big mess right now.

Edited to add: The GAO report is online (PDF format).

Posted on March 27, 2005 at 12:34 PMView Comments

The Silliness of Secrecy

This is a great article on some of the ridiculous effects of government secrecy. (Unfortunately, you have to register to read it.)

Ever since Sept. 11, 2001, the federal government has advised airplane pilots against flying near 100 nuclear power plants around the country or they will be forced down by fighter jets. But pilots say there’s a hitch in the instructions: aviation security officials refuse to disclose the precise location of the plants because they
consider that “SSI”—Sensitive Security Information.

“The message is; ‘please don’t fly there, but we can’t tell you where there is,'” says Melissa Rudinger of the Aircraft Owners and Pilots Association, a trade group representing 60% of American pilots.

Determined to find a way out of the Catch-22, the pilots’ group sat down with a commercial mapping company, and in a matter of days plotted the exact geographical locations of the plants from data found on the Internet and in libraries. It made the information available to its 400,000 members on its Web site—until officials from the Transportation Security Administration asked them to take the information down. “Their concern was that [terrorists] mining the Internet could use it,” Ms. Rudinger says.

And:

For example, when a top Federal Aviation Administration official testified last year before the 9/11 commission, his remarks were
broadcast live nationally. But when the administration included a transcript in a recent report on threats to commercial airliners, the testimony was heavily edited. “How do you redact something that
is part of the public record?” asked Rep. Carolyn Maloney, (D., N.Y.) at a recent hearing on the problems of government
overclassification. Among the specific words blacked out were the seemingly innocuous phrase: “we are hearing this, this, this, this
and this.”

Government officials could not explain why the words were withheld, other than to note that they were designated SSI.

Posted on March 24, 2005 at 9:48 AMView Comments

Banning Matches and Lighters on Airplanes

According to the Washington Post:

When Congress voted last year to prohibit passengers from bringing lighters and matches aboard commercial airplanes, it sounded like a reasonable idea for improving airline security.

But as airports and government leaders began discussing how to create flame-free airport terminals, the task became more complicated. Would newsstands and other small airport stores located beyond the security checkpoint have to stop selling lighters? Would airports have to ban smoking and close smoking lounges? How would security screeners detect matches in passengers’ pockets or carry-on bags when they don’t contain metal to set off the magnetometers? And what about arriving international travelers, who might have matches and lighters with them as they walk through the terminal?

It’s the silly security season out there. Given all of the things to spend money on to improve security, how this got to the top of anyone’s list is beyond me.

Posted on March 4, 2005 at 3:00 PMView Comments

Sneaking Items Aboard Aircraft

A Pennsylvania Supreme Court Justice faces a fine—although no criminal charges at the moment—for trying to sneak a knife aboard an aircraft.

Saylor, 58, and his wife entered a security checkpoint Feb. 4 on a trip to Philadelphia when screeners found a small Swiss Army-style knife attached to his key chain.

A police report said he was told the item could not be carried onto a plane and that he needed to place the knife into checked luggage or make other arrangements.

When Saylor returned a short time later to be screened a second time, an X-ray machine detected a knife inside his carry-on luggage, police said.

There are two points worth making here. One: ridiculous rules have a way of turning people into criminals. And two: this is an example of a security failure, not a security success.

Security systems fail in one of two ways. They can fail to stop the bad guy, and they can mistakenly stop the good guy. The TSA likes to measure its success by looking at the forbidden items they have prevented from being carried onto aircraft, but that’s wrong. Every time the TSA takes a pocketknife from an innocent person, that’s a security failure. It’s a false alarm. The system has prevented access where no prevention was required. This, coupled with the widespread belief that the bad guys will find a way around the system, demonstrates what a colossal waste of money it is.

Posted on February 28, 2005 at 8:00 AMView Comments

Airport Screeners Cheat to Pass Tests

According to the San Franciso Chronicle:

The private firm in charge of security at San Francisco International Airport cheated to pass tests aimed at ensuring it could stop terrorists from smuggling weapons onto flights, a former employee contends.

All security systems require trusted people: people that must be trusted in order for the security to work. If the trusted people turn out not to be trustworthy, security fails.

Posted on February 24, 2005 at 8:00 AMView Comments

TSA's Secure Flight

As I wrote previously, I am participating in a working group to study the security and privacy of Secure Flight, the U.S. government’s program to match airline passengers with a terrorist watch list. In the end, I signed the NDA allowing me access to SSI (Sensitive Security Information) documents, but managed to avoid filling out the paperwork for a SECRET security clearance.

Last week the group had its second meeting.

So far, I have four general conclusions. One, assuming that we need to implement a program of matching airline passengers with names on terrorism watch lists, Secure Flight is a major improvement—in almost every way—over what is currently in place. (And by this I mean the matching program, not any potential uses of commercial or other third-party data.)

Two, the security system surrounding Secure Flight is riddled with security holes. There are security problems with false IDs, ID verification, the ability to fly on someone else’s ticket, airline procedures, etc.

Three, the urge to use this system for other things will be irresistible. It’s just too easy to say: “As long as you’ve got this system that watches out for terrorists, how about also looking for this list of drug dealers…and by the way, we’ve got the Super Bowl to worry about too.” Once Secure Flight gets built, all it’ll take is a new law and we’ll have a nationwide security checkpoint system.

And four, a program of matching airline passengers with names on terrorism watch lists is not making us appreciably safer, and is a lousy way to spend our security dollars.

Unfortunately, Congress has mandated that Secure Flight be implemented, so it is unlikely that the program will be killed. And analyzing the effectiveness of the program in general, potential mission creep, and whether the general idea is a worthwhile one, is beyond the scope of our little group. In other words, my first conclusion is basically all that they’re interested in hearing.

But that means I can write about everything else.

To speak to my fourth conclusion: Imagine for a minute that Secure Flight is perfect. That is, we can ensure that no one can fly under a false identity, that the watch lists have perfect identity information, and that Secure Flight can perfectly determine if a passenger is on the watch list: no false positives and no false negatives. Even if we could do all that, Secure Flight wouldn’t be worth it.

Secure Flight is a passive system. It waits for the bad guys to buy an airplane ticket and try to board. If the bad guys don’t fly, it’s a waste of money. If the bad guys try to blow up shopping malls instead of airplanes, it’s a waste of money.

If I had some millions of dollars to spend on terrorism security, and I had a watch list of potential terrorists, I would spend that money investigating those people. I would try to determine whether or not they were a terrorism threat before they got to the airport, or even if they had no intention of visiting an airport. I would try to prevent their plot regardless of whether it involved airplanes. I would clear the innocent people, and I would go after the guilty. I wouldn’t build a complex computerized infrastructure and wait until one of them happened to wander into an airport. It just doesn’t make security sense.

That’s my usual metric when I think about a terrorism security measure: Would it be more effective than taking that money and funding intelligence, investigation, or emergency response—things that protect us regardless of what the terrorists are planning next. Money spent on security measures that only work against a particular terrorist tactic, forgetting that terrorists are adaptable, is largely wasted.

Posted on January 31, 2005 at 9:26 AMView Comments

American Airlines Data Collection

From BoingBoing:

Last week on a trip from London to the US, American Airlines demanded that I write out a list of the names and addresses of all the friends I would be staying with in the USA. They claimed that this was due to a TSA regulation, but refused to state which regulation required them to gather this information, nor what they would do with it once they’d gathered it. I raised a stink, and was eventually told that I wouldn’t have to give them the requested dossier because I was a Platinum AAdvantage Card holder (i.e., because I fly frequently with AA).

The whole story is worth reading. It’s hard to know what’s really going on, because there’s so much information I don’t have. But it’s chilling nonetheless.

Posted on January 20, 2005 at 9:28 AMView Comments

1 28 29 30 31

Sidebar photo of Bruce Schneier by Joe MacInnis.