Entries Tagged "watch lists"

Page 2 of 6

The Abdulmutallab Dots that Should Have Been Connected

The notion that U.S. intelligence should have “connected the dots,” and caught Abdulmutallab, isn’t going away. This is a typical example:

So you’d need come “articulable facts” which could “reasonably warrant a determination” that the guy may be a terrorist based on his behavior. And one assumes his behavior would have to catch the attention of the authorities, correct?

Well let’s see.

  1. His dad, a former minister in Nigeria, informed the US embassy there that his son had been radicalized (the dad obviously had a reason for concern).
  2. US intelligence had been following him for a while, dubbing him “the Nigerian” (one assumes there was a reason).
  3. He was on a watch list (one assumes there was a reason).
  4. He had been banned from Britain (yup, one assumes there was a reason).
  5. The British intelligence service had identified him to our intelligence agencies in 2008 as a potential threat (sigh, uh, yeah, reason).
  6. He’d just visited Yemen, an al Qaeda hotbed (given the first 5, one can reasonably guess at the reason).
  7. He bought a one-way ticket to the United States in Africa through Europe (red flag 1).
  8. He paid cash (red flag 2).
  9. He checked no luggage (red flag 3).

…are those or are those not “articulable facts” which should have “reasonably warranted a determination” that this guy fit the profile of someone who is usually up too no good? No?

Kevin Drum responds to this line by line:

…the more we learn, the less this seems to be holding water. Let’s go through the list one by one:

  1. Jim Arkedis, a former intelligence analyst: “For the record, 99 percent of the time, walk-in sources to U.S. Embassies are of poor-to-unknown quality. That includes friends and family members who walk into the embassy and claim their relatives are potential dangers. Why? Family relations are tangled webs, and who really knows if your uncle just might want you arrested in revenge for that unsettled family land dispute.”
  2. This is true. But we didn’t have a name, only a tip that “a Nigerian” might be planning an attack.
  3. Yes. But as the LA Times puts it, he was on a list of half a million people with “suspected extremist links but who are not considered threats.”
  4. Yes, but not because of any suspected terrorist ties. From the New York Times: “[Home Secretary Alan] Johnson said Mr. Abdulmutallab’s application to renew his student visa was rejected in May after officials had determined that the academic course he gave as his reason for returning to Britain was fake….The rejection of the visa renewal appeared to have been part of a wider process initiated by British authorities this year when they began to crack down on so-called fake colleges that officials said had been established in large numbers across Britain in an attempt to elude tightened immigration controls.”
  5. No, they didn’t. From the Telegraph: “Diplomatic sources said that the Prime Minister’s spokesman had intended to refer to information gleaned by MI5 after the Christmas Day incident following an exhaustive examination of records going back through Abdulmutallab’s time in Britain up to October 2008.”
  6. True.
  7. No, it was a roundtrip ticket.
  8. Nigeria and Ghana (where Abdulmutallab bought his ticket) are largely cash economies. Andrew Sprung tells us that Abdulmutallab “would certainly raise no alarms by paying cash.”
  9. This is apparently true.

I’d go even further on point 9. I fly 240,000 miles a year, and I almost never check luggage. And that goes double when flying in or out of the Third World. And I’ve also read that he didn’t have a coat, something else that—living in Minneapolis—I regularly see.

As I keep saying, everything is obvious in hindsight. After the fact, it’s easy to point to the bits of evidence and claim that someone should have “connected the dots.” But before the fact, when there are millions of dots—some important but the vast majority unimportant—uncovering plots is a lot harder.

I wrote in 2002:

The problem is that the dots can only be numbered after the fact. With the benefit of hindsight, it’s easy to draw lines from people in flight school here, to secret meetings in foreign countries there, over to interesting tips from foreign governments, and then to INS records. Before 9/11 it’s not so easy. Rather than thinking of intelligence as a simple connect-the-dots picture, think of it as a million unnumbered pictures superimposed on top of each other. Or a random-dot stereogram. Is it a lion, a tree, a cast iron stove, or just an unintelligible mess of dots? You try and figure it out.

It’s certainly possible that intelligence missed something that could have alerted them. And there have been reports saying that a misspelling of Abdulmutallab’s name caused the Department of State to miss an alert. (I’ve also heard, although I can’t find a link, that some database truncated his name because it was too long for the database field.) And I’m sure that a lot of the money we’re wasting on full body scanners and other airport security measures could be much better spent increasing our intelligence and investigation capabilities. But be careful before you claim something that’s obvious after the fact should have been obvious before the fact.

Posted on January 25, 2010 at 7:09 AMView Comments

Fixing Airport Security

It’s been months since the Transportation Security Administration has had a permanent director. If, during the job interview (no, I didn’t get one), President Obama asked me how I’d fix airport security in one sentence, I would reply: “Get rid of the photo ID check, and return passenger screening to pre-9/11 levels.”

Okay, that’s a joke. While showing ID, taking your shoes off and throwing away your water bottles isn’t making us much safer, I don’t expect the Obama administration to roll back those security measures anytime soon. Airport security is more about CYA than anything else: defending against what the terrorists did last time.

But the administration can’t risk appearing as if it facilitated a terrorist attack, no matter how remote the possibility, so those annoyances are probably here to stay.

This would be my real answer: “Establish accountability and transparency for airport screening.” And if I had another sentence: “Airports are one of the places where Americans, and visitors to America, are most likely to interact with a law enforcement officer – and yet no one knows what rights travelers have or how to exercise those rights.”

Obama has repeatedly talked about increasing openness and transparency in government, and it’s time to bring transparency to the Transportation Security Administration (TSA).

Let’s start with the no-fly and watch lists. Right now, everything about them is secret: You can’t find out if you’re on one, or who put you there and why, and you can’t clear your name if you’re innocent. This Kafkaesque scenario is so un-American it’s embarrassing. Obama should make the no-fly list subject to judicial review.

Then, move on to the checkpoints themselves. What are our rights? What powers do the TSA officers have? If we’re asked “friendly” questions by behavioral detection officers, are we allowed not to answer? If we object to the rough handling of ourselves or our belongings, can the TSA official retaliate against us by putting us on a watch list? Obama should make the rules clear and explicit, and allow people to bring legal action against the TSA for violating those rules; otherwise, airport checkpoints will remain a Constitution-free zone in our country.

Next, Obama should refuse to use unfunded mandates to sneak expensive security measures past Congress. The Secure Flight program is the worst offender. Airlines are being forced to spend billions of dollars redesigning their reservations systems to accommodate the TSA’s demands to preapprove every passenger before he or she is allowed to board an airplane. These costs are borne by us, in the form of higher ticket prices, even though we never see them explicitly listed.

Maybe Secure Flight is a good use of our money; maybe it isn’t. But let’s have debates like that in the open, as part of the budget process, where it belongs.

And finally, Obama should mandate that airport security be solely about terrorism, and not a general-purpose security checkpoint to catch everyone from pot smokers to deadbeat dads.

The Constitution provides us, both Americans and visitors to America, with strong protections against invasive police searches. Two exceptions come into play at airport security checkpoints. The first is “implied consent,” which means that you cannot refuse to be searched; your consent is implied when you purchased your ticket. And the second is “plain view,” which means that if the TSA officer happens to see something unrelated to airport security while screening you, he is allowed to act on that.

Both of these principles are well established and make sense, but it’s their combination that turns airport security checkpoints into police-state-like checkpoints.

The TSA should limit its searches to bombs and weapons and leave general policing to the police – where we know courts and the Constitution still apply.

None of these changes will make airports any less safe, but they will go a long way to de-ratcheting the culture of fear, restoring the presumption of innocence and reassuring Americans, and the rest of the world, that – as Obama said in his inauguration speech – “we reject as false the choice between our safety and our ideals.”

This essay originally appeared, without hyperlinks, in the New York Daily News.

Posted on June 24, 2009 at 6:40 AMView Comments

"No-Fly" Also Means "No-Flyover"

I’ve previously written about the piece of counterterrorism silliness known as the no-fly list:

Imagine a list of suspected terrorists so dangerous that we can’t ever let them fly, yet so innocent that we can’t arrest them—even under the draconian provisions of the Patriot Act.

Turns out these people are so dangerous that they can’t be allowed to fly over United States territory, even on a flight from Paris to Mexico.

What makes the whole incident even more interesting is that Air France had only sent its passenger manifest to the Mexicans, but now it is clear that Mexico shares this information with the United States.

Hernando Calvo Ospina has written articles about the United States involvement in Latin America, and is currently writing a book about he CIA. The exact reason for him being on the terrorist watch list is unknown, and we’ll probably never know what criteria are used for adding people to it. Air France is considering asking the United States for compensation. Good luck with that.

Additional links.

Posted on April 28, 2009 at 1:00 PMView Comments

Change Your Name and Avoid the TSA Watchlist

Shhhh. Don’t tell the terrorists:

The U.S. Department of Homeland Security wrote a letter to Labb&eacute in 2004, saying he had been placed on their watch list after falling victim to identity theft. At the time, the department said there was no way for his name to be removed.

Although Labbé wrote letters to the U.S. department, his efforts were in vain, prompting him to legally change his name.

“So now, my official name is François Mario Labbé,” he said.

“Then you have to change everything: driver’s license, social insurance, medicare, credit card—everything.”

Although it’s not a big change from Mario Labbé, he said it’s been enough to foil the U.S. customs computers.

Posted on September 15, 2008 at 1:25 PMView Comments

My LA Times Op Ed on Photo ID Checks at Airport

Opinion

The TSA’s useless photo ID rules

No-fly lists and photo IDs are supposed to help protect the flying public from terrorists. Except that they don’t work.

By Bruce Schneier

August 28, 2008

The TSA is tightening its photo ID rules at airport security. Previously, people with expired IDs or who claimed to have lost their IDs were subjected to secondary screening. Then the Transportation Security Administration realized that meant someone on the government’s no-fly list—the list that is supposed to keep our planes safe from terrorists—could just fly with no ID.

Now, people without ID must also answer personal questions from their credit history to ascertain their identity. The TSA will keep records of who those ID-less people are, too, in case they’re trying to probe the system.

This may seem like an improvement, except that the photo ID requirement is a joke. Anyone on the no-fly list can easily fly whenever he wants. Even worse, the whole concept of matching passenger names against a list of bad guys has negligible security value.

How to fly, even if you are on the no-fly list: Buy a ticket in some innocent person’s name. At home, before your flight, check in online and print out your boarding pass. Then, save that web page as a PDF and use Adobe Acrobat to change the name on the boarding pass to your own. Print it again. At the airport, use the fake boarding pass and your valid ID to get through security. At the gate, use the real boarding pass in the fake name to board your flight.

The problem is that it is unverified passenger names that get checked against the no-fly list. At security checkpoints, the TSA just matches IDs to whatever is printed on the boarding passes. The airline checks boarding passes against tickets when people board the plane. But because no one checks ticketed names against IDs, the security breaks down.

This vulnerability isn’t new. It isn’t even subtle. I wrote about it in 2003, and again in 2006. I asked Kip Hawley, who runs the TSA, about it in 2007. Today, any terrorist smart enough to Google “print your own boarding pass” can bypass the no-fly list.

This gaping security hole would bother me more if the very idea of a no-fly list weren’t so ineffective. The system is based on the faulty notion that the feds have this master list of terrorists, and all we have to do is keep the people on the list off the planes.

That’s just not true. The no-fly list—a list of people so dangerous they are not allowed to fly yet so innocent we can’t arrest them—and the less dangerous “watch list” contain a combined 1 million names representing the identities and aliases of an estimated 400,000 people. There aren’t that many terrorists out there; if there were, we would be feeling their effects.

Almost all of the people stopped by the no-fly list are false positives. It catches innocents such as Ted Kennedy, whose name is similar to someone’s on the list, and Yusuf Islam (formerly Cat Stevens), who was on the list but no one knew why.

The no-fly list is a Kafkaesque nightmare for the thousands of innocent Americans who are harassed and detained every time they fly. Put on the list by unidentified government officials, they can’t get off. They can’t challenge the TSA about their status or prove their innocence. (The U.S. 9th Circuit Court of Appeals decided this month that no-fly passengers can sue the FBI, but that strategy hasn’t been tried yet.)

But even if these lists were complete and accurate, they wouldn’t work. Timothy McVeigh, the Unabomber, the D.C. snipers, the London subway bombers and most of the 9/11 terrorists weren’t on any list before they committed their terrorist acts. And if a terrorist wants to know if he’s on a list, the TSA has approved a convenient, $100 service that allows him to figure it out: the Clear program, which issues IDs to “trusted travelers” to speed them through security lines. Just apply for a Clear card; if you get one, you’re not on the list.

In the end, the photo ID requirement is based on the myth that we can somehow correlate identity with intent. We can’t. And instead of wasting money trying, we would be far safer as a nation if we invested in intelligence, investigation and emergency response—security measures that aren’t based on a guess about a terrorist target or tactic.

That’s the TSA: Not doing the right things. Not even doing right the things it does.

Posted on September 1, 2008 at 5:15 AMView Comments

TSA Follies

They break planes:

Citing sources within the aviation industry, ABC News reports an overzealous TSA employee attempted to gain access to the parked aircraft by climbing up the fuselage… reportedly using the Total Air Temperature (TAT) probes mounted to the planes’ noses as handholds.

“The brilliant employees used an instrument located just below the cockpit window that is critical to the operation of the onboard computers,” one pilot wrote on an American Eagle internet forum. “They decided this instrument, the TAT probe, would be adequate to use as a ladder.”

They harass innocents:

James Robinson is a retired Air National Guard brigadier general and a commercial pilot for a major airline who flies passenger planes around the country.

He has even been certified by the Transportation Security Administration to carry a weapon into the cockpit as part of the government’s defense program should a terrorist try to commandeer a plane.

But there’s one problem: James Robinson, the pilot, has difficulty even getting to his plane because his name is on the government’s terrorist “watch list.”

It’s easy to sneak by them:

The third-grader has been on the watch list since he was 5 years old. Asked whether he is a terrorist, he said, “I don’t know.”

Though he doesn’t even know what a terrorist is, he is embarrassed that trips to the airport cause a ruckus, said his mother, Denise Robinson.

[…]

Denise Robinson says she tells the skycaps her son is on the list, tips heavily and is given boarding passes. And booking her son as “J. Pierce Robinson” also has let the family bypass the watch list hassle.

And here’s how to sneak lockpicks past them.

EDITED TO ADD (8/21): Ha ha ha ha:

Even though its inspector’s actions caused nine American Eagle planes
to be grounded in Chicago this week, the Transporatation Security
Administration says it may pursue action against the airline for
security lapses.

And a step in the right direction:

A federal appeals court ruled this week that individuals who are blocked from commercial flights by the federal no-fly list can challenge their detention in federal court.

Posted on August 21, 2008 at 9:12 AMView Comments

Congratulations to our Millionth Terrorist!

The U.S terrorist watch list has hit one million names. I sure hope we’re giving our millionth terrorist a prize of some sort.

Who knew that a million people are terrorists. Why, there are only twice as many burglars in the U.S. And fifteen times more terrorists than arsonists.

Is this idiotic, or what?

Some people are saying fix it, but there seems to be no motivation to do so. I’m sure the career incentives aren’t aligned that way. You probably get promoted by putting people on the list. But taking someone off the list…if you’re wrong, no matter how remote that possibility is, you can probably lose your career. This is why in civilized societies we have a judicial system, to be an impartial arbiter between law enforcement and the accused. But that system doesn’t apply here.

Kafka would be proud.

EDITED TO ADD (7/16): More information:

There are only 400,000 on it, and 95 percent are not U.S. “persons.” (Persons = citizens plus others with a legal right to be in the U.S.)

The “million” number refers to records. The difference is a result of listing several different aliases or spellings for a suspected terrorist.

“That is not the same as 1 million names or 1 million individuals,” Mr. Kolton said. “It’s a little bit frustrating because I feel like they are getting away with muddying up the terms.”

Not that 400,000 terrorists is any less absurd.

Screening and law enforcement agencies encountered the actual people on the watch list (not false matches) more than 53,000 times from December 2003 to May 2007, according to a Government Accountability Office report last fall.

Okay, so I have a question. How many of those 53,000 were arrested? Of those who were not, why not? How many have we taken off the list after we’ve investigated them?

EDITED TO ADD (7/17): Bob Blakely runs the numbers.

EDITED TO ADD (8/13): The Daily Show’s Jon Stewart on the subject.

Posted on July 16, 2008 at 6:08 AMView Comments

Terrorist Watch List: 20,000 False Alarms

Why does anyone think this makes security sense?

The Justice Department’s proposed budget for 2008 reveals for the first time how often names match against the database, reporting that there were 19,967 “positive matches” in 2006. The TSC had expected to match a far fewer number 14,780. The watch list matched people 5,396 and 15,730 times in 2004 and 2005 respectively.

The report defines a positive match as “one in which an encountered individual is positively matched with an identity in the Terrorist Screening Data Base, or TSDB.”

It’s not clear from the report whether those numbers include individuals whose names only coincidently match one of those on list, such as when Sen. Ted Kennedy was confused with a former IRA terrorist also named Kennedy.

The watch list has been hounded by these mismatches, which have included small children, former presidential candidates, and Americans with common names such as David Nelson.

How do I know they’re all false alarms? Because this administration makes a press splash with every arrest, no matter how scant the evidence is. Do you really think they would pass up a chance to tout how good the watch list is?

EDITED TO ADD (8/28): The Washington Post just got around to writing an article on the topic, and Dan Solove has some good commentary.

Posted on July 23, 2007 at 1:39 PMView Comments

Is Big Brother a Big Deal?

Big Brother isn’t what he used to be. George Orwell extrapolated his totalitarian state from the 1940s. Today’s information society looks nothing like Orwell’s world, and watching and intimidating a population today isn’t anything like what Winston Smith experienced.

Data collection in 1984 was deliberate; today’s is inadvertent. In the information society, we generate data naturally. In Orwell’s world, people were naturally anonymous; today, we leave digital footprints everywhere.

1984‘s police state was centralized; today’s is decentralized. Your phone company knows who you talk to, your credit card company knows where you shop and Netflix knows what you watch. Your ISP can read your email, your cell phone can track your movements and your supermarket can monitor your purchasing patterns. There’s no single government entity bringing this together, but there doesn’t have to be. As Neal Stephenson said, the threat is no longer Big Brother, but instead thousands of Little Brothers.

1984‘s Big Brother was run by the state; today’s Big Brother is market driven. Data brokers like ChoicePoint and credit bureaus like Experian aren’t trying to build a police state; they’re just trying to turn a profit. Of course these companies will take advantage of a national ID; they’d be stupid not to. And the correlations, data mining and precise categorizing they can do is why the U.S. government buys commercial data from them.

1984-style police states required lots of people. East Germany employed one informant for every 66 citizens. Today, there’s no reason to have anyone watch anyone else; computers can do the work of people.

1984-style police states were expensive. Today, data storage is constantly getting cheaper. If some data is too expensive to save today, it’ll be affordable in a few years.

And finally, the police state of 1984 was deliberately constructed, while today’s is naturally emergent. There’s no reason to postulate a malicious police force and a government trying to subvert our freedoms. Computerized processes naturally throw off personalized data; companies save it for marketing purposes, and even the most well-intentioned law enforcement agency will make use of it.

Of course, Orwell’s Big Brother had a ruthless efficiency that’s hard to imagine in a government today. But that completely misses the point. A sloppy and inefficient police state is no reason to cheer; watch the movie Brazil and see how scary it can be. You can also see hints of what it might look like in our completely dysfunctional “no-fly” list and useless projects to secretly categorize people according to potential terrorist risk. Police states are inherently inefficient. There’s no reason to assume today’s will be any more effective.

The fear isn’t an Orwellian government deliberately creating the ultimate totalitarian state, although with the U.S.’s programs of phone-record surveillance, illegal wiretapping, massive data mining, a national ID card no one wants and Patriot Act abuses, one can make that case. It’s that we’re doing it ourselves, as a natural byproduct of the information society.We’re building the computer infrastructure that makes it easy for governments, corporations, criminal organizations and even teenage hackers to record everything we do, and—yes—even change our votes. And we will continue to do so unless we pass laws regulating the creation, use, protection, resale and disposal of personal data. It’s precisely the attitude that trivializes the problem that creates it.

This essay appeared in the May issue of Information Security, as the second half of a point/counterpoint with Marcus Ranum. Here’s his half.

Posted on May 11, 2007 at 9:19 AMView Comments

1 2 3 4 6

Sidebar photo of Bruce Schneier by Joe MacInnis.