Slashdot Mirror
Biometrics in Airports
asv108 writes: "Extremetech has an article by renowned security expert Bruce Schneier about why face recognition in public places such as airports is not a good idea." Schneier is being generous - real world results show that facial recognition systems are a lot less than 99.99% accurate even under laboratory conditions (people posing for the camera under ideal lighting).
C'mon, Enemy of the State showed us that not only should they be advanced enough to give a definite ID, the single camera should be able to pan around the person, zoom in, and even show you the label on their T-shirt...
For example - would you agree to putting your thumb on a fingerprint scanner at teh jetway entrance before you got on the plane? Retinal scan? The idea of the airlines having fingerprints for every passenger is pretty scary - but banks and many stores fingerprint when you use/cash checks. What level of this type of stuff will we accept? At what cost?
But then - the best biometric system in the world wouldn't have stopped the WTC attack - the hijackers were passengers with tickets and many used their real names anyway so.... I fear we'll find many liberties and the like given up in the name of security that really won't help that much.
Top Most Bizarre/Disturbing Error Messages
See:
m l
http://www.theregister.co.uk/content/4/21916.ht
These sigs are more interesting tha
Hasn't this system shown its bugs when used in the past at major events like the Super Bowl?
Even if they manage to improve its accuracy, the most important ingredient in better airport security is better-paid, more-reliable personnel. At many major airports, like New Orleans where I live, the scanner folks start at minimum wage and get about three hours of training. Ouch.
When airlines start taking security seriously - and stop trying to increase profit margins by paying people squat - then we'll have a safer system.
Top 5 ways to have fun with an airport face scanner
/bin/laden mask to the back of someone's back and watch the fireworks
5: Wear a Nixon mask and watch the security guys do a double-take looking at their computer readout
4: Attach a
3: Sell time on the system to Oil of Olay to spot oily, reflective skin
2: Adapt it to seek out hot chicks
1: Link it to Am I Hot Or Not!
Ah, computer dating -- it's like pimping, but you rarely have to use the phrase "upside your head" -- Bender
Somehow we coming to the conclusion that there's no substitute for thorough searching of passenger's baggage and carry-on items. Though this is an invasion of privacy and an inconvenience to travelers, this is needed to avoid another tragedy like the events of Sept. 11th.
Face recognition should come into play if there is suspicion aroused from some other means of security.
I like fire ants. They are very spicy!
Any terrorist prepared to commit suicide is going to think nothing of having reconstructive surgery if that's what it takes to foil such a system.
If the system were 99.99% accurate and it indicated a match, wouldn't you want to pull the person out for closer inspection? (this is not to say that you treat him like a terrorist)
After all, airports already arbitrarily subject people to random inspection of their luggage.
There's one thing that no one wants to hear:
There is no way to stop a determined terrorist on a suicide mission.
They will somehow find a way to accomplish their goals, and if one of them fails, there will be thousands waiting behind him to try again. Wipe out one terrorist group and another will rise to take their place. Stop a terrorist from boarding an airplane and they'll drive a bomb in on the ground floor.
All of this going to war, extra security measures, etc... it will make us feel more secure, and feel like we're accomplishing something, but when it doesnt stop terrorism (it wont) then what will we do?
-J5K
The libertarian solution to the failures of capitalism is to apply more capitalism til the failures are fixed.
Regardless of whether the face scanning software was 100% accurate (as pointed out already by various people and the article itself, we aren't even close to that), who says that potential terrorists/criminals are even going to be in the comparison database. All you have to do is ensure that this is going to be your first offence, and you won't even be in there.
...
Again we are attempting to find a series of high tech solutions (at very high expense), when we really need to be applying a bit more low tech, hands-on investigative work. You can't automate everything (certainly not yet anyway)
I imagine that airport patrons identified as "terrorists" by the face recognition system would be detained by security, have their ID rigorously checked and have their luggage rigorously inspected. (With high levels of accuracy, this would amount to a few people per airport per day.) I do not imagine that they would be shot on sight. Inconveniencing (and embarrassing) a few patrons at each airport every day is certainly not a good thing, but it is hardly self-evident that it would be intolerable.
I am not a big fan of universal use of face recognition technology for the reasons outlined in Phil Agre's excellent essay on that subject (linked at the bottom of the Schneier piece as well). But we all understand that some compromises have to be made to make air travel secure. If this is the best argument against using face recognition at airports, it's not a good one.
The important thing is that the surviellence information must be handled in the right way; it's way too easy nowadays for companies in the name of profits to pool customer databases together and generate a large profile on you without you knowing. If surviellence is being used for government purposes, then only the government should have access to it; furthermore, if you are detained only because the computer indicated a match but you are otherwise innocent, there should be no record about this made in the computer beyond doing a $missed++ increment on the global database.
Thus, any sort of increased surviellence absolutely needs some sort of public oversight to make sure the information is not abused or that information that should not be stored isn't. Frequent inspections of the use of biometrics, unrestricted access to the computer files and data collected, all done by private citizens with NDAs, is necessary before these systems should be in place.
"Pinky, you've left the lens cap of your mind on again." - P&TB
"I can see my house from here!" - ST:
There is also this vendor nuetral test
Bottom line is that this is merely a marketing opportunity for someone to get capital for products that are NOT ready for prime time.
This has actually been examined by the US Department of Defense (DoD) Defense Advanced Research Projects Agency (DARPA), which sponsored the Facial Recognition Vendor Test (FRVT) 2000, the test linked to above
Under live conditions in an uncontrolled enviroment, the best false detection rate (FDR) was 33 per cent, with a false acceptance rate (FAR) of ten per cent. This means that to detect 90 per cent of terrorists we'd need to raise an alarm for one in every three people passing through the airport.
I would say it is somewhat unacceptable.
"It is a greater offense to steal men's labor, than their clothes"
Do you think that the people implementing this kind of thing do so because they think it improves security and safety?
If so I think you have made a mistake. They are implementing it because they think it will make the public think that it improves security and safety.
Giving the public what they think is best is always easier that giving them what is actually best. (and of course you might be wrong about whats best and the public right but thats another issue)
The only solution to this kind of thing is to reduce the gap between the real best solution and the publics belief of what the best solution is.
That means two things. Unlazy authorities and education of the people. Don't hold your breath on the former. Help out yourself with the latter.
-- MartinG To mail me: echo kewyjlcxyzvjfxbqwh | tr bcefhjklqvwxyz
Biometrics are much easier to implement when the person's alledged identity is known. If the person claims to be X, the system need only compute B(X) and compare that to a precomputed data base entry B'(X). These values will almost never be identical due to noisy real world systems (different lighting, microphone noise, dirt on the fingerprint/retina scanner, etc.). Instead a statistical comparison must be made. If B(X) is statistically similar to B'(X), admit entry, otherwise call the firing squad.
In the article, Bruce assumes his readers understand this. His explanation of why face recognition systems cannot find the rare targets in large populations is quite good. The same logic applies to voice matching for projects like Eschelon.
And, of course, this wouldn't prevent individuals from using their own valid IDs to access public areas. The assumption of most security systems is that the intruder wants to commit a crime and get out while minimizing the probability of detection. A suicidal terrorist does not have this goal. He/she seeks to enter an area, commit a crime, and then die in the attempt. The tools developed for normal security may not be appropriate for suicidal terrorists or individuals on shooting sprees.
Given one hour to live, the student replied: "I'd spend it with professor FP who can make an hour seem like a lifetime."
I don't mean to be picky here, but my math says that if 1 out of every 1,000,000,000 people going through is a terrorist, there will be 99,999 false alarms for every terrorist detected, not 9,999. Eh, what's an order of magnitude here or there, anyways...
The best way to predict the future is to invent it.
On a semi-related, semi-offtopic note: the anti-DMCA group Minnesotans for Fair Copyright will be hosting a lecture by Bruce Schneier at the University of Minnesota on Thursday, November 8. Should be a great talk -- everyone agrees that Bruce is a really great speaker!
We also have some other DMCA speakers coming up -- Dan Burk on Oct 4, and John Logie on Oct 17. For more info, subscribe to the list:
DMCA-minnesota-subscribe@yahoogroups.com
Damn, you're right. I always wanted to be (potentially at least) constantly monitored by the government whenever I'm in a public place. I'm sure no one operating such systems would ever abuse them, or send the KGB (er, Office of Homeland Security) to roust someone just because they were looking suspicious. And of course the error rate on facial recognition must be one in a billion...right?
Also, this erosion of our natural (and Constitutional) right to privacy wouldn't send us further down the slippery slope to ever more intrusive and totalitarian government monitoring...right?
Fool.
"Those that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
--Ben Franklin--
Power corrupts. Absolute power corrupts absolutely.
--unknown (by me at least;)--
299,792,458 m/s...not just a good idea, its the law!
Galileo: "The Earth revolves around the Sun!"
Score: -1 100% Flamebait
You cash your checks at a bank where you have an account, or you live outside the US. It's been going on here for a couple of years.
Best Slashdot Co
There is an article in yesterdays (Thurs 9/27/01) Wall Street Journal about how Biometrics wouldn't have helped in the terrorism case, that is, it wouldn't have worked in picking up the faces of the two guys who they have on tape passing through Maine's airport. Basically the article says that face recognition technology doesn't work as effective as they hawk it out to. Actually following the hijackings the companies developing biometric products went on record saying that if their products had been in place then this would have been averted and their stocks rocked up. The WSJ puts a doubt on that. Their point, or the point of the person they interview who agues that it doesn't work that well is that cameras would have to zoom in and cover each face for longer than a camera in an open space like an airport or a football stadium possibly could be expected to.
It actually puts some stats to the Superbowl Biometrics scam where they used face-recognition at last years SB. Turns out that of the 11 or howeverthefuckmany people they said they nabbed, most, were not correct matches.
I used to get mad at the opening track on Mos Def's Black on Both Sides when he says
You got a lot of socities and governments
tryin to be God, wishin that they were God
They wanna create satellites and cameras everywhere
and make you think they got the all-seein eye
Eh.. I guess The Last Poets wasn't, too far off
when they said that certain people got a God Complex
I believe it's true
I don't get phased out by none of that, none of that
helicopters, the TV screens, the newscasters, the..
satellite dishes.. they just, wishin
They can't really never do that
Hell yeah they can! Well, at least for now, maybe they can't. In any event, if you have a WSJ from yesterday lying around. A very good piece.
The problem I have with so many of these sorts of arguements, is that they generally fail to offer solutions. I've seen: many petitions and rallys for peace in the wake of the attacks; dire predictions of the end of civil liberties; Not one of them addressed the issue of "well if we don't do this than what should we do?". Which tells me that they don't know, don't have any better ideas, and don't want to draw attention the fact because it may thwart their political agenda. But ignoring the problem isn't going to make it go away.
So, facial recognition isn't perfect. As he said, if you cross-reference the system against an identity card or fingerprint or retina, which I believe is entirely acceptable for someplace as security-sensitive as an airport, you have a much stronger system. In which case, if someone was flagged by the biometric system you could discreetly stop them and verify their identity. And even if you didn't use a secondary means of identification, looking for one terrorist in a thousand is MUCH easier than looking for one in a million. It would at least be enough for the system to tell you to take a closer look at what you are doing.
Your personal rights end where other people's begin. This is why you have to have a license to drive, or fly, or shoot a gun in the first place - vehicles and weapons are extremely dangerous to others if used improperly or intentionally. If it were up to me, I'd be adding these systems to every car, truck, boat, and weapon rental or dealership as well. I doubt the terrorists will strike again by air anytime soon, but these other routes are wide open.
---If you can't trust a nerd, who can you trust?
Thumb print out here in Oregon.
They've been doing it since at least 1995.
Wouldn't it make more sense and be much easier to simply link the FBI "watch list" to the airlines computers? Many of the hijackers were on this list. It seems incredible to me that a person on the list could buy a one-way ticket with cash without the system bringing up all sorts of warnings. Some of the hijackers (not all) fall into this category.
The following things should cause there to be extra scrutiny (especially if you do/are more than one of them):
It seems that doing a lookup on a name in a database is much quicker/easier/less expensive than installing facial recognition systems all over the place. Why not implement a simple solution that would have caught these guys first instead of a complex on that might not work?
If you feel that we must use high-tech solutions, maybe a smart card put into passports and driver's licenses would make more sense and be more accurate. Once simple solutions are implemented then we can worry about the crazy complex ones.
Lasers Controlled Games!
My guess a face recognition station will be like the metal detector. And I bet they will make you take off any hats or sunglasses before they scan you.
It's really stupid to think that after WTC they will just put a few of them up, scan randomly and pray they catch someone.
Just to carry one concealed.
Best Slashdot Co
Airports *already* have profiling systems in place. And I'm sure the false positive rate is much higher than the 1 in 1000 example that Schneier uses.
This thread is a little misleading. The prints required at banks (as far as I've seen, that is) are quick thumbprints using colorless ink (it reacts with a chemical on the paper they put it on, I assume.) There's a little ink pad by each teller window. It's as quick as signing a form, and no less intrusive, in my opinion. It's not like they take you into the back room for a full set of black, inky prints on one of those FBI cards.
Evil is the money of root.
But then - the best biometric system in the world wouldn't have stopped the WTC attack - the hijackers were passengers with tickets and many used their real names anyway so
You do know that the FBI was busy looking for several of the terrorists even as the planes hit the WTC, right? They got into the country and disappeared- a face check at the gate might have flagged them and possibly prevented the attacks. The terrorists would have at least been delayed enough to stop some of the attacks.
You're right: biometrics is coming. This could be a very good thing if we drive the technology to good use. Fingerprint check when I use a credit card: why not? I'd love it if the store *knew* I was the owner of that card- I've had my number stolen before. Ever spoken with someone who's had their identity stolen? It's a multi-year nightmare of wrecked credit, endless phone calls and general heartburn.
Realize that we have almost no privacy anyway. Various large companies know a *lot* about me. They know personal details down to my last dollar, my taste for mint chip ice cream and the fact my wife and I are infertile. The government has run at least 3 background checks on me that I know of, the most recent within the last month. (I got my pilot's license recently: the FBI has already visited the airports I used to pull my records.)
Biometrics won't change that-what we need to do is make sure the transparancy goes both ways.
Eric
"Seven Deadly Sins? I thought it was a to-do list!"
Uh, how about because they don't work?
Oh dear. "to detect 90 per cent of terrorists we'd need to raise an alarm for one in every three people passing through the airport. It's absolutely inconceivable that any security system could be built around this kind of performance," .
Oh, OK, if it's for the children, then who cares if it works or not?
Frankly, I'm happy to be surveilled, and to give my government my face/DNA/fingerprints/nail clippings/ear wax or anything else that they need, if they have a system that works. However, I do not want a system that picks one person out of three and screams "Terrorist!".
If you were blocking sigs, you wouldn't have to read this.
This applies to all forms of identification and identity databases. We have social security numbers and a social security credit database. The system has its occassional upsets, but all in all it works. The Police work with large criminal databases. etc. As a society we keep records of people. The security and integrity of those records has nothing to do with face recognition technology.
Terrorists are unlikely to pose for photo shoots.
Sure they are. We knew they were terrorists when they entered the country in the first place (which sparks an entirely different problem that I won't talk about). We have a passport photo which they posed for to get into the country. The fact is that we know who many of these people are. An internation database of known terrorists would work.
[ 99.99% accurate problem ]. Assume that one in one billion flyers, on average, is a terrorist. Is the software any good?
Damn right it is. The odds that 4 passangers on a single plane will be incorrectly identified as terrorists is roughly 1 in 1,000,000,000,000. Even if it is only one terrorist, a posative match might result in increased scrutiny of that individual. Such a screening tool could only be helpful.
The real problem with American Security systems is that idiots like this moron are advising people.
Someone you trust is one of us.
I worked for Viisage Technology for a couple of years, and they use a system in the building where two cameras scan for faces in the hallway (as you're approaching to enter) and if a face found matches one in the employee database, it unlocks the door.
It was sophisticated enough to identify me as me even when I was wearing my eyeglasses, and later, when I grew a goatee type beard and moustache. No ID code to enter, no badge to carry. If you didn't match anyone in the database, it would summon security and leave the doors locked.
Having run their Technical Support Department for 2 years, I can tell you that the products not only work, but work very well. They use the facial recognition in Massachusetts at the Department of Transitional Assistance (Welfare) offices to identify those people obtaining multiple ID's under assumed names to weed out Welfare fraud.
The kind of access system they have in their entry could be used in an airport entry to identify a suspected terrorist trying to move about the country and alert security. It's pretty close to an Orwelian concept, except this type of monitoring would definately have oversight by a committee or White House office to prevent civil rights abuses.
I personally am against the idea on principle, but sometimes one principle takes precedence over another.
The Dopester
"Yes, I'm a Karma Whore, but I'm doing it to pay my way through school."
Putting aside the fact that there are numerous terrorists who aren't Arab (which may be appropriate in this select case), is it really that easy to pick out an Arab versus some other ethnic group if they dress and groom themselves in a westernized manner? I doubt it. There's such a huge variety of ethnicities in America that it can be nearly impossible to say with certainty where someone is from just by looking at them, even if you're trained to do so. If Mr. Atta were going by the name of Mr. Mancini or Peres or Rodriguez, I bet hardly anyone would have thought of him as Arab.
---If you can't trust a nerd, who can you trust?
-atrowe: Card-carrying Mensa member. I have no toleranse for stupidity.
That should be 'tolerance'. I guess Mensa's standards are slipping...and this was the most ironic thing in your post. ;-)
299,792,458 m/s...not just a good idea, its the law!
Galileo: "The Earth revolves around the Sun!"
Score: -1 100% Flamebait
99% accurate in laboratory conditions with controlled lighting and camera settings.
Deleted
Big contractors making billions out of the Government? Hmm?
Deleted
Well, I'm going to weigh in on your side on this one. Facial recognition software could be a boon, in my opinion.
I'll agree that a few people will find it to be something of a consistent hassle. It should be relatively simple for them to verify that they are not whoever they look like via fingerprints.
IMO, we definitely need to also put cameras in the rooms where folks are questioned, too, though. And all of the cameras should be available over the internet in real-time!!! With these two provisos, facilities that victimize those with unfortunate resemblances can be caught very quickly, and it should radically reduce other abuses of authority.
I'm sure that it will bring about new abuses, but IMO the system I outlined above would by far eliminate more abuses than it introduces.
BTW, if you're going to have a sig that says you have no toleranse(sic) for stupidity, you ought to spell check it. Also, apprehensive is spelled like I spelled it, and entrys should be entries.
2 of the bastards were on a watch list for terrorism, one even had an arrest warrant.
Most of these "Holy Warriors" don't have criminal records, but sometimes we flag them as potential terrorists and put them on watch lists.
If we can't use the list to detect them at the entrance of a plane, then it's useless to gather intelligence on terrorists.
> when we really need to be applying a bit more low tech, hands-on investigative work
That was done ! However, they weren't detected when boarding planes ! A face recognition and even name match system would have stopped them !!!
- sigs are for wimps.
I think alot of people are missing the point here. This system is supposed to 'stop terrorists by identifying potential terrorists'. The only way to catch a potential terrorist is if that individual has been caught or spotted and had his/her picture taken to compare. Of the 19 suspected terrorist that commited the Sept. 11 attacks only TWO of them had any kind of profile the rest were unknowns. So, someone please explain to me how exactly biometrics would have helped us here. Sure 2 of the terrorists would have potentialy been stoped, but the other 17 terrorists would have boarded the plane without much of a problem. Im sure biometrics might stop things for a small amount of time, but the terrorists will adapt quickly and all we are left with is a billion dollar step twords big brother is watching. There are sleeper agents all over the world, guys who have never been seen talking to a known terrorist, have been living in thier respective country for 5-10-15 years, have wives, kids, successfull careers, just waiting for thier 'phone call'. How exactly is a biometrics system going to solve that problem?
Exactly.
However, I think some of these systems claim to be succesful even with simple disguses as those. But I'm not sure about the stats on those, and if they're true.
But your suggestion is good, but oh boy, wait for people here and the paranoid to scream "INVASION OF PRIVACY".
- sigs are for wimps.
I've seen several comments that "If the system gives a false positive only 1 in 1000 times, then it must be pretty good!". This demonstrates that many people have no clue about how to properly apply probability - what is called Baysian math.
.1 terrorist will be mis-identified. So we will assume that all 100 of the terrorists trip the alarm.
.9999, so we will assume that one innocent person gets fingered as a terrorist.
You have to start out with two probabilities that are based on the system: probability of a false positive (Pp) and probability of a false negative (Pn).
A false positive is mis-identifying a non-terrorist as a terrorist. Let us say that a collection of 1 million non-terrorists are run through a system, and it fingers one of them as a terrorist. That system has a Pp of 1 in a million, or 1E-6.
A false negative is mis-identifying a terrorist as not being a terrorist. Let us say that we run a thousand known terrorists through the system, and let us say that only one is not detected. Then this system has a Pf of 1 in a thousand, or 1E-3.
Now, that is ALL that you can say about a system. You cannot state the actual number of false positives vs. the number of false negatives in real use without an additional piece of data, the probability of any given person in a crowd being a terrorist, Pt. Let us say that in any given crowd, one in ten thousand people are terrorists (Pt = 1E-4). This may seem very high, but the lower Pt, the worse the system will perform, and I am heavily weighting this in favor of the face scanner.
Now, let's run a million random people through the system, and see what happens.
First, out of that million people, 1E6 * Pt = 1E6 * 1E-4 = 1E2 = 100 of them are terrorists. We would expect that of that 100 terrorists, 100 * Pf = 100 * 1E-3 =
Now, out of the remaining 999,900 people, we would expect the system to finger 999,900 * Pn = 99,900 * 1E-6 =
Now, we had 101 trips, of which 1 was false, so the odds that you aren't a terrorist given that you were fingered are just under a percent. That's given the assumption that the system mis-identifies innocent people only one in a million times, and assuming that one person in ten thousand is a terrorist. Increase the false positive rate by a factor of ten (one in one hundred thousand innocents gets fingered), and decrease the terrorist population to a tenth of what we assumed (one terrorist in one hundred thousand) and you now have roughly fifty-fifty odds that a person fingered by the system is innocent.
And that, people, is why systems like this don't work.
www.eFax.com are spammers
For example, either Gore or Bush being declared the winner of the last election would have been mathematically valid. The expected error in vote count, from the known error rate of the voting machines/ballots, was larger than the difference in votes the two candidates received.
Best Slashdot Co
For some statistics based on a real system, try Face recognition useless for crowd surveillance, from which I quote: "to detect 90 per cent of terrorists we'd need to raise an alarm for one in every three people passing through the airport. It's absolutely inconceivable that any security system could be built around this kind of performance."
Darn! I musta bin trolled. You had me going there...
Unfortunately, this is a horribly flawed argument. It is possible to recognize faces. Humans can do it. Computers can be taught to do what humans can do. They're called "Expert Systems" and covered in any intro AI course. Using computer inadequacy arguments gets us in the habit of adhering to these beliefs years after they have become outdated.
Never, ever, ever base arguments on the idea that computers are fundamentally unable to perform some task well (especially if they are doing a decent job of it at the current time). People that say those things almost always look like dolts several years later, unless they are already accomplished experts in the field.
Basically, having some mathematical theory that proves the inability of computers to perform a task is a good reason to say it can't be done. To decide that computers can't do something because you think that it would be hard is not.
Jack Valenti and the MPAA are to technology as the Boston strangler is to the woman home alone
All this talk of biometrics being some kind of panacea for terrorism, are woefully optimistic. The only kind of people you'd catch for the billions you'd have to spend on implementing and running such a system are petty criminals. That's a pretty pathetic catch for something that costs so much both in terms of money and civil liberties.
You would be much better off using the same money to beef up the woefully inadequate security that can be seen in most US airports - ban people going through to the gates without a pass, new X-Ray machines, employee screening, trained and motivated staff, more police officers, US customs style security checkpoints, air marshals and so forth.
Mysteriously, some of the video-tape is then edited and sold to television stations as entertainment. There have been cases of lives being utterly destroyed by such profiteering off misery.
These systems are linked to various national databases, BUT are monitored around-the-clock by Real People. It's NOT a fully-automatic system, rather it is a computer-assisted human system. As such, the track score (ignoring the abuses of the system) is not too bad. It's not brilliant, either, but it's certainly workable.
Using biometrics in an almost totally computerized system, though, is a potential disaster. A single false positive could mar an innocent person for life, irretrievably. A single false negative could, as we have already seen demonstrated, cost thousands of lives.
Biometrics are completely the wrong solution. I'm not even sure that the problem (as specified) is correct. The first rule on implementing a solution is to determine what the REAL problem is, ignoring whatever is expedient or would sit well with the PHB.
IMHO, the REAL problem is how to ensure that an aircraft, its crew and passangers, and (as far as is achievable) their luggage, get from A to B intact, regardless of who is onboard, or what device(s) they have.
That is an interesting problem, and it can't be solved by some puny, half-witted solution such as a thumb-print scanner, or video camera. You need to look at the aircraft itself, for an answer.
Bombs on-board are nasty, but not necessarily fatal. Many aircraft disintegrations at altitude do NOT kill the occupants. Frequently, it is the impact with land or water that is fatal. Another cause is when seats are thrown around in the cabin, causing severe head injuries.
Let's look at these one at a time, starting with the first. Rate of descent is trivial. All you need is the head-rest to contain a folded emergency parachute, and the problem is basically solved.
The head-injuries aren't any more of a problem. A roll-bar, mounted at an angle from the top of the seat, would protect the head against most impacts.
Then, we move onto someone with hostile intent flying the aircraft. Wouldn't biometrics help, there? Not if that someone =WAS= the pilot! Even one of the cabin crew could easily take control, even if the pilot were armed and stupid enough to pull a weapon in a pressurised, enclosed space.
The only way to prevent someone of hostile intent from flying the craft is to extend the concept already implemented on the A400 Airbus - "smart" controls capable of recognising a hazardous manoever. If the aircraft detects a building within a dangerous space (it has proximity sensors, this isn't something outside of current technology), then it is perfectly capable of turning away from it, overriding any pilot commands to go closer.
Here is a scenario where it truly doesn't matter who carries on what, or who does what. Crashes, such as those on Sep 11th, COULD NOT HAPPEN! The aircraft's onboard computer would forbid it. On-board explosions would be (largely) survivable, reducing such tragedies to major inconveniences for a fair percentage of those involved. Which is better? 100% dead, or 10% dead, 90% without spare underwear. Obviously, any dead is higher than anyone would like, but let's start with measures that might REDUCE the numbers, and worry about perfection later!
In fact, just to be annoying, I'll be a perfectionist now. Plenty of people have demonstrated (eg: by dropping eggs from the top of the Empire State Building) that shock-absorbing structures are not difficult to build. To prevent explosions in the hold from being catastrophic, you'd need some kind of honeycomb layer surrounding each crate, and another lining the hold itself. This would absorb the energy safely, so that even major incidents (such as the oxygen cylinders that blew a ValuJet out the sky, some time back) would not be nearly so severe. The chances are, only the contents of the one crate would be affected. Even in major incidents, there's a good chance that only the cargo would be affected, and not all of it at that. A major catastrophe becomes a minor nuicence.
Poor maintenance has caused far more jets to crash than terrorists, yet this has never been really targetted. Maybe because allowing people to see a human dimension to things would cripple the fear factor.
How, then, to deal with poor maintenance? IMHO, it partially goes back to the whole computer control systems. If the computer can conduct its own pre-flight checks, a-la those NASA's computers already do for rocket & shuttle missions, on a component-by-component basis, you'd pick up a lot of faults, long before they became life-threatening. Sure, you might increase take-off delays, but you'd also increase the odds of the aircraft actually landing where it's supposed to be, rather than over a five-mile radius.
These measures are either very basic material science, or simple extensions of already-implemented technological solutions. They don't care, or NEED to care, what is brought on-board, who will do what, or whether the cheese is fresh.
In comparison, biometrics is a largely experimental field with low success rates, and an even lower impact rate.
If I had to choose between an airline that went with the simple, basic solution, or one which went with the complex, biometric solution, I'd go for the former. Sure, there might be a terrorist on every other seat. There might be for the other airliner, too. The point is, in the first case, I don't need to give a damn.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Because with my luck I'll look exactly like some wanted felon, and then fourteen times a day, every time I walk past a security camera, the alarms will go off and the cops will bust in and I'll wind-up handcuffed on the floor before they realize I'm not the droid they're looking for.
I believe that Biometrics at airports can work if we give it a backbone.
Obviously this requires a nationwide database of pictures for everyone. This may seem impossible to compile except when you consider we already do it in the form of driver's licenses! So basically we need to nationalize the driver's license process and create a central database of the photos.
I think it would be doable.
So if I wanted to hijack an airplane, I'd need to find someone who looked very much like me, and then kill him, take his ID, and use that to board a plane.
Which is basically exactly what the 9/11 terrorists did, minus the sophisticated system that wouldn't have helped at all.
Unless Bruce also suggests that we do away with metal detectors and x-ray machines then false positives aren't a problem.
Anyone who has flown any significant number of times has seen a bag search or a person being wanded. Most have probably seen a person taken away to the back rooms for a more thorough going over.
Does Bruce suggest doing away with metal detectors because they are *far* less than 99.99 percent accurate, of course not. So why suggest avoiding better tech?
In both cases the person flagged wouldn't be immediately locked up. In both cases the people running security must be counted on to not become complacent in the face of 'the boy who cried wolf'. In both cases the bar against terrorism is raised.
"Thanks to modern technology and tremendous advances in processing power, we now have a device that can accurately (four nines) identify a potential criminal."
It's nice that you are so happy that one in 1,000 people will be falsely fingered. You realise that that level of accuracy would mean that for the state of Oregon, (using the 1999 population estimate) that would mean roughly 3,301 would be incorrectly identified as terrorists. For Portland Airport, That would have been 4,115 people in the first quarter of 2000 alone that would have been labelled as "possible criminals" FALSELY.
I believe that the figure of 99.99% accuracy is under "perfect" conditions, so it could be a lot worse. Having said that, assuming that the percentage of False Negatives is the same, 99.99% accurate. Then 4,115 terrorists and criminals could have passed through Portland Airport in just four months last year without being caught.
"Facial recognition cameras will take an additional burden off of our already overworked police departments, while at the same time, making the streets safer for our children. How can anyone NOT like the idea?"
Well, apart from the research that has been done in the UK showing that increased video surveillance did not reduce violent crime, how is this going to help the police departments?
Imagine, you are one of the unfortunates who just happens to look like a criminal. Every time you walk anywhere, the police get called out to investigate. Now, the police get even more extra work checking up on you, you get continually harrassed by them, the police start ignoring the warnings, the streets are no safer.
If 1 in 1,000 people generate a false positive alert then in even a VERY small town this is going to go off too often to be taken seriously.
Why not try and build a sense of community in your community. Don't ostracise strangers, talk to your neighbours, get to know one another. That way your streets will be safer because your children will know who they can ask for help from. Your friends and neighbours will know who lives in the area and will be able to ask people that don't belong why they are watching your children play, or staring at houses...
Nah, I guess that would never work, it doesn't use technology and it might drag people away from their TV sets for a few minutes.
Z.
-- Under/Overrated is meta-moderation, and therefore is Redundant.
Remember, they flew the routes beforehand. They had studied the routes and passenger loads, picking the flights that would have the fewest passengers thereby minimizing their risk of failure?
So, the question becomes, if your on a Government list are you allowed to use mass transportation? Would we stop at terrorist? What about know protesters for major events? Say if some G7/G8 meeting or IMF meeting is going on, do we monitor or prevent know organizers of the protests that follow? What if they had violent behaviour before?
Really, the only security that I wouldn't mind in an airport is similar to that portrayed in the Total Recall, where everyone walks past a screen which highlights solid objects. Its totally fair and cannot be considered intrusive for it doesn't violate you.
* Winners compare their achievements to their goals, losers compare theirs to that of others.
Which leads to a good point. How "suspect" do I have to be before you restrict my ability to move around and basically live a normal life?
If you stick to putting only known foreign terrorists in the database, fair enough. If you put known escaped US felons and bail jumpers in as well, again fair enough.
But the September the 11th terrorists were only suspects; we knew they were here, but they were here legally and openly, so we had nothing to charge them with. These are the people we want to stop, so we have to put them in and, what? Stop them flying? Search and question them? OK, lives are at stake, let's do that. it sucks, but it's necessary.
So, what's the criteria for putting a US citizen in? You don't have enough evidence to charge me. Am I an acknowledged activist, spouting anti-American slogans and calling for the end of US involvement in the Holy Land (pesky old 1st Amendment)? Or do I just have an uncle in Afghanistan who likes to send me encrypted mail? What are the criteria?
Do you stop me flying altogether, or do you just search me every time? If I'm not trusted on a plane, am I trusted with a gun? With access to explosives, or the materials to make them? Do you stop me using encryption? Or do you just watch me closely? Do I even know that I'm in the database at effectively wearing a big "suspicious" label because of my ethnicity, religion, family or political leanings?
I'm not against this technology (assuming we can get it to work), but I am very concerned that there be a clear, open procedure for who goes in the database. Specifically, I want to know:
If you were blocking sigs, you wouldn't have to read this.
We had a good decade without hijackings or airline bombings. Because of good airport security? No, because there was an effective myth of good security. The myth about the scanners and inspections was good enough that the hijackers evidently relied on confederates getting jobs at the airports to plant the box cutters in the planes, rather than simply carrying them through the checkpoints as they borded. They didn't realize (1) that boxcutters were legal under the rules (less than 3-inch blades) and (2) that they probably wouldn't have been spotted anyway.
Look, any terrorist stupid enough to believe that Allah is going to see their goodness and take them to Heaven is also going to be paranoid enough to believe that the Machinery of the Great Satan is diabolical enough to see them and take them to Hell. So help spread the myth of the infinite capability of our machines, while knowing that our own civil liberties are not so threatened, seeing as the stuff doesn't really work. Think Wizard of Oz.
"Only those, the believers who know the life after death and the reward after death, would be the ones who will be seeking death." - Mohamed Atta
"with their freedom lost all virtue lose" - Milton
99.999%? Not enough. 99.9999%? Getting there, but you've still got work. 99.99999% One more. 99.999999%. Ye gods.
What can't this work? HUMANS can't hope for that level of accuracy. At that level of accuracy, MOST PEOPLE will never have had a false positive. But you know for a fact that you've false-positived people before. You're accuracy is probably somewhere around 99.99%, which is the one Bruce used. (Might I add that if it was your job to be this airport system, A: Your accuracy would be worse then that (adverse conditions) and thus B: You'd adjust by declaring everybody negative, which, under the circumstances, is the most rational answer... even for a computer system.)
We're requiring a computer system to be vastly better then a human at a face-recognition task? Michael is right, and Bruce played soft-ball in more then one way; the simple fact of the matter is that system isn't just "impossible", it's impossible . The computer system that says "Nobody is a terrorists" is vastly more accurate then any conceivable system, even one with humans in the loop.
To me, a facial recognition system would be less invasive than a metal detector. How many people get stopped at the metal detector? 50%?
Install a facial recognition system at a security checkpoint, and assign an officer to it. He makes sure to get a good facial shot, then hits the button.
If the software finds a match, it does not ring the gong, set off the red light, anything of the sort. It puts up on a screen (visible only to the facial recognizer officer) that shows the picture it believes the person matches. Likely, it brings up a brief bio containing information helpful to apprehending said person--is he a crack shot, a mad bomber, a black belt?
Now, the facial recognition officer uses his or her own eyes to decide whether the person looks like the photograph. If he doesn't, the person gets waved through as if nothing happened--because it didn't. If the officer decides that the person looks like the bad guy in the photograph, he can detain the person.
Note this scenario. The software cannot order people to detain anybody. It can only suggest a possible match. If a person is detained, it is because a human security officer believes that the person looks like a known terrorist/criminal/bad guy. And this is no different from being stopped because the officer remembers your mug shot.
Effectively, the software is reduced to a gigantic version of the wall at the post office that has mug shots of known public enemies. It jogs the memory, as it were.
--The basis of all love is respect
I think everyone is trying to go about solving this problem the hard way.
Remember the full-body scanning systems that are now coming into use? If they can make it so you can scan a person in one second, it would immediately tell you everything on the person right down to what type of spare change being carried. Similar technology could make it possible to scan carry-on bags to find anything against a known database of contraband including small knives, ceramic knives, nail files, nail clippers, etc. If there is something hidden behind a bag that the scanner can't see the carry-on bag can be automatically flagged for closer visual inspection.
Why not get the most uncomfortable part of mandatory airport security set up right now?
Rectal Probes
10% of the population will love that, and the rest will call it either a neccesary evil, or cite previous experience with rectal probing by aliens.
The colonic map is one of the most individual biometrics available, and at the same time you can keep fighting the war on drugs with a handy rod instead of a lubed up glove.
"Look at me, I invented the stove!" -- Ben Franklin
Of course I don't know how the technology works, but given that the number of false positives is so high, I'm guessing the algorithms are liberal in what they accept as a match. So my hunch is the number of false negatives would be much, much lower than the number of false positives.
Jason.
bryguy
microsoftword.mp3 - it doesn't care that they're not words...
I was king code-monkey on the original implemenation of INSPASS. A system designed to expedite one's wait as they enter the U.S. from a "friendly" country. It was designed to reduce the lines so that INS inspectors had more time to focus on bad guys and people from "unfriendly" countries.
... and a far girthier size. Imagine, I walk into an airport. I scans my face, or fingerprint. From there the image is sliced and diced into various quadrants. Even with a beowolf, there are thousands of minutea points I share with the rest of the worlds population.
... where it's easy for a bad guy to take advantage of the overworked employees with managers demaning they keep the line moving.
... that can also be used to confirm my baggage on the flip side.
It was essentially a "good guy" system. Meaning, I'd swipe my card, which claimed I was "Joe Smoe". I then put my hand in the box and had it's geometry scanned. If it passed, it would "confirm" my identity and send me along to the Customs line. If it threw a false result, I was compelled to stand in the long line with everyone else.
Using biometrics to determine "bad guys" is a horse of a much different color
So up comes a list of "close matches". Then human intervention comes along and finishes the job. This is a poor-man's quick and dirty explanation of our current "bad-guy" systems work to match figerprints. Like I said, a far girthier and much colored horse.
If biometrics were to be implemented as an airport, I would see it as again, a "good guy" system to expedite the long lines currently at the airport
I would think it better to be a system provided by the airlines. Heck, credit cards are already putting my face and other info on smartcards, why not a frequent flyer plan along with it
We'll see.
healyourchurchwebsite.com - WWJB?
This might be cheaper and less inconvenient than implementing facial recognition systems, or at the very least would make an effective compliment to those systems to improve accuracy.
It may already be here.
If we do implement facial recognition systems, perhaps we could put in some anti-government abuse measures, like deleting the records of the passenger's faces after a successful flight.
-Rene
See you on the playa.
I was the principle developer at Ethentica for a couple of years.
I can tell you that fingerprint verification is very very good if you're doing 1 person to 1 fingerprint matching. (In other words, you claim you are bob, and your fingerprint proves it.) The biggest problems are simply getting the print!
Start developing search lists, and then you get into pretty treacherous territory. But anyone who is in biometrics will tell you to avoid the crowd. Even if we can have a good enrollment identifier, this will prove useless in search lists of hundreds.
Ohh, and fingerprint recognition is atleast 10-20% better than face. Plus, it is a choice. You can choose not to drop your finger on the detector.
We used chain verified stong SSL connections to protect biometrics in movement, and split biometrics into 4 geographically separate servers for storage. All matching was done in isolated, shielded rooms, on servers with no persistant storage at all. (No HD's, etc..) Our system was designed for large scale world-wide use. I doubt many others have developed such precautions.
If you loose "who you are" (you're biometric identifiers) then there could be problems in the future.
I worry about the shabby and sloppy installations I've been hearing about.
Pan
I said no... but I missed and it came out yes.
I have a friend who is blind. His dog's harness contains a considerable amount of metal, enough to set off the detectors at airports without fail. When he goes through and sets the thing off, what is the first thing they do? They take the dog and hold him off to the side while they have the guy walk through again. They have never ever searched the dog he says. He could have two handguns strapped to the bottom of the dog's harness. Not that he'd be able to use them, but he could certainly pass them off to a sighted person once on the plane.
My Mistake, I used 1:1,000 instead of 1:10,000...
Still, in 4 months that gives 411 people incorrectly being fingered as terrorists.
My guess is that the number of Terrorists/Criminals to Innocent Civilians is closer to 1 in 10,000 than 1 in 100. So, I don't think the number of false negatives would be artificially reduced by increasing the number of false positives. (i.e. making the match looser).
Of course we can make the system even more secure if we don't care about false positives. Think of it, software with a 0% false negative rate. The False positive rate will be close to 100% but that's acceptable if we're going to stamp out terrorism isn't it.
If 1 in 10,000 people is a terrorist or criminal then the false positive rate would only be 99.99%. We can live with that can't we?
For those people who said yes, please line up over there for your body cavity search. Thank you.
Z.
-- Under/Overrated is meta-moderation, and therefore is Redundant.
The FRENCH goverment informed the old FBI that it had a bunch of terrorists running about and the FBI did... nothing, nadda, zip. In fact they had to ask the French for the information again. Maybe if the FBI and the CIA got off their fat arses and got dirty and tried to infiltrate these organisations they might actually get somewhere.
They had information, they did nothing.
An Eye for an Eye will make the whole world blind - Gandhi
The basic problem presented here is the very small chance of a hit. 1/1,000,000,000 terrorist population.
But these cameras won't just be looking for terrorists! Sooner or later, they will be looking for ANYBODY with a warrant out for their arrest in any jurisdiction.
People with unpaid parking tickets. People in arrears on child support. People who got a fixit ticket and forgot to have it signed off. People who beat their spouse and skipped bail.
The number of THESE guys in comparison to the general population would easily make "four nines" - 99.99% very well worth it.
Oh, and we might catch a terrorist or two...
The real question is - what about false identifications? (This will happen daily to people with common features) What about extradition treaties? What about differing crime types?
Putting swastikas on the outside walls of your house in Germany is a crime. In the U.S. it's "freedom of speech".
This not only can happen, it WILL. I've said it before and I'll say it again.... this is the most insightful article I've ever read on this subject.
You'd do very well to read it!
I have no problem with your religion until you decide it's reason to deprive others of the truth.
It's already being used in Iceland:h tm l
www.visionics.com/newsroom/press/PRs/2001/0619.
These systems will do little to find people who
aren't in the databases anyways. And there is
certain fraction of the US population that makes
a considerable effort to stay as undocumented as possible.
Some examples of "undocumented people":
(1) The 2000 Census couldn't count about 4% because
people intentionally avoided it.
(2) 10% of the SS# on North Carolina's drivers
licenses are bogus (todays LA Times).
(3) 14% of the accidents in southern CA involve
people without valid car registration or drivers
licenses,
and so on.
This device has spectroscopic properties. It sees atomic number. It can distinguish tobacco, drugs, and explosives from clothing and human bodies, not just detect metals.
A big complaint about that unit is that it's too good. Look at the images on that site. It generates a good nude image of the person scanned. A technical paper, which includes bigger images, gives an idea of just how good it is. Civil liberties groups have complained. The manufacturer is looking into suppressing the body outline in the video processing.
Surprisingly, this device doesn't generate much of an X-ray exposure.
A competitive unit, the CONPASS Total Recall Body Scanner not only detects weapons, but diagnoses breast and lung cancer. It's a human-sized version of the line scanners used for luggage.
Until recently, these elaborate scanning units were considered too expensive for widespread deployment. But now, we'll probably see many more of them.
Maybe we'll even see one on the Internet. Some nightclub that uses weapon detection might do that.
Here's an idea combining the two:
The government has publicly stated that it's goal is to have 1 sky marshal for every ten flights. According to informed sources, the realistic ratio of sky marshals to flights will be closer to 1 in 20.
If I were a suicidal terrorist then a 1 in 10 chance of getting a sky marshal, or better yet a 1 in 20 chance, is good odds. Especially if my group is trying to capture 5 planes at the same time.
So what if we combine the two measures? Have face recognition software which flags *possible* terrorists and then takes a sky marshal from the pool available at that airport and puts the marshal on *that* flight? The odds of getting a marshal onto a flight with terrorists would be substantially higher (assuming you had pictures of the terrorists in question) than through random assignment.
Just a thought.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?