Schneier, Journalist Poke Holes In TSA Policies

← Back to Stories (view on slashdot.org)

Schneier, Journalist Poke Holes In TSA Policies

Posted by Soulskill on Friday October 17, 2008 @11:00AM from the leave-my-shoes-alone dept.

Fallen Andy points out an article in The Atlantic written by Jeffrey Goldberg. He and Bruce Schneier teamed up to put the TSA's policies to the test at the Minneapolis-St. Paul International Airport. They found plenty of evidence for security theater, and rather less for actual security. Quoting: "'The whole system is designed to catch stupid terrorists,' Schneier told me. ... As I stood in the bathroom, ripping up boarding passes, waiting for the social network of male bathroom users to report my suspicious behavior, I decided to make myself as nervous as possible. I would try to pass through security with no ID, a fake boarding pass, and an Osama bin Laden T-shirt under my coat. I splashed water on my face to mimic sweat, put on a coat (it was a summer day), hid my driver's license, and approached security with a bogus boarding pass that Schneier had made for me. ... 'All right, you can go,' [an airport security supervisor] said, pointing me to the X-ray line. 'But let this be a lesson for you.'"

85 of 296 comments (clear)

Well... by Ironix · 2008-10-17 11:05 · Score: 5, Insightful

I wouldn't doubt that the whole system isn't there to catch actual terrorists, but to simply condition the populace into accepting this kind of routine as a the standard quo. Fo

--
Still #1 -- Lonely Gay Geek
1. Re:Well... by GrumblyStuff · 2008-10-17 12:13 · Score: 4, Informative
  
  Is it? How about kids being fingerprinted to enter Disneyland?
  http://www.boingboing.net/2006/09/01/walt-disney-world-fi.html
  http://disney.families.com/blog/disney-world-implementing-new-fingerprint-scanner-security
2. Re:Well... by DriedClexler · 2008-10-17 13:34 · Score: 4, Insightful
  
  I wouldn't doubt that the whole system isn't there to catch actual terrorists, but to simply condition the populace into accepting this kind of routine as a the standard quo. Fo
  You left off "shizzle".
  
  --
  Information theory is life. The rest is just the KL divergence.
3. Re:Well... by slarrg · 2008-10-17 16:25 · Score: 4, Insightful
  
  We have a financial system that is built upon the government, huge corporations and consumers borrowing insane amounts of money to keep the myth of a strong US going. The TSA's primary purpose is to create a show designed to make the public-at-large feel safe and keep spending their money by flying. If a significant percentage of people stopped flying because of fear, the entire airline industry would collapse.
  After 9/11, Bush was all over the airwaves telling people to continue to go to work and not stop spending their money because we need to keep the economy strong. Of course, when an anthrax tainted letter was found in a congressional mail sorting facility, congress closed its doors. But we simple consumers need to just keep borrowing money and consuming to keep the economy strong and if that means creating a government agency to create a theater show, then that's just what our government will do.
4. Re:Well... by Dun+Malg · 2008-10-17 17:39 · Score: 5, Insightful
  
  I wouldn't doubt that the whole system isn't there to catch actual terrorists, but to simply condition the populace into accepting this kind of routine as a the standard quo.
  I know people desperately want to see this as a subtle plot by hidden puppetmasters, but really, as with all conspiracy theories, Hanlon's Razor needs to be considered:
  
  "Never attribute to malice that which can be adequately explained by stupidity."
  
  The desire to seek explanations involving some controlling individual or group is as old as humanity itself. The vast pantheon of gods invented to explain the frighteningly random whims of nature bear witness to this. Unfortunately, that's simply not the way it is. Nature is implacable. Tornadoes and tidal waves are inevitable, as is stupid security theater. Security theater is itself a kind of appeal to "the gods" to keep us safe. The truth is, people are just plain fucking stupid, particularly large groups of people put in charge of something that can't really be prevented. Yes, they do think this is to "stop terrorists". It's not logical, it's just blind reaction. In its own way, this is actually worse than the machinations of a secret cabal, because there's no central controlling authority to expose and thwart. It's just a giant morass of human nature. Half the population has an IQ of under 100, and many of them work for the TSA. All we can do is keep explaining their error and hope they learn.
  
  --
  If a job's not worth doing, it's not worth doing right.
5. Re:Well... by Dun+Malg · 2008-10-17 17:42 · Score: 3, Insightful
  
  ... telling people to continue to go to work and not stop spending their money because we need to keep the economy strong. Of course, when an anthrax tainted letter was found in a congressional mail sorting facility, congress closed its doors.
  Sadly, I think one of the best things you could do for the economy would be to get congress to run away more often...
  
  --
  If a job's not worth doing, it's not worth doing right.
6. Re:Well... by Anachragnome · 2008-10-17 18:46 · Score: 2, Funny
  
  Dammit!
  To moderate, or post?!
  Doh!
  +1 insightful.
7. Re:Well... by JakartaDean · 2008-10-18 03:53 · Score: 5, Interesting
  
  Is it? How about kids being fingerprinted to enter Disneyland?
  I can, I think, top this. In July, on a flight from Hong Kong to Toronto, the plane made a refueling stop. Nobody, repeat nobody, had bought a ticket to Anchorage, this was a refueling stop and there were no tickets for sale Hong Kong - Anchorage. Nonetheless, everybody was ordered off the plane and had to show passports to American immigration officials. The people in front of me also had to press their thumb against an electronic fingerprint scanner. When it was my turn, I asked what would happen if I refused to surrender my fingerprint, or that of my two children. He said not to worry, they didn't do that for American and Canadian citizens. Only everyone else.
  This was not, I repeat, was not, a flight into the United States, except for a refueling stop. I'm not a conspiracy theorist, but the US government is going far beyond what used to be considered acceptable.
  
  --
  The subject who is truly loyal to the Chief Magistrate will neither advise nor submit to arbitrary measures (Junius)
8. Re:Well... by khristian · 2008-10-18 04:44 · Score: 2, Interesting
  
  why the hell is parent modded as "insightful"?
  
  --
  http://derkosak.blogspot.com - That's a blog.
9. Re:Well... by Foobar+of+Borg · 2008-10-18 07:28 · Score: 3, Insightful
  
  why the hell is parent modded as "insightful"?
  You must be knew here.
  
  --
  Similar to the upcoming US election results
Schneier bothers me by QuantumG · 2008-10-17 11:06 · Score: 5, Interesting

While he occasionally manages to pass on common sense to people who are confused by propaganda, he still manages to pass on the propaganda! Where this journalist is saying that TSA policies are not there to catch terrorists, they're just there to make people feel better, Schneier is giving advice on how to improve the policies to catch terrorists. They're not interested in catching terrorists Bruce!
He rocks the boat, but he never connects the dots.

--
How we know is more important than what we know.
1. Re:Schneier bothers me by CRCulver · 2008-10-17 11:11 · Score: 3, Insightful
  
  I agree. I miss the Schneier who was the author of Applied Cryptography , an icon for the cypherpunks who seemed to foretell a coming golden age of privacy, where the average man would sock it to the Man with strong crypto. I understand his view that crypto isn't everything anymore, but he has gone from being an inspiring figure to a guy who seems like he just wants to look sagely and get lots of clients for his consulting business.
2. Re:Schneier bothers me by ColdWetDog · 2008-10-17 11:21 · Score: 5, Funny
  
  Besides which, he's just flat out wrong sometimes:
  
  Schneier told me the recipe: "Get some steel epoxy glue at a hardware store. It comes in two tubes, one with steel dust and then a hardener. You make the mold by folding a piece of cardboard in two, and then you mix the two tubes together. You can use a metal spoon for the handle. It hardens in 15 minutes."
  Just fly first class. Use the steak knife.
  
  OTOH - just what do you plane to do next chucko - stab your way into the cockpit cabin? The whole article is pretty inane - Real Terrorists(TM) don't wear Hezbolah T-shirts. It appears that the TSA crews that he encountered by and large accurately pegged him as a harmless goof.
  
  Of course, these are largely the same group of fine folks that let my wife go through three checkpoints with a pair of bright orange, one inch diameter explosive flares that said "FLARE" in big black letters that were sitting in plain view in the mesh pockets of her backpack.
  
  Sigh.
  
  --
  Faster! Faster! Faster would be better!
3. Re:Schneier bothers me by fuzzyfuzzyfungus · 2008-10-17 11:30 · Score: 5, Insightful
  
  You have a point; but I'm not sure whether the change is a result of selling out, or a principled(if very depressing) change in his view of security, based on subsequent experience. After all, the broader cultural appeal of the "cypherpunks sticking it to the man on the unregulable internet that treats censorship as damage and routes around it" has fallen massively. You used to hear it all the time; both from various luminaries and in regurgitated form from flacks and cheerleaders, not nearly as much anymore.
  
  I suspect that it has something to do with his focus on the human element of security. The fact that you can build a cryptosystem that the feds can't break on your own computer with free tools, a modest knowledge of c, and some acquaintance with number theory is pretty damn cool. The fact that your fellow citizens will cheer as the feds waterboard the key out of you really puts that in perspective, though. It is hard to be a cypherpunk utopian when less than 1% of the population can be bothered to follow a step-by-step FAQ to set up PGP, and even geeks respond to google's data mining of their email by telling you how nice the interface is. Techies can argue, correctly, that the great firewall or any other censorware is full of fairly pitiful holes. That doesn't change the fact that it puts up enough resistance(which isn't much) to keep 95% of china's equivalent of average Joe from trying to get past it.
  
  In a way, I think that the cypherpunk ideal fell apart when they built it and nobody came. All sorts of strong crypto are available to everybody, for free, and aren't even all that much trouble to use. Almost nobody bothers, probably so few that those who do just stand out by doing so.
  
  I don't like the idea; but I strongly suspect that Schneier's decline in inspiration has more to do with his assessment of the state of security than it does with any specific sellout.
4. Re:Schneier bothers me by Free+the+Cowards · 2008-10-17 11:46 · Score: 5, Funny
  
  No no, it all makes perfect sense. It's all about behavior profiling. You see, any terrorist will take pains to hide his activities. Therefore anyone who looks like a terrorist most certainly isn't one. Anyone who carries guns, bombs, or other contraband openly is by definition safe, and so doesn't need to be searched.
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
5. Re:Schneier bothers me by mangu · 2008-10-17 11:48 · Score: 3, Insightful
  
  In a way, I think that the cypherpunk ideal fell apart when they built it and nobody came. All sorts of strong crypto are available to everybody, for free, and aren't even all that much trouble to use. Almost nobody bothers, probably so few that those who do just stand out by doing so.
  Worse than that, it seems like anyone who knows anything about cryptography is automatically suspect these days. "If you have nothing to hide, then why do you need that"?
6. Re:Schneier bothers me by neapolitan · 2008-10-17 11:56 · Score: 2, Insightful
  
  I agree on one hand, but in a way I think that he is asking the TSA to do what I don't want them to do in many ways, which is behavioral profiling. This also does not work (at least has a very low specificity and sensitivity), and could make our lives a lot worse by harassment instead of uniform policies.
  Stopping somebody because they are sweating is a bit ambitious, and is similar to what has been going on:
  http://govtsecurity.com/transportation_security/TSAsSPOTunit/
  which is worse for most nerds. I am not surprised by this article, and do not have any quick solutions. We can't stop the security theater (honestly, would you want to not have ANY Xray of luggage or metal detection?) and I am not sure that any behavioral detection is better...
  
  --
  Slashdotter, ID #101. UIDs are in binary, right?
7. Re:Schneier bothers me by Carnildo · 2008-10-17 12:05 · Score: 5, Interesting
  
  Kick the cockpit door in(there pretty easy) and make your demands, meanwhile your partner(s) also gut a few people to keep everyone in order.
  At this point, you're going to run up against the one advance in airplane security that *has* been made post-9/11: you're not getting through the reinforced cockpit door with anything less than a battering ram.
  
  --
  "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
8. Re:Schneier bothers me by geekmux · 2008-10-17 12:07 · Score: 3, Insightful
  
  He rocks the boat...
  And therin lies the fundamental difference between a noted expert in the Security field and the average joe. Bruce can and does rock the boat, where the average joes opinion would barely make a splash against the side of an inflatable raft.
  While I agree there seems to be more grandstanding nowadays, if anyone is going to effect some level of change, the chances are far greater with his sig at the bottom of the Security report.
  As with all things Security, it's always taken in baby steps unless something VERY large happens.
9. Re:Schneier bothers me by Obfuscant · 2008-10-17 12:11 · Score: 5, Insightful
  
  At this point, you're going to run up against the one advance in airplane security that *has* been made post-9/11: you're not getting through the reinforced cockpit door with anything less than a battering ram.
  No, the one advance in security is not the door to the cockpit, it's the understanding on everyone's part that cooperating with a hijacker isn't in anyone's interest anymore, and the half a dozen guys (and maybe a few women) who will be beating the terrorist to a bloody pulp as the rest of the passengers applaud.
  United 93 was a test. The next time, the plane won't go down while the bad guys get killed.
10. Re:Schneier bothers me by Ihmhi · 2008-10-17 12:18 · Score: 5, Funny
  
  So if I'm hypothetically waving around an AK-47 and saying "Allah is Great!", I'm just a funny goofball?
  
  --
  Random Thoughts From A Diseased Mind (Not For Dummies)
11. Re:Schneier bothers me by murdocj · 2008-10-17 12:25 · Score: 4, Funny
  
  Yeah, it does sound familiar, which is why it isn't going to happen. Because immediately after you gut the flight attendent, 200 people who don't want to be flown into a big building are going to jump you. Basically, any kind of "smuggle a knife on and seize the plane from all the cowering people" isn't going to work anymore, because people would rather take a chance on getting knifed, than be killed for sure in plane crash.
12. Re:Schneier bothers me by besalope · 2008-10-17 12:57 · Score: 4, Funny
  
  Wouldn't it be easier to just fly "SouthWest"?
13. Re:Schneier bothers me by tha_mink · 2008-10-17 13:03 · Score: 2, Insightful
  
  United 93 was a test. The next time, the plane won't go down while the bad guys get killed.
  Yep. Had to happen once, but won't happen twice.
  
  --
  You'll have that sometimes...
14. Re:Schneier bothers me by ScrewMaster · 2008-10-17 13:12 · Score: 2, Insightful
  
  No no, it all makes perfect sense. It's all about behavior profiling. You see, any terrorist will take pains to hide his activities. Therefore anyone who looks like a terrorist most certainly isn't one. Anyone who carries guns, bombs, or other contraband openly is by definition safe, and so doesn't need to be searched.
  That's a good theory but ... what if they know that we know they're trying to hide their activities? And what if we know that they know that we know they're trying to hide ... that means that they would have to try and hide ... because then we'd know they knew we knew they were trying to hide ... so they wouldn't bother. See? It's really simple when you sit down and analyze it.
  
  --
  The higher the technology, the sharper that two-edged sword.
15. Re:Schneier bothers me by Jah-Wren+Ryel · 2008-10-17 13:13 · Score: 5, Informative
  
  They're not interested in catching terrorists Bruce!
  He rocks the boat, but he never connects the dots.
  Yeah, sure he doesn't.
  That's why he says things like these:
  much of our country's counterterrorism security spending is not designed to protect us from the terrorists, but instead to protect our public officials from criticism when another attack occurs.
  what I've come to call security theater: security primarily designed to make you feel more secure.
  
  --
  When information is power, privacy is freedom.
16. Re:Schneier bothers me by Obfuscant · 2008-10-17 13:19 · Score: 4, Insightful
  
  Of course, what you're forgetting is that there's still the occasional hijacker who really does just want to fly to Cuba.
  This isn't something I have to worry about forgetting, it's something he better not forget. He's not going to make it.
17. Re:Schneier bothers me by mp3LM · 2008-10-17 13:22 · Score: 2
  
  I have heard this as well. I also heard the cockpit door was supposed to stay closed the entire time of the flight, which is why I was dis-heartened the last time I was on a plain and I saw them freely opening the cockpit door.
18. Re:Schneier bothers me by EaglemanBSA · 2008-10-17 13:27 · Score: 4, Insightful
  
  Or the other one...the pilot with a .40 Glock who's trained to kill people with it under his arm. I know, my brother is one.
  
  --
  Quiz: True or False -- On a scale of 1 to 10, what is your middle name?
19. Re:Schneier bothers me by ScrewMaster · 2008-10-17 13:34 · Score: 2, Insightful
  
  In a way, I think that the cypherpunk ideal fell apart when they built it and nobody came. All sorts of strong crypto are available to everybody, for free, and aren't even all that much trouble to use. Almost nobody bothers, probably so few that those who do just stand out by doing so.
  Worse than that, it seems like anyone who knows anything about cryptography is automatically suspect these days. "If you have nothing to hide, then why do you need that"?
  Sad but true. Of course, if people actually thought about this, they'd all have strong crypto. If the Feds grab your laptop, for example, they'll look for anything they can nail you on, "terroristic" or not. This confiscatory behavior on the part of the TSA is officially called "intelligence gathering" but what it really is is a widespread fishing expedition.
  
  If any of you carry computers around with you that are used regularly by, say, your co-workers ... would you really trust that machine to pass scrutiny by agents highly motivated to get something on you for their trouble? That's the real problem here. As has been discussed many times here on Slashdot, so many things are felonies nowadays that odds are, if they want you, they'll make something stick. Believe me, you don't ever want to be inside the Justice System as an ordinary citizen. You just don't, and forget about whether you're innocent or not. Fortunately, precedent has been set that encryption passphrases are subject to the Fifth Amendment: let's hope that sticks.
  
  So folks, encrypt your stuff. It's easy, it's painless and it's free, and it wouldn't hurt to proselytize a bit, and get your friends and family to try it out as well. The more popular encryption becomes, the harder it will be to outlaw.
  
  --
  The higher the technology, the sharper that two-edged sword.
20. Re:Schneier bothers me by SvnLyrBrto · 2008-10-17 13:59 · Score: 5, Funny
  
  Leave the Admiral out of this! He's a naval officer in a legitimately uniformed combat unit which limits its engagements to legitimate military targets (the possibility of contractors notwithstanding).
  cya,
  john
  
  --
  Imagine all the people...
21. Re:Schneier bothers me by Obfuscant · 2008-10-17 14:00 · Score: 2, Interesting
  
  ...if anyone is going to effect some level of change, the chances are far greater with his sig at the bottom of the Security report.
  That's a danger, not a benefit.
  He missed the most obvious problem with his plan on "closing the triangle". He wants an id check when the person gets on the plane because only a stupid terrorist won't know how to steal a credit card and avoid the "do not fly" check by using a fake name when he buys the ticket.
  Only a stupid terrorist won't be able to get a fake id to go with the stolen credit card to get through the new, as-you-board id check.
  High school students do it so they can buy liquor, you don't think a terrorist might be able to? His suggested solution is just more of the same game we are already playing, only he doesn't recognize it.
22. Re:Schneier bothers me by davidphogan74 · 2008-10-17 14:30 · Score: 2
  
  As I understand it, there's a buzzer (or something similar) so pilots can buzz in the crew without needing to get up. Yes, it's possible human error could occur, but they are allowed to override it.
  If you were a pilot on a 6 hour flight, don't you think you might want some water or coffee during that time?
23. Re:Schneier bothers me by ColdWetDog · 2008-10-17 14:55 · Score: 2, Funny
  
  Obviously, you actually never fly first class. Steak knives have been replaced by plastic knives.
  That's what you get for trying to fly first class on Southwest. Real airlines still use metal knives. On Guard!
  
  --
  Faster! Faster! Faster would be better!
24. Re:Schneier bothers me by ScrewMaster · 2008-10-17 15:11 · Score: 4, Funny
  
  I just meant that not all hijackers are trying to make a political statement or kill anyone. Some are just, well ... nuts, and some just want to get somewhere.
  
  It's a moot point though: if you hijack a plane with a bunch of Americans on it now, odds are we're going to rip your head off and shit down your throat.
  
  --
  The higher the technology, the sharper that two-edged sword.
25. Re:Schneier bothers me by symbolic · 2008-10-17 15:50 · Score: 4, Insightful
  
  I wonder how likely this is to happen. Think about it - we have a government that has systematically become of the most purposelessly invasive influences in our lives, that has routinely skirted the law, and routinely questioned the validity of our constitutional democracy - if we can't stand up to that by throwing out the yahoos in office who vote for this stuff, would they seriously be able to stand up to someone on a plane?
26. Re:Schneier bothers me by T-Bucket · 2008-10-17 16:41 · Score: 3, Insightful
  
  Oh, and don't forget the second advance. The FFDO program. (Commonly known as the "Guns in the cockpit program") By the time you get your second kick in on that door the pilot will be responding with a hail of bullets.
27. Re:Schneier bothers me by Just+Some+Guy · 2008-10-17 16:45 · Score: 5, Insightful
  
  I knew a guy who worked airport security pre-9/11. One day they were running a security drill, and pulled him aside when he let a guy through the checkpoint with a two-piece rifle. Why did he allow him to pass? "Because it wasn't a working rifle. It wasn't put together."
  
  --
  Dewey, what part of this looks like authorities should be involved?
28. Re:Schneier bothers me by CSMatt · 2008-10-17 17:30 · Score: 2, Informative
  
  United 93 was the fourth plane.
29. Re:Schneier bothers me by Jerry+Smith · 2008-10-17 18:55 · Score: 2, Insightful
  
  The fact that your fellow citizens will cheer as the feds waterboard the key out of you really puts that in perspective, though.
  Not needed. M$ (and almost certainly the US government through a secret security letter) have full and almost unhindered access to every network connected windows, and possibly linux, box on earth.
  To preempt one argument: No, they're not going to be easily detected - they'll use steganography for network traffic and only install the spying software (via M$ update) on "persons/countries of interest".
  Encryption is pointless when they have the keys to your computer. They built it after all and the general population intuitively understands that.
  ---
  WGA. Guilty until proven innocent. For millions. Again and again.
  Very interesting, care to elaborate on that? A nice bit of evidence would be well appreciated.
  
  --
  All those moments will be lost in time, like tears in rain. Time to die.
30. Re:Schneier bothers me by JoshJ · 2008-10-17 19:20 · Score: 5, Funny
  
  Clearly, I cannot drink the wine in front of you!
  
  --
  Care about privacy? Read this!
31. Re:Schneier bothers me by ScrewMaster · 2008-10-17 23:58 · Score: 4, Insightful
  
  Yes, but you miss my point. Average Joe, the guy with a good job, and a family, and everything to live for is going to hesitate to throw all that away. More to the point, however, is that going up against armed men requires more than just a knowledge that you're going to die: you have to be willing to die now, and not hope that someone else will be brave enough to do what has to be done. Furthermore, you really should have some idea of how to fight.
  
  As a culture, we've pretty conclusively shown that we'd rather someone else do the dirty work. We'll see: it'll happen again.
  
  --
  The higher the technology, the sharper that two-edged sword.
32. Re:Schneier bothers me by Zero__Kelvin · 2008-10-18 00:09 · Score: 3, Funny
  
  "So if I'm hypothetically waving around an AK-47 and saying "Allah is Great!", I'm just a funny goofball?"
  Actually, in your case, you don't even need the gun or the chanting ..."
  
  --
  Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
33. Re:Schneier bothers me by Anonymous Coward · 2008-10-18 02:07 · Score: 2, Insightful
  
  At this point, you're going to run up against the one advance in airplane security that *has* been made post-9/11: you're not getting through the reinforced cockpit door with anything less than a battering ram.
  No, the one advance in security is not the door to the cockpit, it's the understanding on everyone's part that cooperating with a hijacker isn't in anyone's interest anymore, and the half a dozen guys (and maybe a few women) who will be beating the terrorist to a bloody pulp as the rest of the passengers applaud.
  United 93 was a test. The next time, the plane won't go down while the bad guys get killed.
  Don't be so god damned cocksure.
  Do you really think that it's completely impossible that a half-dozen well-trained terrorists with effective weapons of some kind operating together as a team following a well-thought-out plan wouldn't be able to control an untrained, uncoordinated, and basically unarmed mob in a very confined space long enough to get through the cockpit door?
  Because the next bunch of hijackers will be prepared to handle the passengers as well as the crew.
  Do you really think that's not possible?
  If so, why?
  Meh.
  The only REAL improvement in airline security comes from the fact that there's a good chance that the pilots in the cockpit are ARMED.
  So when Mohammed cracks through the cockpit door, he is subject to an immediate 9mm brain splattering.
  And THAT is BY FAR the biggest deterrent to any hijacking attempt. There's no way a terrorist organization can afford to invest the resources necessary to pull off a suicide hijacking unless it's almost certain to be successful. Even on 9/11, only the pilots knew it was a suicide attack, IIRC. That means that with years of planning, Al Qaeda could only find four terrorists with the ability and the will to perform a suicide hijacking. The "muscle" on 9/11 didn't need to have the will to perform suicide attacks.
  Now they do.
  Think any terrorist organization would waste half-a-dozen motivated-for-suicide, fanatical, and highly effective operatives on a hijacking when it's all too likely to end with a BANG BANG BANG the moment the cockpit door gets opened?
34. Re:Schneier bothers me by berashith · 2008-10-18 02:39 · Score: 2, Insightful
  
  voting someone out requires voting someone else in, and that may not be the best choice. There is also a level of abstraction to the conduct of our government in washington.
  on the other hand, being confronted by someone who wishes to directly cause harm to you and those around you is not nearly as abstract, and doesnt have to be replaced with someone that you hope has better intentions. The jackass on the plane just needs to be stopped.
  There are two types of free, I think there are also two types of sheep.
35. Re:Schneier bothers me by ScrewMaster · 2008-10-18 15:00 · Score: 2, Insightful
  
  Clearly, I cannot drink the wine in front of you!
  What's really funny is that I got modded Insightful.
  
  --
  The higher the technology, the sharper that two-edged sword.
lol by Daimanta · 2008-10-17 11:07 · Score: 2, Insightful

"'But let this be a lesson for you.'"
Yes, the security checks are total bogus. Glad we have shown that in the open right now...

--
Knowledge is power. Knowledge shared is power lost.
1. Re:lol by Aranykai · 2008-10-17 11:22 · Score: 4, Informative
  
  George Carlin had that nailed years and years ago when he said security is there to make the white middle-class feel safe. There is simply no way to make it safe, too many variables.
  RIP George.
  
  --
  If sharing a song makes you a pirate, what do I have to share to be a ninja?
2. Re:lol by Prikolist · 2008-10-17 11:43 · Score: 4, Insightful
  
  It's not intended to make people safe or feel safe, that's just the excuse and the reason why the excuse works. Really TSA is just another step to reduce people's rights and move to a de-facto authoritarian state... Never doubted it, this story just proves it: they never even cared that it's effective to catch terrorists, nothing to do with that, just get people used to random unwarranted searches and seizures and arrests. It's the government and media that sucks up to it that keep people scared, keep them afraid, keep them in a state of terror... oh wait, isn't that what the evil terrorists are supposed to do not the government that "protects" from them? Does anyone even remember what does the word "terrorist" mean? Sorry for rent, it accumulates every once in a while...
  
  --
  I think Linux isn't better than Windows hence in the slashdot realm I'm a troll
3. Re:lol by Daniel_Staal · 2008-10-17 12:14 · Score: 3, Interesting
  
  No, it's not there to make you feel safe. It's there to make you feel like you should feel safe, and be grateful for it, while feeling nervous enough to ask for more.
  
  --
  'Sensible' is a curse word.
4. Re:lol by Free+the+Cowards · 2008-10-17 12:48 · Score: 4, Insightful
  
  How is that any sort of argument? Planes weren't raining out of the sky before the TSA was around, or even before any security measures were being taken.
  I will sell you this rock, it keeps tigers away....
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
5. Re:lol by Free+the+Cowards · 2008-10-17 23:16 · Score: 2, Insightful
  
  Got cite? Wikipedia only lists 6 hijackings in the 1970s. Perhaps all these other ones weren't notable enough to list?
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
It *is* good theater by grizdog · 2008-10-17 11:09 · Score: 4, Interesting

Harry Shearer collects "Tales of Airport Security" for Le Show, and some of them are pretty funny. Search on "airport" and you'll get them, although I recommend the whole show.
Obamaism by Anonymous Coward · 2008-10-17 11:13 · Score: 5, Insightful

When I went through at JFK and asked questions about why they were segregating my bag the supervisor came over and accused me of suffering from "Obamaism".
I complained and TSA dismissed my complaint that the supervisor was making a joke. Really? TSA thinks that a citizen asking about his rights is a joke? Really?
1. Re:Obamaism by Dillon2112 · 2008-10-17 13:48 · Score: 3, Interesting
  
  Poor reasoning. He didn't ask for a lesson in what trips their wire of suspicious, he asked *why* they were going through his stuff. The answer can be as simple as "We saw an object on the xray that might be contraband." or even "We have reason to believe a prohibited item may be in your bag." It doesn't actually tell the passenger a whole lot, but at least it categorizes the event as "we think we may have some evidence" vs. "It's totally random" vs. "You look nervous, so we're giving you more attention."
  But let's face it - no one likes security, and it's fair to know what can hang you up - that's why they publish the rules. If they come out and say "Hey, you had a container that was exactly 3oz of liquid, sometimes we can't tell if it goes over the limit without closer inspection", then you can start carrying 2oz bottles of contact solution to put yourself further in the "safe" area. It's good for you, and it's good for security.
  Further, hoping that the enemy doesn't know what magic lines you've drawn as a basis for your security is a horrible plan. Security should be tight because it's tight, not because no one knows the ways in which it sucks. It's the old argument over whether open source is more vulnerable because everyone can see the code; time and again it has been shown that open source can be at least as secure as closed source.
2. Re:Obamaism by Builder · 2008-10-17 19:32 · Score: 3, Insightful
  
  Sorry, but just how is carrying a 2oz bottle (what's that in real units anyway?) better for security than carrying a 3oz bottle of fluid ?
Technically, the TSA did its job right. by NeutronCowboy · 2008-10-17 11:17 · Score: 4, Insightful

After all, they didn't arrest, because he didn't present a threat. And he didn't. So it's a bit difficult to say that the system failed, based on this story.
However, it's interesting to see exactly how little actual security there is at the airport. Bruce is right - the only thing new is better cockpit doors and passengers who'd rather die than get high-jacked.

--
Those who can, do. Those who can't, sue.
1. Re:Technically, the TSA did its job right. by QuantumG · 2008-10-17 11:19 · Score: 2, Insightful
  
  But you knew that already. Everything Bruce says is common knowledge. Do you really need him to reaffirm it?
  
  --
  How we know is more important than what we know.
2. Re:Technically, the TSA did its job right. by the+eric+conspiracy · 2008-10-17 11:29 · Score: 2, Insightful
  
  Exactly right. Bruce is missing something that he normally understands quite well. Security begins and ends with the individual. Anyone trying anything funny on an airplane for the next 30 years will immediately get swarmed by the rest of the passengers who won't give a shit for their own lives so long as they can prevent the terrorist from carrying out his plan.
  There is no system or process you can build that is stronger or more robust than this.
3. Re:Technically, the TSA did its job right. by Free+the+Cowards · 2008-10-17 11:47 · Score: 5, Insightful
  
  And yet we're wasting billions of dollars of our money building worthless systems on top of that. That's your money, and my money. I want it to stop. The best way to do this is to show how useless it is.
  I think you misunderstand Bruce's objections. He does not simply object to the fact that the TSA is insecure. He objects to the fact that the TSA wastes huge piles of money, and those huge piles of money could be used for better things.
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
4. Re:Technically, the TSA did its job right. by evilviper · 2008-10-17 13:26 · Score: 4, Insightful
  
  Bruce is missing something
  No. No he isn't. TFA directly quotes him discussing EXACTLY what you say he is "missing":
  "'Only two things have made flying safer: the reinforcement of cockpit doors, and the fact that passengers know now to resist hijackers.'"
  The point that you, and many others are missing, however, is a couple lines down:
  "the country would be just as safe as it is today if airport security were rolled back to pre-9/11 levels. 'Spend the rest of your money [elsewhere, for better effects.]'"
  ie. The security of airlines is NOT at issue. The EFFECTIVENESS OF TSA, is. You would do better to save money by cutting back on TSA, and INVESTING it elsewhere. Elsewhere may be more maintenance on commercial jets, improving air traffic control, or perhaps even a few more air marshals.
  TSA is wasting lots of money, needlessly hassling travelers, and for all that, there's no appreciable improvement in security.
  
  --
  Slashdot gets worse every day... Pipedot: News for nerds, without the corporate slant
5. Re:Technically, the TSA did its job right. by tburkhol · 2008-10-18 00:53 · Score: 3, Insightful
  
  His conclusions are not original, and their is much he is missing, including the problems of identity matching that are at the forefront of much research in the area.
  His conclusions aren't original, but somehow, even after five years of people saying, loudly, what totally irrelevant theater the TSA is, the TSA still has a budget of more than $5 billion. That's half as much as the government spends on "general science" research and twice what they spend on "energy" research. I suspect he'll shut up about TSA as soon as we stop wasting so much money on them.
  For example, you still seem to be missing his entire point. Solving "the problems of identity matching" won't make TSA any more effective because TSA is not the effective part of airline security. The effective part of airline security is that passengers will no longer be compliant participants and that the cockpit is no longer accessible to hijackers.
  To make a home security analogy: reinforcing the cockpit door is equivalent to locking the front door of your house; changing passenger attitude is equivalent to posting a guard at that door; expanding TSA search policies, data mining, and screening procedures is equivalent to planting a "Brinks" sign in your front yard. It cost a few hundred million to reinforce the doors. The attitude change was priceless in terms of the lives lost to cause it, but $0. The TSA is $5 billion/year in direct costs plus the uncountable costs of passenger frustration and inconvenience.
Re:Strictly speaking the system worked by QuantumG · 2008-10-17 11:22 · Score: 5, Insightful

1. It's trivial to get around airport security.
2. Everyone knows this.
3. There hasn't been any hijackings.
Therefore:
4. There is no-one attempting hijackings.

--
How we know is more important than what we know.
Printable single page version by TeknoHog · 2008-10-17 11:25 · Score: 3, Informative

http://www.theatlantic.com/doc/print/200811/airport-security

--
Escher was the first MC and Giger invented the HR department.
Whom does this surprise? by thePowerOfGrayskull · 2008-10-17 11:25 · Score: 3, Insightful

You would think that if it were effective, they would be capturing people with provable ill intent. And you'd further think that if they did this, they'd want to tell th e world, loudly! After all, they could justify their own existence that way.
Yet somehow, we haven't heard of one Mighty Terrorist being caught by TSA. ONe must assume that this is because they are not /being/ caught. So... if TSA is not catching terrorists, what the hell are they doing?
The sole purpose is to make people feel protected (or violated, depending on your perspective). There's a sizeable portion of the population who feels reassured when senior citizens and soccer moms get pulled out of line for a closer search.
Land of the free.
Right.
1. Re:Whom does this surprise? by reboot246 · 2008-10-17 11:36 · Score: 2, Insightful
  
  They're too busy catching gray-haired grannies with long pointy knitting needles. Oh, and hassling people with joint replacements.
2. Re:Whom does this surprise? by BorgAssimilator · 2008-10-17 11:36 · Score: 3, Insightful
  
  Question: Whom does this surprise?
  Answer: Lots of people.
  
  It's the sad truth. I mean, when you think about it, these practices got put in place by people who thought it would be a good idea (for whatever reason). There are also lots of people who just buy in to the security theater of "Oh, they check my ID, so that must filter out the terrorists" that hadn't ever looked at the policies from this point of view.
  
  Common sense isn't very common.
  
  --
  "Intelligence has nothing to do with politics!"
  -Londo Mollari
3. Re:Whom does this surprise? by thePowerOfGrayskull · 2008-10-17 14:53 · Score: 2, Insightful
  
  How do you figure? In your linked example, it was the passengers who stopped the hijack attempt from succeeding - not any kind of security measures that had been put in place.
4. Re:Whom does this surprise? by ppanon · 2008-10-17 14:53 · Score: 3, Informative
  
  Who's logic is flawed?
  
  Q: Why did the [nation X citizen] sprinkle salt on the road?
  A: To keep elephants away.
  
  Q: But there are no elephants in [Nation X].
  A: See, it's working!
  
  Maybe instead, the drop in hijacking attempts means that potential hijackers who aren't suicidal terrorists (historically, the bulk of hijackers) have figured out that attempting to hijack a plane these days is effectively suicidal because the non-hijackers in the plane will mob you with no concern for your welfare. A free plane flight to Cuba just isn't worth the risk because the odds of success are so low. Knock over a [place of business] for funds and arrange proper transportation (though Mexico or the Caribbean) instead.
  
  Apparently hijackers have a better feel for the actual risks in hijacking than the sheeple like you. The first thing I remember saying when I found out, after the fact, that planes had been hijacked and crashed into the WTC towers was "That'll never happen again". That was clear no matter what the TSA did.
  
  --
  Laissez lire, et laissez danser; ces deux amusements ne feront jamais de mal au monde. - Voltaire
5. Re:Whom does this surprise? by Alpha830RulZ · 2008-10-17 15:31 · Score: 2, Insightful
  
  The security didn't catch this guy, and the passengers subdued him. I'm a little confused as to your point.
  
  --
  I was taught to respect my elders. The trouble is, it's getting harder and harder to find some.
The best we can do by aaandre · 2008-10-17 11:27 · Score: 5, Insightful

I think the current state of airport security is just that - the best the agency can do, with it's current resources, budget and enormous demand for speedy throughput.
I myself have pondered the possibility of some kind of conspiracy, but all I'm seeing is an outdated, overwhelmed structure under a lot of pressure.
This is a very difficult problem to solve:
- fast processing of people
- spotting potential threats with minimum resources
- overstretched, tired, worn-out employees
- far from state-of-the-art equipment
- unbeliavable throughput
If the throughput is 1/100 of the LAX or JFK demands, then maybe it would be possible to look at each passanger, "check in" with them, evaluate their level of nervousness, clothing, carefully check for tell-signs etc.
With 1 second per passenger that's impossible and the best an agency can do is issue blanket policies including racial/name-based profiling, travel patterns, databases of destinations etc. and hope for the best.
I truly believe that the security policies are not an adequate protection. I don't think that's by design, rather a limitation of the design.
No conspiracy theory here, just lots of frustration with what I perceive as needless delay and inconvenience, bordering with disrespect and abuse in some cases (large-scale profiling and temporary detention of people entering the US etc.).
1. Re:The best we can do by cptdondo · 2008-10-17 11:48 · Score: 4, Interesting
  
  I spent a lot of years in the military; threat assessment and defense was a part of my job.... The whole TSA inspection system is a joke. It is nothing but theater.
  I could go on and on....
  I used to fly with the Bomb.... A demonstration computer built into one of those medium sized toolbox cases. It had a bare board embedded computer, an LCD screen, a PLC, wires and cabling all over the place, the case was lined with a grounding plane, and it had bolts all over the case holding the guts in. It even had a remote control I built with 20 toggle switches and a bunch of LEDs. I hand carried this monster on dozens of flights and *never once* did anyone at TSA express any curiousity about this case.
  Anyway, the Europeans do it much better than the TSA. Chase everyone out of the gate, set up the checkpoint, and screen and scan everyone as they board....
2. Re:The best we can do by SleepingWaterBear · 2008-10-17 12:41 · Score: 2, Insightful
  
  I think the current state of airport security is just that - the best the agency can do, with it's current resources, budget and enormous demand for speedy throughput.
  I agree that actual proper security isn't viable given the resources available, but the current state of affairs is far from "the best the agency can do." Currently the security system wastes millions of dollars and costs travelers massive inconvenience and countless hours of time all to create the illusion of security. I agree that real security in the airport may be more or less impossible, but the best the TSA could do would be to get rid of all the completely ineffectual security and stop wasting millions in tax-payer dollars, and millions of hours of travelers' time.
  As matters stand now, what the TSA is doing borders on fraud.
3. Re:The best we can do by swillden · 2008-10-17 12:50 · Score: 5, Insightful
  
  I think the current state of airport security is just that - the best the agency can do, with it's current resources, budget and enormous demand for speedy throughput.
  Sure it's the best they can do. The point, though, is that the best they can do is COMPLETELY ineffective -- and yet they still spend $7B per year doing it. Why?
  Suppose you had <insert incurable disease>, and I told you that for $10,000 per year, I would sell you a cure.
  "Does it work?" you ask.
  "No," I respond "but it's the best anyone can do."
  Would you buy it? Or would you spend your $10K on something else that actually gives you value?
  
  --
  Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
4. Re:The best we can do by Free+the+Cowards · 2008-10-17 13:00 · Score: 5, Insightful
  
  This is total bullshit. You're making the common mistake of examining their current budget, their current results, and assuming that achieving more results would require either more money or less speed.
  This is simply false. It is false because it overlooks a simple fact: the current use of the budget is horrendously inefficient. In other words, better results can be achieved without making things slower (and indeed, while making things faster) on the same budget.
  Most of what the TSA does is useless. Eliminate that, and suddenly you have a bunch of free money sitting around and people going through security faster. Take that money and put it into things that are actually useful. Now you have faster, better security for the same amount of money.
  Why doesn't this happen? Mainly because this better security would be a lot less visible. This makes moron travelers feel less safe (even though they are actually more safe) and opens bureaucrats up to blame in the event that someone gets through it. All rationality flies out the window in the ceaseless finger-pointing that follows any failure, and the vast majority of bureaucrats are far more concerned with protecting their own asses than protecting the country.
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
So what if he had terrorist propaganda? by Airw0lf · 2008-10-17 11:27 · Score: 4, Insightful

I skimmed through the TFA and the author talks about how various items of terrorist propaganda didn't raise an eyelid:

The flag features, as its charming main image, an upraised fist clutching an AK-47 automatic rifle. Atop the rifle is a line of Arabic writing that reads Then surely the party of God are they who will be triumphant. The officer took the flag and spread it out on the inspection table. She finished her inspection, gave me back my flag, and told me I could go. I said, "That's a Hezbollah flag." She said, "Uh-huh."
Correct me if I am wrong, but all the TSA crew are meant to watch for is if you are bringing anything onto a plane that could then be used to bring it down or hijack it.

Propaganda on the other hand cannot possibly bring down a plane from the sky, and it is surely protected to some extent by freedom of speech.
1. Re:So what if he had terrorist propaganda? by Free+the+Cowards · 2008-10-17 11:48 · Score: 2, Informative
  
  Hasn't stopped them before.
  
  --
  If you mod me Overrated, you are admitting that you have no penis.
Theater to test theater? by noidentity · 2008-10-17 11:33 · Score: 2, Insightful

How does Schneier putting on theater test whether they can detect a real terrorist? This is like those experiments where the researchers set up shocks or some such for the monkeys, they provide bogus explanations for the monkeys' behavior that totally excludes the fact that there were researchers behind the scenes doing things, which the monkeys were aware of.
Re:Not true by Rakishi · 2008-10-17 11:52 · Score: 2, Insightful

They used to check you ID both before you enter security and at the gate (and when checking in bags). A couple years back they dropped the gate check and now they only check it before the security line. They mark the boarding pass at security but it's not like a retarded five year couldn't copy that.
Bruce says the obvious by Obfuscant · 2008-10-17 12:06 · Score: 3, Insightful

The first time I checked in online I thought how easy it would be to modify the boarding pass I was printing on my own printer. Duh. The experience taught me how to enter UNICODE in a postscript file (United encodes some data for passengers in UNICODE).
Much of the article talks about someone not getting things that are not illegal to fly with confiscated. He makes a big deal about carrying a flag. The screener looked at the flag. It wasn't confiscated. BIG DEAL. It isn't illegal to carry a flag on board. He wasn't arrested for ripping up paper in a bathroom. BIG DEAL. It isn't illegal to rip up paper in a bathroom. He wasn't stopped for wearing a teeshirt.
He starts out by saying he was doing things that terrorists wouldn't do, and then complains because he wasn't questioned about doing those things.
Then the "saline solution" hole. Yes, every time you create exemptions from rules you create loopholes for bad guys to get through. Thanks for advertising the saline solution loophole, I'll remember it. Do you think that the TSA screeners should be testing fluids for what they are? There are an awful lot of different things, and any false positive is going to be lept on as another example of TSA stupidity while some poor schmuck is detained for nothing.
So, a terrorist who isn't stupid steals a credit card and buys a ticket under someone else's name. He prints a fake boarding pass with his real name (?) to get past TSA. Then he uses the original pass to get on the plane. We're told that this hole can be closed by simply checking the names at the time someone gets on the plane.
Uhhh, hand raised here. Question? If a terrorist is smart enough to steal a credit card with someone else's name to buy the ticket, won't he be smart enough to get a FAKE DRIVER'S LICENSE WITH THE SAME NAME so he can get past your new, stricter policy? You haven't closed the triangle at all. You've just made everyone feel more secure when they aren't. That's the game you are complaining about.
Hey. Every security measure can be bypassed by someone intent enough on doing it. TSA didn't find some of the things this guy was carrying that he shouldn't have been. Gee. Humans aren't perfect. Combine that and the ability to bypass anything, of course you get the logical result that we might as well not do anything to stop people from taking whatever they want on board.
Re:Not true by Mr.+Slippery · 2008-10-17 12:24 · Score: 4, Informative

Every flight ive been on in canada in the last 4 years has checked ID right when you board the plane. I suppose it could be different in amerika but that would strike me as kind of stupid

Don't some of our TV programming and films make it over the border? After seeing those, are you surprised to see U.S. government and industry collaborating on something that's kind of stupid?
They check ID against your boarding pass at security. They don't (at least here in the U.S.) check either against the "no-fly" list, at least for domestic flights. (IIRC I did have to zip my passport over a reader on flights to Japan, and I'm presuming that it checked me against the list.)
You buy a ticket with a fake name, say "Omar K. Ravenhurst", and stolen a credit card number. The ticketing system finds no "Omar K. Ravenhurst" on the no-fly list, so lets the transaction through,
With a little PDF manipulation, you print out a boarding pass for "Omar K. Ravenhurst", and one for your real name, "John Smith".
You show the "John Smith" ID and boarding pass at security, then the "Omar K. Ravenhurst" boarding pass at the gate. You're allowed on the plane. and the party starts.
Or heck, you show the "Omar K. Ravenhurst" pass at security, and claim to have forgotten your ID. They let you through, just like they let through the author of TFA. You're allowed on the plane. Hilarity ensues.
Or you do what many 19-year-olds do every day and get a fake ID and match it up with your stolen card number. It's not like terrorists can't counterfeit ID cards, or get "genuine" ones from the DMV with fake birth certificates or by bribing an employee. (And "REAL ID" bullshit won't much change that.)
Or you do what many of the actual 9/11 terrorists did and use your actual goddamn ID, because the odds are damn good that you're not on the list anyway since this is your first suicide hijacking...

--
Tom Swiss | the infamous tms | my blog
You cannot wash away blood with blood
Re:Strictly speaking the system worked by jibjibjib · 2008-10-17 13:24 · Score: 4, Funny

If by 'blog' you mean The Atlantic, a printed magazine which has existed since 1857 and has hundreds of thousands of subscribers, then perhaps you're right.
Re:3 steps to happiness by az1324 · 2008-10-17 13:27 · Score: 4, Funny

2. Begin to exhibit religious zealotry
3. Prophet?
In other security programs that waste public money by felix9x · 2008-10-17 17:41 · Score: 2, Interesting

Here in NYC if you go to a subway you will sometimes see police officers near the entrance with a little desk in front of them. They are supposed to randomly pick out people to check their bags. This is supposed to do what deter a real terrorist?
What if a real terrorist walks into a subway upon seeing the cops just simply does a 180 and walks about a block to the other entrance to the same station. Somehow I think I rather have the officers be involved in their usual crime stopping work, at least at that way they sometimes succeed.
Or... Grey's law by Colin+Smith · 2008-10-17 19:34 · Score: 4, Interesting

"Any sufficiently advanced stupidity is indistinguishable from malice."

--
Deleted