Slashdot Mirror

← Back to Stories (view on slashdot.org)

TSA Missed Boston Bomber Because His Name Was Misspelled In a Database

Posted by Soulskill on from the let's-blame-technology dept.

schwit1 sends this news from The Verge: "Tamerlan Tsarnaev, the primary conspirator in the Boston Marathon bombing that killed three people, slipped through airport security because his name was misspelled in a database, according to a new Congressional report. The Russian intelligence agency warned U.S. authorities twice that Tsarnaev was a radical Islamist and potentially dangerous. As a result, Tsarnaev was entered into two U.S. government databases: the Terrorist Identities Datamart Environment and the Treasury Enforcement Communications System (TECS), an interagency border inspection database.

A special note was added to TECS in October of 2011 requiring a mandatory search and detention of Tsarnaev if he left the country. 'Detain isolated and immediately call the lookout duty officer,' the note reportedly said. 'Call is mandatory whether or not the officer believes there is an exact match.' 'Detain isolated and immediately call the lookout duty officer.' Unfortunately, Tsarnaev's name was not an exact match: it was misspelled by one letter. Whoever entered it in the database spelled it as 'Tsarnayev.' When Tsarnaev flew to Russia in January of 2012 on his way to terrorist training, the system was alerted but the mandatory detention was not triggered. Because officers did not realize Tsarnaev was a high-priority target, he was allowed to travel without questioning."

15 of 275 comments (clear)

  1. Jeez by Tablizer · · Score: 5, Funny

    That's a bomber, I mean bummer.

    --
    Table-ized A.I.
    1. Re:Jeez by Anonymous Coward · · Score: 5, Interesting

      Hate to see the guy that was mistaken as the terrorist because of a wrong letter.

      http://en.wikipedia.org/wiki/Brazil_(1985_film)
      >One day he is assigned the task of trying to rectify an error caused by a fly getting jammed in a printer, which caused it to misprint a file, resulting in the incarceration and death during interrogation of Mr. Archibald Buttle instead of the suspected "terrorist", Archibald Tuttle.

      Good movie.

  2. No. You do not get to pull this bullshit. by Anonymous Coward · · Score: 5, Insightful

    The TSA is operated by some of the most incompetent people the USA has to offer. They are the problem, not the hardware or software. I fail to see why they should get a "free pass" here on account of a bad database entry. Heads should be hung over this, especially considering the justifications thrown around for the continued existence of the TSA.

  3. We already knew this way back in 2013 by SuperKendall · · Score: 5, Insightful

    I've seen this story about Russia giving us warnings about the Boston bomber floating around elsewhere recently, why is this news now? We knew this back in 2013.

    Despite the misspelling, the FBI interviewed him and determined he was no threat (unlike his friend who they interviewed after the bombing, and shot to death during the interview).

    So what would it have mattered if airport security searched him after one of his trips to Russia? It's almost certain he wasn't carrying anything that would have got him arrested.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  4. Significance? by mwehle · · Score: 5, Insightful

    I think the tacit implication here is that if Tsarnaev had been questioned on exiting the country the Boston Marathon bombing might have been averted, but is there really any substance to this? Do we think he would have changed plans had he been questioned? Pressure cooker outlets would have been alerted to refuse to sell him cookware? What exactly would the outcome likely have been had he been questioned?

    --
    Wir sind geboren, um frei zu sein - Rio Reiser
  5. transliteration by Heraklit · · Score: 5, Informative

    News at Nine: transliterations of names can be tricky... Some parts of the world use different alphabets...

  6. It was not misspelled by shutdown+-p+now · · Score: 5, Interesting

    It was not misspelled, it was just transliterated differently. The original name is Cyrillic, and "Tsarnayev" is actually closer to how it is supposed to be pronounced, but "Tsarnaev" is the more usual letter-for-letter transliteration that doesn't distinguish two modes of Russian "e" (it's pronounced as "e" in general, but as "ye" after vowels and at the beginning of words), and is the one that's usually used in passports. I wouldn't be surprised if "Tsarnayev" was how it was spelled in the documents that they've got from Russia, because the person on the other side translated it phonetically...

    Either way, this points at a glaring issue in all those databases. If they require a perfect match, they're going to be very flaky for all kinds of foreign names - ironically, Arabic ones especially, which I assume are the most commonly searched ones. Remember that whole Qaddafi vs Gaddafi vs Kaddafi in US press when Libya was on the front pages?

    Yet another evidence that all this stuff is little more but security theater. It doesn't matter whether it actually works, so long as people are convinced that it does. Unfortunately, they actually let a real terrorist through this time...

    1. Re:It was not misspelled by manicb · · Score: 5, Funny

      If only there were some kind of universal character set that included all these scripts

  7. I wrote anti-terrorist software for banks. by quietwalker · · Score: 5, Informative

    I've written about this before; I used to write financial software for a living, and one of the requirements for a US bank was to provide a mechanism to detect transactions by an unauthorized person.

    In short, the govt. provides a list of bad people in a text file. One name per line, all upper case, like it came out of an old batch system. We then check to see if the sender or receiver of any transaction /EXACTLY/ matches that string, case insensitive. If it's an exact letter-for-letter match, there's a flag that's set and the transaction is delayed, but it appears to go through as normal(*). What happens after that is the bank's responsibility, but that's the whole of the complexity.

    Whoever made the list usually has a few variants of spelling; OSAMA BIN LADEN or OMASA BIN LADEN or OSMA BIN LADEN, for example. But that's it. Just spelling your name slightly differently is enough to avoid the flag. We're literally not allowed to add anything else, like soundex matching or handling foreign letters.

    This is ~probably~ also how the TSA no fly list works, and why you still hear about false positives from time to time. It's also probably how any security works until it's been around for 20 years and they hire a contracting company to make them really good software that does what they want, instead of what they think they want it to do.

    It just takes a very long time for software designed by a legislative committee with no technical awareness to morph into something usable, but that's government for you.

    * - most transactions are not sent out until the end-of-day reconciliation anyway, so it looks like it's accepted like most other transactions, probably in a 'pending' state in your online balance - unless you're paying for a wire transfer or something.

    1. Re:I wrote anti-terrorist software for banks. by quietwalker · · Score: 5, Informative

      Yes.

      It's no longer making the news, but for a while it was a nearly-daily occurrence. It's just not a big media draw anymore, unless it impacts a politician or famous entertainer.

  8. Re:Soundex Algorithm by Cryacin · · Score: 5, Insightful

    Great, so now not only if we are a namesake with a wanted "enemy of the state", but also if our names are soundex or Levenshtein Distance 3 similar, we are going to get detained, cavity searched and otherwise.

    --
    Science advances one funeral at a time- Max Planck
  9. Re:Helpful links for intelligence community devs by Cryacin · · Score: 5, Funny

    So, Mr oBama would have a Levenshtein distance of 1 with oSama then? Good job there.

    --
    Science advances one funeral at a time- Max Planck
  10. His name was diabolical! by 140Mandak262Jamuna · · Score: 5, Funny

    That fiend had changed his name to "Tsarnayev'); DROP TABLE Terrorists; --"

    --
    sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
  11. Re:Who says computers will take over.... by Anonymuous+Coward · · Score: 5, Insightful
    This is not a case of misspelling (think Notingham) or variant spelling (think Britney vs. Brittany). There's simply no standard way of transliterating Russian names. Cyrillic "e" may be pronounced "eh", "yeh", "yo", "o" or "ih" and some people will use some kind of phonetic approximation so they don't have their names too badly garbled.

    I would have expected them to include the original cyrillic name and all the /obvious/ transliterations in their database, but that's apparently way beyond their capabilities.

  12. Re:Soundex Algorithm by kilfarsnar · · Score: 5, Insightful

    But Obummer is keeping you safe!!!

    Most people here understand that the issue of the creeping security state is not left or right, Republican or Democrat. The parties have shown us that they are both interested in increasing surveillance and curtailing our rights. Why have you not grasped this yet?

    --
    "What the American public doesn't know is what makes them the American public." -Ray Zalinsky (Tommy Boy)