Slashdot Mirror
TSA Paid $1.4 Million For Randomizer App That Chooses Left Or Right (geek.com)
An anonymous reader writes: For those of you who have traveled through U.S. airports in recent years, you may have noticed the Transport Security Administration (TSA) use a Randomizer app to randomly search travelers in the Pre-Check lane. The app randomly chooses whether travelers go left or right in the Pre-Check lane so they can't predict which lane each person is assigned to and can't figure out how to avoid the random checks. Developer Kevin Burke submitted a Freedom of Information Act request asking for details about the app. The documents he received reveals the TSA purchased the Randomizer iPad app for $336,413.59. That's $336,413.59 for an app, which is incredibly simple to make as most programming languages of choice have a randomizing function available to use. What may be even more intriguing is that the contract for the TSA Randomizer app was won by IBM. The total amount paid for the project is actually $1.4 million, but the cost is not broken down in Burke's documents. It's possible IBM supplied all the iPads and training in addition to the app itself.
Well, you don't even need a cryptographically secure random number. You just need one that can't be predicted by anyone on that day, which isn't really a tall order. You could do it in any language of your choice, let everyone see the code, and seed the generator with the current time in seconds (or ms or whatever). Still nobody would be able to guess, because they can't predict when you're gonna press that button.
A little harder, yes, but not by much.
I work on regulated casino software. And we use the Mersenne Twister rather than any sort of dedicated randomization hardware.
Some casinos are using actual quantum RNGs. For $1k I can get a USB RNG that emits one photon at a time and a polarized mirror with a perfect 50% chance to go through or reflect off of. 4Mbit/s of RNG. For $35 you can get a pretty strong opensource USB RNG that uses a combination of several quantum level electric, electro-thermal, and EM noise. http://www.bitbabbler.org/
A simple micro-controller, a button, and two LEDs would work just as well for just a few bucks.
A die (singular of "dice") would work just as well, and would handle up to 6 checkpoints.
Amazon has them, 100 for $2.79.
Some casinos are using actual quantum RNGs. For $1k I can get a USB RNG that emits one photon at a time and a polarized mirror with a perfect 50% chance to go through or reflect off of. 4Mbit/s of RNG. For $35 you can get a pretty strong opensource USB RNG that uses a combination of several quantum level electric, electro-thermal, and EM noise. http://www.bitbabbler.org/
All nondeterministic RNGs are quantum in nature. All physical things are.
What people mean by quantum RNG is actually that they are isolating a single quantum event from all the others. So it has a nice distribution. Only this does not happen. As far as I've been able to ascertain (and it's my job to know) all quantum RNGs are measuring the sum of multiple events and so getting a binomial distribution that then needs a traditional entropy extraction algorithm to get to data with nondeterminism, a uniform distribution and something close to 100% Renye min entropy. This is therefore no different to normal RNGs except there's a smaller number of things in the core nondeterministic process.
For $0 extra, you can use the RNG in your computer. They're pretty good these days.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.