[Clips] Airline Security a Waste of Cash

R. A. Hettinga rah at shipwright.com
Thu Dec 1 13:16:49 EST 2005 

--- begin forwarded text


 Delivered-To: clips at philodox.com
 Date: Thu, 1 Dec 2005 13:15:43 -0500
 To: Philodox Clips List <clips at philodox.com>
 From: "R. A. Hettinga" <rah at shipwright.com>
 Subject: [Clips] Airline Security a Waste of Cash
 Reply-To: rah at philodox.com
 Sender: clips-bounces at philodox.com

 <http://wired.com/news/print/0,1294,69712,00.html>

 Wired News

 Airline Security a Waste of Cash
 By Bruce Schneier?

 Story location: http://www.wired.com/news/privacy/0,1848,69712,00.html

 02:00 AM Dec. 01, 2005 PT

 Since 9/11, our nation has been obsessed with air-travel security.
 Terrorist attacks from the air have been the threat that looms largest in
 Americans' minds. As a result, we've wasted millions on misguided programs
 to separate the regular travelers from the suspected terrorists -- money
 that could have been spent to actually make us safer.

 Consider CAPPS and its replacement, Secure Flight. These are programs to
 check travelers against the 30,000 to 40,000 names on the government's
 No-Fly list, and another 30,000 to 40,000 on its Selectee list.


 Security Matters

 They're bizarre lists: people -- names and aliases -- who are too dangerous
 to be allowed to fly under any circumstance, yet so innocent that they
 cannot be arrested, even under the draconian provisions of the Patriot Act.
 The Selectee list contains an equal number of travelers who must be
 searched extensively before they're allowed to fly. Who are these people,
 anyway?

 The truth is, nobody knows. The lists come from the Terrorist Screening
 Database, a hodgepodge compiled in haste from a variety of sources, with no
 clear rules about who should be on it or how to get off it. The government
 is trying to clean up the lists, but -- garbage in, garbage out -- it's not
 having much success.

 The program has been a complete failure, resulting in exactly zero
 terrorists caught. And even worse, thousands (or more) have been denied the
 ability to fly, even though they've done nothing wrong. These denials fall
 into two categories: the "Ted Kennedy" problem (people who aren't on the
 list but share a name with someone who is) and the "Cat Stevens" problem
 (people on the list who shouldn't be). Even now, four years after 9/11,
 both these problems remain.

 I know quite a lot about this. I was a member of the government's Secure
 Flight Working Group on Privacy and Security. We looked at the TSA's
 program for matching airplane passengers with the terrorist watch list, and
 found a complete mess: poorly defined goals, incoherent design criteria, no
 clear system architecture, inadequate testing. (Our report was on the TSA
 website, but has recently been removed -- "refreshed" is the word the
 organization used -- and replaced with an "executive summary" (.doc) that
 contains none of the report's findings. The TSA did retain two (.doc)
 rebuttals (.doc), which read like products of the same outline and dismiss
 our findings by saying that we didn't have access to the requisite
 information.) Our conclusions match those in two (.pdf) reports (.pdf) by
 the Government Accountability Office and one (.pdf) by the DHS inspector
 general.

 Alongside Secure Flight, the TSA is testing Registered Traveler programs.
 There are two: one administered by the TSA, and the other a commercial
 program from Verified Identity Pass called Clear. The basic idea is that
 you submit your information in advance, and if you're OK -- whatever that
 means -- you get a card that lets you go through security faster.

 Superficially, it all seems to make sense. Why waste precious time making
 Grandma Miriam from Brooklyn empty her purse when you can search Sharaf, a
 26-year-old who arrived last month from Egypt and is traveling without
 luggage?

 The reason is security. These programs are based on the dangerous myth that
 terrorists match a particular profile and that we can somehow pick
 terrorists out of a crowd if we only can identify everyone. That's simply
 not true.

 What these programs do is create two different access paths into the
 airport: high-security and low-security. The intent is to let only good
 guys take the low-security path and to force bad guys to take the
 high-security path, but it rarely works out that way. You have to assume
 that the bad guys will find a way to exploit the low-security path. Why
 couldn't a terrorist just slip an altimeter-triggered explosive into the
 baggage of a registered traveler?

 It may be counterintuitive, but we are all safer if enhanced screening is
 truly random, and not based on an error-filled database or a cursory
 background check.

 The truth is, Registered Traveler programs are not about security; they're
 about convenience. The Clear program is a business: Those who can afford
 $80 per year can avoid long lines. It's also a program with a questionable
 revenue model. I fly 200,000 miles a year, which makes me a perfect
 candidate for this program. But my frequent-flier status already lets me
 use the airport's fast line and means that I never get selected for
 secondary screening, so I have no incentive to pay for a card. Maybe that's
 why the Clear pilot program in Orlando, Florida, only signed up 10,000 of
 that airport's 31 million annual passengers.

 I think Verified Identity Pass understands this, and is encouraging use of
 its card everywhere: at sports arenas, power plants, even office buildings.
 This is just the sort of mission creep that moves us ever closer to a "show
 me your papers" society.

 Exactly two things have made airline travel safer since 9/11: reinforcement
 of cockpit doors, and passengers who now know that they may have to fight
 back. Everything else -- Secure Flight and Trusted Traveler included -- is
 security theater. We would all be a lot safer if, instead, we implemented
 enhanced baggage security -- both ensuring that a passenger's bags don't
 fly unless he does, and explosives screening for all baggage -- as well as
 background checks and increased screening for airport employees.

 Then we could take all the money we save and apply it to intelligence,
 investigation and emergency response. These are security measures that pay
 dividends regardless of what the terrorists are planning next, whether it's
 the movie plot threat of the moment, or something entirely different.

 - - -

 Bruce Schneier is the CTO of Counterpane Internet Security and the author
 of Beyond Fear: Thinking Sensibly About Security in an Uncertain World. You
 can contact him through his website.

 --
 -----------------
 R. A. Hettinga <mailto: rah at ibuc.com>
 The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
 44 Farquhar Street, Boston, MA 02131 USA
 "... however it may deserve respect for its usefulness and antiquity,
 [predicting the end of the world] has not been found agreeable to
 experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
 _______________________________________________
 Clips mailing list
 Clips at philodox.com
 http://www.philodox.com/mailman/listinfo/clips

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list