Core Dump

The rules that the TSA has rolled out regarding photo IDs and their requirements for getting onto passenger airplanes are usless. In fact, you could argue that they are worse than useless, since they create a false sense of security – and they cost us a lot of money (both directly and indrectly).

But don’t just take my word for it – Bruce Schneier thinks so, too:

…[T]he photo ID requirement is a joke. Anyone on the no-fly list can easily fly whenever he wants. Even worse, the whole concept of matching passenger names against a list of bad guys has negligible security value.

The bottom line is, the no-fly list – and the photo ID rules that go with it – are worthless. It’s all just for show – full of sound and fury, signifying nothing. Why people still think it’s a good idea – or worse, that it should be expanded – continues to confound me.

The no-fly list is a Kafkaesque nightmare for the thousands of innocent Americans who are harassed and detained every time they fly. Put on the list by unidentified government officials, they can’t get off. They can’t challenge the TSA about their status or prove their innocence. (The U.S. 9th Circuit Court of Appeals decided this month that no-fly passengers can sue the FBI, but that strategy hasn’t been tried yet.)

But even if these lists were complete and accurate, they wouldn’t work. Timothy McVeigh, the Unabomber, the D.C. snipers, the London subway bombers and most of the 9/11 terrorists weren’t on any list before they committed their terrorist acts. And if a terrorist wants to know if he’s on a list, the TSA has approved a convenient, $100 service that allows him to figure it out: the Clear program, which issues IDs to “trusted travelers” to speed them through security lines. Just apply for a Clear card; if you get one, you’re not on the list.

In the end, the photo ID requirement is based on the myth that we can somehow correlate identity with intent. We can’t. And instead of wasting money trying, we would be far safer as a nation if we invested in intelligence, investigation and emergency response — security measures that aren’t based on a guess about a terrorist target or tactic.

That’s the TSA: Not doing the right things. Not even doing right the things it does.

Maybe we should rename the TSA from the “Transporation Security Agency” to the FGSA – the “Feel Good Security Agency.” Or maybe the SBA – the “Security Blanket Agency.” Because almost everything they do it just to make us “feel better” about security, rather than actually making us more secure.

Feeling secure and actually being secure are two VERY different things. The problem is that feeling secure is easy to wave around come election time. Actually being secure is a bit harder to brag about on the campaign trail.

Sad, but true.

In case there was any doubt that this whole digital passport / RFID passport thing was never about security (via Slashdot):

“New microchip passports designed to be foolproof against identity theft failed the test when a researcher was able to manipulate one in minutes. The cloned passports were accepted as genuine by the computer software recommended for use at international airports. According to the article: ‘A computer researcher cloned the chips on two British passports and implanted digital images of Osama bin Laden and a suicide bomber. The altered chips were then passed as genuine by passport reader software used by the UN agency that sets standards for e-passports.’”

Once again demonstrating that there is absolutely no reason to have RFID in our passports and that it does not in any way make us more safe or secure.

So let’s just drop the whole idea, huh? My passport’s due for renewal soon – and I do NOT want to get one with a chip in it.

Repeat after me:

• RFID passports do not make us any safer.
• RFID passports are not really any harder to counterfeit
• RFID passports are not inherently more secure
• RFID passports are a bad idea

Repeat that 600 more times. Then write it down 600 times. Then mail it to your representatives (all of them).

Well? What are you waiting for? Get to it!

This article from “Ask the Pilot” by Patrick Smith is well worth reading. It recounts a story that a pilot had with the TSA people.

Let me give you just one little snippet:

“Ma’am, that’s an airline knife. It’s the knife they give you on the plane.“

You can probably imagine where this is headed.

There are a number of other very good articles on that site as well – be sure to check them out.

Schneier on Security: Homeland Security Cost-Benefit Analysis.

A very worthwhile read – basically:

The premises:

1. The number of potential terrorist targets is essentially infinite.
2. The probability that any individual target will be attacked is essentially zero.
3. If one potential target happens to enjoy a degree of protection, the agile terrorist usually can readily move on to another one.
4. Most targets are “vulnerable” in that it is not very difficult to damage them, but invulnerable in that they can be rebuilt in fairly short order and at tolerable expense.
5. It is essentially impossible to make a very wide variety of potential terrorist targets invulnerable except by completely closing them down.

The policy implications:

1. Any protective policy should be compared to a “null case”: do nothing, and use the money saved to rebuild and to compensate any victims.
2. Abandon any effort to imagine a terrorist target list.
3. Consider negative effects of protection measures: not only direct cost, but inconvenience, enhancement of fear, negative economic impacts, reduction of liberties.
4. Consider the opportunity costs, the tradeoffs, of protection measures.

There’s nothing new here – this is all common sense stuff, really. This paper just backs it up with research and evidence. Now, if we could just get our leaders to ACT on it, instead of their current tactic of fear-mongering and ass-covering, we’d all be a lot better off.

Go here and download this free e-book and read it as soon as you can. Be sure to set aside a lot of time for it; if you’re anything like me, you won’t be able to put it down. You may not even want to break to go to the bathroom – that’s how good this is.

Once you’ve done that, get someone else to read it. Or talk about it with people who won’t read it or can’t read it. Anything.

This book is just so fantastically important I can’t even put it into words. But I can say that 10 years ago, it would have been science fiction. In another 10 years, it might be true – or it might have been prevented.

This book will open your eyes about a lot of things, about security, about politics, about terrorism, about databases, about privacy, about liberty, and all that sort of stuff that, frankly, we take for granted far too often.

It’s a free e-book, but if you really like it – as I did – feel free to buy it from the author, or buy some of his other books, or just send him a donation.

Peace out, yo.