Security: Airport: August 2008 Archives


August 25, 2008

Three stories about the TSA's name-based security scheme this week.
  • A muslim airline pilot (an American Gulf War I veteran who converted) has lost his flight priviliges because he is on "some TSA list" and is suing
  • James Robinson, an airline pilot and retired National Guard Brigadier General says he get hassled whenever he tries to fly
    But there's one problem: James Robinson, the pilot, has difficulty even getting to his plane because his name is on the government's terrorist "watch list."

    That means he can't use an airport kiosk to check in; he can't do it online; he can't do it curbside. Instead, like thousands of Americans whose names match a name or alias used by a suspected terrorist on the list, he must go to the ticket counter and have an agent verify that he is James Robinson, the pilot, and not James Robinson, the terrorist.

    "Shocking's a good word; frustrating," Robinson -- the pilot -- said. "I'm carrying a weapon, flying a multimillion-dollar jet with passengers, but I'm still screened as, you know, on the terrorist watch list."


    But although the list is clearly bloated with misidentifications by every official's account, CNN has learned that it may also be ineffective. Numerous people, including all three Robinsons, have figured out that there are ways not to get flagged by the watch list.

    Denise Robinson says she tells the skycaps her son is on the list, tips heavily and is given boarding passes. And booking her son as "J. Pierce Robinson" also has let the family bypass the watch list hassle.

    Capt. James Robinson said he has learned that "Jim Robinson" and "J.K. Robinson" are not on the list.

  • The 9th Circuit has ruled that people have a right to sue to get off the no-fly list.

Maybe I'm not cynical enough, but I find the TSA's behavior vis-a-vis the watch list to be somewhat confusing. Here you've got a system that's clearly very inconvenient for a large number of apparently innocent people (even the low range estimates of the size of the watch list are 400,000 people) is trivial to bypass, and really has no evidence that it's useful at all. And rather than somehow quietly roll it back, TSA's response has been to dig in and make it extremely difficult for people on the list. Moreover, they threaten the airlines even for telling people they are on the list. Ordinarily, one can explain the TSA's behavior by recourse to Schneier's "security theater" model, and maybe it's just the circles I travel in, but I don't get the sense that the general public somehow believes this works. And even if they do, would they really be annoyed to hear that Capt. Robinson is slipping through the cracks? Actually, now that I've said that, there is a beyond cynical rationale here for why TSA is so intransigent about removing people: they like it when it comes out that some 10-year old kid is on the watch list. Sure, people realize it's nuts, but that's the evidence that TSA is doing everything it can; they care so much about your security that they'll even stop grandma from flying.


August 6, 2008

Jayson Ahern from TSA has posted a defense of their laptop border search policy:
First, it's important to note that for more than 200 years, the federal government has been granted the authority to prevent dangerous people and things from entering the United States. Our security measures at the border are rooted in this fundamental fact, and our ability to achieve our border mission would be hampered if we did not apply the same search authorities to electronic media that we have long-applied to physical objects--including documents, photographs, film and other graphic material. Indeed, there are numerous laws that apply to such material at the border including laws regarding intellectual property rights, technical data that can be imported or exported only under state department license and child pornography.

In the 21st century, terrorists and criminals increasingly use laptops and other electronic media to transport illicit materials that were traditionally concealed in bags, containers, notebooks and paper documents. Making full use of our search authorities with respect to items like notebooks and backpacks, while failing to do so with respect to laptops and other devices, would ensure that terrorists and criminals receive less scrutiny at our borders just as their use of technology is becoming more sophisticated.

This result would be ironic given that this same technology actually enables terrorists and criminals to move large amounts of information across the border via laptops and other electronic devices. At the end of the day, we have a responsibility to search items -- electronic or otherwise -- that are being transported across our borders and that could potentially be used to harm our nation's citizens or that are otherwise contrary to law.

It seems to me that this fails to recognize a number of important respects in which your laptop is different from physical objects like documents, photographs, etc.

First, unlike drugs or currency, you don't need to actually carry information across the border in order to bring it into the country. For starters, you just put it on some Web site (GMail, any file sharing site, etc.) and download it once you've entered the country. Standard encryption tools easily suffice to hide the data from interception by the authorities. You don't even need special software; you can use SSL to contact the site. If you're using GMail, Google will even serve you ads relevant to your interest: "Get your discount surface-to-air missiles here." Of course, if you don't want this, you can PGP encrypt your data with some static key you memorize. Even if for some reason you can't figure out how to operate GMail, you can just copy the data onto a CDROM and ship it to yourself. Even if customs can search them—and I interpret this policy as saying they can't search USMail—as a practical matter it's trivial to hide your in digital music or digital video, so even if they do search your mail it's unlikely you'll get caught.

Second, even if you have to bring the data across with you, Digital data is trivial to hide. For instance, a 2G flash memory chip is about 10x10x2 mm. I can think of lots of ways to hide a chip like that in your gear: for instance in a chip-style cash card. Even if you can't contrive to hide this somewhere in your gear, remember that customs needs a much higher level of suspicion to do a body cavity search, so you can simply swallow the chip to bring it across the border. Basically, you can't stop a dedicated attacker from smuggling even large quantities of digital data across the border.

Ahern talks about preventing "dangerous people and things from entering the United States", but this conflates two different issues. For the reasons above, it's not really possible to stop "dangerous" digital data from entering the US. Now, you might be able to stop dangerous people from entering the US if they were stupid enough to forget to erase incriminating data from their laptops and you catch them during your search, but now that it's public knowledge that CBP is searching laptops, we would expect competent terrorists or child pornographers to take note of that, so you should mostly expect to catch the incompetent, and more likely average people who are carrying contraband.

The third way in which laptops are different is that taking your laptop away is extremely invasive. Even if we ignore the arguments (which have already been aired extensively) about how much it compromises your privacy to have all the stuff on your laptop exposed, having your laptop taken away from you is incredibly inconvenient, as anyone who's ever had a hard drive crash can tell you. As I understand the policy, CBP claims that they can just take your equipment indefinitely. Without arguing about whether they're legally allowed to, it should be noted that they could just image the hard drive. This isn't quite as good since they don't get to do a complete search—you could be hiding your flash chips on the motherboard somewhere—but given the ease with which you can hide your media (see above), this seems like it's good enough to catch the stupid people.