Bruce Schneier Wipes The Airport Floor With Kip Hawley
Schneier and Hawley debated on airport security at The Economist. First, Schneier:
There are two categories of terrorists. The first, and most common, is the amateurs, like the guy who crashed his plane into the Internal Revenue Service building in Austin. They are likely to be sloppy and stupid, and even pre-9/11 airplane security is going to catch them. The second is the well-briefed, well-financed and much rarer plotters. Do you really expect TSA screeners, who are busy confiscating water bottles and making people remove their belts and shoes, to stop the latter sort?
Of course not. Because the TSA’s policies are based on looking backwards at previously tried tactics, it fails against professionals. Consider this century’s history of aircraft terrorism. We screened for guns and bombs, so the terrorists used box cutters. We confiscated box cutters and corkscrews, so they put explosives in their sneakers. We screened footwear, so they tried to use liquids. We confiscated liquids, so they put PETN bombs in their underwear. We rolled out full-body scanners, even though they would not have caught the Underwear Bomber, so they put a bomb in a printer cartridge. We banned printer cartridges over 16 ounces–the level of magical thinking here is amazing–and surely in the future they will do something else.
This is a stupid game, and we should stop playing it. Overly specific security measures work only if we happen to guess both the target and the plot correctly. If we get either wrong–if the terrorists attack something other than aircraft, or use a tactic we have not thought of yet–we have wasted our money and uselessly annoyed millions of travellers.
Airport security is the last line of defence, and it is not a very good one. If there were only a dozen potential terrorist tactics and a hundred possible targets, then protecting against particular plots might make us safer. But there are hundreds of possible tactics and millions of possible targets. Spending billions to force the terrorists to alter their plans in one particular way does not make us safer. It is far more cost-effective to concentrate our defences in ways that work regardless of tactic and target: intelligence, investigation and emergency response.
That being said, aircraft require a special level of security for several reasons: they are a favoured terrorist target; their failure characteristics mean more deaths than a comparable bomb on a bus or train; they tend to be national symbols; and they often fly to foreign countries where terrorists can operate with more impunity.
But all that can be handled with pre-9/11 security. Exactly two things have made air travel safer since 9/11: reinforcing the cockpit door, and convincing passengers that they need to fight back. Everything else has been a waste of money. Add screening of checked bags and airport workers and we are done. All the rest is security theatre. If we truly want to be safer, we should return airport security to pre-9/11 levels and spend the savings on intelligence, investigation and emergency response.
“Never again” has become reality, but as new terror threats emerge, security officials have to adjust defensive measures to stay ahead of looming attacks.
Defensive measures are employees, hired off pizza boxes (who might otherwise been manning the fry vat at Mickey D’s), groping countless balls and vaginas at the airport? See Schneier, above.
A steady stream of al-Qaeda threats came in during 2006, 2007 and 2008 using “clean” operatives and involving novel explosives, including powerful liquids that were not detectable by scanners. On an average day during this period, I, as TSA administrator, had threat discussions about half a dozen to a dozen specific, separate, serious plots with intelligence analysts to consider security operations that would counter threats targeting transport. A shoe-bomb incident in 2001, a liquid bomb in 2006 and an underwear bomb in 2009 do not give the public a sense of the deadly daily flow of al-Qaeda and other plotting. Whatever perceived buffoonery takes place at checkpoints does not mitigate the cold reality that there are real attack plots and that TSA people all over the world, in concert with partners in industry and other government agencies, take action to prevent them. Sometimes these actions are undecipherable and awkward, but they have worked.
Bullshit. They’d be crowing all the way into three years from now if they’d caught a single terrorist. What they’ve captured is a whole lot of veterans’ penknives and a bunch of weed.
Oh, and note that they didn’t catch the shoe bomber or the panty bomber — or a single terrorist, and they’ve had $60 billion of our money to grope our balls and violate our rights trying.
Better intelligence shared across agencies and countries, improved technology like advanced checkpoint scanning, upgraded training and tools like behaviour detection, all play a part in lowering the risk of new and future threats. Getting rid of outdated security measures, however, is difficult. In 2005, I tried to remove scissors and small tools from the prohibited-items list in order to focus TSA officers on hidden explosives; there was an outcry that predicted “blood running in the aisles” if these potential weapons were allowed on planes. We went ahead with the changes, but, in many cases, the old measures just stayed on the books.
Just like government — ineffective at pretty much everything but perpetuating itself.
The TSA losers’ failure rate (at catching weapons).
UPDATE: Schneier posts Doctorow’s sum-up at BoingBoing:
All of Hawley’s best arguments sum up to “Someone somewhere did something bad, and if he’d tried it on us, we would have caught him.” His closing clincher? They heard a bad guy was getting on a plane somewhere. The figured out which plane, stopped it from taking off and “resolved” the situation. Seeing as there were no recent reports of foiled terrorist plots, I’m guessing the “resolution” was “it turned out we made a mistake.” But Hawley’s takeaway is: “look at how fast our mistake was!”