Here's a rather alarming, yet slightly humorous article about the failings of the TSA from this month's issue of the Atlantic Monthly (thanks to Doug Laird of consulting firm Laird & Associates for directing me to it).
Jeffrey Goldberg writes about his experience dodging various TSA rules, what he calls "security theater." In the end, he manages to board a plane using a fake boarding pass, no ID and purposely acting suspicious in an effort to see if TSA will detain him. Goldberg even sits down with Kip Hawley, director of the TSA, to talk about vulnerabilities, which Hawley more or less concedes to. But that wasn't the most interesting part of the article, I thought (it's a great piece and I highly recommend making the click, though, so we're all on the same page).
Goldberg discusses some of the new initiatives the TSA is taking in regards to how it screens and profiles passengers.
We handed our boarding passes and IDs to the security officer, who inspected our driverâ€™s licenses through a loupe, one of those magnifying-glass devices jewelers use for minute examinations of fine detail. This was the moment of maximum peril, not because the boarding passes were flawed, but because the TSA now trains its officers in the science of behavior detection. The SPOT programâ€”â€œScreening of Passengers by Observation Techniquesâ€â€”was based in part on the work of a psychologist who believes that involuntary facial-muscle movements, including the most fleeting â€œmicro-expressions,â€ can betray lying or criminality. The training program for behavior-detection officers is one week long.
We just blasted out a newswire with an article about LAX utilizing Israeli experts to evaluate security measures at the airport. Israel doesn't mess around when it comes to security (check out Sam's blog about his trip to Israel. Scroll to the bottom, there are several entries on his trip). Of the many sophisticated techniques employed by Israelis (like screening people BEFORE they enter a building, what a concept!) they focus largely on behavior screening. As a security measure they talk (i.e. briefly interrogate) every passenger as they come through security to evaluate that person's behavior. And that's why they have one of the safest airports in the world.
Goldberg also discusses how easy it is to circumvent the TSA's no-fly list:
Itâ€™s easy for a terrorist to check whether the government has cottoned on to his existence, SchneiÂer said; he simply has to submit his name online to the new, privately run CLEAR program, which is meant to fast-pass approved travelers through security. If the terrorist is rejected, then he knows heâ€™s on the watch list.
To slip through the only check against the no-fly list, the terrorist uses a stolen credit card to buy a ticket under a fake name. â€œThen you print a fake boarding pass with your real name on it and go to the airport. You give your real ID, and the fake boarding pass with your real name on it, to security. Theyâ€™re checking the documents against each other. Theyâ€™re not checking your name against the no-fly listâ€”that was done on the airlineâ€™s computers. Once youâ€™re through security, you rip up the fake boarding pass, and use the real boarding pass that has the name from the stolen credit card. Then you board the plane, because theyâ€™re not checking your name against your ID at boarding.â€
What if you donâ€™t know how to steal a credit card?
â€œThen youâ€™re a stupid terrorist and the government will catch you,â€ he said.
I think it's interesting how the CLEAR system plays into this. Sounds like otherwise one wouldn't know whether they're on the list or not (although it's a safe bet that serious terrorists probably have a variety of aliases, credit cards, passports and such at their disposal).
Lastly, Goldberg touches on something that I just learned about today (and will subsequently be writing an article about for our December paper. Keep your eyes out.). He briefly mentioned how Hawley said the TSA plans to encrypt boarding passes with passenger information.
(Hawley said that boarding passes will eventually be encrypted so the TSA can follow their progress from printer to gate.)
I spoke with John Barclay, the CEO of Laser Data Command, which developed the encrypted cards/boarding passes. He told me the TSA just completed testing the integrity of the system. Barclay said that while an official report hasn't been released (I'm so on the cutting edge of security news!), he expects nothing less than a glowing review and said the TSA could begin employing the technology at any point. More on that later.