[Infowarrior] - Schneier: Post-Underwear-Bomber Airport Security

Richard Forno rforno at infowarrior.org
Thu Jan 7 20:23:01 UTC 2010 

Post-Underwear-Bomber Airport Security

http://www.schneier.com/blog/archives/2010/01/airport_securit_12.html
In the headlong rush to "fix" security after the Underwear Bomber's  
unsuccessful Christmas Day attack, there's far too little discussion  
about what worked and what didn't, and what will and will not make us  
safer in the future.

The security checkpoints worked. Because we screen for obvious bombs,  
Umar Farouk Abdulmutallab -- or, more precisely, whoever built the  
bomb -- had to construct a far less reliable bomb than he would have  
otherwise. Instead of using a timer or a plunger or a reliable  
detonation mechanism, as would any commercial user of PETN, he had to  
resort to an ad hoc and much more inefficient homebrew mechanism: one  
involving a syringe and 20 minutes in the lavatory and we don't know  
exactly what else. And it didn't work.

Yes, the Amsterdam screeners allowed Abdulmutallab onto the plane with  
PETN sewn into his underwear, but that's not a failure either. There  
is no security checkpoint, run by any government anywhere in the  
world, designed to catch this. It isn't a new threat; it's more than a  
decade old. Nor is it unexpected; anyone who says otherwise simply  
isn't paying attention. But PETN is hard to explode, as we saw on  
Christmas Day.

Additionally, the passengers on the airplane worked. For years I've  
said that exactly two things have made us safer since 9/11:  
reinforcing the cockpit door and convincing passengers that they need  
to fight back. It was the second of these that, on Christmas Day,  
quickly subdued Abdulmutallab after he set his pants on fire.

To the extent security failed, it failed before Abdulmutallab even got  
to the airport. Why was he issued an American visa? Why didn't anyone  
follow up on his father's tip? While I'm sure there are things to be  
improved and fixed, remember that everything is obvious in hindsight.  
After the fact, it's easy to point to the bits of evidence and claim  
that someone should have "connected the dots." But before the fact,  
when there millions of dots -- some important but the vast majority  
unimportant -- uncovering plots is a lot harder.

Despite this, the proposed fixes focus on the details of the plot  
rather than the broad threat. We're going to install full-body  
scanners, even though there are lots of ways to hide PETN -- stuff it  
in a body cavity, spread it thin on a garment -- from the machines.  
We're going to profile people traveling from 14 countries, even though  
it's easy for a terrorist to travel from a different country. Seating  
requirements for the last hour of flight were the most ridiculous  
example.

The problem with all these measures is that they're only effective if  
we guess the plot correctly. Defending against a particular tactic or  
target makes sense if tactics and targets are few. But there are  
hundreds of tactics and millions of targets, so all these measures  
will do is force the terrorists to make a minor modification to their  
plot.

It's magical thinking: If we defend against what the terrorists did  
last time, we'll somehow defend against what they do one time. Of  
course this doesn't work. We take away guns and bombs, so the  
terrorists use box cutters. We take away box cutters and corkscrews,  
and the terrorists hide explosives in their shoes. We screen shoes,  
they use liquids. We limit liquids, they sew PETN into their  
underwear. We implement full-body scanners, and they're going to do  
something else. This is a stupid game; we should stop playing it.

But we can't help it. As a species we're hardwired to fear specific  
stories -- terrorists with PETN underwear, terrorists on subways,  
terrorists with crop dusters -- and we want to feel secure against  
those stories. So we implement security theater against the stories,  
while ignoring the broad threats.

What we need is security that's effective even if we can't guess the  
next plot: intelligence, investigation and emergency response. Our  
foiling of the liquid bombers demonstrates this. They were arrested in  
London, before they got to the airport. It didn't matter if they were  
using liquids -- which they chose precisely because we weren't  
screening for them -- or solids or powders. It didn't matter if they  
were targeting airplanes or shopping malls or crowded movie theaters.  
They were arrested, and the plot was foiled. That's effective security.

Finally, we need to be indomitable. The real security failure on  
Christmas Day was in our reaction. We're reacting out of fear, wasting  
money on the story rather than securing ourselves against the threat.  
Abdulmutallab succeeded in causing terror even though his attack failed.

If we refuse to be terrorized, if we refuse to implement security  
theater and remember that we can never completely eliminate the risk  
of terrorism, then the terrorists fail even if their attacks succeed.

More information about the Infowarrior mailing list