Monday, February 21, 2005

TSA Secure Flight

Bruce Schneier on secure Flight and his participation in its evaluation.

"Imagine for a minute that Secure
Flight is perfect. That is, we can ensure that no one can fly under a
false identity, that the watch lists have perfect identity information,
and that Secure Flight can perfectly determine if a passenger is on the
watch list: no false positives and no false negatives. Even if we could
do all that, Secure Flight wouldn't be worth it.

Secure Flight is a passive system. It waits for the bad guys to buy an
airplane ticket and try to board. If the bad guys don't fly, it's a
waste of money. If the bad guys try to blow up shopping malls instead
of airplanes, it's a waste of money.

If I had some millions of dollars to spend on terrorism security, and I
had a watch list of potential terrorists, I would spend that money
investigating those people. I would try to determine whether or not
they were a terrorism threat before they got to the airport, or even if
they had no intention of visiting an airport. I would try to prevent
their plot regardless of whether it involved airplanes. I would clear
the innocent people, and I would go after the guilty. I wouldn't build
a complex computerized infrastructure and wait until one of them
happened to wander into an airport. It just doesn't make security sense.

That's my usual metric when I think about a terrorism security measure:
Would it be more effective than taking that money and funding
intelligence, investigation, or emergency response -- things that
protect us regardless of what the terrorists are planning next. Money
spent on security measures that only work against a particular
terrorist tactic, forgetting that terrorists are adaptable, is largely
wasted."

As ever, thinking sensibly about security in an uncertain world.

No comments: