Recently in Security Category

I get quoted in this Minnesota Daily article about the Central Corridor. Some of the students are quoted talking about the "wrong people". I respond "“I don’t think the [personal] safety issues are any worse than with bus,”" Light-rail project 74% complete.

I assume the "wrong people" being referred to in the article are criminals, as opposed to ordinary townies.

The data on does transit bring crime is not well organized or complete. A 2011 study "THE EFFECTS OF THE ANNOUNCEMENT AND OPENING OF LIGHT RAIL TRANSIT STATIONS ON NEIGHBORHOOD CRIME", STEPHEN B. BILLINGS, SUZANNE LELAND, DAVID SWINDELL says:

The debate over crime and rail transit focuses on whether such investments “breed” criminal activities with new targets of opportunity or transport crime from the inner city to the suburbs. Yet, little empirical evidence exists on whether new rail transit actually does lead to increased crime rates around stations. In order to study this question, we test the relationship between crime and rail transit with the 2007 opening of the Charlotte light rail line. We use Geographical Information Systems software and micro-level data on reported crimes to generate measures of criminal activity in and around light rail transit (LRT) stations. We then implement a quasi-experimental before-and-after methodology using two alternate transit corridors to control for differences between neighborhoods that contain LRT stations and other neighborhoods. We find light rail does not actually increase crime around stations. Instead, we see a decrease in property crimes once the station locations are announced, which remains relatively stable after the light rail begins operating.

Stadtluft macht frei - urban air makes you free. If you were a German in the Middle Ages, and you somehow got inside the city gates for a year and a day, you would be a free citizen, and no longer a serf.

The modern equivalent of the city is the airport.

If I can get through the secure gates, I can go anywhere in airport-land, a highly dis-contiguous place where all travel is by airplane. I can stay in the airport I have entered and have the full gamut of services my credit card can pay for.

If I can get a ticket (now deliverable wirelessly), I can travel to any airport in the United States and stay there, or to any place else in the world, where I will be forced through local customs. I may even be stuck there.

Inside the airport I have freedom from fear, as the security will ensure nothing bad can happen. The airport is probably the safest place from other non-governmentally employed citizens. I no longer need pass through security, so my dehumanization is over. I am liberated.

And of course, food eaten at the airport has no calories.

ion: The Mathematical Proof that got a Physicist out of a Traffic Ticket

Schneier on Security: Hawley Channels His Inner Schneier [Former TSA Director seems to be reasonable, what gives?]

Tyler Cowan @ Marginal Revolution: The economics of Robert Caro :

"The Power Broker, by the way, is in my view one of the best non-fiction books ever, so read it if you don’t already know it."

PC Mag: DARPA Seeking to Build (Friendly) Terminators:

" So what will the robot have to do? Quite a bit. For just one of the disaster challenges, DARPA anticipates that the robot will have to:

1. Drive a utility vehicle at the site.

2. Travel dismounted across rubble.

3. Remove debris blocking an entryway.

4. Open a door and enter a building.

5. Climb an industrial ladder and traverse an industrial walkway.

6. Use a power tool to break through a concrete panel.

7. Locate and close a valve near a leaking pipe.

8. Replace a component such as a cooling pump."

Kottke shows a very long Visualization of shipping routes from 1750 to 1855

Yglesias talks about private bike sharing service Splinster [whose site is unavailable]: Will Sharing Apps Make Physical Stuff Obsolete?:

"In a world where information is scarce it's often helpful to have lots of physical redundancy. If it's hard to find out the answer to the question "where's the closest X" then it pays off to stockpile as much stuff (cars, bikes, power tools, etc.) as possible in your garage. That way you know the answer is always "it's in the garage" and this information is valuable even though most of the stuff isn't being used at any given time. But as information grows more abundant, there's less and less need for physical redundancy:"

Lynne Kiesling @ Knowledge Problem Be indomitable. Refuse to be terrorized. : "And to what end — how justified is this fear? High financial, human, cultural costs, to avert events that are one-quarter as likely as being struck by lightning. Some may criticize the performance of relative risk assessments between accidents and deliberate attacks, but it’s precisely these crucial relative risk assessments that enable us to recognize the unavoidable reality that neither accidents nor deliberate attacks can be prevented, and that to maintain both mental and financial balance we cannot delude ourselves about that, or give in to the panic that is the objective of the deliberate attacks in the first place. Thus the title of this post, which comes from two separate quotes from Bruce Schneier — the first from his excellent remarks at EPIC’s January The Stripping of Freedom event about the TSA’s use of x-ray body scanners, the second from his classic 2006 Wired essay of the same title:

The point of terrorism is to cause terror, sometimes to further a political goal and sometimes out of sheer hatred. The people terrorists kill are not the targets; they are collateral damage. And blowing up planes, trains, markets or buses is not the goal; those are just tactics.

The real targets of terrorism are the rest of us: the billions of us who are not killed but are terrorized because of the killing. The real point of terrorism is not the act itself, but our reaction to the act.

And we’re doing exactly what the terrorists want."

Reason Foundation - Out of Control Policy Blog > Airport Policy and Security Newsletter: Airport Security 10 Years After 9/11: "Although my airline friends will disagree, I've concluded that the cost of aviation security measures is somewhat analogous to insurance. If you engage in risky behavior (drive a sports car, live in a beach house, etc.) you expose yourself to higher risks, and you rightly pay somewhat more for the relevant kind of insurance. Likewise, while it's not the fault of air travelers or airlines that aviation is a high-profile terrorist target, the fact is that it is. So from a resource-allocation standpoint, I think a sector-specific user-tax approach is less bad than having general taxpayers pay for this." [and much other good stuff]

The Long Now Blog » The Archive Team - Long Views: The Long Now Blog: "One of our favorite rogue digital archivists, Jason Scott, has just posted a video of his talk at DefCon 19 about The Archive Team exploits. This is perhaps the most eloquent (and freely peppered with profanity) explanations of the problems inherent with preserving our digital cultural heritage. He also describes in a fair amount of detail what he and The Archive Team have been doing to help remedy the problem." [On a related note, The Metropolitan Travel Survey Archive has had its funding re-upped for another year, so we have more archiving to do, hopefully under less stressful conditions than Jason Scott above]

USA Today says: TSA warns airlines of explosive implants in people's bodies : ""

The Hill says Ron Paul proposes to Abolish TSA , including privatizing airport security.

“If the perpetrators were a gang of criminals, their headquarters would be raided by SWAT teams and armed federal agents," he continued. "Unfortunately in this case, the perpetrators are armed federal agents."

Paul said he was introducing a bill called the "American Traveler Dignity Act," which he said would force TSA employees to follow existing laws against inappropriate physical contact.

Good.

The LA Times reports: Airport security: Frequent fliers would pay for faster airport security checks - latimes.com:

"U.S. air travelers already pay to check bags and buy onboard snacks, among other charges. But would they pay to avoid those long airport security lines?

A sizable chunk of them would, according to a recent survey by the U.S. Travel Assn., the nationwide trade group that has been pushing the idea of a fee-based plan to unclog the gridlock at the country's airports.

The survey of 1,007 Americans found that 45% of those questioned would be either "very" or "somewhat" likely to pay an annual fee of up to $150 to undergo a government background check to speed through a new, faster airport security line."

Security lines have been less painful of late, so I really, really doubt that 45% random Americans would actually pay an ANNUAL fee of $150 to save 10 or 15 minutes two or four times per year. (The average American flies about once a year, though I am sure jet-setting readers of this blog are exceptional in that regard) But I am sure that it would be worth it for those who travel on 2 or more flights per month.

Cap'n Transit posts: Cap'n Transit Rides Again: Schumer calls for horse "no ride" list in wake of terror plot

Schumer calls for horse "no ride" list in wake of terror plot

Sen. Charles Schumer called today for the creation of a "No Ride List" for American horses to prevent suspected terrorists from targeting the US equine system.

Photo: John Haeger, Oneida Daily Dispatch

The move follows reports from intelligence gathered at Osama bin Laden's compound that showed the Arabian Horse Association was considering attacks on US horses.

In a press conference at his New York City office, Schumer said he will begin pushing congressional appropriators to increase funding for rectal inspections of commuter and passenger horse systems, as well as heightened monitoring and support for security at local horse stables throughout the country.

The Democratic senator said he also asked the Department of Homeland Security to expand its Secure Flight program to stables, which would essentially create a "No Ride List" to prevent suspected terrorists from mounting horses.

Intelligence analysts who examined the documents seized from bin Laden's compound in Pakistan concluded that al Qaeda was considering attacks on high-profile dates, including the tenth anniversary of the Sept. 11 terror attacks, the conclusion of the State of the Union address and high traffic holidays such as Christmas and New Year's Day, Schumer said.

"We must remain vigilant in protecting ourselves from future terror attacks, and when intelligence emerges that provides insight into potential vulnerabilities, we must act with speed," Schumer said.

Under the current program for airlines, travelers' names and other identifying information are cross-checked with the terror watch list to select passengers for enhanced screening and prevent possible terrorists from boarding planes.

Schumer wants that program to be applied to stables when passengers purchase their passage before mounting the horse.

Schumer noted that the nation's horse system transported 90,000 passengers in 2010 and carries 90,000 passengers every day on 90,000 different horses.

Not all horseback riders were enamored of the plan. "Sounds like a big load of horseshit to me," said noted equestrian 'Cap'n' Ignatius R. Transit. "Like something you'd read in the Post."

(Via Schneier on Security.)

Techdirt is outraged, but this isn't just Homeland Security, it is the whole damn government which doesn't systematically compare benefits to costs.

 

"Homeland Security Doesn't Do Cost/Benefit Analysis; They Just Do Fear And Bluster from the you-might-die!!!!!! dept

This should hardly come as a surprise, but a new paper that analyzes money being spent on Homeland Security finds that it's incredibly wasteful (found via Julian Sanchez). You can read the full report (pdf) by John Mueller and Mark G. Stewart, which probably confirms what most people were already thinking. Basically, Homeland Security has ratcheted up spending at a massive rate, and there's little to no effort to judge that spending against the actual risk reduction. That is, there's simply no one doing any sort of real cost-benefit analysis on this spending. The report seeks to do some of that, and what it finds isn't pretty. From the abstract (with my emphasis):

The cumulative increase in expenditures on US domestic homeland security over the decade since 9/11 exceeds one trillion dollars. It is clearly time to examine these massive expenditures applying risk assessment and cost-benefit approaches that have been standard for decades. Thus far, officials do not seem to have done so and have engaged in various forms of probability neglect by focusing on worst case scenarios; adding, rather than multiplying, the probabilities; assessing relative, rather than absolute, risk; and inflating terrorist capacities and the importance of potential terrorist targets. We find that enhanced expenditures have been excessive: to be deemed cost-effective in analyses that substantially bias the consideration toward the opposite conclusion, they would have to deter, prevent, foil, or protect against 1,667 otherwise successful Times-Square type attacks per year, or more than four per day. Although there are emotional and political pressures on the terrorism issue, this does not relieve politicians and bureaucrats of the fundamental responsibility of informing the public of the limited risk that terrorism presents and of seeking to expend funds wisely. Moreover, political concerns may be over-wrought: restrained reaction has often proved to be entirely acceptable politically. 

In seeking to evaluate the effectiveness of the massive increases in homeland security expenditures since the terrorist attacks on the United States of September 11, 2001, the common and urgent query has been "are we safer?" This, however, is the wrong question. Of course we are "safer"--the posting of a single security guard at one building's entrance enhances safety, however microscopically. The correct question is "are the gains in security worth the funds expended?" Or as this absolutely central question was posed shortly after 9/11 by risk analyst Howard Kunreuther, "How much should we be willing to pay for a small reduction in probabilities that are already extremely low?"

Among other things, the report looks at everyone's favorite DHS boondoggle, the naked radiation scanners at the airport by the TSA. Apparently, DHS was directly told by the GAO to study the cost-benefit and it refused to do so. The same is true of other DHS expenditures:

Indeed, at times DHS has ignored specific calls by other government agencies to conduct risk assessments. In 2010, the Department began deploying full-body scanners at airports, a technology that will cost $1.2 billion per year. The Government Accountability Office specifically declared that conducting a cost-benefit analysis of this new technology to be “important.”12 As far as we can see, no such study was conducted. Or there was GAO’s request that DHS conduct a full cost/benefit analysis of the extremely costly process of scanning 100 percent of U.S.-bound containers. To do so would require the dedicated work of a few skilled analysts for a few months or possibly a year. Yet, DHS replied that, although it agreed that such a study would help to “frame the discussion and better inform Congress,” to actually carry it out “would place significant burdens on agency resources.”

Of course, from a political perspective, this makes perfect sense. It's all game theory. You don't get praised and promoted for doing a cost-benefit analysis that saves taxpayer money from wasteful and useless projects if a terrorist attack happens. So the end result is that the incentives for everyone at DHS to just spend as much as possible in the hopes that it stops something, knowing that if anything bad happens (as it inevitably will), all of the blame will go towards anyone who said "we shouldn't do project x that would have prevented attack y." 

Of course, the real problem is that this is exactly what our enemies would like. They don't care about "terror" for the sake of terror. They want the US to spend itself silly to completely bankrupt the country. And it appears to be working. That doesn't make me feel any safer at all, no matter what the cost."

Guardian reports: Osama bin Laden death: Intelligence reveals US rail threat from al-Qaida:

"Information found at scene shows 'aspiration' to attack American trains, says Department for Homeland Security"

I was part of a International Transport Forum roundtable in December 2008 that produced this report Terrorism and International Transport: Towards risk-based security policy

The costs of potential damage from terrorism are substantial but so are the costs of improved security. Careful policy appraisal can help make good use of scarce resources.

From AP US parents say airport security agent frisked their 6-year-old daughter

LOUISVILLE, Ky. — A couple in Kentucky said Wednesday that they want the Transportation Security Administration to change how it screens children after their 6-year-old daughter was frisked at the New Orleans airport.

Selena Drexel told ABC television that the family was returning home from a vacation earlier this month when their daughter Anna was selected for a pat-down.

The couple posted a video of the search on YouTube. It shows a TSA agent patting down the child and explaining the procedure to the girl and her parents. The screener says that she will use the back of her hands on sensitive areas and will "put my hand in the waistband."
...

Martin Macpherson, the director of the London-based Coalition to Stop the Use of Child Soldiers, said he is not aware of instances when terrorists have used children as young as six in an attack.

Why are we so afraid of terrorists we succumb to this? 9/11 will not be successfully repeated, we continue to fight the last war.

Posted on Samizdata: Samizdata enraged rant of the day about the results of the composite problem of government granted monopolies, security theatre, and time sensitivity.

... "However, once in a while one has a doosey of an experience, and I had one this morning. I was booked to fly from London Stansted Airport to Bologna in Italy. The flight was due to leave at 7.15am. I got up at an unpleasant 4.30am to leave for the airport. Transport to the airport was uneventful, and I arrived approximately an hour before my flight was due to leave. I was not checking luggage, and walking through the airpot and getting to the front of the security queue meant that I got to the X-Ray machine and metal detector at security by about 6.25am. I took my laptop out of my bag, and put it through the machine separately. The operator of the X-Ray machine apparently decided that there was something in my bag that required manual attention, as occasionally happens. It happens to me more than to most people, because I carry a fair amount of electronic equipment with me: fairly bulky photographic equipment, phones, chargers, a Kindle, accessories for the laptop and an assortment of chargers and adaptors to go with them. Yes, I am one of these people. No, this is not very unusual.

As I said, this happens from time to time. Normally a security person takes my bag off the conveyor belt, and either conducts a manual search of the bag, or tells me to take a particular item out of the bag, and the bag and that item go through the X-Ray machine separately. No big deal, and I am delayed five minutes or less.

However, this morning I discovered that security at Stansted Airport had installed a new system of conveyor belts, and the conveyor belt now forked coming out of the X-Ray machine. Problematic bags that required a manual search now ended up in a separate conveyor belt in a queue of their own. This meant that they did not need to be dealt with immediately to keep the main conveyor belt moving.

So, I waited for someone to deal with my bag. There were four other bags waiting in the queue ahead of mine. The security staff were dealing with various issues, and were being constantly distracted from job to job. They didn't seem particularly interested in manual searches of bags. When they did start doing a manual bag search, they got distracted by other tasks in the middle of doing so, so that these searches took much longer than they should have. Amazingly, getting to my bag - the fifth in the queue- took more than half an hour. Although I had got to the head of the queue before 6.30am, it was after 7.00am before somebody even started the manual search of my bag. I explained at this point that I was likely to miss my flight, and I was told that

If you miss your flight, it will be your fault. You should have taken your liquids out of your bag as instructed

I had no liquids in my bag, and I explained this. I was then told that I must have left a laptop in my bag. I pointed to my laptop, which I was holding in my hands. I was told that I must have left something I was not supposed to in my bag, as bags were only retained for manual searches when people had ignored the instructions in some way. A further five minutes or more were then taken to inspect the contents of my bag and put my electronic devices through the X-Ray machine again. The person doing this was distracted by other tasks several more times, and the bag search was done slowly and inefficiently.

Thinking about it later, most of the other people in front of me whose bags were subject to manual searches did in fact have liquids in their bags that they had not taken out. This does appear to be the reason for most manual searches. This probably does annoy security staff as it creates extra work for them. This (combined with the 'serves you right' response when I mentioned I might miss my flight) makes me suspect that the delays in doing these manual inspections may not be simple incompetence, but something a little more malevolent than that. Surly, resentful employees are going out of their way to inconvenience passengers who are perceived as making things hard for them. All I had done was have a bag with slightly unusual contents. Other people might have accidentally left a laptop in a bag. (I have done this at other airports, and the delay has been perhaps 60 seconds. Not at Stansted today, though). The idiocy of the liquid ban comes into this too. Pointless rules make for pointless jobs and resentful, surly employees. I am still not sure how much of this was incompetence and how much malevolence. A bit of both, I suppose.

As it happened, I did miss my flight. My short trip to Italy is cancelled. I am out of pocket the cost of my non-changeable, non-refundable flight, the cost of transport to the airport, and the cost of one night's accommodation in Italy, the hotel at which I had a reservation having an 'In the event of a same day cancellation, the cost of one night's accommodation will be charged' policy. Annoying for me, but no fault of any of those businesses, of course. The rental car company (Europcar) with which I had a vehicle booked were nice enough to give me a full refund, however, so I will be doing business with them again. Plus I had got up at 4.30am and wasted a morning for no reason. And I am not sitting beside the Adriatic eating pasta and drinking chianti, which was where I had intended to be this evening, and in fact where I paid good money to be this evening.

So who do I blame for this? The security employees themselves, certainly. Governments who impose stupid security rules, of course. BAA, the company that owns Stansted Airport, certainly. The botched privatisation process of London's airports, that too. (BAA was a government department that was privatised with a monopoly over London's airports. It still has the attitude to customer service that one expects from a tax department. Or perhaps the post office. Or the NHS. Or a railway ticket office in Smolensk in 1983. A heavily regulated private sector monopoly that behaves like a government department is not a dramatic improvement on a government department).

To some extent complaining about security procedures at airports is like complaining about the fact that water is wet. These things just are. However, I cannot help but think that an appropriate level of outrage is appropriate.

H/T Daring Fireball, from MSNBC Chance of Dying From Airport Backscatter Radiation About the Same as Chance of Getting Killed by Terrorists

"Peter Rez, a physics professor at Arizona State University in Tempe, did his own calculations and found the exposure to be about one-fiftieth to one-hundredth the amount of a standard chest X-ray. He calculated the risk of getting cancer from a single scan at about 1 in 30 million, "which puts it somewhat less than being killed by being struck by lightning in any one year," he told me.

While the risk of getting a fatal cancer from the screening is minuscule, it's about equal to the probability that an airplane will get blown up by a terrorist, he added. "So my view is there is not a case to be made for deploying them to prevent such a low probability event.""

The Telegraph reports on 50 years of traffic wardens

It was in September, 1960 - 50 years ago this year - that parking enforcement as we know it today began, when the first traffic wardens marched onto British streets.

In fact there were 40 of them and they inspired fear and fascination in equal measure as, in distinctive military-style uniforms with rows of gilt buttons, yellow shoulder flashes and yellow cap bands and with the power to issue £2 fines, they went in search of law-breaking motorists on behalf of the Metropolitan Police.

The very first ticket was issued to Dr Thomas Creighton who was answering an emergency call to help a heart attack victim at a West End hotel. The medic's Ford Popular, left outside as he tended the victim, was ticketed but - just as happens today when mean or thoughtless wardens ticket hearses, ambulances (or even rabbits in their hutches...) - there was such a public outcry that he was subsequently let off.

Some things never change. Today, in the Borough of Westminster, where it all started, 200 parking attendants - or Civil Enforcement Officers (CEOs), as they are now known - patrol the streets.

And while their appearance has changed - witness the blue jacket, polo shirt, jumper, black trousers and baseball cap - and they work for the council instead of the police, their intent has not.

Last year Westminster issued 500,272 parking tickets, generating £69,301,000 and a surplus of £30,170,000. But it's just one of 34 authorities issuing parking fines in London, which issued 4,151,901 tickets worth an estimated £337,911,693*.

A further 245 councils issuing tickets in England and Wales, by means of an army of about 18,000 parking attendants, issued 4,035,555 parking tickets in 2009, raising an estimated £267,761,347 in the process. Nationwide, Telegraph Motoring figures* suggest, drivers cough up £605,673,040 for parking misdemeanours.

From FT BA attacks U.S. airport security demands

The chairman of British Airways has launched an attack on "completely redundant" airport checks and said the UK should stop "kowtowing" to US demands for increased security.

The comments by Martin Broughton reflect broader industry and passenger frustration over the steady accumulation of rules on everything from onboard liquids to hand baggage that have blossomed since the September 11 terrorist attacks.

In remarks at the annual conference of the UK Airport Operators Association in London, he said that the practice of forcing people to take off their shoes and have their laptops checked separately in security lines should be ditched.

Mr Broughton said there was no need to "kowtow to the Americans every time they wanted something done" to beef up security on US-bound flights, especially when this involved checks the US did not impose on its own domestic routes.

Nice thread from Reason on whether re-entry of US citizen (in this case, Paul Lukacs at SFO) into the US can be done without explaining to Customs and Border Security why you were overseas.
'I'm Not Going to Be Interrogated As a Pre-Condition of Re-Entering My Own Country'

"Why were you in China?" asked the passport control officer, a woman with the appearance and disposition of a prison matron.

"None of your business," I said.

Her eyes widened in disbelief.

"Excuse me?" she asked.

"I'm not going to be interrogated as a pre-condition of re-entering my own country," I said.

This did not go over well. She asked a series of questions, such as how long I had been in China, whether I was there on personal business or commercial business, etc. I stood silently. She said that her questions were mandated by Congress and that I should complain to Congress instead of refusing to cooperate with her.

She asked me to take one of my small bags off her counter. I complied.

She picked up the phone and told someone I "was refusing to cooperate at all." This was incorrect. I had presented her with proof of citizenship (a U.S. passport) and had moved the bag when she asked. What I was refusing to do was answer her questions.

From New Scientist
Modern cars vulnerable to malicious hacks

The idea of hackers breaking into your personal computer is alarming enough. But what if they could seize control of your car's control systems while you are driving? Using a laptop and custom-written software, security researchers have hacked into the control systems of a family car, disable the brakes and turn off the engine while the vehicle was moving.

James Fallows on Security lines at airports, which I complained about years ago.

Recently published:

Zhang, Lei, and David M. Levinson (2008) Investing for Reliability and Security in Transportation Networks. Transportation Research Record: Journal of the Transportation Research Board #2041 pp.1-10 [doi]

Alternative transportation investment policies can lead to very different network forms in the future. The desirability of a transportation network should be assessed not only by its economic efficiency but also reliability, because the cost of incidental capacity loss in a road network can be massive. This research concerns how investment rules shape the hierarchical structure of roads, and affects network fragility with regard to natural disasters, congestion, and accidents and vulnerability to targeted attacks. A microscopic network growth model predicts the equilibrium road networks under two alternative policy scenarios: investment based on benefit cost analysis or bottleneck removal. A set of Monte-Carlo simulation runs, in which a certain percentage of links are removed according to the type of network degradation analyzed, are carried out to evaluate the equilibrium road networks. It is found that hierarchy exists in road networks for reasons such as economic efficiency, but an overly hierarchical structure has serious reliability problems. Throughout the equilibrating or evolution process, the studied grid network under benefit cost analysis has better efficiency performance, as well as error and attack tolerance. The policy implication from these findings is that benefit-cost analysis should be preferred to myopic bottleneck-removal type of investment rules, no matter how the planning horizon is specified.

Keywords: Transportation network dynamics, road growth model, reliability, vulnerability, fragility, road investment and financing policy