alexpgp | Must-read article...

Check out this article by Bruce Schneier, on crypto, security, and other topics (also here).

Excerpts:

The attacks rewrote the hijacking rule book. Responses to hijackings are built around this premise: get the plane on the ground so negotiations can begin. That's obsolete now.

They rewrote the terrorism book, too. Al-Qaeda invented a new type of attacker. Historically, suicide bombers are young, single, fanatical, and have nothing to lose. These people were older and more experienced. They had marketable job skills. They lived in the U.S.: watched television, ate fast food, drank in bars. One left a wife and four children.

It was also a new type of attack. One of the most difficult things about a terrorist operation is getting away. This attack neatly solved that problem. It also solved the technological problem. The United States spends billions of dollars on remote-controlled precision-guided munitions; al-Qaeda just finds fanatics willing to fly planes into skyscrapers.

* * *

Computer security experts have a lot of expertise that can be applied to the real world. First and foremost, we have well-developed senses of what security looks like. We can tell the difference between real security and snake oil. And the new airport security rules, put in place after September 11, look and smell a whole lot like snake oil.

All the warning signs are there: new and unproven security measures, no real threat analysis, unsubstantiated security claims. The ban on cutting instruments is a perfect example. It's a knee-jerk reaction: the terrorists used small knives and box cutters, so we must ban them. And nail clippers, nail files, cigarette lighters, scissors (even small ones), tweezers, etc. But why isn't anyone asking the real questions: what is the threat, and how does turning an airplane into a kindergarten classroom reduce the threat? If the threat is hijacking, then the countermeasure doesn't protect against all the myriad of ways people can subdue the pilot and crew. Hasn't anyone heard of karate? Or broken bottles? Think about hiding small blades inside luggage. Or composite knives that don't show up on metal detectors.

Parked cars now must be 300 feet from airport gates. Why? What security problem does this solve? Why doesn't the same problem imply that passenger drop-off and pick-up should also be that far away? Curbside check-in has been eliminated. What's the threat that this security measure has solved? Why, if the new threat is hijacking, are we suddenly worried about bombs?

The rule limiting concourse access to ticketed passengers is another one that confuses me. What exactly is the threat here? Hijackers have to be on the planes they're trying to hijack to carry out their attack, so they have to have tickets. And anyone can call Priceline.com and "name their own price" for concourse access.

Increased inspections -- of luggage, airplanes, airports -- seem like a good idea, although it's far from perfect. The biggest problem here is that the inspectors are poorly paid and, for the most part, poorly educated and trained. Other problems include the myriad ways to bypass the checkpoints -- numerous studies have found all sorts of violations -- and the impossibility of effectively inspecting everybody while maintaining the required throughput. Unidentified armed guards on select flights is another mildly effective idea: it's a small deterrent, because you never know if one is on the flight you want to hijack.

Positive bag matching -- ensuring that a piece of luggage does not get loaded on the plane unless its owner boards the plane -- is actually a good security measure, but assumes that bombers have self-preservation as a guiding force. It is completely useless against suicide bombers.

The worst security measure of them all is the photo ID requirement. This solves no security problem I can think of. It doesn't even identify people; any high school student can tell you how to get a fake ID. The requirement for this invasive and ineffective security measure is secret; the FAA won't send you the written regulations if you ask. Airlines are actually more stringent about this than the FAA requires, because the "security" measure solves a business problem for them.

The real point of photo ID requirements is to prevent people from reselling tickets. Nonrefundable tickets used to be regularly advertised in the newspaper classifieds. Ads would read something like "Round trip, Boston to Chicago, 11/22 - 11/30, female, $50." Since the airlines didn't check ID but could notice gender, any female could buy the ticket and fly the route. Now this doesn't work. The airlines love this; they solved a problem of theirs, and got to blame the solution on FAA security requirements.

Airline security measures are primarily designed to give the appearance of good security rather than the actuality. This makes sense, once you realize that the airlines' goal isn't so much to make the planes hard to hijack, as to make the passengers willing to fly. Of course airlines would prefer it if all their flights were perfectly safe, but actual hijackings and bombings are rare events and they know it.

Lots more interesting analysis, with many links. Too bad people whose job it is to assure security probably won't read it.

It turns out there is a plea near the end of the article to forward the message to at least five other people. Why? Says Schneier:

We have less than 100 hours before Congress acts on legislation that will (a) significantly expand the use of Carnivore, (b) make computer hacking a form of terrorism, (c) expand electronic surveillance in routine criminal investigations, and (d) reduce government accountability.

So much information, so little time. Scheier's article was posted on Sunday.

Cheers...