RE: TERRORISM: And now the silliness starts

From: Harvey Newstrom (mail@HarveyNewstrom.com)
Date: Sun Sep 16 2001 - 13:31:09 MDT


Spike Jones wrote,
> Whats so silly? Should not buildings be armed with anti-aircraft
> missiles? Why not? They are high value targets, planes come
> in slow enough to take them out in time to protect your biggies.
> We could have a city perimeter that is on no flight paths, then
> just pop anything that comes in.

Yes, this is obvious to me. We already have this capability. We do enforce
this for military targets and for NASA. We used to enforce this around the
White House and the Pentagon, but these rules were relaxed in recent years.
They could easily be reimplemented. I think the buildings should have
anti-aircraft missiles on them.

The security measures used on Israeli airlines are also easy to implement.
We never thought these were necessary in the U.S. before, so we never did
this. The solutions are easy, and the technology is in place.

I have done many anti-terrorist plans for larger clients, many in New York.
Most of them agreed in theory, but didn't think the threat was great enough.
Keeping parking away from the front of the building, not allowing package
deliveries to the front door, not having large glass windows to the street,
are all obvious precautions. Most clients choose to ignore these
precautions for the convenience of closer parking, package delivery, and
large windows.

I applaud the increased security measures at airports. As a security
consultant, I travel weekly and constantly cringe at what I see. I already
knew that the perimeter of airports block large knives from coming in while
knives were available inside. I already knew that every airport trusts the
security screening of incoming passengers from other airports, such that the
weakest link at any airport anywhere in the U.S. can be used to get into the
most secure airport anywhere in the U.S. I also know there is a problem at
the metal detectors where the security personnel don't have any power to do
anything. This was proven recently when a man with a gun just drew the gun
and walked through and onto an airplane. The metal detectors are "detection
devices" in security analysis, but they are not "prevention" or "auditing".
They functioned correctly and tell people that a gun just went through.
They have no means to stop it or determine who the person is. The perimeter
analysis of an airport, or a functional analysis of the security procedures
show obvious gaps.

People laugh at the lack of curb-side check in now. What this really means
is that the airport won't accept your baggage until after you have shown ID
at the counter, had a name-search check, and been verified as a passenger.
It was ludicrous to allow unverified strangers to drop off packages to be
put on a plane.

The same is true for e-tickets. The e-ticket allowed one to pick up the
ticket at the gate just before boarding. This allowed unticketed people to
get into the airport, check baggage, get past security and go almost
anywhere in the airport, even if they had no business with the airport or
any travel arrangements. Forcing people to get a ticket before they are
allowed access makes perfect sense to me.

I think that people should go through metal detectors at each layover. This
would prevent people from picking up items within the airport and traveling
with them. It would prevent airports from trusting other airports'
security. It also would prevent terrorists from knowing whether they got
past security or not before the board the plane. The security screening
would be repeated. It would be harder to implement, but much safer if we
actually had metal detectors right at the aircraft. If we could screen
persons as they board, it would be closer to the perimeter we are trying to
protect. (By metal-detector, I mean any generic weapons detection.)

I think the airline could do a background check on every passenger. If they
are illegally in this country, wanted on a warrant, or cannot be verified
with their real identity, the airlines can refuse entry. I also think that
airlines should not do their own security. One of the basic tenets of
security is that operations should not secure themselves. Whenever a choice
between cost and security occurs, such operations tend to lower security to
save money. Third-party monitoring is the way to do. This is the idea
behind peer-review, scientific experimental method, open-source software,
and most design procedures.

Our current airport security structure just plain ignores basic tenets of
security design. We used to ignore security because people did not believe
that the risks were real or great. Now we know better, and I expect
security to become more important.

--
Harvey Newstrom <http://HarveyNewstrom.com> <http://Newstaff.com>


This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:10:43 MST