From: Christopher Whipple (crw@well.com)
Date: Wed Jul 24 2002 - 09:35:12 MDT
As an aside to this whole conversation, I thought it would be worth
posting a link to a presentation I've recently attended on face-scanning
technologies.
http://www.computerbytesman.com/biometrics/presentation/index.htm
Unfortunately, this is a watered-down version of the presentation I saw,
where Richard actually showed the results when comparing photographs of
himself to photographs of the 9/11 terrorists. Needless to say, the
results were funny to the layman but dismal to the security professional.
Enjoy,
-crw.
On Wednesday, July 24, 2002, at 12:05 AM, Hal Finney wrote:
> We have occasionally discussed the use of profiling as a security
> measure
> in airport security, attempting to identify those people who would be
> more likely to be terrorists. Harvey Newstrom has often cautioned
> against
> this approach, writing for example on May 23,
>
>> As a security professional, I really must insist that standards require
>> search of everyone or random searches. You cannot let guards try to
>> detect the possible "guilt" of people by looking at them. They do not
>> have that skill, and it is not effective enough to base a security
>> policy on. Security profiling must be based on individuals, meaning
>> behavior or situation. Groupism that includes or excludes whole
>> genders
>> or races will instantly fail because the bad guys then have a magic
>> profile that will let them through. Just choose a person who looks
>> right as your agent, and you get through security. Such a security
>> policy would be invalid according to any security standards I know.
>
> Today there is an article going around which illustrates the wisdom
> of Harvey's advice, from
> http://swissnet.ai.mit.edu/6805/student-papers/spring02-papers/caps.htm.
>
> This paper shows that, under plausible assumptions, the profiling
> methods
> currently being used by the airlines, under government supervision,
> are actually *less* likely to detect terrorists than random searches.
> The paper provides a method called "Carnival Booth" to allow terrorists
> to exploit profiling systems and escape detection along much the same
> lines discussed by Harvey above. The authors even offer evidence that
> the 9/11 hijackers had used a similar method to assure that they would
> be able to evade profiling and to carry out their plan without
> detection.
>
> The article is very well written, for an academic paper, and the first
> few
> sections are non-mathematical and well worth reading even for the
> layman.
> It certainly calls into question the methods currently being used by
> the airlines.
>
> Hal
>
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 09:15:39 MST