Matt Blaze has an excellent new essay at his “Exhaustive Search” blog, discussing recent developments in the screening procedures used by the TSA at airports. I have written in an earlier post about some of the initial, silly changes to security procedures that were made following the unsuccessful attack by the Christmas “Underpants Bomber”. It now seems that some of the more ludicrous restrictions will be relaxed:
A few days later the TSA, to its credit, rolled back some of the more arbitrarily punitive restrictions — in-flight entertainment systems can now be turned back on, and passengers are, at the airline’s discretion, again permitted to use the toilets during the last hour of flight.
However, as Mr Blaze notes, there are some aspects of the TSA’s revised approach that may do more harm than good. Apparently the intent is to “randomize” the application of screening to individual passengers, so that it is difficult or impossible to predict just what kind and level of screening an individual will get:
According to the New York Times, the TSA’s strategy now relies heavily on “unpredictable” procedures that randomly subject passengers to different kinds of screenings at different times,
Random enforcement actions are used to good effect in many contexts, as the essay points out. The IRS, for example, only audits a small fraction of the total returns filed. Customs agents do not search every arriving traveler. This approach is obviously much less expensive that exhaustive checking, and it works because the bad consequences of getting examined and caught deter even those who aren’t examined.
But, as the essay also points out, the payoff function for a terrorist organization, especially one that employs suicide bombers, is quite different. The terrorists’ aim is not destruction per se, but to cause terror and disruption. As Mr. Blaze points out, the optimal terrorist strategy may be just to increase the number of attackers. When an attacker is caught, the security authorities face a dilemma: should they just arrest that person, or should they initiate a more comprehensive search?
We could simply arrest the unlucky suspect and do nothing else. But then what if there are others trying the same or similar things who aren’t screened in the same way? Is some other flight about to fall from the sky? And what if a second bomb-wielding terrorist is caught, perhaps with a slightly different kind of bomb? The only viable alternative at that point may be to shut down all commercial aviation until the the most rigorous screening possible can henceforth be applied universally, effectively creating the same kind of havoc that occurs after a successful attack.
In effect, if the terrorists can saturate the system with potential attackers, they can cause a great deal of fear and disruption even if the attackers are caught.
Blaze’s suggestion, which I think makes a great deal of sense, is that the security screening should be focused on finding the obviously dangerous threats: an AK-47 in an attaché case, or a purse full of hand grenades. Small acts of violence are of course undesirable; but, as with the Underpants Bomber, the flight crew and the other passengers are the back-up security system.
There is a reason that standard security engineering techniques emphasize the concept of “defense in depth”. No single security measure can hope to be 100 percent effective, but by combining different measures with different failure properties, we can build a security system that works.