Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004

R.A. Hettinga rah at shipwright.com
Wed Dec 15 05:21:04 PST 2004 

At 11:41 PM -0600 12/14/04, Bruce Schneier wrote:
>     Security Notes from All Over:  Israeli
>       Airport Security Questioning
>
>
>http://www.schneier.com/blog/archives/2004/12/security_notes.html
>
>In both "Secrets and Lies" and "Beyond Fear," I discuss a key
>difference between attackers and defenders: the ability to concentrate
>resources.  The defender must defend against all possible attacks,
>while the attacker can concentrate his forces on one particular avenue
>of attack.  This precept is fundamental to a lot of security, and can
>be seen very clearly in counterterrorism.  A country is in the position
>of the interior; it must defend itself against all possible terrorist
>attacks: airplane terrorism, chemical bombs, threats at the ports,
>threats through the mails, lone lunatics with automatic weapons,
>assassinations, etc, etc, etc.  The terrorist just needs to find one
>weak spot in the defenses, and exploit that.  This concentration versus
>diffusion of resources is one reason why the defender's job is so much
>harder than the attackers.
>
>This same principle guides security questioning at the Ben Gurion
>Airport in Israel.  In this example, the attacker is the security
>screener and the defender is the terrorist.  (It's important to
>remember that "attacker" and "defender" are not moral labels, but
>tactical ones.  Sometimes the defenders are the good guys and the
>attackers are the bad guys.  In this case, the bad guy is trying to
>defend his cover story against the good guy who is attacking it.)
>
>Security is impressively tight at the airport, and includes a
>potentially lengthy interview by a trained security screener.  The
>screener asks each passenger questions, trying to determine if he's a
>security risk.  But instead of asking different questions -- where do
>you live, what do you do for a living, where were you born -- the
>screener asks questions that follow a storyline:  "Where are you
>going?  Who do you know there?  How did you meet him?  What were you
>doing there?"  And so on.
>
>See the ability to concentrate resources?  The defender -- the
>terrorist trying to sneak aboard the airplane -- needs a cover story
>sufficiently broad to be able to respond to any line of
>questioning.  So he might memorize the answers to several hundred
>questions.  The attacker -- the security screener -- could ask
>questions scattershot, but instead concentrates his questioning along
>one particular line.  The theory is that eventually the defender will
>reach the end of his memorized story, and that the attacker will then
>notice the subtle changes in the defender as he starts to make up answers.

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

More information about the cypherpunks-legacy mailing list