It is perhaps the world's oldest security technique -- forcing someone to drink from the bottle they are carrying to prove the liquid inside isn't dangerous. But five years after 9/11, with billions of dollars invested in the latest high-tech security gadgets, U.S. airports were forced this week to employ this very old-fashioned technique. As mothers were sipping from their baby's milk bottles in front of Transportation Security Administration workers Thursday afternoon, some had to be thinking -- is this the best security $5 billion a year can buy?
All our technology investments since 9/11 apparently can be thwarted by altered sport drink bottles. On Friday, that news had well-known security expert and author Bruce Schneier crying foul.
"Most of the stuff we're spending money on is a waste of money," said Schneier, whose terrorism security book "Beyond Fear: Thinking Sensibly About Security in an Uncertain World" was published earlier this year. The quest for technology that makes us safer has so far been largely a wasted effort, he argues, because terrorists can always win a game of cat-and-mouse. For each gadget security experts invent, terrorists just alter their plans slightly and circumvent it. "We are spending billions of dollars to force terrorists to make minor changes in their plans.”
Since the terrorist attacks of Sept. 11, the Homeland Security Department has repeatedly turned to technology to keep us safer. There were signs this week that tech has so far let us down.
Early Thursday morning, when U.S. officials were told by their British counterparts precisely what explosives this week's crop of would-be terrorists planned to sneak onto an airplane, federal authorities raced to Reagan National Airport to conduct a test, reports NBC News Pete Williams. Would the ingredients be picked up by normal boarding procedures? Would magnetometers or baggage X-ray machines tip off screeners about the liquid explosive ingredients? The answer was clear and alarming.
"I was told, 'They didn't like what they saw,' " Williams said.
So for the foreseeable future, you won't be able to carry hand lotion or bottles of water with you when you board an airplane.
Remember face recognition?
A long of list of tech-safety projects have come and gone -- taking millions of dollars with them -- since 9-11. The most controversial, Secure Flight, involved creation of an extensive database of travelers, matching that with commercially available data, and applying special formulas to predict likely terrorists from flying patterns and purchasing habits. After several years and an estimated $150 million, Secure Flight was sent "back to the drawing board," by Homeland Security Chief Michael Chertoff earlier this year.
The federal government still maintains lists of potentially dangerous people it says shouldn't fly on planes, the so-called No Fly List. But the technology used to communicate those names to airlines is today essentially the same as it was on Sept. 10, 2001.
Similar failed experiments have dogged other expensive and failed technologies like facial-recognition software.
Thursday's failed plot -- and TSA's reaction to it -- can only be seen as a tacit admission of failure for the nation's explosive detection projects. That's the only conclusion to draw from implementation of the brute-force solution to ban all liquids on all airplanes.
Last year, the Department of Homeland Security budgeted $443 million for explosive detection technology. Many passengers around the U.S. are already being subjected to inspection by some of the best new explosive detection technology money can buy, so-called "trace portals." They look like magnetometers, but trace portals actually work by blowing small puffs of air at subjects, then inspecting the disturbed molecules for traces of explosives. The devices cost $160,000 each, according to Homeland Security. There are 93 of them now in 36 airports around the country.
Neither TSA nor the two makers of the devices -- Smith Detection and General Electric -- like to talk much about how trace portals work. So there is no definitive answer as to whether trace portals could have prevented the planned attack. But clearly there was little confidence expressed in the devices this week. Meanwhile, other gadgets that might detect bomb ingredients are nowhere near U.S. airport screening lines.
What almost happened
The news this week was actually good news – that a terrorist plot didn’t happen. But had events broken the other direction, an investigation into America’s preparedness for carry-on explosives would have echoed the “this-could-have-been-prevented” inquiries into the Katrina disaster or 9-11. There have been ample warnings about exactly the kind of liquid bomb attack foiled this week.
This week's failed plot appears to be a near carbon copy of an attack uncovered in 1995, which was planned by 1993 World Trade Center bomber Ramzi Yousef. Last summer, during a House committee meeting on security, Rep. Peter DeFazio grilled Transportation Security Administration's chief technology officer Clifford Wilke about the agency’s preparedness for liquid bomb attacks. DeFazio’s remarks sound prophetic now.
“We haven't equipped our people at the checkpoint to detect the bomb that (Yousef) used … and I'm concerned that there are patterns out there. (The terrorists) came back after the (1993) World Trade Center bombing. I'm worried that someone else's going to come back.”
Even with more than a decade’s warning, the only tool screeners have right now to protect against the Yousef plot is a large trash bag.
"I think we have wasted a lot of money, and I don’t think we've gotten a big bang for our buck," said James Jay Carafano, a security analyst at the Heritage Foundation.
However, he wasn't critical of all of the TSA’s efforts. Work on biometrics and some of the immigration-screening technologies have improved, he said. But efforts to screen 100 percent of passengers and bags for 100 percent of any dangerous objects is, as he puts it, is guaranteed to be a losing effort.
Look for dangerous people, not dangerous objects
Frequent aviation security critic Bob Polle, who in January published a report called "Aviation Security's latest 'F' ,” said the chief problem is the paradigm that persists in airline security. Screeners and technology are both focused on finding knives or explosives -- a needle in a haystack -- rather than finding those who are intent on causing harm.
"The focus needs to shift from trying to find the latest bad object to systematically finding the bad people," he said. Secure Flight, the now-tabled database of fliers, has been TSA's only effort at that to date.
Schneier, who served on a special TSA task force for Secure Flight, said the best way to find bad guys is to stop wasting money on ineffective technologies and instead hire far more on-the-ground intelligence agents. After all, this week's plot was apparently foiled by old-fashioned police work and volunteer tips-- not whiz-bang technology.
“The little money we spent on intelligence paid off,” he said.
Not everyone is down on tech as a safety tool. Larry Ponemon, operator of consultancy The Ponemon Institute and advisor to the Department of Homeland Security, says the agency's Transportation Workers Identity program deserves high marks. It involves new high-tech ID cards designed to keep terrorists from sneaking into secure locations at airports.
The failure of SecureFlight and other projects has more to do with bureaucracy than technology, he said.
"My belief is that a lot of these projects are not able to get off the ground fully because...there are too many people in the decision-making process," he said. "There's so much inertia on this topic…this is more about the inability to execute and the inertia of these bureaucracies."
'Movie plot security'
But Schneier is adamant that the search for a silver technology bullet to make flying safe is actually a distraction that hurts the cause. And right now, he’s concerned that Homeland Security is caught up in a vicious and counter-productive circle.
“We invent a movie plots. Then we spend money because we have in our heads a specific, dreamed-up a movie plot,” Schneier said. Or alternatively, we spend incredible amounts of time and money fighting against the last threat instead of the next threat – taking our shoes off in response to the “shoe-bomber” threat while all the while the next attack may very well involve explosives smuggled on as airplane food. Inventing technologies to thwart specific threats is pointless, he says.
“I’m tired of (security) that requires me to guess correctly. That's the problem with the movie plot threat model.”