The secrecy issue has gotten out of hand.<p>The classic military view of secrecy is time-limited. "Where the ship was last week is unclassified. Where the ship was yesterday is confidential. Where the ship is now is secret. Where the ship will be tomorrow is top secret." The opposition will eventually find out what you're planning on doing. The goal is for them to find out the hard way, when incoming fire starts hitting them.<p>The intelligence community has a longer-term view. "We know, and they know. We think they don't know that we know they know. We hope they don't know how we found out that they know." This protection of sources mindset leads to things being kept secret long after all involved parties know.<p>The anti-terrrorism community has adopted the intelligence community mindset. This is a problem.
>So why was the stolen x-ray equipment kept a secret? I asked my source if there was some security reason for keeping the stolen x-ray equipment from the public, and was told, unequivocally, no. “It’s because the mom from the midwest planning to fly her kids to Disney would freak out. They are worried that people would stop flying if they knew.”<p>Kind of ironic, because I've already stopped flying - not because I'm afraid, but because these sorts of measures have gotten to the point where traveling through an airport is an awful experience that I actively avoid.<p>If I absolutely must travel, I take a train or drive. The only reason I ever fly is if I have to cross an ocean or if I face an emergency that requires me to be present somewhere far away, very quickly.<p>And in the case of an ocean, honestly, renting a stateroom on a cargo ship seems like a very relaxing way to go if you have the time. I've got a HUGE backlog of books and games and writing and projects to design and you get the idea.
Hi All, author of the article here. Happy to answer any questions you may have about the laptop ban, aviation security, TSA assholery, Trump's travel-related civil rights abuses (incl. the "Muslim ban"), or other such topics of interest.<p>And, thanks for the support... HN is always one of the first communities to upvote my work and help me share it with the world. As a computer scientist turned almost-lawyer, I definitely appreciate!
Read this paper as well <a href="https://www.usenix.org/system/files/conference/usenixsecurity14/sec14-paper-mowery.pdf" rel="nofollow">https://www.usenix.org/system/files/conference/usenixsecurit...</a> -- the researchers who wrote it obtained (on the surplus market) the same model of backscatter X-ray body scanner that was deployed in US airports and proceeded to evaluate and validate various schemes for undetectable concealment of firearms, knives, and explosives. Other research was done, including a software implant that would selectively strip indications of contraband from the image (when a specific signal pattern was in the image), and a firmware implant that would disable all interlocks and deliver an elevated radiation dose. If it is possible for a few university researchers to obtain this sort of security scanner without resorting to crimes, it is folly to assume that actual adversaries cannot.<p>We need better methods for detecting energetic materials (and not just suspicious shapes) in luggage (detecting it concealed inside humans is harder and would require transmission x-ray which is not currently acceptable for airport security screening) that don't crumble when the adversary has unlimited access to the security scanner to test concealment methods.<p>Concealing knives is kinda easier than concealing energetic materials -- it is, for example, possible to machine a blade that fits perfectly inside a blunt, innocuous "sheath" so precisely (hi, wire EDM) that they appear as a single piece of metal. However, this is not so much of an issue nowadays, as no amount of threatening or stabbing with a knife will make a pilot open the cockpit door.
The premise is flawed. X-ray inspection equipment is easy to find - it's regularly offered for sale on EBay and you'll find a number of teardown videos of various models on Youtube. The stolen X-Ray equipment is not being reported probably because it isn't particularly interesting.
This article seems to miss the fact ISIS took over Mosul international airport in 2014. Surely they got luggage screening machines in hand by then already.
Hey look, a security crisis that can only be fixed by requiring that we prove our devices are functional, most likely by turning them on, logging in, and showing that there are a few documents present. And in some cases, extra manual evaluation will be required, entailing taking that logged-in laptop into a back room for further inspection. They won't copy everything onto a disk of their own---honest!
Everyone seem to have missed the opportunity here to push for standard power connector/polarity/voltage/maxcurrent requirement for all laptops while fitting a power cable (with short circuit protection in every seat. That will also discourage from producing laptops not working if a battery isn't plugged in.
Having say a 12VDC/3A plug in every seat will force most manufacturers to make at least one airline-friendly laptop, and/or implement on faster models things such as turning off cores and keeping CPU speed low to stay within that current limit.<p>edit- and push to get a standard for battery pack sizes to reduce the number of form factors, then implement a service where you give your used one at departure and get a new one at arrival.<p>Regulations like that one stink badly, but necessities drive progress and I see an opportunity here.
Hi Everyone, author of post here with an update for you. The most modern x-ray systems in use by the TSA at airports to screen carry-on bags can indeed see through lithium batteries. It also differentiates densities, and it seems to me that the latest tech should therefore be able to indicate the difference between a battery and C4 in a battery-shaped box. So is it that the airports subject to the laptop ban have the older tech? Well...<p>Read more: <a href="https://professional-troublemaker.com/2017/05/22/update-newest-tsa-carry-on-x-rays-can-indeed-see-through-laptop-batteries/" rel="nofollow">https://professional-troublemaker.com/2017/05/22/update-newe...</a>
Q for the author: how valuable would an actual proprietary airport X-ray be, in terms of designing devices (as compared to another X-ray of similar spec)? Does having access to the actual X-ray for purposes of product testing really make that much of a difference to a technically gifted bomb-maker?
As lithium batteries are opaque to X-Rays, perhaps a ban on laptops with batteries should be considered. This will surely push for standard swappable batteries and standard power supplies so the laptops could be used on board without batteries.
It seems to me that if an X-Ray scanner was stolen from an airport, that information would reasonably be considered SSI due to its relation to screening passenger luggage. I wouldn't be comfortable spreading news that stolen equipment is available, that there's a security vulnerability allowing equipment to be stolen, that ISIS is in possession of the stolen equipment, or any vulnerability assessments of the equipment. The unnamed source seemed convinced that any security decision was made to avoid scaring "mom from the midwest," but that comment appears short-sighted if anything more than conjecture.
>By forcing all these batteries into the cargo hold where a fire cannot be rapidly detected and contained, DHS would be countering any deceased risk of terror with an increased risk of fire.<p>Everyones always been telling me that if I want to bring down a plane I should set the cabin on fire, not the cargo hold. Have I been living a lie?
Correct me if I'm wrong, but wouldn't a relatively benign way to fix this simply be that the TSA agents randomly reorient/flop some carry on luggage items in the bins before they go through the scanner?