I found out last week that one of my colleagues caught hand-foot-mouth disease from his toddler, and it scarred his fingerprints, causing problems with US Immigration And Boarder Patrol's stored biometrics for him. Yes, this particular system uses faces instead of fingerprints, but I was very surprised that such a common infection could (in rare cases, I presume) mess up your biometrics.
Net-net, shifting toward biometrics is good, but there are some very sharp corner cases.
Also, my toddler still has trouble telling my infant identical twins apart. I could see one of my identical twins denied boarding because "Sorry, but you're already on the other side of this security gate. If you'd like us to review this decision, please send registered mail to the nearest trash receptacle."
Edit: I almost forgot about my own travel facial recognition failure two weekends ago. United has some system that scans your face at the check-in counter, and uses facial recognition in lieu of scanning your boarding pass at the gate. I entered one gate. It didn't even seem to recognize there was a face there. The gate agent told me I was standing too close, and told me to back up. She then told me to try the other gate. Then she asked me to stand aside and she manually scanned my boarding pass. To be fair, I used to get the same response at bars when I was single. (I joke, but this really happened to me that a facial scan from a few hours prior wasn't recognized at the gate.)
I disagree. It's a disclosable but non-revokable authentication mechanism. If your fingerprints leak, there's no way to revoke them. If your fingerprints change, like with your friend's kid, you'll find that the systems are not designed to handle updates. It's an ID that you cannot discard but might accidentally ruin.
There was a story in 2015[0] where someone was able to reproduce the fingerprints of the German defense minister from a photograph.
>Jan Krissler, known in hacker circles as Starbug, used commercial software called VeriFinger and several close-range photos of von der Leyen, including one gleaned from a press release issued by her own office and another he took himself from three meters away, to reverse-engineer the fingerprint.
It started with just having Name / Card Number / Expiry, all of which are printed right on the card, being all that was necessary to conduct a transaction.
Then they put a magnetic strip on the back of the card and storing the same information in plain text on that strip.
Then they started printing a "secret" 3 or 4 digit number (CVC) on the card for "extra" security.
Now we have chips in cards which helps with brick and mortar transactions in an era when most transactions are online.
The next thing I'd like to see are deposit-only bank account numbers tied to your regular bank account number, so that you can give someone the information necessary for them to send you money via ACH without them having all the information necessary to drain your bank account.
At present, I transfer money into my checking account for each and every outgoing transaction, so there's both a small time window and a small limit on the amount of a theft, and I have less to worry about giving out my checking account number for incoming transfers.
Mildly related: At one point I was considering how easily someone could make an e-mail server where valid addresses were all in the form username+code@host, where users could create/manage valid codes using a smartphone app, noting which ones were for which purpose and having inactivity or expiry rules.
Unlike current user+anything@host forms, a the + component would be mandatory, and an incorrect/expired code means spam filtering.
You can do something similar now with email aliasing services. Also they don’t include your primary address which is easily stripped from the + format you are describing.
I had a big problem with fingerprints and hand geometry stuff after recovering from some serious burns. They had to delete my account to readd me into the system because it changed so much.
You are right if to speak about access control, but TSA, police, and the likes have other goals. They want to establish firmly one physical person <-> one DB id relation. People checked may for various reasons try to thwart such attempts. In such circumstances it's hard to come with a solution which is not bio*
This is already in place. After EQ was breached, I wasn't sure who to go to, to change my Date of Birth, so it's still the same. :|
There is already a lot of truly immutable and practically immutable data that's tracked.
The other issue is the courts have dictated that you don't own your own biometrics. Phone locked with face or fingerprint? They can get a court order that allows them to force unlock it.
A pin code is considered more secure, because it can't be force bypassed, like biometrics.
This decision overrules previous circuit court rulings in California that biometric features were considered testimonies since suspects weren’t verbally giving up their numeric passcodes or passwords.
The method by which you choose to lock your cellphone can make the difference between being required to unlock it for a police officer or not. Police officers cannot force you to unlock your phone by a testimonial act that reveals the contents of your mind. You can be forced to unlock your phone by a nontestimonial act.
Nontestimonial acts are things like your biometrics, your DNA, etc.
IMO it needs to be something that can't change, like your basic DNA, or something to that effect. We definitely do need a better way to positively identify people.
I just realized we thought we were being a bit cute by giving them names that meant the same thing, but in different languages. Now, I realize that if they translate their names into written Chinese, they better be phonetic translation... if they end up with identical names, same birthday, identical DNA, that could cause problems.
And how is this any different than currently using your photo ID and someone looking to see if the ID matches your face? You would still have the identical twin problem
Privacy is a new-age luxury that causes more problems than it's worth. I know this is unpopular, and I'm not justifying the abuse of information, but it changes nothing about the fact that we are by-and-large a social species, and being able to positively identify someone would likely have more benefits than drawbacks, because our society is organized around the idea that we know who we're working with.
Well, in any scenario where you need to verify someone's identity, privacy and anonymity not only aren't goals, but they aren't acceptable.
Now you could argue that in many situations you don't need to verify someone's identity and shouldn't have the right to do so; but if you do (like during border control) then your identity isn't supposed to be private.
The issue isn't identity but attestation or assertion of identity.
The problem with DNA, as with fingerprints, voiceprints, retina scans, and the rest, is that a small sample or simulacrum of the original object or characteristic can often create a false positive.
You leave your fingerprints, and DNA, on everything you touch, literally. Your voice is now being recorded in high fidelity at great frequency, and your eyeballs are visible to whatever it is you are looking at.
The original use-case for computer passwords, as inveted by Fernando Corbato, was in a specific facility, with a physical location and at least reasonably-limited access, largely as a measure to prevent either accidental or typically prankish mis-use of other people's computer resources. The "universe" was a few score people.
We're now relaying on passwords (and numerous other proxies for identity attestation) in a universe of roughly ten billion people, with remote 24/7/365 access and highly-automated attacking systems, over a channel which provides very narrow capabilities for high-credibility, non-spoofable assertions.
For humans interacting in person, there are many simultaneous indicia of who an individual is, particularly amongst people well-known to one another: visual appearance, voice, height, gait and carriage, mannerisms, and personal/intimate knowledge. Even for in-person identity assertion, these factors break down at scale, as our primate brains can recall the features of a few score individuals, but not many hundreds or thousands, let alone billions.
(An interesting exercise is to consider the span of a year, or your life, and how much time you could dedicate to n number of people in that time. Even over a lifetime, you can only get to know perhaps 50,000 people for an hour or more 1:1, roughly a medium-sized town's population. Not even a large city, let alone a state/province or nation, let alone the global population.)
I'm coming to feel that the idea that we can transact significant interactions at this scale (population, distance, time) may well prove to be greatly flawed. Airgapping and limited access have their benefits.
If you're referring to mRNA vaccines, one of us needs to brush up on basic cellular biology.
If you're referring to Adenovirus vector COVID-19 vaccines, I believe episomal replication makes their DNA short-lived in the host. Also, as it's never reverse-transcribed into the human genome, there's a semantic argument that the Adenovirus DNA is never a part of the person's DNA, even when it is short-term resident in the nucleus.
Though, I suppose there might be some rare form of translocation that might still result in Adenovirus DNA being incorporated into the Human genome. I don't know enough about viral genetics to know the corner-case caveats associated with the claims that Adenovirus vector vaccines don't modify human DNA.
I have fingerprints. But because I have Cerebral Palsy that affects my left hand, it’s almost impossible for me To stretch it out to get good fingerprints.
TSA can bypass it and just say “missing fingers” with a note.
When I had to get my fingerprints rolled at the police station for a background check, they also have a standardized form
> The disorder was informally nicknamed "immigration delay disease" by Professor Peter Itin after his first patient had trouble traveling to the U.S. without any fingerprints for identification.
"a person from Switzerland who lacked fingerprints. The phenotype was mapped to chromosome 4q22. In the splice-site of a 3' exon of the gene for SMARCAD1-helicase, a point mutation was detected."
In the future parents might want to genetically modify their children to have this mutation :)
I worked with a Nepali cook who had no fingerprints. It was from continuous burning. He would also reach into a colander propped in boiling water to pull out and plate pasta. He was so desensitized to pain that he was not careful of the cooks around him. The guy to his right requested a shift transfer because he kept getting burned.
I was pouring concrete a bunch this past summer for a project around my house. Even wearing gloves, the concrete wore down my fingerprints to a smooth texture (and I had scabbed over wounds in spots too, thankfully no scarring). My fingerprint readers on my devices didn't work for much of the summer.
I'm old enough that my fingerprints have largely worn off. My Air M1 won't recognize my index finger, and my thumb is 50/50. At least my iWatch mostly works, when it isn't complaining that the wifi is too weak (because I'm not holding my wrist in the correct orientation).
As a result, I'm sure "updating your stored biometrics" is such an alien impossibility to these agencies because they have completely bought into the myth that your biometrics never change.
I mean you act as if they have to store your fingerprints as a clear image. They match your fingerprint and then your picture is displayed on the screen and you have to scan your boarding pass.
Your fingerprint is stored as a number. The camera identifies repeating patterns, similar to a QR code, which reads like a number.
You wouldn't even need a print, if you could spoof the right sequence.
> uniqueness of fingerprints is also disputed by many
But, who cares? Security at the scales the TSA operates at is not an absolute but probabilistic.
What they can do is lower the possibility of accidental mismatches to some acceptable level, and to increase the cost for an attacker. That is all they can do. And they have to do this at scale with acceptable externalities.
Yeah, finger prints are not 100% unique, neither are they 100% foolproof, so what?
When it is a government agency preventing my free unrestricted travel I think we should have a higher standard and a better response than "so what"
There are 2 options here,
1. They fail open meaning "security" is compromised and thus pointless
2. They fail closed meaning they will violate the rights of citizens to freely travel or place undue hardship on them because their systems failed putting the traveler through additional "screening"
neither should be acceptable to anyone that values a free society
Plus obviously the third "on failure we employ more/different scrutiny as a fallback mechanism" which handles the many edge cases while maintaining an acceptable level of security.
> They fail open meaning "security" is compromised and thus pointless
I locked myself out of fingerprint unlock for something like a week on several devices after a limited amount of cleaning with citric acid and a scrubbing pad.
Any miscreant wanting to cause the greatest mayham, could easily target TSA waiting lines, yet this never happens… Almost like the threat isn't as high as it is portrayed to be.
They use both. They crosscheck you against stored biometric data from the passport, and also the data stored in the passport against data previously seen.
If something is not matching they put additional scrutiny on you.
It is not perfect. Super spies, and determined smart criminals are going to be able to defeat it, but it raises the bar.
I almost forgot about my own travel facial recognition failure two weekends ago...
I ran into the same problem with British Airways at Heathrow a few years ago. Face was scanned at initial entry point, then failed at the gate during boarding. After a few tries at getting the system to match my facial scan from a few hours prior, the gate attendant gave up, had me stand aside, let everybody else board, I got on dead last. Thankfully my wife's face matched, so she got on and managed to keep a spot in the overhead for my baggage.
I know facial recognition algorithms and human facial recognition work wildly differently. However, the two faces are similar enough that several months of training, with some ability to choose perspective, isn't sufficient for my oldest to be able to distinguish the twins. In order for me to be confident which of my twins I'm looking at, I need a view at least 30 degrees off center from the left side to get a clear enough view of the subtle difference in the shape of the top of the left ear.
I'm not confident a one-shot algorithm can reliably distinguish them without also sometimes believing one of them is two different people.
> United has some system that scans your face at the check-in counter, and uses facial recognition in lieu of scanning your boarding pass at the gate.
I don't think it's an airline thing. I've had the same at LAX boarding an Air France (codeshare with Delta) flight, and it seemed to be all over the place there.
Wonder how many more decades we'll pretend like everyone flying is a potential suicide bombing terrorist and ignore things like # of years or # of flights without trying to hijack a plane. Surely, if I've got 20 years of non-terrorist behavior, I should be allowed to go through a standard metal detector, no?
If it is a jobs program, why are they understaffed and slow all the time? It is a scheme to funnel money over to millimeter wave machine manufacturers and gather biodata for Clear et al.
A conspiracy by definition is a group of people working together to benefit themselves at the expense of others. So yes, this is conspiratorial thinking, and that in itself does not necessitate it being invalid.
Wonder how many more decades we'll pretend the TSA, or any other federal agency like it has anything to do with safety at all.
It is all a pretense for behavior control, to have a precleared, approved, and unquestioned method to shut down "trouble makers", dissent, or other things the government finds more complicated to control unless they have tools created to prevent "terror"...
How else can they easily track who went to the political protest unless you your required to scan your face as you board the plan to go... How else can they shut down otherwise legal activity under the guise of security with out the terror back drop
TSA is not about stopping terror, TSA is the terror
I mean I’m all for a good anti government rant. But as someone who has has been through airport security in 15 cities this year and has 36 “segments” this year (landing and taking off in planes), TSA is the least intrusive part of government.
I've seen the TSA pre-check line be longer than the regular TSA line recently. I think there has been a big push to get folks into pre-check, including opening up more interview places and making it less of a pain in the ass to get. It's all a money grab at the end of the day.
The types of checks they do in the PreCheck line are different and take less time, so even a longer line still moves quicker. There’s also far less chance of being behind a family with strollers, or someone in a wheelchair, which also slows things down. People with PreCheck are usually frequent travelers, and are more likely to be prepared (with everything out of their pockets, etc) when going through instead of having to wait for multiple rescans of the same person.
I dont travel every often, but the few times I have Pre-Check has always been longer or equal to normal check..
One time I was in a mid sized city airport, there was like 30 people in PreFlight Line, and 20 in the Normal line, I got through the initial ID Checkpoint faster with no precheck. lol
Global Citizen may be worth it, but I only travel international about 1 time per year so...
My backpack has two computers (work and personal), an iPad, a portable USB C monitor, a keyboard and a mouse depending on the airport without PreCheck, I have to take everything out and put it in separate bins
Not to mention taking my shoes and belt off.
With precheck, I just dump everything in my pockets into a back pocket of my backpack and go through.
Not to mention with Clear I even skip the precheck line and get go security faster.
The airport in the city I fly out of have the upgraded scanners, nothing comes out of the bag any more. You do still have to take your shoes off though
As more and more airports upgrade to the new scanners I see less and less of having to remove Electronics into separate bins.
Even at aiports with the old scanners I have never removed mouse to go through security... and rarely do i do separate bins, 1 Bin for my Shoes, Belts, Jacket etc, 1 Bin for my Electronics, Laptop, Cell, SteamDeck, and Tablet all go in 1 bin, never had a problem
It is security theater. We just needed millions of dollars in equipment to go in so that Chertoff was able to get his payout. The frequency of false positives and false negatives is irrelevant.
For the downvoters because I can't edit anymore: No, this is not sarcasm about the quality of the metal detectors. The TSA intentionally configures their metal detectors to randomly trigger on people despite them not otherwise meeting the detection threshold. It's a different beep. It's a way to randomly select people for a body scan or a patdown.
To entertain an actual technical discussion for a moment on this (and assuming air security is a legitimate goal), I wonder what kind of pen testing certain people might try on this, given that now there is not someone so actively watching if you display suspicious behavior. As in, at least with traditional checkpoints, an agent watching your moves could easily see if you were fiddling with something to try to evade detection. And that would deter people from trying anything.
But with an automated portal, who knows what someone might try and test the tolerances of, to understand how it works and the limits.
Although, perhaps if it is operated like some automated immigration checkpoints abroad, a dedicated officer still does oversee several booths and will probably notice lingering behavior where someone is acting suspiciously.
Imagine it's like if you knew that after 3 tries, your login attempt gets reported to root, versus if you know that never happens.
> I really wonder what kind of pen testing certain people might try on this
After getting spanked by DHS OIG in 2017ish, TSA has really stepped up their testing program. They have an internal DHS red team as well as hiring outside experts for regular testing. Additionally they have a program called index testing where they take screeners from one airport and train them to do covert testing and send them to other airports, to both increase the volume of regular testing as well as exploit insider knowledge.
Despite all the shit they catch, TSA has gotten really good at detecting some of the stuff that I would covertly travel with.
Internal DHS red team sounds like one hell of a job if they include physical security checks (aka “Airport Security”) in the list of things the red team is allowed to attempt to bypass/exploit … like this could be a boring government desk job … or… it could be professional heist movie LARPing with all the fun of sneaking past the real security stuff but none of the risk of getting thrown into a jail cell to rot… and the follow on question is how they monitor and supervise this, like if it is physical pen testing the airport security line, do they carry any sort of documentation to stop things getting out of hand or is it entirely up to their superiors up the chain to stop them winding up in jail for real…
I’m expecting it isn’t as exciting as it could be, but I really want to know more.
Several decades ago I was hired by a multinational bank to do software development, and one of my first tasks was to glean as much information as I could about one of the competitors' ATMs. My manager gave me a letter (on company letterhead) to carry with his contact info that described what I was doing, in the event security stopped me for spending an inordinate amount of time going through as many screens on the ATM as I could and writing down things about the UI. (Spoiler alert: nobody stopped me.)
I'm not an expert in airport security at all, but I'd bet dollars to donuts that anybody doing physical pen testing of that type will carry documentation describing who they are, who they work for, and what they are doing.
See this was my first thought but then it occurred to me that they’re trying to bypass people who are meant to be inspecting your stuff, does part of the job become “sneak past with this bit of paper” or do they carry nothing official on them to make the test more authentic, having paper documents risks biases towards staff procedures that would catch people with the document and thus end any pen testing attempts with potentially only a perceived improvement to security when they could be failing to catch people with usb drives or whatever else they are meant to be on the lookout for…
I think your concerns are unfounded. TSA doesn't generally sift through every bit of paper in your possession, nor do they really care what's written on any of the paper you're carrying since it's unlikely to be a threat.
I have done physical security red teams. It is 98% paperwork and planning that lets you do the 2% fun stuff.
You carry a "get out of jail free card" (basic example below) which needs to be signed by someone high enough up to be able to authorize the work you are doing. I also request that it include contact info for at least 4 people who are aware of the testing and will answer their phone. Depending on the type of engagement and location I will sometimes notify friends in law enforcement ahead of time.
Friend of mine worked in an adjacent industry (not TSA, not in the US even, for a contractor doing "mystery passenger" testing for major airlines I believe. Many countries require airlines to do their own checks at departure for international incoming flights, and levy big fines if a traveler with invalid documents is let through, so airlines do care about this a great deal.
He once tried to travel internationally without a Passport / ID, I don't remember if this was within Schengen or not. He had a sob story about his mother dying and him trying to get home to her funeral. He was let through, partly because of people believing him, partly because of incompetence and people just not checking. A good few employees were sacked because of this.
So for PreCheck, as far as I can tell all they do is scan your id, and compare the name to the name on your boarding pass, and your face to the face on your id, and you just put your bags (and coats sometimes) on the conveyor belt.
So it sounds like this "incredibly expensive" machine is just going to scan your id, face and boarding pass and match them up?
You still have to go through security with PreCheck. It's usually faster and requires fewer steps that non-PreCheck passengers have to go through.
I used to fly up the East Coast and back every other week and I couldn't imagine doing it without it. Seeing the 1-hour standard line and instead making it through PreCheck in less than 5 minutes. I would totally use a self-service system.
When people get PreCheck the normal reaction is "That was easy, why doesn't everyone do that?" I joke that the real "test" when you sign up for PreCheck is can you successfully book the appointment and show up?
I do PreCheck as well. Perhaps I could have phrased my comment better. Currently the only non-automated/non-self service part of it is the person checking your id and boarding pass.
PreCheck is basically just pre-9/11 security with a metal detector and not having to do all the nonsense like removing electronics from bags and taking your shoes off. It sounds like the goal here is to replicate that in an automatic way (though I'll bet there's actually a remote office somewhere doing all the bag screening).
There seems to be some confusion about precheck. Most people get precheck by doing “global entry”, which dramatically shortens the time required for US citizens to re-enter the US. Pre-check is a side benefit of global entry. Global entry pre-dates precheck.
Out of curiosity do you have stats on that? Until recently 100% of the people I knew with precheck don’t have global entry. Right now global entry interviews can be over a year out.
Seems to be roughly even, with somewhat more TSA PreCheck-only members than Global Entry members (including NEXUS and SENTRI).
As of March 2023, TSA said [1]: "TSA PreCheck® application program has surpassed 15 million active members" and "Thirty-two million travelers now benefit from TSA PreCheck expedited screening after being vetted though TSA PreCheck ®, U.S. Customs and Border Protection’s Global Entry or another federal vetting program."
As of September 2023, CBP announced stated that there were over 12 million Global Entry members in a press release. [2]
This appears to include SENTRI and NEXUS members, since as of July 2022 it was stated: [3] "There are over 7.6 million participants enrolled directly in Global Entry, and over 1.8 million members of NEXUS and SENTRI that also receive Global Entry benefits."
Getting an interview for global entry is actually pretty easy, you can just do it on the return leg of international travel with no appointment needed.
When you enter customs upon re-entry to the US there's a sign for a place where they'll do your interview real quick before letting you go. The downside (IIRC) is that you don't get your number for precheck either until you do this, so if you only do international travel 1-2 times per year you might want to find an interview time.
By the way, I forgot another side benefit of Nexus (and Sentri, I think): your Nexus card qualifies as a Real ID, so no need to upgrade your state ID when that requirement comes into effect for air travel.
As others have pointed out, that's not really all that much more common. Another reason for it is I believe that Global Entry and Nexus both still have a blanket "no criminal convictions of any kind at any time" requirement... which rules out something like 25-30% of the US population. Precheck also has a criminal background check but it isn't immediately disqualifying in all cases.
Yeah, I think that was a general estimate I found some supporting research for a few years back when I looked into it a bit, and I've seen similar quoted elsewhere.
It's not easy to come up with an accurate number at all due to all the different state systems not being perfectly comparable, treating different things in different ways, and duplicating individuals who have convictions in more than one state. Even attempts to link them together have been incomplete and inaccurate.
I'm not particularly surprised at that level, though... it's going to include _lots_ of low-level things that are technically classified criminal even though they're often just a ticket: kids caught with beer at a party, speeding in areas that have a "20 over the limit" rule that automatically upgrades to a higher offense, failure to pay tickets that gets escalated to a court, etc...
https://www.sciencedirect.com/science/article/abs/pii/S00490...) suggest that in 2017, 8% of the US adult population had a felony conviction, 24% of Black adults, and 33% of Black males. But for TSA Pre/Global entry, the relevant number is the number of fliers, where I suspect the felony rates are lower.
This is definitely not true. Most people do pre-check and not global entry. Most people care about traveling domestically much more than internationally and the process is longer for approval
Las Vegas, I am convinced, has a special arrangement with the TSA because they understand that making it difficult to fly in and out of that city will have direct and measurable impact on the entire economy of the region (and they have the money and clout to be heard at federal politics level).
I have noticed flying out of Vegas that screening is an awful lot more gentle than it is in other airports, and I'm fairly confident it's because the TSA there has received a very solid note to not have people's last memory leaving Vegas be a sour memory.
That does sound feasible. There are a number of airports (SFO probably being the largest) that have their security screening performed by non-TSA third-party companies, which I suppose is the ultimate political embarrasment lever to pull.
It has never been, is not, and will never be, different. Instead of paying fees to TSA SFO pays slightly more to the contractor doing the job. It's the same. Same rules, same procedure, same equipment. Same, same, same. The only difference is the patches on the shirts.
Everyone in here has cultural amnesia about air travel in the 90s.
The current system is TEN BILLION TIMES better than post-lockerbie.
If that was the case, you'd think they'd make their airport less miserable. They have some of the worst food options I've seen at an airport in a long time, presumably because any restaurant would take away precious real estate for the ever-present slot machines.
Was just there at re:invent the other week, and I couldn't point to anything different about the airport WRT security and TSA. Very long lines, traffic in and out of the airport was _insane_. My last impressions of Vegas were the terrible traffic, long lines for a limited selection of airport food, but hey, if I wanted to play slots, there they were.
Yes, F1 had wrapped up the week ago, but it didn't seem like they were hurrying to take anything down.
I have low expectation of airport food, too, but unless you get a direct flight at the right time you're going to find yourself needing to eat at an airport.
The section I was in had some automated sandwich kiosk and a burrito joint that had a huge line that wasn't moving. Walked to another section that had a Shake Shack and some kind of pizza place. Ordering at Shake Shack was fine but it took about 20 minutes to get my order. On the plus side there was an old guy who was also waiting and telling the dirtiest jokes to anyone that would listen.
I've opted out of the mmwave/body x-ray devices 100% since 2001. It will be unfortunate not to be able to share these special moments with another person in the future when I'm having to DIY my pat down, or only have the cold metallic fingers of a robot skim over my body.
I bet this is going to be the mcdonald's ice cream machine of airport technology same way mobile passport controls is never open and people need to stand in the long lines.
The same. Kel Varnsen was the mastermind behind their pivot from latex products. They changed the name about the same time, due to unrelated litigation.
It shows how gov policy is a one way street though. Any time you say yes to gov it's yes for at least a couple decades and then when issues become so apparent for so long they'll start having meetings to plan meetings to reform it and then another decade the reform will remove half the burden and leave the other half.
A few (non-US) pilot/copilots have used the door to hijack their own plane and intentionally crash airliners while the other pilot was in the restroom.
I think they now require at least two people to stay in the cockpit at all times to work around the problem the door created.
Not sure if that means an additional crew member, or if they are allowed to have a flight attendant hang out in the cabin while someone takes a whiz.
The TSA is not the best of the best. A friend of mine worked for them in grad school (just post 9/11 mind you) and told me that 40% of the workforce at his airport (Chicago Midway) got fired because yearly they failed a proficiency exam that they had to pass to get hired.
I find it highly unlikely that these new systems will make the TSA line go faster. They tried this with self checkout at grocery stores and that doesn’t seem to have been successful.
Can't speak to the TSA system, but the self-checkout at the grocer is a piss-poor implementation...
Most shops have a scale on the bagging side, but it's far too small a platform for more than 2-3 bags worth of food. Most Americans shop for a week at a time. So, they can't reliably check-out themselves because the system complains if the scale reading doesn't match the expected weight of scanned items.
But, at the same time, grocery stores slashed manned check-out lines, forcing people to use the self-checks when they had unsuitably large carts. So you either wait in a long manual line, or you wait in a short (bot slow and error prone) automated line. Lose-lose for consumers.
You can fit 6+ self checkout stations in the same space as one or two regular checkouts with the need for only one employee to keep an eye on it. While the time to check out a single person is longer on self checkout, the overall throughput is much higher, and therefore the wait time is usually lower.
My local Aldi(US version) stores installed self checkout. Before there would be one cashier and they'd call for backup if the line got past 4 or 5 people. People usually filled their carts full, so it was very slow. Now it's a breeze with self checkout.
The main reason I have global entry, despite my reluctance to do so, is to avoid having to get pat-downs every time I refuse to walk through the microwave. So basically this would nullify that benefit for me.
"...hopefully providing a more seamless screening experience."
You know what works provided a more seamless experience? Just so away with the TSA. They only provide negative value. They are a time and money sink at the cost of our privacy
I guess I live in a different world than you do. Perhaps that's because I'm not from the states. In your world, without TSA or similar authority, plane hijacking wouldn't become a regular weekly occurrence?
I'm genuinely asking, as I have no idea what's the background for the bad sentiment towards TSA I see here or what's the common thinking on the issue is
Edit: reading the replies I turned to wikipedia, I had no idea TSA was only founded in 2001, and that the responsibility for security used to be distributed among various companies. I'm out of context and have some reading to do
I think when people say "get rid of the TSA", they really mean "get rid of all the security theater the TSA is responsible for". I don't think anyone means to say that there should be zero security checks on the path to board an airplane. Granted, before 9/11 (after which the TSA was created), airport security was handled by lots and lots of non-coordinating security companies, and standards were not uniform.
But IMO pre-9/11 airport screening was more or less just fine. The two biggest things that deter plane hijackings are 1) armored and (almost) always-locked cockpit door, and 2) the widespread understanding among passengers that if someone hijacks your plane, you should probably fight them, as there's a good chance the hijackers have suicidal intentions and you'll die regardless.
(And even if #2 fades away, #1 is still a pretty damn potent defense.)
Putting people through millimeter wave body scanners is unnecessary. Limiting (and requiring people remove and present) liquids is unnecessary. Removing large electronics is unnecessary. Removing a light jacket is unnecessary. Removing shoes is unnecessary.
Basically if we just made the TSA Pre Check screening process the standard for everyone (and dropped the liquid limits), we'd be fine.
Not to be a spoiler but in 2000 I was flying back from Las Vegas. In the airport terminal (after we passed security ) we decided to have lunch - steak lunch. I would not have realized myself, but one of our buddies made the comment :”these are real steak knives”. The rest of our lunch had many college-age jokes about kidnapping our upcoming flight :).
Plane hijacking was an every decade occurrence. So there there isn't enough data to say if they have made a difference yet (this is debatable, but there at least isn't enough data to have high confidence). That is before we get into confounders: the economy is different. The 9/11 hijacking changed the game so potential hijackers are less likely to try since passengers are no longer going to sit back expecting a free trip to Cuba. cockpits are not locked in flight, so a hijacker couldn't do anything even if they tried.
None of the TSA screening changes would have made a difference. The knifes the hijackers used were placed on the planes ahead of time (the old metal detectors would have found them). Checking IDs against a no-fly list could be done in many less intrusive ways.
This is well before TSA but plane hijacking used to be common occurrence: "Between 1968 and 1972, more than 130 American airplanes were hijacked. Sometimes there was more than one hijacking on the same day. "
They weren't a weekly occurrence prior to TSA, either.
AIUI, the cockpit doors are now relatively more secure, and there are significantly (i.e., 2 orders of magnitude) more federal air marshals. Not to mention the changed calculus for the passengers if a hijacking were to occur.
> Not to mention the changed calculus for the passengers if a hijacking were to occur.
If there were no air marshals, and the cockpit door was replaced with a 1970s-style beaded curtain hippie door, I would still expect future hijacking attempts to fail.
Before 2001, a hijacking was almost guaranteed to be an inconvenience for the rest of the passengers. A diversion to another airport, being stuck on the plane while negotiations happen, etc. After 2001 every passenger is going to assume they're being commandeered as a missile. There will be tons of resistance from 1A all the way to 33F.
(Strong cockpit doors are still a good idea. I'm not arguing otherwise. But the changed calculus you mention is enormous. It alone I think would make successful hijackings a rare occurrence.)
How would the hijackers get into the cockpit? The pilots will never, ever, open the door because instead of maximum 100 passengers dying, the plane can be used to kill thousands of people. Plus the pilots themselves will live if they keep the door closed and go home to their families.
There's not going to be a common hijacking scenario where the passengers have to get into the cockpit.
If one or both of your pilots are determined to crash your plane, there's not all that much you can do about it. The plane is almost certainly going to crash. So I don't think we should optimize security for that case, which is also very rare. Most likely a hijacker will be a passenger, or, at worst, cabin crew.
Before 2001, government security checkpoints were extremely rare throughout most airports worldwide. In the US in particular, there'd be some bored private security with metal detectors at most that you didn't even need a ticket to get past.
Before 2001 you could in some cases buy your ticket at the gate (most of the time no, but some high demand routes they did do this). You could escort you kid right to the gate, and on the other end "grandma" would be waiting as they got off. We lost a lot.
Here in Australia, you still can go through to the gate to see people off or meet people arriving in most domestic terminals. It's mostly only international ones (or international parts of the terminal) where you need to be flying to pass security.
I didn't visit the states before 2005 so I never experienced that. The only difference I personally experienced in airport security post 9/11 was the ban on liquids.
Indeed, not related, but that's the only change of security measures around flights I have ever experienced, in contrast to the american experience, I understand now.
>"In your world, without TSA or similar authority, plane hijacking wouldn't become a regular weekly occurrence?"
I think the answer lies in your phrase "similar authority." One idea is to privatize this job. The TSA culture is a joke. This is an agency who have failed to understand that their mandate is to protect people and that they are there to serve. Instead they treat flying public like adversaries while browbeating and infantilizing them. They seem to imagine that their mandate is to stress people out and confiscate toothpaste. It's hard to imagine a ruder public agency. Not all of course as sometimes you do get nice folks who understand they are there to serve. This is generally the exception though. It's so exceptional that when it does happen it's kind of shocking.
> plane hijacking wouldn't become a regular weekly occurrence?
Except that there were relatively few hijackings prior to the TSA. Airport security of some form, sure, but it was wildly different than the TSA. I've had an infuriatingly large number of nonsensical encounters with the TSA and would love to see that agency torn down and replaced. If not both, then just torn down.
Arguably the two main deterrents from further hijackings in the US have absolutely nothing to do with the TSA: prior to 9/11, complying with hijackers was usually considered the "right" response. Also prior to 9/11, few if any airliners had secure cockpit doors.
How else would airlines get little kids wide eyed at the vast array of lights and buttons and give them a branded pin and hat to win their hearts at an early age?
Why is that a problem? A hijacker getting into the cockpit at that point can't really do all that much. The wheels are still blocked, and no tug is going to come along and push you back from the gate. There are likely still fuel lines and other umbilicals connected to the plane, not to mention the jet bridge. A flight attendant or other airline employee could pop down into the avionics bay (there are often access points outside the cockpit and even external to the plane) and start disconnecting things, making it really hard to get that plane moving.
And even if you could get past that, no one at ATC is going to give you taxi, runway, or takeoff clearance. I guess you could just go anyway, and of course ATC will get other planes out of your way, since that's the safest thing to do, but in all the time it takes for you to taxi and take off, the nearest Air Force base will have a lot of time to scramble a fighter to take you out as soon as you're airborne... or perhaps even before you take off.
The plane isn't a 500mph missile at that point, and law enforcement still have easy access.
It's not overly difficult to handle APU and engine startup on a modern plane, but there's still a bunch of other obstacles to overcome, wheel chocks, etc. And you're presumably not going to have a compliant tug to push you back (you can technically push back yourself with reverse thrust, but that's a whole thing unto itself).
These are correct questions to ask, and it likely reveals the answer.
No Senator or representative can have a platform of repealing national security measures, especially if something goes wrong. But you can delegate the discretion to the associated federal agency, and the agency can choose to keep lowering the security threshold until there isn’t one again.
I don't disagree at all, but the natural incentives for those federal agencies are to grow and to do more and acquire more staff and budget, not to cut back.
Cynical best guess -
1. It's not a direct payout to Vanderlande, as that's a Dutch company owned by Toyota. So it's not some MIC cash for contracts which is the usual guess.
2. But, it's got a single big location in the US - Georgia specifically. I'd guess there's some boost to manufacturing there? Loudermilk as the pork maker would be my guess given the votes in that area, but you'd have to see who got this authorized.
Coming from Europe, this is so weird and confusing
We have normal security + fast track that business/flex ticket holders and passengers with airline status can use. Some European low-cost airlines also let you use it for a nominal extra fee
In the US you have this TSA precheck that you need to have an appointment to set up? But at EWR I also saw a private initiative called "CLEAR"?
But I was pleasantly surprised to see there was fast track for United "PremierAccess"/*G status holder – never seen that before in the US!
PreCheck reduces the intensity of the actual screening: walk-through metal detector instead of millimeter wave scanners, can leave your shoes on, keep liquids/laptops/etc in bags, and at airports with a mix of 2D X-ray and 3D CT scanners for baggage, the PreCheck lanes are more likely to have the older X-ray scanners.
The reduced scrutiny is the justification for the fingerprinting appointment background check. I haven't seen anything similar in Europe, but busy airports are far more likely to have an efficient security setup that can already cope with leaving liquids in bags and the like. Many US airports still have security checkpoints that look like temporary installations, with portable equipment--even when they're brand new redevelopments!
Usually, the queues are shorter for the PreCheck lanes, but this isn't guaranteed.
CLEAR replaces having an an agent compare your face to your ID with having a kiosk compare your biometrics. The real advantage comes from having a CLEAR employee then walk you past the queue to get by the normal ID checking podium.
You need both to get the guaranteed short queue and the less intense screening.
(And then there are the programs to expedite the immigration/customs process too, but at least those include PreCheck, so you don't need all three...)
> busy airports are far more likely to have an efficient security setup that can already cope with leaving liquids in bags and the like.
Rome FCO, winner of best airport of 2022, 10th busiest airport in Europe. Boarding a flight last month, I had a sealed San Pellegrino bottle, passed it through screening, I had no idea that wasn't allowed. They confiscated it. I requested to drink from the bottle before it is thrown, they said that was an option before it was screened and now it must go to the garbage.
It sounds like CLEAR is doing what Precheck promised to do? I refuse to get it because me paying money for them to do a background check and make their process more efficient is completely backwards.
What's going to happen when CLEAR becomes saturated and slows down -- a fourth tier of passenger?
CLEAR is more than ten times as expensive as PreCheck: $189/year vs $15.60/year. That's likely enough to keep the queues low.
PreCheck (or rather Global Entry at $20/year, which includes PreCheck plus immigration/customs priority) is worth the cost for me. I'm an immigrant, so the US has already done several checks into my background and has many, many copies of my biometrics already, so there's no additional privacy loss.
I could afford CLEAR, but the value just isn't there for me.
I personally think this is a really ideologically unsatisfying reason to hold off on paying for it. The system shouldn’t be this way - but it is, so you might as well make the best choice within that system.
Pre-check eliminates a big list of screening annoyances: the full body scanners that flag every drop of sweat for additional screening, the removal of shoes and laptops, the separation and bagging of your liquids, the non-citizens and infrequent travelers slowing down your line by getting extra screening and not knowing what to do.
Clear is a bad deal because it is expensive and doesn’t improve the screening process beyond pre-check, it just cuts an already-short line.
The biggest benefit of CLEAR is if you frequently travel through an airport with a lot of occasional-tourist visitors, like Orlando. Just skipping the line there might be worth it.
For others in this thred, as you note, longer lines in Precheck do not mean longer waits in general. Precheck travelers are overwhelmingly frequent flyers and know the routine.
Contra what some others have said, my experience is that almost everyone I know who has Precheck has it as a consequence of Global Entry or NEXUS. But I’m a doctor; healthcare people are subject to background checks and fingerprinting already, so the vast majority of my coworkers are already clean legally. One old simple drug possession is about all anyone will have, because otherwise they would have run you off before you enrolled in nursing or medical school.
CLEAR is different than Pre-Check. CLEAR is a pay-to-skip-line service.
You still need to be screened by security in the normal way. There is Pre-Check CLEAR and normal CLEAR, and you go to the one that matches your security level.
> What's going to happen when CLEAR becomes saturated and slows down
I have CLEAR. When I was in Seattle I saw a family of 5 trying to go through clear because the father was a member, and members get guest passes they can use to sign people up for a trial. It was an absolute mess, but the agents saw me and escorted me past the family. Because of how CLEAR is set up, you can usually handle 5+ people at once, and it's expensive enough it probably won't be saturated by everyone.
> a fourth tier of passenger
I fly a lot, and I think we've just about gotten enough Tiers haha. You have the "normal" pool for occasional people flying to see family or go on vacation. It's slow, the TSA agents have to explain to people how to queue correctly, and the line ends up out the door during busy times. In some airports, you can now reserve your place in line remotely. If you fly 1/yr, its probably fine though.
You have PreCheck, which I recommend to anyone who flies more than 1/yr. It can sometimes get a line during busy times, but it moves - it's probably exclusively people who "know how airports work" so it's orderly. It's also a simpler security protocol, so it's actually less time per person.
Then you have private lines that some airlines set up. TBH I've never used them, but my understanding is that you go through existing TSA, they're just private queues. IDK why you'd do this instead of just paying for PreCheck or CLEAR. I think it's often sold for ~$20 each use (or free with 1st class, etc).
You have CLEAR which is literally just paying to cut the line for PreCheck or Normal TSA. This would compete with the private airport lines. This is $200/yr so you really need to fly often to justify the cost. I have it and use it where available, but I don't miss if its its not there. I would go out of my way to find a pre-check line, but not CLEAR.
Lastly, if you're really fancy there are private security entrances at some airports, with private lounges and security checkpoints. These run in the $5k range, so they're really not for most people. The LAX one will drive you across the tarmac to your plane in a luxury car I'm told. I assume there's no line here ever.
So America already has 5 different tiers of passengers just for going through security depending on your wealth (and risk profile). I can only assume we've rung all the money out we can, and we don't need another yet.
> In the US you have this TSA precheck that you need to have an appointment to set up?
I think it's just a one-time appointment to get enrolled in precheck. While flying, you just select a different (in theory speedier) line.
"CLEAR" is weirder. They're a private company, for one; AIUI, they get you through the lines quicker, and they do the document check portion¹ of the TSA flow, but not the security screening; vs. the TSA Precheck will result in a lighter security screen portion. (They're expensive, so I've never considered them.)
¹the typical TSA flow is: 1) huge line, 2) "document check" where your boarding pass & ID are inspected, 3) small line, 4) baggage xray + (body scanner || pat down)
I prefer American screening. I was recently in Frankfurt and was very pleased to find they had a line for families with children, but then every single screen was equivalent to the screen you receive when you leave a water bottle in your luggage in the USA. Everyone was required to have a full on 2 minute conversation with the security agent, and children were screaming as they received intensive pat downs.
If you're going to have security theater, at least try and make it fast.
I grew up in Australia, and mostly pre-911. Took my girlfriend and her daughter there from the US recently. Worst part of screening was emigration/passport checking, outbound, at Sydney.
They've never traveled abroad, so I'm bringing them with me. There's a bunch of open gates. Agent says "Use the three gates" to us, "so it can be quicker".
We do.
Her daughter's passport is being problematic.
Agents are being unhelpful. They're more interested in berating us. The same one who spread us across three gates speaks witheringly and condescendingly to us, "This is why you need to go parent - child - parent." Took every ounce of restraint to not say "Then why did you tell us to do something different a minute and a half ago?"
Said kid is an intelligent 16 year old. There was actually an issue with the equipment, not her.
Ha, when I flew out of of Frankfurt to Italy, I just had to walk through a metal detector like it was 1998. So did every other person at that security terminal. Made me wonder why flying in America was not like that great experience
Net-net, shifting toward biometrics is good, but there are some very sharp corner cases.
Also, my toddler still has trouble telling my infant identical twins apart. I could see one of my identical twins denied boarding because "Sorry, but you're already on the other side of this security gate. If you'd like us to review this decision, please send registered mail to the nearest trash receptacle."
Edit: I almost forgot about my own travel facial recognition failure two weekends ago. United has some system that scans your face at the check-in counter, and uses facial recognition in lieu of scanning your boarding pass at the gate. I entered one gate. It didn't even seem to recognize there was a face there. The gate agent told me I was standing too close, and told me to back up. She then told me to try the other gate. Then she asked me to stand aside and she manually scanned my boarding pass. To be fair, I used to get the same response at bars when I was single. (I joke, but this really happened to me that a facial scan from a few hours prior wasn't recognized at the gate.)