>From - Sat Mar 02 00:57:22 2024
Received: by 10.35.124.20 with SMTP id b20mr9846039pyn.5.1201564705644;
Mon, 28 Jan 2008 15:58:25 -0800 (PST)
Return-Path: <jm..._at_tscm.com>
Received: from swip003.ftl.affinity.com (lvs00-fl-swip003.ftl.affinity.com [216.219.253.13])
by mx.google.com with ESMTP id a28si850917pye.0.2008.01.28.15.58.24;
Mon, 28 Jan 2008 15:58:25 -0800 (PST)
Received-SPF: neutral (google.com: 216.219.253.13 is neither permitted nor denied by best guess record for domain of jm..._at_tscm.com) client-ip=216.219.253.13;
Authentication-Results: mx.google.com; spf=neutral (google.com: 216.219.253.13 is neither permitted nor denied by best guess record for domain of jm..._at_tscm.com) smtp.mail=jm..._at_tscm.com
Received: from [70.22.212.205] ([70.22.212.205]:44295 "EHLO Raphael.tscm.com")
by swip003.ftl.affinity.com with ESMTP id S475535AbYA1XSY convert rfc822-to-8bit
(ORCPT <rfc822;T..._at_googlegroups.com>);
Mon, 28 Jan 2008 18:18:24 -0500
Message-Id: <7.0.1.0.2.20080128175326.232ee008_at_tscm.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.1.0
Date: Mon, 28 Jan 2008 18:11:51 -0500
To: TSCM-L2006_at_googlegroups.com
From: "James M. Atkinson" <jm..._at_tscm.com>
Subject: TSA tester slips mock bomb past airport security
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"; format=flowed
Content-Transfer-Encoding: 8BIT
I think that AP or anther outlet should
commission a small group of say 25 security
experts (5 per flight, for 5 flights) to
demonstrate that we are no more secure today as we were in 2001.
Everything would be done perfectly legally of
course, and it would be totally outside
government circles, (or more accurately performed
outside of what TSA is expecting or able to spin
control). No actual threat or breaching of the
rules would take place, but simulating the pwnage
of five or six commercial aircraft is quite simple.
y'all interested?
-jma
http://www.cnn.com/2008/US/01/28/tsa.bombtest/index.html
TSA tester slips mock bomb past airport security
CNN goes along with a TSA tester, witnesses mock bomb slip past security
Tests such as one in Tampa, Florida, are conducted at airports nationwide
Transportation Security Administration typically keeps test results classified
By Jeanne Meserve and Mike M. Ahlers
CNN
Editor's note: CNN's Jeanne Meserve and producer
Mike M. Ahlers recently went along with a
Transportation Security Administration official
on an undercover test of airport screeners. Here
is what they witnessed. CNN agreed not to disclose the name of the tester.
TAMPA, Florida (CNN) -- Jason -- that's the name
CNN was asked to call him -- slides a simulated
explosive into an elastic back support. The mock
bomb is as slim as a wallet; its fuse, the size
of a cigarette. He wraps the support around his
torso, and the bomb fits comfortably into the small of his back.
It's hard to tell he's concealing anything;
harder still when he dons a black T-shirt and a maroon golf shirt.
Then, with CNN's cameras in tow, Jason heads to
Tampa International Airport, where he'll try to
sneak the fake explosive past security screeners.
Jason, a covert tester for the Transportation
Security Administration, has been probing airport
weaknesses for five years, beginning with big
mock bombs before switching to ever smaller
devices as the TSA adapts to evolving terrorist
threats. Watch the tester slip past security ยป
As jobs go, this one comes with its own unique
set of satisfactions and tribulations. Jason
wants to succeed at his task -- and he wants to
fail. Success is a measure of his stealth, hewn
by 40 years in law enforcement. But failure is
satisfying too, because it means airport
screeners are growing more adept at detecting threats.
So Jason -- looking every bit the middle-aged man
on an uneventful trip to anywhere -- shows a
boarding pass and an ID to a TSA document
checker, and he is directed to a checkpoint
where, unbeknown to the security officer on site, the real test begins.
He gets through, which in real life would mean a
terrorist was headed toward a plane with a bomb.
To be clear, the TSA allowed CNN to see and
record this test, and the agency is not concerned
with CNN showing it. The TSA says techniques such
as the one used in Tampa are known to terrorists
and openly discussed on known terror Web sites.
Even before the September 11, 2001, terror
attacks, government agencies deployed "red teams"
such as this one to look for holes in airport
security. The tests have resulted in a torrent of
reports criticizing the government for failing to
staff, train, manage and equip properly the
screener work force, which numbers 43,000.
While test results are classified and rarely leak
out, those that have been disclosed typically
don't inspire confidence. In tests conducted in
2006 and disclosed to USA Today last year,
investigators successfully smuggled 75 percent of
fake bombs through checkpoints at Los Angeles
International Airport, 60 percent through
Chicago's O'Hare International Airport and 20
percent at San Francisco International Airport.
The TSA has disputed some test methodologies and
test results. But instead of running from tests,
the agency has embraced the idea that testing has
a value that goes beyond measuring the performance of individual screeners.
Tests,the TSA says, can show systemwide security
vulnerabilities. When used frequently -- as was
the case with San Francisco in 2006 -- they can
heighten screener awareness. Tests can show areas
that need increased attention. And tests can be
used to determine whether terrorist plots
uncovered by intelligence agencies or being
discussed on terrorist Web sites are lunatic rants, or are plausible.
As a result, the TSA says it believes its work
force is the most tested in the federal
government, with checkpoint drills of various
sophistication occurring in every checkpoint at every airport daily.
Almost an hour before Jason approached the
checkpoint, a fellow red team member had gone
through the checkpoint. It's this member's job to
make sure the test is conducted safely.
Five minutes before the test begins, he uses a
cell phone to call Tampa's federal security
director, the airport's top security official.
"Sir, the reason we're calling today is to tell
you that we will be conducting covert testing at
your airport," the red team leader says. "But I
would ask that you not speak to anyone on your
staff to alert them of this test."
The message is clear: Don't tell anyone. Testers
say they will scratch a test if they believe
anyone has been alerted. The TSA was embarrassed
several years ago when word of one test leaked
out, and an internal auditor is investigating other possible leaks.
But in Tampa, everything goes smoothly as Jason
steps through the metal detector portal. The
detector alarm goes off, as Jason expects it to,
not because of the nonmetallic device strapped to
his back but due to his metal knee.
It's the perfect tool for ensuring he gets to
"secondary," where more extensive searches are conducted.
Soon Jason is in a posture familiar to air
travelers. He is standing, legs apart, with his
arms extended. A screener "wands" him with a
hand-held metal detector, and it beeps as it
passes his metal knee, his necklace and the rivets on his bluejeans.
The screener then pats him down, running
latex-gloved hands over Jason's legs, arms and
torso. And he pats down Jason's back, including
the lower part where the device is concealed.
But Jason explains away the back support. He
tells the screener that he has a bum back in addition to having a metal knee.
With the patdown over, the screener releases
Jason. He picks up his belongings and walks
freely into the airport, the fake bomb still fastened to his back.
TSA officials say the Tampa test demonstrates the
type of systemic vulnerability that the agency is
working to expose and address.
Screeners have cultural sensitivities toward
travelers' handicaps, and they are sometimes
hesitant to perform intrusive searches, officials
said. Terrorists could exploit that reluctance, they said.
The TSA screener could have used other relatively
unobtrusive means to check Jason's back brace. But he didn't.
After leaving the screening checkpoint, Jason
returns with other members of his red team and
informs the screener he has failed a test. A fake
bomb has just entered their airport.
The screener appears devastated.
The reaction is common, says Jason, adding that
notifying screeners of failed tests can be the toughest part of his job.
On occasions, he says, testers have appeared
indifferent. In those rare instances, Jason says,
he gets "nasty," stressing the importance of the
tests. The stakes are too high to tolerate indifference.
Regardless of their reactions, screeners who fail
to detect contraband are "pulled off the line"
and retrained before being allowed back.
The test CNN witnessed was conducted by the TSA's
Office of Inspection, which the agency calls the
most sophisticated of its covert tests. But there are others.
For starters, every TSA X-ray machine has a
Threat Image Projection system, which digitally
inserts images of guns, knives and bombs into the
X-rays of luggage, to keep screeners alert. This
system library contains "tens of thousands" of
images, said TSA spokesman Christopher White.
If screeners observe a suspicious object, they
can check with the simple click of a computer
mouse. If they detect a threat object, the
computer congratulates them. Successes and
failures are recorded for use in a screener's
performance evaluation and are factors in determining pay.
Some 69,929 threat image tests are conducted on
an average day, or more than 25 million tests per
year. An array of other tests also are conducted
to assess screeners, including the red team ones.
The TSA declines to give test results, which are
classified. But it says the agency is getting
better at finding bomb parts. And test scores
won't demonstrate that, it says, because as
success rates improve, tests are made more difficult.
"We're designing our tests not so much to
indicate or to show or highlight performance,"
says Dave Holmes, who runs the Office of
Inspection, "but we're highlighting where the vulnerabilities exist."
The elaborate test at the Tampa airport, Holmes
says, is not to identify individuals performing
below par. It's intended to provide data that,
together with other information, will reveal the whole system's performance.
Back at the Tampa checkpoint, a member of Jason's
red team is holding court with a group of
screeners, including the one who missed the fake bomb.
"Today ... was a scrimmage," the red team leader
says. "Every day, every time a passenger is
coming through -- that is game day."
----------------------------------------------------------------------------------------------------
World Class, Professional, Ethical, and Competent Bug Sweeps, and
Wiretap Detection using Sophisticated Laboratory Grade Test Equipment.
----------------------------------------------------------------------------------------------------
James M. Atkinson Phone: (978) 546-3803
Granite Island Group Fax: (978) 546-9467
127 Eastern Avenue #291 Web:
http://www.tscm.com/
Gloucester, MA 01931-8008 E-mail: mailto:jm..._at_tscm.com
----------------------------------------------------------------------------------------------------
We perform bug sweeps like it's a full contact sport, we take no prisoners,
and we give no quarter. Our goal is to simply, and completely stop the spy.
----------------------------------------------------------------------------------------------------
Received on Sat Mar 02 2024 - 00:57:22 CST