Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
From: Major Variola (ret) [EMAIL PROTECTED] Sent: Dec 21, 2004 10:20 PM To: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004 At 02:16 PM 12/20/04 -0500, John Kelsey wrote: No doubt a real intelligence agent would be good at getting through this kind of screening, but that doesn't mean most of the people who want to blow up planes would be any good at it! You really continue to understimate the freedom fighters, don't you? (The first) King George did the same. Maybe so. It's clearly added cost to the attackers--they have to select not just the subset of volunteers willing to blow themselves up on the plane, but the subset of *those* who can also keep cool under rapid-fire questioning of their cover story. The attackers probably have to either spend a lot of time rehearsing their cover stories, or have to keep their cover stories very close to their actual lives and interests, which makes profiling easier. Both of these cut way down on the total pool of attackers available. My assumption is that national intelligence agencies can probably afford to do this--they can probably filter through a lot more possible candidates to get field agents who can handle a cover story well, for example, since they can hire openly, rather than quietly recruiting from madrassa students or something. Their training facilities can be centralized and stay in one place, rather than being a camp in the desert somewhere that has to be abandoned frequently, and they can develop a lot of expertise in training people to survive intensive questioning without fumbling their cover story. --John
Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
At 02:16 PM 12/20/04 -0500, John Kelsey wrote: No doubt a real intelligence agent would be good at getting through this kind of screening, but that doesn't mean most of the people who want to blow up planes would be any good at it! You really continue to understimate the freedom fighters, don't you? (The first) King George did the same.
Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
From: Major Variola (ret) [EMAIL PROTECTED] Sent: Dec 21, 2004 10:20 PM To: [EMAIL PROTECTED] [EMAIL PROTECTED] Subject: Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004 At 02:16 PM 12/20/04 -0500, John Kelsey wrote: No doubt a real intelligence agent would be good at getting through this kind of screening, but that doesn't mean most of the people who want to blow up planes would be any good at it! You really continue to understimate the freedom fighters, don't you? (The first) King George did the same. Maybe so. It's clearly added cost to the attackers--they have to select not just the subset of volunteers willing to blow themselves up on the plane, but the subset of *those* who can also keep cool under rapid-fire questioning of their cover story. The attackers probably have to either spend a lot of time rehearsing their cover stories, or have to keep their cover stories very close to their actual lives and interests, which makes profiling easier. Both of these cut way down on the total pool of attackers available. My assumption is that national intelligence agencies can probably afford to do this--they can probably filter through a lot more possible candidates to get field agents who can handle a cover story well, for example, since they can hire openly, rather than quietly recruiting from madrassa students or something. Their training facilities can be centralized and stay in one place, rather than being a camp in the desert somewhere that has to be abandoned frequently, and they can develop a lot of expertise in training people to survive intensive questioning without fumbling their cover story. --John
Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
At 02:16 PM 12/20/04 -0500, John Kelsey wrote: No doubt a real intelligence agent would be good at getting through this kind of screening, but that doesn't mean most of the people who want to blow up planes would be any good at it! You really continue to understimate the freedom fighters, don't you? (The first) King George did the same.
Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
The difference here is that Bad_Guy is visiting the country for the first time. Now, there are fewer questions to ask. But that's a common enough situation that the questioners are going to be ready for it. And I bet a lot of the point of their questioning is just to see if they detect signs of stress where they expect to. If you are a smart person who does something like this 20 times a day, you'll soon get a really good feel for when something odd is going on. Also, any kind of in-depth questioning is likely to uncover a lot of fraudulent claims. If I say I'm a chemical engineer, it's not going to take much depth of knowledge for the questioner to find out I don't know things any chemical engineer would know, for example. (It wouldn't be hard to come up with some computerized system for pulling up lists of questions like this. Like, someone says he's Catholic, and you ask him who was born without sin as a direct result of the immaculate conception, or ask him to say a Hail Mary.) So this might force you to tell more of the truth, which makes it easier to profile you. And this is all physical / procedural security. You're not building an unclimbable wall, you're building lots of challenging speedbumps. No doubt a real intelligence agent would be good at getting through this kind of screening, but that doesn't mean most of the people who want to blow up planes would be any good at it! Sarad. --John
Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
The difference here is that Bad_Guy is visiting the country for the first time. Now, there are fewer questions to ask. But that's a common enough situation that the questioners are going to be ready for it. And I bet a lot of the point of their questioning is just to see if they detect signs of stress where they expect to. If you are a smart person who does something like this 20 times a day, you'll soon get a really good feel for when something odd is going on. Also, any kind of in-depth questioning is likely to uncover a lot of fraudulent claims. If I say I'm a chemical engineer, it's not going to take much depth of knowledge for the questioner to find out I don't know things any chemical engineer would know, for example. (It wouldn't be hard to come up with some computerized system for pulling up lists of questions like this. Like, someone says he's Catholic, and you ask him who was born without sin as a direct result of the immaculate conception, or ask him to say a Hail Mary.) So this might force you to tell more of the truth, which makes it easier to profile you. And this is all physical / procedural security. You're not building an unclimbable wall, you're building lots of challenging speedbumps. No doubt a real intelligence agent would be good at getting through this kind of screening, but that doesn't mean most of the people who want to blow up planes would be any good at it! Sarad. --John
Re: Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
--- R.A. Hettinga [EMAIL PROTECTED] wrote: At 11:41 PM -0600 12/14/04, Bruce Schneier wrote: The theory is that eventually the defender will reach the end of his memorized story, and that the attacker will then notice the subtle changes in the defender as he starts to make up answers. Not necessarily. The difference here is that Bad_Guy is visiting the country for the first time. Now, there are fewer questions to ask. The idea is Mr.Bad_Guy gives minimal information there by restricting the questions that can be asked. Its just that the Bad_Guy should be trained to give out least information. That way there is no need to remember hundreds of answers. Sarad. __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250
Israeli Airport Security Questioning Re: CRYPTO-GRAM, December 15, 2004
At 11:41 PM -0600 12/14/04, Bruce Schneier wrote: Security Notes from All Over: Israeli Airport Security Questioning http://www.schneier.com/blog/archives/2004/12/security_notes.html In both Secrets and Lies and Beyond Fear, I discuss a key difference between attackers and defenders: the ability to concentrate resources. The defender must defend against all possible attacks, while the attacker can concentrate his forces on one particular avenue of attack. This precept is fundamental to a lot of security, and can be seen very clearly in counterterrorism. A country is in the position of the interior; it must defend itself against all possible terrorist attacks: airplane terrorism, chemical bombs, threats at the ports, threats through the mails, lone lunatics with automatic weapons, assassinations, etc, etc, etc. The terrorist just needs to find one weak spot in the defenses, and exploit that. This concentration versus diffusion of resources is one reason why the defender's job is so much harder than the attackers. This same principle guides security questioning at the Ben Gurion Airport in Israel. In this example, the attacker is the security screener and the defender is the terrorist. (It's important to remember that attacker and defender are not moral labels, but tactical ones. Sometimes the defenders are the good guys and the attackers are the bad guys. In this case, the bad guy is trying to defend his cover story against the good guy who is attacking it.) Security is impressively tight at the airport, and includes a potentially lengthy interview by a trained security screener. The screener asks each passenger questions, trying to determine if he's a security risk. But instead of asking different questions -- where do you live, what do you do for a living, where were you born -- the screener asks questions that follow a storyline: Where are you going? Who do you know there? How did you meet him? What were you doing there? And so on. See the ability to concentrate resources? The defender -- the terrorist trying to sneak aboard the airplane -- needs a cover story sufficiently broad to be able to respond to any line of questioning. So he might memorize the answers to several hundred questions. The attacker -- the security screener -- could ask questions scattershot, but instead concentrates his questioning along one particular line. The theory is that eventually the defender will reach the end of his memorized story, and that the attacker will then notice the subtle changes in the defender as he starts to make up answers. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'