Categories: Uncategorized

Defeating airport security and getting frequent flyer points while you’re at it

A couple of MIT students have written a paper on how CAPS (Computer-Assisted Passenger Screening system, which got implemented shortly after September 11th) can be defeated. Thanks to Plastic for providing the title for this entry.

I’ve only had a chance to briefly skim it, but the paper, titled Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System, outlines a hole in the security system currently used in airports to prevent another September 11th from happening. CAPS tries to predict whether you’re a likely to be a terrorist based on data pertaining to your history of ticket purchases. If you fit the terrorist profile, you’re singled out for extra security checks. When you’re singled out, ti’s quite obvious, and therein lies the weakness of the system.

(I once probably set off every CAPS alarm; I wrote about it here.)

Here’s what the writers of the paper have to say:

This transparency is the Achilles’ Heel of CAPS; the fact that individuals know their CAPS status enables the system to be reverse engineered. You, like Simonyi, know if you’re carryons have been manually inspected. You know if you’ve been questioned. You know if you’re asked to stand in a special line. You know if you’ve been frisked. All of this open scrutiny makes it possible to learn an anti-profile to defeat CAPS, even if the profile itself is always kept secret. We call this the “Carnival Booth Effect” since, like a carnie, it entices terrorists to “Step Right Up! See if you’re a winner!” In this case, the terrorist can step right up and see if he’s been flagged.

The recipe for defeating CAPS is quite simple:

1. Probe the system. Send one of your agents to simply take a flight. On this run, the agent’s not supposed to do anything other than report whether or not CAPS flaged him or her.

2. If your agent was flagged in step 1, take that agent off your martyrdom candidates list. Reassign the agent to something else (perhaps recruiting and handing out propaganda at the local University campus). Repeat step 1 with another agent.

3. Repeat this process until you’ve got one or more agents who consistently eludes CAPS flags. These lucky dogs get the 72 virgins. Get them to give you the frequent flyer points they accrued; they won’t be needing them anyway.

4. Now send this squad on a mission with intent to harm, complete with weapons, explosives and cliched prepared statement. Since CAPS didn’t flag them last time, it’s likely they won’t be flagged this time. Await congratulatory greeting card from Osama.

The authors of the paper state that even although it seems counterintuitive, randomly selecting passengers for extra scrutiny is more likely to catch terrorists than CAPS.

It’s an interesting read, and although there’s a little math to wade through (although it’s not terribly complex; anyone who’s read The Cartoon Guide to Statistics should get it), most people should find it reasonably easy to follow.

Joey deVilla

Recent Posts

A special edition picdump for December 25, 2024

I’m enjoying exotic-to-me American cuisine (being Asian, I had a mashed-potato-deprived childhood) at Christmas dinner…

3 hours ago

If you’re in crisis on Christmas, remember 211 and 988

As the lyrics say, all is supposed to be merry and bright during the holidays,…

4 hours ago

Sunday picdump for December 22, 2024

It’s not just another Sunday, but the Sunday leading up to Christmas! It’s that time…

3 days ago

The guy behind the “They’re eating the pets” blood libel slurs speech, passes out onstage

Here’s wishing Alex Bruesewitz a speedy recovery — yes, he’s behind a racist lie that endangers…

1 week ago

Sunday picdump for December 15, 2024

Since it’s Sunday, it’s time for me to post the memes, pictures, and cartoons floating…

1 week ago