Given the proper motivation — and I guess, lack of moral compass — I’ve always felt that I’d make an excellent terrorist. I’m both devious and technically minded, giving me the skills to mastermind an audacious attack, and have a flair for the dramatic that would surely be useful in extracting the maximum emotional impact.
Just call me by my new nom de guerre: Goldy al-Ḩmār.
And so in the spirit of computer hackers who expose security flaws in an effort to make our devices and networks more secure, I’ve decided to offer my own services to the Transportation Security Administration, free of charge, in an effort to make air travel as absolutely risk free as humanly possible. I mean, clearly, if the imminent threat of terrorist attack is so great that we must now irradiate our children before allowing them to board a flight, then TSA can surely use all the help it can get.
Remember, the goal here is to eliminate all risk, no matter how improbable, and no matter how expensive, inconvenient or irradiating the means. With that in mind, my first tip to TSA is:
Eliminate Web Check-In.
Web check-in, in which you check in and print your boarding pass from home, has proven a huge convenience and time saver for tens of millions of passengers, not to mention a big money saver for the airlines. But it’s another 9/11 just waiting to happen.
Assume for a moment that the TSA’s limit on liquids, gels and aerosols is based on legitimate security concerns rather than pure fantasy. Currently, such substances must be in containers no larger than 3.4 ounces, and all such containers must fit in a single, one-quart, zip-locked bag per passenger. Now assume that the TSA is actually capable of scanning for such substances, rather than like, say, when I recently returned from Vegas and forgot to remove the very visible 750 ml bottle of water from the mesh enclosure on the outside of my backpack, only to have it pass through the x-ray machine without comment.
Well, assuming liquids are potentially dangerous, and assuming TSA is capable of consistently screening them out, web check-in creates the opportunity for a team of terrorists to individually carry through security, and combine on the other side, dozens of 3.4 ounce bottles of liquid explosive… without even buying tickets for each member of the cell!
See, TSA doesn’t actually scan the bar code on your boarding pass like they do before you board the flight, they just look to see if it’s for today, and whether the name matches the name on your ID. So all an enterprising group of liquid bombers has to do is print one boarding pass, capture the image, and photoshop it to create and print additional boarding passes for each member of the cell. No cost, and no need to tip off authorities that a bunch of people with dangerous sounding names are all traveling from the same airport on the same day.
And secreting through security large quantities of liquid (or individually innocuous looking parts for some easily assembled weapon) is just one of the many nefarious things a terrorist might achieve via the fake boarding pass scam. For example, a terrorist on the watch list could simply purchase a ticket in somebody else’s name, and then photoshop the name on the boarding pass to match his own ID; the airlines and TSA would have no idea that this terrorist was even flying!
So while web check-in may be a welcome time and money saving convenience, as long as there’s even a vague risk of it being used as part of a terrorist plot, TSA has no choice but to shut it down and go back to the old system where we all waited in line for hours to check in.
For if Goldy al-Ḩmār can imagine it, so too can the real terrorists. And can we ever be too safe?