Category Archives: Security and privacy

Airport insecurity

I am thinking a lot about security now, since a discussion last week on security in the 2.0 Enterprise – where the conclusion was that we need to get away from perimeter security and over towards something asset-based, i.e. securing what really matters and not faking security by having showy and inconvenient moats and drawbridges.

This funny but deeply serious article in The Atlantic takes on the example of airport security with all its symbols and holes. As Bruce Schneier (a real security expert) repeatedly has pointed out, hijackers can no longer get into the cockpit. Furthermore, passengers would attack hijackers on sight, rather than cooperate with them. Hence, the bluff that got the 9/11 hijackers in control of four airplanes will no longer work.

But we persist in implementing security that does little but increase the cost of flying, inconveniencing everyone, and, ironically, making flying (or, at least, turning up at the airport) less secure. As the article points out, the most dangerous place in the airport is where many people are waiting closely together in an unsecured area. In other words, in the security control line, perfect in case somebody wants to repeat the Lod airport massacre.