Notes from our travels across a mysterious world.

Category: Security

Sorry, still no match

U.S. to fingerprint E.U. visitors:

Visitors from European nations traveling with visas or visa-free to the United States will soon have to give 10 digital fingerprints when entering the country, a senior U.S. Homeland Security official said Monday.

Let’s see, the last time I had my fingerprints taken by a digital scanner owned by the U.S. government, it took 30 minutes and continual rewetting of my fingertips because the system was having trouble matching the individual prints to a ten-print scan. Since that was in April, and the machine was fairly new and expensive, I doubt the technology used in the various points of entry has any reason to work much more consistently. I wonder how they plan on handling the extra delays?

Maybe we can work this into some kind of marketing slogan: “Europeans are lining up to get into the United States!”

The Ohio Backup Plan

You know that Ohio state government data storage device, containing the personal information of hundreds of thousands of people, that was stolen from an intern’s car? You ever wonder why that kind of information would be in an intern’s car? Well, the Associated Press explains:

Under protocol in place since 2002, a first backup storage device is kept at a temporary work site for a state office along with the computer system that holds all the employee information, and a second backup device is given to employees on a rotating basis to take home for safekeeping, officials said.

That reminds me: I need to go and put my backup drives in their customary location in the old hollow tree out back.

Measuring threats

Bruce Schneier blogs about the reaction on the part of police to some backpacks hung on a tree.

Personally, I wouldn’t argue that treating backpacks on a tree as possible bombs is an overreaction in this case. It isn’t as if we haven’t seen bombs in backpacks. Admittedly, it seems unlikely someone wanting to commit a terrorist act would hang them in a tree, but that’s a fine line to tread.

However, it did bring to mind one thing that has been bothering me for the last couple of days, and that is the assumptions we make about security, rather than using something akin to common sense. If a danger fits a profile currently popular with the public, it seems to be automatic to assume any situation that comes close to that profile must be a danger. As a result, you end up not being able to leave anything unattended in Boston, take pictures of public works facilities, or put your hand near your waistband in a poor neighborhood without taking the risk it will trigger someone’s sense of danger due to a scenario they have already constructed in their head.

We don’t know the details from yesterday’s shooting at Virginia Tech. I’m sure psychological warning signs, police response, gun laws will be debated thoroughly. However, one thing that struck me about what happened was the original assumption that the two deaths at the dormitory were not necessarily an immediate campus-wide problem because it could have been domestic in nature. Perhaps so, if it had been a murder-suicide, but without direct evidence of that what you’re left with is that someone has a gun, has used it to kill people, and you don’t know who or where he is.

In hindsight, it’s easy to say better decisions could have been made, but that’s only with hindsight. I don’t think the VT Police, or anyone else involved, were somehow unique among human beings, and that anyone else would necessarily have done anything differently. And that’s what’s bothering me…those same assumptions would have been likely no matter who was handling it.

It’s natural to build these scenarios when you’re dealing with possible dangers. It helps you keep focused on likely threats and more prepared to react to them. However, between attention and reaction lies a decision, and we hope the decision is a reasoned one. Relying too much on internal scenarios — or formalized standard operating procedures, for that matter — is inevitably going to lead to unreasoned decisions and misdirected reactions. That seems more understandable the less time is given for making the decision, but conversely less understandable the longer you have to think about it.

Thinking about risk doesn’t necessarily require statistics. Sometimes it just requires common sense:

Backpacks hung in a tree next to a school? Seems odd, but due to the risk to people and the fact you can’t see into them should be investigated.

Little printed circuit boards with flashing lights? Really unlikely to explode. Low risk.

Gift-wrapped boxes? Still seems unlikely, given the attention-grabbing nature of the packaging.

Person is running down a dark street toward you from the scene of a crime and seems to have a gun? High risk.

Possible domestic dispute ends in homicide, with an armed perpetrator who may or may not be running around on a campus of 25,000 students? Right there you’ve printed a license for “overreaction.” It doesn’t matter if your head is telling you it was a one-time event; the proven risk still exists as long as you don’t have the person who did it sitting in front of you.

What would I have done? Heck, I might have made exactly the same decisions on a given day, but that doesn’t mean I would have been making decisions based on anything besides the scenarios I had built in my own head…not logic, not evidence. And that bothers me.

Update: Well, it looks like they did think they had the suspect at the time. It seems odd that the original press conferences described a search for a person of interest over the course of that time, rather than having someone in custody, but if they had a person in custody I can see how they thought it was over.

Update, again: More background on the domestic homicide assumption, plus more information about Cho Sueng-Hui.

© 2021 The Phantom City

Theme by Anders NorenUp ↑