Airlines do not belong at TSA checkpoints

I was flying out of BOS today. With CO dba UA having left Terminal A, there was no line for security, and I received a very professional and quick pat down (they've dispensed with the "back of the hand" pre-speech, apparently).

But before I even got to security, I was met with a Delta gate agent. She needed to check the size of my carryon. It fit. But I asked her: who cares about this, Delta or the TSA? Her answer: Delta. My reply: then you have no business here. If a Delta (or other airline) employee asks to check your bag at a TSA security checkpoint: you should certainly refuse. You pay a fee for every ticket for the government to ensure a safe flight (what they actually do, of course, is a mystery, but it's good security theater). This should not be an opportunity for the airlines to maximize revenue by cowing you in to paying to check your bags.

Here's the thing: the airline's own employees don't like it. At the gate, I was asked again to check my bag. "But I already did this at security." They said yeah, can you do it again. I half-complained, half-joked "you know, they really have no business doing this at the checkpoint." The gate agents' eyes lit up. She had me repeat that for everyone else in the boarding area. "You're completely right! Will you tell Delta?" she said? "I'm already planning to Tweet this" I told them.

Then I asked for an exit row seat. I'm a taller person and while I fit in coach seats, it's not that pleasant. "We only have a middle" she said, but then asked me to wait. If the last first class passenger didn't check in, that seat was mine. Wow. I used to be a Silver elite, but that lapsed when I didn't travel enough last year (and Delta's killed the mileage run anyway with qualifying dollars, not good for a cheapskate like me who loves a low price to a faraway city—I've flown to ANC for three days for $400).

Unfortunately for me, a guy in a suit came running up to the podium about four minutes later and claimed his seat. Oh well, I said, and ambled down to row 39 and scrunched in to the seat there. But I learned a couple important things:

• Gate agents like enforcing rules at security as much as you do. Which is "not very much."
• Gate agents can do anything. If you become their friend, whole worlds open up to you.

So, my knees are a bit sore, but I have a smile on my face.

The water bottle which could have blown up Logan

It's amazing what a walk-through metal detector can do. It can take a potentially lethal bottle filled with an unknown liquid and turn it in to water. Today, departing in Boston, I forgot to empty one of my water bottles. My bag was flagged, and the TSA "officer" found the offending item. My options were to relinquish the bottle to the TSA (which I didn't want to do) or to go out of security, pour out the water, and be rescreened.

This could have blown up
a security checkpoint.

Could I pour it in the waste basket an arm's length away? No. Why not? Because the bottle might contain an explosive liquid (even though it sure looked like water). 

Could I drink it? No. I joked that "then I might blow up" and the TSO agreed a little too seriously.

So, I took option number 3: I marched through the metal detector (Luckily, Terminal A at Boston rarely has their AIT scanners in use). Once we were through this magical force field, I wondered what the TSO, her gloved hand still holding this potentially lethal water bottle, might do. Obviously, on the airplane side of security, it could have burst in to flames. But having passed through this magical, magnetic force field, the possibly deadly liquid morphed in to a much more benign substance.

"Here ya go" she said, and handed me the bottle.

I was perplexed. Not 30 seconds before, this bottle had been so potentially dangerous that I could not touch it, and it could not be opened, lest it burst in to flames. Yet, 50 feet away, it was readily handed to me to pour in to a receptacle very similar to the one on the other side of security. And we hadn't even walked through an advanced imaging machine, but a simple metal detector.

This is your TSA at work.

Yes. I screwed up. I brought—gosh!—hydrogen dioxide through the scary security curtain. But, obviously, it was harmless; I was allowed to deposit it in to a trash can in between two crowded security lines, where it could have exploded and injured dozens. So what is it about the trash can on the in-security side of the airport that is so different (other than having fewer people congregating around it)? Why couldn't the TSA take the bottle and do me the favor of disposing of it? And who, in their right mind, wrote these kinds of regulations and thought that it made any sense?

What the TSA doesn't do (anymore)

A few years ago, in a great article about the foibles of the TSA, Bruce Schneier said that there were exactly two things since September 11 which made travel safer:

“Counter­terrorism in the airport is a show designed to make people feel better,” he said. “Only two things have made flying safer: the reinforcement of cockpit doors, and the fact that passengers know now to resist hijackers.” This assumes, of course, that al-Qaeda will target airplanes for hijacking, or target aviation at all. “We defend against what the terrorists did last week,” Schnei­er said. He believes that the country would be just as safe as it is today if airport security were rolled back to pre-9/11 levels. “Spend the rest of your money on intelligence, investigations, and emergency response.”

Very true. In the article, Schneier goes on to print fake boarding passes that he uses to gain access to the airport, circumventing millions of dollars worth of security with Photoshop and a $50 printer. He talks about how a potential terrorist would take advantage of the system:

[T]he terrorist uses a stolen credit card to buy a ticket under a fake name. “Then you print a fake boarding pass with your real name on it and go to the airport. You give your real ID, and the fake boarding pass with your real name on it, to security. They’re checking the documents against each other. They’re not checking your name against the no-fly list—that was done on the airline’s computers. Once you’re through security, you rip up the fake boarding pass, and use the real boarding pass that has the name from the stolen credit card. Then you board the plane, because they’re not checking your name against your ID at boarding.”

Well, that could be clarified as "they're not checking your name against ID at boarding anymore." For a couple of years after September 11, there was actually decent security in what Schneier calls the "security triangle." You purchased your ticket and the government checked your name against terrorist databases. You then printed out your boarding pass at a kiosk at the airport—or obtained it from an agent, who checked your ID. In either case, spoofing the paper stock and font of the pass is not something simple to do at home. Finally, your ID was checked both at the security checkpoint and at the gate when you boarded, so you couldn't use a fake boarding pass (and real name) to get through security and then discard it for the real pass at the gate. Circumventable? Probably. But difficult.

Within a year, two provisions of this, the proprietary printing and the gate searches, were dropped. Airlines encouraged at-home printing (it saves them money on ink and paper) and gate searches were quietly discontinued (which sped plane boarding). And a huge loophole was opened for anyone who could reasonably use Photoshop to spoof a name. A few airports are now installing systems which read your phone or ticket's QR code or bar code and display the actual name, which again is very hard to spoof. But for nine or ten years, we've had no real security going through the airports, despite the TSA's scribbling and the best radiation money can buy. And I can't imagine these systems, which have bar code reader and display, actually cost $100,000 each. Maybe that includes the initial cost of the building the back end. But give the TSA some iPhones and some coders a few grand and you'd probably have a handheld system in hours. (I'm a big-government liberal, and this pisses me off to no end!)

I would surmise, however, that spending the hundreds of millions we've spent on MMW and Backscatter radiation would be better spent on intelligence, as Schneier contends, and that we could check everyone's ticketed name against their ID for a small fraction of that sum. But try telling that to the Blue Shirts.

Happy holidays from TSAstatus.net

Last year at this time, I was getting ready for a trip to the airport. On a weeklong romp through the Midwest* this site "went viral" and TSA statuses came pouring in. Thanks to you, they haven't stopped. We're on pace for 150 this month, or so. Thanks for submitting. A year ago this site was built on some basic HTML, a home server that kept crashing and a moderately ugly, but usable, design. We've kept the design. The rest is updated. The structure is probably not optimal, but it works. And I can give thanks for that.

So, as we head to the new year, year 2 of TSA status, keep the statuses coming, keep the information up-to-date, keep the notes succinct and keep me laughing as I glance down the page. But, most of all, help your fellow passengers navigate the silliness that is the TSA.

Thanks!

Ari

* I spent successive nights leading up to the trip, and then beyond, in Twin Mountain, N.H., Newton, Mass., Hayward, Wis., Duluth, Minn, Saint Paul, Minneapolis and Chicago. Needless to say, by the Windy City I was spent.

How long does it take to get through airport security?

You can help us find out. We've recently added an optional feature where you can enter the time of day you pass through a checkpoint and how many minutes you wait in line. Why? Well, why not! We have a bunch of submissions, and as I was waiting in security the other day, I thought to myself, man, wouldn't it be nice to build a database of how long these lines are? It would. Let's do a quick pro/con analysis:

Cons:

• The site becomes a bit more cluttered with entry boxes for these data. 
• The site wavers from it's core mission.

Pros:

• The site can, perhaps, collect data showing that x-ray machines create longer lines (which might themselves be good targets for "evil doers") and more of a headache for all. 
• We've had people ask us to put in a "time" field so that they can see if security is or is not being used at certain times—this is an included feature (and may show that certain machines are turned on and off at certain times of day. 
• It will allow people who don't like wasting their time sitting waiting for planes to get a better idea of how early they have to arrive at the airport. 
• It may attract new site users who will update the checkpoint status (which is required of all posts)
• It might even be fun!

So, since I think the pros outweigh the cons, and had several hours to mess around with code on the plane (and, thanks to GoGo, test code live), it's in place. It's optional, but we hope you'll use it.

*NB: If you do report wait times, please report only the time from when you first got in line to when you got through the WTMD, but not time spent waiting for a secondary pat-down. If you want to note which line you went through (elite/regular) use the notes column for that.

Update: apparently the TSA used to provide this information, but no longer does (i.e. the links to that page are kaput).

Not TSA Status related

But our lovely Senators want to pass the Stop Online Piracy Act, which won't stop online piracy but will affect legit websites. Probably not TSA Status. But, still. Jesus. Go here to fight back (since you're already fighting back against the TSA).

An attempt to explain the "turn off your devices" rule

We've all been there. The plane taxis back from the gate. Something important happens on the internet! You scroll down your mobile device when suddenly a stern-looking flight attendant tells you that the device can't be used during take-off and landing, and can only be used with transmission disabled later in the flight. When you've been told it's okay. Because, apparently, it could cause the plane to fall from the sky.

Apparently not. As this Times blog post points out, no plane has ever dropped from the sky due to the use of a mobile device. Ever. Many mobile devices have come in to existence since these rules were put in to place, but all are banned. (And why can you use a cell phone but not a laptop during post-landing taxi when the two technologies are quickly converging?) The best reason anyone can offer that this ban exists is that there is no evidence that electronic gadgets can't interfere with a plane. But, of course, the same study found that there is no evidence that they can. In fact, the FAA doesn't even have (pdf) a set list of devices they ban, but they leave it up to the airlines.

Obviously, this is a large load of horse hockey. I've frequently not only not turned off my device, but actively used it. Here are some examples:

• In June of 2008, I was on a flight from DEN to MSP which was delayed, allowing me to listen to some of the Celtics-Lakers finals game being played (my father played the radio in to a cell phone which I held to my ear away from the aisle). We finally took off during the fourth quarter, at which point I was able to carry the cell phone call through about 4000 feet. The Celtics won. The fellow next to me appreciated the score updates; the woman across the aisle gave me a stare of death. The airplane flight was without any consequence.
• The next year, I was flying over a friends' house approaching the airport. I sent a text message to that effect. The plane landed safely.
• I never power down my computer. I simply put it to sleep.
• In 2010, I used Google Voice to dial in to a conference call through GoGo inflight, which was forbidden by GoGo but worked like a charm with Google Voice. So there goes the "they don't want people having conversations" argument.
• I've recently been using an iPhone speedometer app to see how fast planes are traveling when they take off and land. It doesn't work so well at high altitudes. But it hasn't yet crashed a plane.

And every time I fly, I try to think of new ways to subvert this rule. I never take the battery out of my wristwatch (which certainly could crash a plane!). Maybe next time I'll turn on my headlamp to see what happens (probably a plane crash) or bring a transistor radio (crash-tastic). A few years ago I had a pilot dial up the local Boston Red Sox affiliate and play AM radio over the in-flight entertainment system until the signal was lost (Channel 9 on United is quite versatile). And the plane arrived at it's destination unscathed.