Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

LA Airport Uses Random Numbers To Catch Terrorists

CmdrTaco posted more than 6 years ago | from the better-than-searching-me-whenever-i-have-a-beard dept.

Math 321

An anonymous reader writes "Los Angeles International Airport (LAX) is using randomization software to determine the location and timing of security checkpoints and patrols. The theory is that random security will make it impossible for terrorists to predict the actions of security forces. The ARMOR software, written by computer scientists at the University of Southern California, was initially developed to solve a problem in game theory. Doctoral student Praveen Paruchuri wrote algorithms on how an agent should react to an opponent who has perfect information about the agent's choices."

cancel ×

321 comments

Sorry! There are no comments related to the filter you selected.

Security Through Obscurity! (4, Funny)

he1icine (512651) | more than 6 years ago | (#20800855)

Sorry it had to be said.

Re:Security Through Obscurity! (5, Insightful)

Entrope (68843) | more than 6 years ago | (#20800933)

Quite the opposite. The bit about strategies given "perfect knowledge" by the opponent assumes that any information about practices or techniques could leak out. Given that, it seems obvious that the proper response is to determine an appropriate level of coverage, and then implement a randomized search pattern that conforms to those constraints. The security is not through obscurity but through a smaller window for discovering and exploiting the search pattern.

PAGE-LENGTHENING AND PAGE-WIDENING POST!!! (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#20800949)

But a big man cannot stay drunk very long on three dollars. That was Sunday morning, and Monday night Captain Taco came home, sober and sick, realizing that he had spent every cent the family owned, and had not bought a single instant's forgetfulness with it.

Cathleen Vent was not yet buried; but the police had been notified, and on the morrow they would put the body in a pine coffin and take it to the potter's field. Cowhand Neil was out begging now, a few pennies from each of the neighbors, to get enough to pay for a mass for her; and the children were upstairs starving to death, while he, good-for-nothing rascal, had been spending their money on drink. So spoke Hemos, scornfully, and when he started toward the fire she added the information that her kitchen was no longer for him to fill with his phosphate stinks. She had crowded all her boarders into one room on Cathleen Vent's account, but now he could go up in the garret where he belonged--and not there much longer, either, if he did not pay her some rent.

Re:Security Through Obscurity! (4, Insightful)

brusk (135896) | more than 6 years ago | (#20800977)

Actually it didn't. In some ways this sounds like the opposite of security through obscurity. I'd feel more secure with a system whose entire workings was public knowledge, but that was still effective enough to be difficult to penetrate. Randomness is a great way of doing that. You may know, as a potential attacker, how the system is set up, but if you don't know where the people and equipment will be the best you can do is take an informed risk. It also makes it harder to do things like purchase information about the system: it's little use to bribe a guard for the schedule if he doesn't know it until he starts his shift (and then may only know his first task, not the remainder of his schedule).

To my mind, security through obscurity would be setting up a very complicated schedule, then overconfidently assuming that an attacker won't figure it out. There are lots of cases where randomness increases security (e.g. random strings as passwords).

Contratulations!! You're number 3225 (0, Troll)

Max Littlemore (1001285) | more than 6 years ago | (#20801087)

And seeing as you're not wearing a tea towel-you're allowed to enter1

You, number 3226, are wearing a tea towel with menace! you are an enemy of the united states of Amiracle and will die in gitmo!

Re:Contratulations!! You're number 3225 (1)

foobsr (693224) | more than 6 years ago | (#20801239)

Anyone with a towel will be arrested at gunpoint by default; we all can imagine how deadly a weapon a wet towel [towel.org.uk] can be in hand-to-hand-combat.

CC.

Re:Security Through Obscurity! (5, Insightful)

Hangtime (19526) | more than 6 years ago | (#20801099)

There is a difference between Security Through Obscurity and disguising the strength, numbers, and routines of your forces by trying to nullify patterns in your behavior. People pick up on patterns very quickly. Patterns makes it easy to train, equip and ultimately be successful when addressing fluid, complex situations. If I know that once I see people streaming from one platform I have 30 seconds before the next train arrives I have an advantage.

By truly randomizing protocols, I can no longer plan for one or two specific scenarios but must be ready for hundreds. This increases the time, energy, and manpower it takes me to prep and execute a mission. In fact, if I can't bank on the fact that there will NOT be a canine unit to take my plastic through security I may change my approach and try to work from a stand-off position rather then a close-end. This makes it easier for security because I can fortify and create choke points in and around my perimeter.

Security Through Obscurity relies on your ability to hide something alone (hiding a key) versus what this is (moving the key every 4 hours and randomizing the patrols in and around the key). There is quite a bit of difference between the two.

Re:Security Through Obscurity! (5, Funny)

Anonymous Coward | more than 6 years ago | (#20801213)

So, to be exact, the security staff is going to play DnD?

Staff sergeant: "Ok, Ralph" *rolls dice* "you are going to move 4 feet to the left."

Re:Security Through Obscurity! (1)

Sczi (1030288) | more than 6 years ago | (#20801379)

Lol, interesting twist. Maybe "Security through obscurity, done right!" would have prevented the sarcasm-impaired responses.

Government vs Commercial (5, Interesting)

mulhollandj (807571) | more than 6 years ago | (#20800861)

I read a fascinating article in the Freeman comparing train security, mostly privately done, with airports security, done by the government. The key difference was that when it was done commercially the inconvenience to customers was quite minimal. On the other hand when the government runs it, it is very inconvenient for customers. Why do you think this is?

Re:Government vs Commercial (2, Insightful)

speaker of the truth (1112181) | more than 6 years ago | (#20800905)

I don't know. However first we must look at the sampling done by the article and determine if it was a valid sample that would produce non-biased results. Then we need to look at the numbers themselves and see if they were interpreted correctly (involving both layman and well known mathematicians who are either known to offer non-biased results or enough mathematicians that represent both biases towards the government and towards commercial companies). Only then can we know if the results are correct and even begin to ascertain the reason behind them.

Re:Government vs Commercial (2, Insightful)

JackMeyhoff (1070484) | more than 6 years ago | (#20800917)

Airport security done by the government? It's all private companies here.

My $2 opinion. (Weak dollar) (5, Insightful)

iknownuttin (1099999) | more than 6 years ago | (#20801085)

I think it's because there is very little, if any, accountability that the Government employees have to worry about. They can be as rude and obnoxious as they like becuase they know that even if you navigated the bureaucracy to complain, it would just be recorded somewhere and nothing would be done about it. Just look at what the folks who are mistakenly put on the "no-fly" or "extra screening" lists go through. Even a powerful Senator (Kennedy D-MA) had a problem getting off of the list. Or the nun who had to call in a favor with Carl Rove to get off of the list.

The only time I've heard of a Gov. employee getting fired was because they let someone go through with a weapon.

Then there are the stewardesses. Since 9/11 you'd think someone anointed them in Flight Goddesses. Complain about something and the next thing you know, you're being taken away in hand cuffs.

Because of a few jerks in the world, flying has become just one big bullshit hassle. Which, for my own sanity, I refuse all jobs that require travel - bills be damned! Of course now with all the screening software, a bad credit rating will get you a second look by the TSA.

I may have to move to Vermont.

Re:My $2 opinion. (Weak dollar) (1)

b0s0z0ku (752509) | more than 6 years ago | (#20801095)

Of course now with all the screening software, a bad credit rating will get you a second look by the TSA.

I thought that NO credit data would be more worrisome to them -- evidence of a manufactured identity. I suppose bad credit would make you more likely to help terrorists for money, but in the case of suicide attackers, it's pretty doubtful any sane person would.

-b.

Re:Government vs Commercial (3, Interesting)

mspohr (589790) | more than 6 years ago | (#20801139)

Train security??? Where do they have train security? I've traveled on trains in France, Italy, Germany, Switzerland, Czech republic and never had any kind of security inspection.

I live is Switzerland and we don't have any noticeable train security. They may be some security cameras but the only 'security' I see are the conductors and they are usually friendly and just want to see your ticket. BTW, the trains are very safe, too. No terrorists and very few accidents.

Re:Government vs Commercial (2, Informative)

Anonymous Coward | more than 6 years ago | (#20801251)

"BTW, the trains are very safe, too. No terrorists and very few accidents."

Apparently you didn't read the news in 2004.

http://en.wikipedia.org/wiki/2004_Madrid_train_bombings [wikipedia.org]

Or the news in 1998.

http://en.wikipedia.org/wiki/Eschede_train_disaster [wikipedia.org]

Why, I think you are wrong! (3, Funny)

rolfwind (528248) | more than 6 years ago | (#20801177)

Only GOVERNMENT run security gives me free colonoscopies while I fly. Not only do I save a trip to the doctor, I ensure I stay in good health.

Re:Government vs Commercial (0)

Anonymous Coward | more than 6 years ago | (#20801489)

Oddly enough, I read an article in the "I Love Big Government" monthly which stated exactly the opposite. Ever think that the libertarian viewpoint of that publication might have something to do with the article.

And as others have noted, "security" on trains in the U.S. seems to amount to nothing more than presenting a photo ID when buying your ticket.

Government vs Commercial, or Train vs. Airplane? (3, Informative)

Ambitwistor (1041236) | more than 6 years ago | (#20801593)

I read a fascinating article in the Freeman comparing train security, mostly privately done, with airports security, done by the government. The key difference was that when it was done commercially the inconvenience to customers was quite minimal. On the other hand when the government runs it, it is very inconvenient for customers. Why do you think this?
You mean this article [fee.org] ?

It's comparing apples and oranges, as far as I can tell. It describes private security companies and "posses" pursuing known perpetrators in the 19th century. This is essentially police work, and is a quite different issue from preventing unknown threats from boarding in the first place. It claims that going after criminals is better than screening large numbers of non-criminals. Well duh, the problem is to find out who the criminals are, in a way that safely prevents them from carrying out whatever acts they're trying to carry out.

The article also says the private companies also sent guards on trains to foil robberies and such. Well, that's what federal air marshals are for. We've already got those. The article appears to be arguing that we just need the air marshals, and don't need any airport screening. Well, that's debatable, but as far as I am concerned, it doesn't have much to do with private vs. government security.

I think the situation with train robbers vs., say, suicide bombers is quite different. The article gives an example of train robbers who threatened to blow up the train if they weren't allowed to escape. Well, that's quite different from a guy who intends to die with everyone else: he's got no reason to negotiate. If you let him on with a bomb, you've already lost, unless you're really, really counting on those air marshals or helpful passengers (a la Richard Reid). It's a harder security problem.

Finally, the article says that the railroads booted troublemakers off the premises instead of letting them board the trains. It also says that federal law prohibits airlines from doing the same. I don't understand this; I've certainly read news stories about suspicious passengers being removed from planes, and of course TSA can prevent them from boarding in the first place.

Now, I am not trying to argue in favor of draconian airport screening, but I think the differences between security against train robbers and security against airline terrorists have more to do with the completely different settings and goals, rather than private vs. government administration of the security measures.

Re:Government vs Commercial (1)

enrevanche (953125) | more than 6 years ago | (#20801639)

This has nothing to do with government vs private industry. This is because the "provider" of security is not related to the provider of the actual product. Besides, there are just too many differences, including the perceived threat, to even consider a simple comparison.

This is also used by the government to keep you in fear of a terrorist attack.

Behind the scenes in Homeland Security... (5, Funny)

StandardCell (589682) | more than 6 years ago | (#20800865)

[Tour of Accounting] Accounting Troll: "Over here we have our random number generator" Number Generator Troll: "Nine Nine Nine Nine Nine Nine" Dilbert: "Are you sure that's random?" Accounting Troll: "That's the problem with randomness: you can never be sure"

Re:Behind the scenes in Homeland Security... (4, Funny)

smallfries (601545) | more than 6 years ago | (#20800959)

On a similar vein:

int numCheckpointsToday()
{
          return 0; // This is a random number chosen by a fair method
}

(With apologies to xkcd).

Doesn't Microsoft hold patents on that? (3, Funny)

jkrise (535370) | more than 6 years ago | (#20800869)

They've been using that technique to identify and fix bugs in Windows... even incorporated that into Excel 2007 multiplication recently.

Re:Doesn't Microsoft hold patents on that? (1, Informative)

JackMeyhoff (1070484) | more than 6 years ago | (#20800939)

actually the Excel bug was a rendering bug, the actual calculated value was correct, to prove this, take the output that is visually wrong in the cell and use in a further calculation. You will the result is correct.

Re:Doesn't Microsoft hold patents on that? (4, Informative)

jkrise (535370) | more than 6 years ago | (#20801005)

actually the Excel bug was a rendering bug, the actual calculated value was correct, to prove this, take the output that is visually wrong in the cell and use in a further calculation. You will the result is correct....

Wrong! It is random, actually. It's right there in the summary of the /. artice:

"Suppose the formula is in A1. =A1+1 returns 100,001, which appears to show the formula is in fact 100,000... =A1*2 returns 131,070, as if A1 had 65,535 (which it should have been). =A1*1 keeps it at 100,000. =A1-1 returns 65,534. =A1/1 is still 100,000. =A1/2 returns 32767.5."
So it's just not a simple rendering bug... on random ocassions, it calculates further using the faulty value.

Re:Doesn't Microsoft hold patents on that? (5, Funny)

JackMeyhoff (1070484) | more than 6 years ago | (#20801025)

Somebody ban him for actually reading an article

Re:Doesn't Microsoft hold patents on that? (0)

Anonymous Coward | more than 6 years ago | (#20801047)

You must be banned for not even reading the post you are replying to. He quoted the summary, not even the article itself. Shame on you.

Re:Doesn't Microsoft hold patents on that? (1)

JackMeyhoff (1070484) | more than 6 years ago | (#20801073)

Isn't that normal around here?

Re:Doesn't Microsoft hold patents on that? (1)

ptbarnett (159784) | more than 6 years ago | (#20801525)

So it's just not a simple rendering bug... on random ocassions, it calculates further using the faulty value.

No, it's still a rendering bug. The occasions that it appears to calculate further using the faulty value is actually when it still triggers the rendering bug.

From http://blogs.msdn.com/excel/ [msdn.com] :

Of the 9.214*10^18 different floating point numbers that Excel 2007 can store, there are 6 floating point numbers (using binary representation) between 65534.99999999995 and 65535, and 6 between 65535.99999999995 and 65536 that cause this problem. You can't actually enter these numbers into Excel directly (since Excel will round to 15 digits on entry), but any calculation returning one of those results will display this issue if the results of the calculation are displayed in a cell.

Re:Doesn't Microsoft hold patents on that? (1)

644bd346996 (1012333) | more than 6 years ago | (#20801549)

No, it doesn't calculate using the faulty value. It just looks like it does because (in the examples you quoted) the result is also within the range of values that triggers the rendering bug.

Re:Doesn't Microsoft hold patents on that? (1)

75th Trombone (581309) | more than 6 years ago | (#20801575)

"Random occasions?" Have you ever been to a math class on any grade level?

Two of your three "random occasions" don't change the number. Numbers don't change when you multiply or divide by one, remember? So there's no reason to expect the rendering to change when the underlying number doesn't change.

Your first "random occasion" still obviously yields a number in the "close to 65,535" range, which is what triggers the bug in the first place.

The grandparent post may not have been strictly correct in all circumstances, but you knew (or should have known) what he meant, and your statement that the bug presents "randomly" shows a complete lack of understanding of the bug and possibly of basic math (or else you just didn't read what you pasted).

Patents. Something free as in piss software can n (-1, Troll)

Anonymous Coward | more than 6 years ago | (#20801275)

Patents. Something free as in piss software can never have

What if the US just doesn't piss other people off? (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#20800907)

Hey, I've got an idea! What if the US government just stops meddling in the affairs of other nations? And most importantly, perhaps they should stop killing innocent civilians in places like Iraq and Afghanistan. Murdered relatives would tend to get people riled up.

Re:What if the US just doesn't piss other people o (2, Interesting)

speaker of the truth (1112181) | more than 6 years ago | (#20800953)

Hey, I've got an idea! What if the US government just stops meddling in the affairs of other nations?
Its amusing to hear people spout this line and then hear them decry America's inaction in Dafur. Which is it people? Do we meddle or not? Because at the moment we're going to be lambasted no matter what we do.

Re:What if the US just doesn't piss other people o (0)

Anonymous Coward | more than 6 years ago | (#20801015)

What's going on in Darfur is not America's business. Thus there is no question about America's involvement there, as we already know the answer: none.

Re:What if the US just doesn't piss other people o (1)

speaker of the truth (1112181) | more than 6 years ago | (#20801055)

Aaah, well at least you're consistent. Good to see you think genocide isn't the business of the just and free.

Re:What if the US just doesn't piss other people o (0)

Anonymous Coward | more than 6 years ago | (#20801103)

If it's happening in America, then it's America's business. If it's happening in Africa, it's not America's business, and thus America should not be involved.

Re:What if the US just doesn't piss other people o (0)

Anonymous Coward | more than 6 years ago | (#20801161)

it's not America's business

Unless theres oil or some way to profit from death.

Re:What if the US just doesn't piss other people o (2, Interesting)

OeLeWaPpErKe (412765) | more than 6 years ago | (#20801307)

Exactly ... if a muslim government chooses to make it policy to kill blacks, we should all remain silent. After all defending blacks is racist ... or was it attacking muslims ?

We should simply attack islam. After all it is against human rights, against democracy and against just about everything else we stand for.

Re:What if the US just doesn't piss other people o (3, Insightful)

thegnu (557446) | more than 6 years ago | (#20801067)

Its amusing to hear people spout this line and then hear them decry America's inaction in Dafur. Which is it people? Do we meddle or not? Because at the moment we're going to be lambasted no matter what we do.

Well, I'll bet that oftentimes it's different people saying the two different things. And in cases where it's the SAME person, we have inaction in Rwanda during a genocide, inaction in Congo during a Genocide, and action in Iraq so that there would be an easy cover for laundering money.

Does anyone have any real number on what percentage of the cost of the war is contracts with private companies? Because we saved lots of money on body armor, armored vehicles, and training for the troops. We can certainly expect to see the same frugality in the area of private contracts, I'm sure.

The government paying private contractors does not constitute privatization.

Re:What if the US just doesn't piss other people o (5, Interesting)

pokerdad (1124121) | more than 6 years ago | (#20801443)

Its amusing to hear people spout this line and then hear them decry America's inaction in Dafur. Which is it people? Do we meddle or not? Because at the moment we're going to be lambasted no matter what we do.

Try Googling these two phrases lifted from your comment "America's inaction in Darfur" and "US government just stops meddling in the affairs of other nations". The first page of each I think is very telling. One is full of American websites, the other is full of foreign websites.

I think this is representative of who you are hearing - two different groups, one composed of Americans and the other composed of the peoples you are meddling with.

(before someone rips into me, I am not expressing any opinion about Darfur, just pointing out that probably the people screaming the loudest for American action in Darfur are Americans. I know that here in Canada I have never heard anyone suggest it is an American problem; every person who brings it up wants the Canadian government to take action)

Re:What if the US just doesn't piss other people o (0)

Anonymous Coward | more than 6 years ago | (#20801123)

Better than that, they should not lie about it. This smokescreen bullshit of "jealous of our freedom" is trotted out all the time and I am sick of it, cheifly by the biggest tyrant of all: Bush and his cronies. America should face facts, you helped arm Saddam, the Tabliban and countless other authoritarian regimes. Could it not be like the OP suggested you just pissed off a few too many people??

Post AC because this will get modded down to hell.....the truth hurts

Ya, the truth does hurt (1)

nurb432 (527695) | more than 6 years ago | (#20801377)

Now, try telling some truth.

You don't understand fanatical jihadis, do you? (0)

Anonymous Coward | more than 6 years ago | (#20801143)

Nor do you understand the concepts of dar al-Islam and dar al-Harb.

Your only options as a kaffir are (1) convert to Islam, (2) submit to Islam by becoming a dhimmi, or (3) death, preferably in a Quranic manner by a sword through the neck. (Yes, there is a reason why all those hostages get beheaded - it's in the Quran...)

After Islam conquers the entire world, there will be peace throughout the ummah.

And there won't be any gays like there are in the US...

Re:You don't understand fanatical jihadis, do you? (0)

Anonymous Coward | more than 6 years ago | (#20801247)

Nor do you understand the concepts of catholic church

Your only options as unbeliever are (1) convert to catholicism, (2) submit to catholic church by giving them your oil, or (3) death, preferably by being 'smart' bombed

After catholic church conquers the entire world, there will be peace throughout the world.

And there won't be any gays like there are in the Iraq...

Sucks when reality invades your fantasyland, eh? (0)

Anonymous Coward | more than 6 years ago | (#20801363)

Why don't you go outside, look up, come back in, and tell us what color the sky is on the planet you're on? Because it sure as shit ain't blue wherever you're posting from.

I must have really touched a nerve there, for you to start posting made-up crap like that. Because you know what I posted wasn't made up at all, hence your over-the-top emotional response.

Because what I posted isn't made up.

Islam murders homosexuals.

Islam prohibits women from getting an education.

Islam promotes honor killings of women who have been raped.

Islam encourages genital mutilation of women.

All that's on top of jihadis going out to get their 72 virgins for murdering as many kaffirs as they can.

So, despite your facile claims regarding the Catholic Church, "72 virgins" is not the ethical equal of "turn the other cheek". Your lame attempt at moral equivalence is ridiculous, you fucking sheltered idiot.

Re:You don't understand fanatical jihadis, do you? (1)

El Torico (732160) | more than 6 years ago | (#20801409)

I don't recall seeing oil storage yards or weapons platforms the times I visited Vatican City. That must be one big underground bunker beneath St. Peter's.

Re:You don't understand fanatical jihadis, do you? (0)

Anonymous Coward | more than 6 years ago | (#20801535)

And there won't be any gays like there are in the Iraq...

I thought that the proper term for US "war fighters" was "queer"?

wily terrorists (3, Funny)

sentientbeing (688713) | more than 6 years ago | (#20800913)

wily terrorists can easily defeat this lame attempt at security.
 
All they have to do is predict these random numbers ahead of time... Using a dice.

Re:wily terrorists (5, Funny)

Nibbler999 (1101055) | more than 6 years ago | (#20801427)

Let's hope they roll 3 doubles.

Re:wily terrorists (1)

Technician (215283) | more than 6 years ago | (#20801669)

All they have to do is predict these random numbers ahead of time... Using a dice.

I had trouble at the local casino. 1 They noticed my random number generator. 2 I had trouble getting my random number generator in sync with their seed and key. I didn't have enough data to brute force the key.

Discovery Institute is mad. (2, Funny)

140Mandak262Jamuna (970587) | more than 6 years ago | (#20800923)

They are going to create a huge grassroots information and education campaign against this. They believe the security should intelligently designed and should not depend on random chance of security people and the bad guys coming together.

Elementary (2, Insightful)

RAMMS+EIN (578166) | more than 6 years ago | (#20800929)

Randomize checking so that an attacker can't predict the next check and avoid it? That's what I would do, too. Can I be a high-paid security consultant now?

Probably not. It probably takes more nerve and marketing skills than I have to stand up and demand the world for what is essentially an elementary idea that anybody who thinks about the issue should come up with.

Not elementary! (4, Informative)

Ambitwistor (1041236) | more than 6 years ago | (#20801433)

Randomize checking so that an attacker can't predict the next check and avoid it? That's what I would do, too. Can I be a high-paid security consultant now?
The point is not that the strategy is random, but that the randomization is optimized to be robust against an adversary who knows what your randomization scheme is. That's what the game theory [wikipedia.org] is for: it's a classic mixed strategy [wikipedia.org] .

Remember, there are many ways to be random: check area X Y% of the time; perform check W Z% of the time, etc. What should Y and Z be? How do you balance the occurrence of Type I and Type II errors? [wikipedia.org] Some strategies are better than others: there's a reason why game theory was invented.

Try reading the study [usc.edu] ; the results are not trivial.

What happens if... (3, Funny)

XxtraLarGe (551297) | more than 6 years ago | (#20800931)

The terrorists start using a random number generator too?!?

Re:What happens if... (1)

phorwich (909601) | more than 6 years ago | (#20801347)

Next thing you know, the terrorists will be using printf();

set of locations? (4, Interesting)

nathan.fulton (1160807) | more than 6 years ago | (#20800937)

"Part of it is to look for patterns in the deployment of assets. We're trying to block the surveillance cycle by making the security patrols appear in unpredictable places at unpredictable times."

If you figure this is a sizable force, and that all of them use the randomization software, four years worth of recon (TFA gave that as a time period for pre-strike operations) ought to give the terrorist enough information to know where these "random points" are. I mean, there has to be a defined set of locations somewhere in the program, they can't just be using coordinates. Imagine, a security guard climbing into an oven at the pizza place at the airport because "a computer told him to" (and the following lawsuits.)

How do they account for the fact that there will always be an area that these security forces don't patrol because no one told the computer that the place exists.

Anyone know how they manage telling the computer which places exist?

Re:set of locations? (1)

Entrope (68843) | more than 6 years ago | (#20801081)

If the security patrols teleport instantly from one checkpoint to the next, your complaint might be significant. Most patrols I have seen move smoothly (in a mathematical sense) between points, which means that they will be at intermediate points in space at intermediate points in time. It's not hard to set checkpoints so that viable attack paths must cross one or more patrol paths -- the randomized patrol path and timing can be easily constrained to do that.

(In more detail: Enumerate building corners, junctions, important infrastructure, and other places that you can see a wide area, potential weaknesses or hiding spots. Record the expected time to travel between any pair of those points that you want to use in the randomized patrols. Stitch together several random walks through the graph. Use your favorite optimizer to ensure the collection of patrols meets whatever constraints you have for coverage. For bonus points, analyze a number of outputs to identify bias or weakness, and remove those problems.)

Re:set of locations? (2, Insightful)

Hangtime (19526) | more than 6 years ago | (#20801197)

If you have done it right you may give your security a general location and each patrol has an area within the airport so that they are all covered. Individuals have different patterns for searching. So if I have to watch 12 different teams that are all different in terms of who makes up those teams its going to make my job a lot tougher in pentrating. Maybe one person looks at this area, but another doesn't. If I can't bank on that person who does a crappy job being there when I want them to be there well I have to use a different approach or take a risk...oops canine unit came today, Abort.

To use your analogy but maybe a little more likely scenario, send security into the area behind the Starbucks kiosk. Why you ask? The problem is your trying to defend an infinite number of points while your enemy only needs one approach to win. Creating additional scenarios for them to plan for makes their job much more risky and much more complex. Randomness is your enemy when you're trying to plan and your friend when your trying to protect.

Re:set of locations? (1)

tomhudson (43916) | more than 6 years ago | (#20801581)

"..oops canine unit came today, Abort."

And there's your weakness exposed. To penetrate, just keep trying until conditions are right, because you know eventually you'll "get lucky."

It makes no difference. (1)

Eevee (535658) | more than 6 years ago | (#20801439)

It's up to the security forces to determine which points need to be visited, not the computer. The computer only schedules the time to visit the predefined points. The patrols either go to their patrol points on a regular schedule or they go on this new random schedule. In both cases, the places covered are the same--the new method is neither better nor worse than the current method.

Re:set of locations? (2, Informative)

Ambitwistor (1041236) | more than 6 years ago | (#20801629)

If you figure this is a sizable force, and that all of them use the randomization software, four years worth of recon (TFA gave that as a time period for pre-strike operations) ought to give the terrorist enough information to know where these "random points" are.
You're missing the point. The analysis assumes that the terrorist already knows that information anyway. The adversary is assumed to have perfect information about the randomization strategy, where the checkpoints are, etc. Then a randomization strategy is designed to minimize failures even in light of this information.

How do they account for the fact that there will always be an area that these security forces don't patrol because no one told the computer that the place exists.
That is a better point, but we don't know whether there have been lapses in specifying the layout of the airport. (Of course, there will always be security holes that nobody has thought of at all, but obviously it is hard to guard against those with ANY security method.)

Not a bad idea over all (3, Interesting)

Sycraft-fu (314770) | more than 6 years ago | (#20800941)

While you certainly want to have some things that are purely consistent (for example all bags being X-rayed, all passengers having to pass through a checkpoint) randomness to additional security can work quite well. There are some things that are either too expensive (like additional patrols) or too time consuming (like manual bag searches) to conduct all the time, every where. Well, if you make it truly random when and where they happen, it makes it the kind of thing that is impossible to get around. While there's no guarantee it catches something, it just generally increases the risk to those who want to do mischief. They can't wait and watch and figure out how to beat your system as there just isn't any way. All they can do is hope that they aren't in the wrong place at the wrong time.

As it is DHS involved, I fully expect them to fuck it up and apply it wrong, but having some truly random security is a good way to make things generally more difficult, even to an adversary with a lot of resources to try and find a weakness.

Re:Not a bad idea over all (1)

PaddyM (45763) | more than 6 years ago | (#20801665)

Yeah, hopefully the terrorists haven't been planning to attack something other than planes like they did in 1993. The only way this would work is if the TSA showed up anywhere. As in one day they were in my neighborhood. The next day they were watching a football game.

Protect obscure targets instead of real ones? (-1, Troll)

pla (258480) | more than 6 years ago | (#20800965)

to determine the location and timing of security checkpoints and patrols.

Great, another brilliant idea from the Department of Homeland Terror.

So now, instead of only annoying us, these checks will annoy us and leave other areas vulnerable...

"Yeah, the 4th floor bathroom checked out okay 27 times before breakfast, but a group of heavily-armed guys went unchallenged as they climbed the perimiter fence and boarded a transatlantic flight. Oops, our bad."

Protect game targets instead of real ones? (0)

Anonymous Coward | more than 6 years ago | (#20801013)

"Yeah, the 4th floor bathroom checked out okay 27 times before breakfast, but a group of heavily-armed guys went unchallenged as they climbed the perimeter fence and boarded a transatlantic flight. Oops, our bad."

Maybe they should use the same AI games use? The enemies in those always seem able to find me.

Re:Protect game targets instead of real ones? (1)

speaker of the truth (1112181) | more than 6 years ago | (#20801107)

That's because there are dozens of guards just for you. In reality there are hundreds of you for every guard.

Re:Protect obscure targets instead of real ones? (1)

Ambitwistor (1041236) | more than 6 years ago | (#20801659)

So now, instead of only annoying us, these checks will annoy us and leave other areas vulnerable...
Other areas are already vulnerable. The point is to maximize security with limited resources: how do you organize spot checks with a finite number of guards, cameras and people to watch them, etc.

Obviously, if was feasible to guard everywhere at all times, there would be no need for such a scheme.

"Yeah, the 4th floor bathroom checked out okay 27 times before breakfast, but a group of heavily-armed guys went unchallenged as they climbed the perimiter fence and boarded a transatlantic flight. Oops, our bad."
That's a nice strawman, but no reasonable security strategy is going to put a heavy emphasis on checking a particular bathroom while totally ignoring perimeter security. If you want to attack this scheme, you have to show that there's a better strategy which operates using the same resources. You don't even know what their strategy is. Making up some stupid strategy and suggesting it's similar to what they're really using is not very honest.

but I thought terrorists can only be caught with (0)

Anonymous Coward | more than 6 years ago | (#20800967)

racial profiling?!?

America whew! PATRIOTS!!!!

THESE COLORS DON'T RUN! never forget!

Randomization of security (2, Interesting)

Z00L00K (682162) | more than 6 years ago | (#20800969)

is only one component that can be used. A perfectly regular timing is never good when doing security checks. But then - it may be even better if the security checks appears to be regular done by uniformed personnel and then random by plain clothed personnel.

However - security checks are still only one component. For example today's airport buildings are largely a huge open place which means that maximum effect may be obtained outside any security checkpoints today. By reducing the queues to check-ins and building compartments the effective radius of an attack will be contained to a much smaller area.

A theoretical method would be to do image analysis and pattern analysis of behavior, but since the behavior pattern varies much from person to person it will create a large number of false alarms.

It would surprise me... (0)

Anonymous Coward | more than 6 years ago | (#20800971)

If this software was NOT using rand()

Re:It would surprise me... (0)

Anonymous Coward | more than 6 years ago | (#20801351)

Good point. There have been successful hacks [cigital.com] of sites that have relied on poorly designed RNGs.

The C runtime library does not mandate a particular RNG implementation, but at one time there was a "suggested" or sample implementation that was widely adopted by compiler vendors, but is now considered lame.

Re:It would surprise me... (1)

tomhudson (43916) | more than 6 years ago | (#20801619)

Speaking or random number generators - the Keno machines at the Montreal Casino were originally defective (bad clock batteries) so that every day, when they were started, they would generate the same sequence of numbers. At least one guy made out like a bandit over that "bug". The Quebec government sued to try to get "their" money back.

If they want a REALLY random generator, they should attach an EEG to Bush's head (or would that just give a flat line ...?)

So.. (2, Insightful)

madsheep (984404) | more than 6 years ago | (#20801057)

Yea, hate to say it, but does this randomize button.. randomly put these checkpoints near a group of middle eastern people? :D

Can't they just throw a dice? (1)

Joce640k (829181) | more than 6 years ago | (#20801075)

Why does this need special (and I'm guessing incredibly expensive) software?

They could even throw them publicly so the naughty people can see them doing it. It'd be fun to watch.

Pretty Useless ... (3, Insightful)

butlerdi (705651) | more than 6 years ago | (#20801119)

You can not fight someone who is going to blow themselves up. I would think that airplanes probably no longer matter. If you get through fine, if not blow yourself up in a crowded terminal. Probably get more folks that was as well.Especially when so many virgins and good shit is at stake.

The chance of getting blown up (even if you believe the shit ol w and the ol boys say about all the foiled plots) is still less than traveling by car.

Sounds trivial (1)

Hurga (265993) | more than 6 years ago | (#20801153)

Is it patended already?

Star Trek episode about this (0)

Anonymous Coward | more than 6 years ago | (#20801175)

Star Trek: The Next Generation, episode 47 (2.21)

Data could not beat a humanoid expert in a particular
strategy game, so he ultimately played randomly, just
to frustrate him.

Re:Star Trek episode about this (1)

KokorHekkus (986906) | more than 6 years ago | (#20801285)

No that's wrong. He changed his strategy from trying to win to just playing for a draw.

I remember it differently (1)

davidwr (791652) | more than 6 years ago | (#20801295)

I remember he played for a draw.

Re:Star Trek episode about this (0)

Anonymous Coward | more than 6 years ago | (#20801299)

actually he played to draw and not to win. he didnt play randomly.

Re:Star Trek episode about this (1)

Blublu (647618) | more than 6 years ago | (#20801381)

Actually, he simply changed his objective, so instead of trying to win, he would try to prolong the game as long as possible. This enabled him to give up strategic expansion opportunities in favor of strengthening his position. Or something like that.

Smart, really smart (3, Insightful)

sumnerp (1017130) | more than 6 years ago | (#20801181)

So, in order to improve airport security you give "vast amounts" of classified data about airport security to a collection of grad students to input into a program that produces allegedly randomized output. Yes, I see nothing wrong with that; I'd never have thought to do it that way, smart really smart

Re:Smart, really smart (2, Informative)

Ambitwistor (1041236) | more than 6 years ago | (#20801677)

So, in order to improve airport security you give "vast amounts" of classified data about airport security to a collection of grad students to input into a program that produces allegedly randomized output.
Uh, there are plenty of grad students with security clearances: they work on classified research projects, like this one. You think you can't have a clearance if you are a student or something?

Or do you think there's something wrong with giving classified data to people with security clearances, just because they're also grad students?

Makes sense (1)

pilsner.urquell (734632) | more than 6 years ago | (#20801195)

Randomness is often used in statistical process control along with probability theory in the manufacturing industry to determine when a produce is going out of tolerance. Random sampling is just one of a half dozen or so methods currently in use [wikipedia.org] in SPC.

However, only time will tell is this will work or if the TSA has the discipline to use it correctly or if it is even suited for the task.

Just like cards (1)

phorwich (909601) | more than 6 years ago | (#20801201)

Anyone who is successful at Texas Hold 'em intuits this.

Kinda scary... (1)

atamyrat (980611) | more than 6 years ago | (#20801225)

So computers started to give commands to the security forces?

Robotic Nation, by Marshall Brain [marshallbrain.com] , if you haven't read it yet.

clearly.. (1)

middlemen (765373) | more than 6 years ago | (#20801229)

clearly the security is lax at LAX.

I know which game (1)

Swampash (1131503) | more than 6 years ago | (#20801265)

initially developed to solve a problem in game theory

Yeah, I played "Paranoia" back in the pen-and-paper RPG days too.

Help Homeland Security! Homeland Security is your friend!

So, why am I the one that is always... (1)

JackMeyhoff (1070484) | more than 6 years ago | (#20801293)

.. RANDOMLY chosen for an extra security check?

Solve the wrong problem, with maths (2, Interesting)

xmedar (55856) | more than 6 years ago | (#20801345)

It doesnt address the biggest threats -

1. MANPAD attack on a plane from outside the airport.

2. Suicide bomber in a nice big truck full of explosives running into the terminal.

3. Suicide bomber with implanted bomb blowing up a plane.

So it is solving the wrong problem, it's like solving the occupation of Iraq by escalating the troop numbers.

Why not? (4, Funny)

mmell (832646) | more than 6 years ago | (#20801365)

They apparently already use a random number generator to determine when flights will leave.

Game theory (1)

koutkeu (655921) | more than 6 years ago | (#20801385)

I hope he didnt use some algorytm from FPS shooter AI. Path finding and AI in game is probably the most lacking domain of games. I would rather see human security behavior in my game instead for better gaming experience.

Read the analysis here (3, Insightful)

Ambitwistor (1041236) | more than 6 years ago | (#20801447)

I believe this [usc.edu] (PDF file) is a draft of the study being discussed in TFA, or at least is closely related research.

Stupid and ineffective. (1)

Lumpy (12016) | more than 6 years ago | (#20801483)

They treat terrorists as if they were highly skilled and intent for one target only. They are not. They go in with a desired target but will take any target they can get. Cant get on your plane to blow up? fine blow the hell out of the low end security rent a cops that stopped you, you'll take them out as well as a good chunk of the win and cause as much panic as the plane exploding.

want to make it more effective? instead of being cheap bastards hire 30X the forced you need, if you see tons of patrols in the airport openly carrying machine guns you wont try anything, but almost all Americans would flip out. slamming random travellers against the walls and searching them without warning will also be even more effective. if you ask the terrorist can pull the trigger and blow you to hell.

NOBODY expects... (1)

313373_bot (766001) | more than 6 years ago | (#20801529)

...the Spanish Inquisition^W^W Homeland Security!

(with apologies to the Pythons)

*yawn* (1)

hack slash (1064002) | more than 6 years ago | (#20801569)

The idea is a good one - how many hollywood films have you seen where the secret agent/bad guy has managed circumvent security guards & systems because work like clockwork.

But really, using the "catch terrorists!!!" bandwagon? how many terrorists do airports catch a day anyway?

Rock Scissors Paper (1)

Arthur B. (806360) | more than 6 years ago | (#20801591)

You can play that game randomly. If you do that, then you cannot be beaten but on average you won't beat your opponent either. If you don't, then if your strategy is known you can be beaten, if its not you may have an edge. It seems they went with the first strategy. I think overall it is wise but theoretically they could have a superior secret deterministic strategy.

A solution looking for a problem? (1)

AtariDatacenter (31657) | more than 6 years ago | (#20801681)

Great! They've got an all too clever way to catch terrorists!

Now... if only there were some terrorists around.
(Hey you! What are those wires? Stop now or I'll blow your brains out!)

It was first used by the terrorists (0)

Anonymous Coward | more than 6 years ago | (#20801689)

The success of 9/11 was mainly due to the element of surprise, nobody expected that.
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>