Feeds

The Houston Airport Rangers

Perimeter security. On horseback

  • alert
  • submit to reddit

Security for virtualized datacentres

Opinion Want to help fight terrorism? Want to be able to stop and detain suspicious characters? Or do you just want to ride your horse on ten miles of trails normally closed to the public? Then you might want to join the George Bush Intercontinental (IAH) Airport Rangers program. That's right. Just fill out a form and undergo a background check, and you too can become a front-line fighter as Houston's airport tries to keep our nation safe and secure. No experience necessary. You don't even have to be a US citizen.

No; it's not a joke. The Airport Rangers program is intended to promote both security and community participation, according to the official description. It's a volunteer mounted patrol that rides the horses along the pristine wooded trails that form the perimeter of the 11,000-acre airport.

Security is far more effective when it's based on well-trained smart people, instead of on rote-trained people checking photo IDs and X-ray machine screens, or implementing database-driven profiling. The idea of trained guards patrolling a secure perimeter is a good one. But as a security professional, I see two major problems with the program as described.

The first is the lack of training. The program encourages "licensed law enforcement officers" to participate, but that's not a requirement- anyone can be a Ranger? As best I can glean from the Web page, the training consists of a "short video" on suspicious activities. Is there any mention of civil rights and constitutional protections? Is there any attempt to prevent racial profiling? Profiling has been a problem even for major law enforcement agencies; how will a group of untrained civilians perform? And what are the liabilities to the airport when there are problems?

The second is the new security vulnerability that this program creates. The perimeter around the airport used to be a no-man's land; anyone on the property was immediately suspicious. Now there is a group of people allowed around the airport perimeter. How do you tell the difference between someone who is allowed and someone who isn't? A photo ID, one you might glance at from ten feet away, is easily forgeable. And since all Rangers are on horseback, if you have a horse and you're Western looking, you are probably going to be automatically trusted. Is the airport safer, or more at risk, because of this program? The answer isn't obvious.

Beyond these two points, the application form makes for interesting reading. In order to participate in the program, you have to waive all sorts of rights. You waive the right to challenge the arbitrary denial of one of these permits. That may be compensation for another glaring risk of this scheme: are the background checks good enough to exclude potential terrorists? Is the intent that the agency will do its own profiling, and exclude, for example, Muslims? A more charitable explanation is that they want to be able to rely on intelligence reports without having to disclose them.

The most amusing part is the required certification. Applicants must certify that they are not members of known terrorist organizations. This makes sense, although expecting terrorists to tell the truth about their affiliation is a tad naive. But why exclude people who have "claims or litigation pending against the City of Houston or the Houston Airport System"? Sounds more petty than anything else.

Finally, applicants must certify that they're not a member of any group that "advocates violence against ... any other nation." A year and a half ago, that would have excluded all members of both the Democratic and Republican party, as well as any other political party that favored invading Iraq.

Website: http://www.houstonairportsystem.org/rangers

Bruce Schneier is the CTO of Counterpane Internet Security, Inc. His latest books is "Beyond Fear: Thinking Sensibly About Security in an Uncertain World," and he publishes the free monthly newsletter "Crypto-Gram." He can be reached at http://www.schneier.com

Related stories

Airport snoop system thrown in $102m garbage can
Iris scans at UK airports, says Home Office
Abu Ghraib: US security fiasco
US airport fake ID study 'was found in al-Qaida cave'
US lubes passports with RFID snake oil
Everything you never wanted to know about the UK ID card
Plane-spotters recruited in War on Terror

Secure remote control for conventional and virtual desktops

More from The Register

next story
NASTY SSL 3.0 vuln to be revealed soon – sources (Update: It's POODLE)
So nasty no one's even whispering until patch is out
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
FBI boss: We don't want a backdoor, we want the front door to phones
Claims it's what the Founding Fathers would have wanted – catching killers and pedos
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.