Loose lips: please think before discussing security policies
 

If you know any of the details about security profiling, please keep that information to yourself, even if you believe that it's common knowledge. I saw a post as recently as yesterday in which a FTer casually mentioned a criterion for security profiling. While I have no idea if the FTer was right or not, it seems to me that one of the ways that we can all contribute to the anti-terror effort is to use caution when discussing security-related information.

The terrormongers were able to do what they did in part because they understood the security system very well. FTers can make a difference, and one of the ways we can make a difference is by keeping security-related information to ourselves.

I agree with the sentiment of your idea, but not necissarily the method.

How many times have we (as frequent flyers sitting in our upgraded seats in first) seen 2 knocks open the supposedly secured flight deck. How many times have we walked through security with something we shouldn't have, or just walked through while two guards are chatting and not even looking at the monitor. How many times have we walked through security checkpoints in one airport with no metal alarms going off, and on the same day at a different airport had them go off like crazy.

I've spent a bit of time kicking myself for becoming complacent and accepting the garbage security and lax attention to procedures I experienced. I suggest we do speak up about this kind of stuff in the future - write your senator or make a scene at the airport if necessary, but never be accepting of this any more.

Good points. I am amazed in watching the news this week at how frequently reporters are asking for what would OBVIOUSLY be classified information. Somebody needs to sit down with the media and give them some guidelines about how very damaging some of this information would be to release. I think that they need to make some judgements and get on the team now. I'm not interested in the line about "Our job is simply to report whatever we find out." There is a far greater responsibility than that now and it's time for professional media people to understand the stakes involved.

Ever since I have been posting here (2 years), I have normally made comments on threads that talk about security stating that I do not think it is a good idea to talk about security methods, loopholes, etc. on a public board that anyone in the world can read.

If you have concerns, please bring them up with the airport, airline, police or FAA.

I guess I personally doubt that any terrorists would actually go to FlyerTalk in order to get information about circumventing security...

Why not? Wall Street Journal, USA Today, and countles other publications have drawn source material and research from Flyertalk. Simetimes when searching airline related queries on Google, Flyertalk threads are the first, second, and third matches.

I'm not so sure. FTers are much more knowledgeable about airline operations and such than the 3500 mile per year recreational flyer, and I've seen myriad topics discussed casually here. I bet upwards of 90% of those on the UA board know the tapping code the FA use to get on to the flight deck.

Not to mention that the hijackers
were making the use of the mundane,
such as going to Kinko's and renting
computer time for their e-mail
correspondence. So why not gather
information here?

Security must be openly discussed to have any usefulness. Security measures should be pulled out into the daylight and criticized from all angles. Not doing so is a big part of how we got here.

I have to agree. Hiding in the corner and keeping everybody in the dark doesn't help you when you HAVE to assume that others WILL be poking at them to find weaknesses.

Not talking about them and keeping them hidden is known as "Security through Obscurity" and is one of the worst things you can do. Why do you think most corporations keep getting their computer systems broken into?

The company feels a need to put up a front and not test or challenge procedures or mechanisms for fear that ANY discussion will result in negative publicity about the company. This is EXACTLY what potential attackers rely upon. THEY certainly aren't going to expose any flaws they find in a physical security procedure or software algorithm. They're just going to exploit it and leave the rest of us wondering what went wrong.

Does this mean that you should stand outside your house and ask passersby to try to break in?----No
Asking the opinions of several locksmiths and maybe a trusted friend or two is certainly a good idea though.

We have to assume that anything we post or read here or elsewhere on the web can be read by those who would do us harm. We also have to assume that they will be testing the new security measures themselves.

Which means that we ourselves must make it an issue of paramount importance to write to our elected officials urging them to fund testing and verification of policies and procedures as well as just putting them into place.

JD

My thoughts posted in OMNI are relevant here. Couldn't get a link to give you--the message is titled "Could we have unknowingly aided & abetted?".

JP

The former, yes. The latter... I'd be careful. On occastion, I have seen people do this - protesting that they thought the security was not adequate/people not doing their jobs, etc - and all they get for their troubles is a lengthy, indepth, and very personal re-inspection.