One of my professors in our international security program was talking about this not too long ago - they had gone to visit the nuclear reactor at a school around here and found that it was completely unguarded, except for maybe a night watchman who'd go on a tour every now and then.

Then there is the Soviet Union which produced 120-some portable nuclear bombs (these are the "suitcase" type). It's been able to account for 40-some of them.

There's enough loose fissile material out there to make 120,000 nuclear weapons. The cost of a nuclear attack on even a smaller sized US city is estimated to be at least $1 trillion.

But rather than work on those hard and more serious problems, let's spend our time and money attacking the privacy, rights, liberty and freedom of Americans.

Wow, Doppy! Know where I can get a crystal of cesium 130 for my rock collection cabinet? I promise to use good, thick rubber gloves and keep the dog away from it...

Yeah, it would have taken them a whole extra week to fake different IDs.

I don't want to sound too complacent about this, but nuclear bombs need to be "recharged" frequently to remain potent. They can't just sit around for years and years like conventional explosives can. In fact, when the U.S. had missiles based in Europe, the warheads had to be flown back and forth to Amarillo (the Pantex plant) periodically for this reason. The recharging process is tricky and requires access to hard-to-get, controlled materials (like beryllium, as just one example). People in the know are pretty sure that the missing Soviet bombs are no longer fissionable, but their fissile material could be used in a "dirty" bomb, of course.

Bruce

Sure, if ID were the only layer of security. It isn't. Remember CAPPS and it's variations? These profiling tools would catch the warning signs of fake identities.

Not if the fake identities are new...or foreign. It is easier than you think to create an identity that is 'off the radar', then use it for nefarious purposes.

In some cases it's much easier for them to steal an existing identity that is 'clean'; on the radar, but clean. Many a deceased person from small town America or Canada has been 'resurrected' in this way.

All these profiling systems have weaknesses that are not difficult to exploit. If someone on Flyertalk knows how to do it, I am most certain a highly trained criminal enterprise has it all figured out.

(Sigh) The whole point of CAPPS was that if an identity didn't match up with an "activity" history.. things like tax records, etc., it would be flagged for further scrutiny. The "Fredrick Forsyth" scenario you mention above is well known and taken into account by these systems. Though they are imperfect, they wouldn't be bad.

Some of this, at least as regards using public records, is dead for now. And security is the worse for it.

My memory is fuzzy, but, back in the good old days, the only place I remember presenting an ID was at the ticket counter when getting a boarding pass and being subjected to the two stupid questions about your luggage. You didn't need and ID or even a boarding pass to go through security.

One could Monday-morning quarterback the 9/11 operation until the sun turns into a red giant about whether or not post-9/11 security procedures in place on 9/11 themselves would have thwarted the operation. Clearly, there were enough people and agencies asleep at the wheel for a couple of years, any one of which could have uncovered the plot. Everything beforehand -- the much-touted "layered approach" -- in one form or another failed, so the entire anti-hijacking and civil aviation security burden that day fell to airport screeners in Portland, Newark, and Dulles. In a similar fashion, the TSA will fail if all of the layers before them fail again. The biggest difference is that there is another layer of security beyond the TSA -- the passengers, flight crews, and hardened cockpit doors.

That being said, even OBL knew the 9/11 operation was operationally risky. In fact, some have documented that OBL himself reduced the operation from 20 planes worldwide to a handful on the east coast. Since he practiced strict compartmentalized security, we will never know explicitly who knew what among the 19-20 hijackers.

I've written before on FT why I believe a 9/11-style event won't happen again, and it has nothing to do with the TSA or a no-fly list. In a nutshell, here are my major reasons, written from the perspective of a retired military officer who participated in deliberate and crisis planning:

1. OBL quickly lost the element of surprise. Flight 93 knew what was going on and fought back. The Pentagon plane passengers knew what was going on but didn't have the time to fight back. I've never read (I haven't read extensively on the 9/11 incident, -- classified or unclassified -- so I could be wrong) whether or not the people on the second WTC aircraft knew what was going on. OBL knew that 20 planes was too complicated a mission, but something tells me that he expected to retain the element of surprise through all of the 4-aircraft operation.

2. They lost the element of surprise because they terribly underestimated the robustness of our communication systems. OBL sort of understood the need to use offensive information warfare, as demonstrated by training the hijackers to turn off the transponders. But, to retain the element of surprise throughout the entire operation, which really wasn't that long in duration, he needed to conduct a highly sophisticated information warfare attack, which only the most militarily competent nations in the world can pull off (on a good day).

3. The key vulnerability they exploited -- cooperation of the crew during a hijacking -- no longer exists. In fact, the vulnerability no longer existed by the time Flight 93 was hijacked. There are numerous stories about other commercial flights in the air on 9/11 and the makeshift measures aircrews implemented in real time to protect themselves, their cockpits, and their passengers.

Back on topic, showing IDs a dozen times to every TSA officer in uniform is irrelevant if nobody does anything before and afterwards. The various lists and random secondaries are irrelevant, but persist because they are visible and get people re-elected. The major flaw with no-fly and watch lists are that they are just that: lists and not real people. Think about all of the news stories before and after 9/11 pertaining to arrests of criminals at airports before and after they flew somewhere. This happened because real policemen did real police work long before the bad guy showed up at the airport. Heck, they even had a real arrest warrant they got approved by a real judge! Showing an ID to a ticket agent or TSA moat dragon was simply irrelevant in these police operations. As a matter of fact, frequent ID checks might have made the bad guy panic resulting in a blown arrest attempt.

So, "ID or not ID" really gets back to its roots -- preventing lost revenue. For the average citizen, it's a matter of privacy. Gilmore appears to have taken the privacy issue to task, but he didn't really challenge the "only terrorists fly with no ID" linkage between presenting IDs and mandatory SSSS.

But, as I have seen first-hand, the whole construct of post-9/11 civil aviation security is so terribly broken that, in the grand scheme of things, even a Gilmore victory would have been irrelevant. Because identity theft is so easy to do and more commonplace than most of us think, anybody in the homeland security apparatus who believes that ID checks add anything beyond trivial value to the security construct is clearly smoking something.

I agree with you. But before the airlines were ordered by the FAA to demand (firmly request, whatever) photo ID from their passengers, airlines uniformly did not. And once the initial requirements expired, most airlines stopped asking for photo ID. Of course it was easier for the airlines to demand ID when they could claim that it was a government requirement.

Airlines often treat their customers poorly, but I gotta think that there'd be an airline out there willing to skip the photo ID if the government didn't require that it be requested. Sometimes they actually compete.

Any idiot terrorists can get his name in some commercial databases to "corroborate" his "non-threat" status as far as CAPPS is concerned. Sign up for some magazine subscriptions, join the airline's frequent flyer program, get a credit card - now you're "clear." And if the "big day" comes and you're not "clear," you know in advance so you can make the necessary adjustments.

Some of the 9/11 hijackers were selected by CAPPS, but so what? What did that do, and what would it do for us in the future?

Nobody should be getting onboard with weapons. We should be working on the fact that the TSA is no better at catching contraband than the private screeners, not scrutinizing over people who don't have a high enough credit score, diverting resources away from the primary job of looking for weapons.

Faking the credit history is not that much harder. Or the address.

Your faith in CAPPS/Secureflight is misplaced. Even TIA can be beaten.

As was just mentioned, that only covers the easily faked ID. If someone steals an existing ID (complete with history), it's not going to be caught.

"ID" does very little to promote real security.

That is the "Fredrick Forsyth" scenario , named after the author who brought it to prominence in "Day of the Jackal." It is extremely well known.

Creating a clean identity from scratch is quite easy...

1) make up a name
2) apply for a taxpayer ID number for a business with that name
3) using the name and the taxpayer ID, open an online bank account and fund it
4) using the name and taxpayer ID, apply for a few credit cards...you will get at least one approved
5) run some money through the system by charging the cards and paying them off through the online bank account

...the above gets you some visibility in the system. Now head to LA and pay about $200-$300 for a state ID card with your fake name that will allow you travel or do other activities that require ID

It's all quite easy to do...and the roadblocks are few and easy to overcome...some of them just require paying abit of cash

And how exactly will you make this date back 15 or 20 years?