29
Fri, Nov
0 New Articles

Hold the Toothpaste

Commentary
Typography
  • Smaller Small Medium Big Bigger
  • Default Helvetica Segoe Georgia Times

On August 10, 2006, Reuters distributed a news story about a group of European researchers from Airbus and its parent companies, as well as from Thales, Siemens AG, and other companies who, since February 2004, have been working on a project called Security of Aircraft in the Future European Environment (SAFEE). In addition to funding from the participating companies, the European Commission (EC) is contributing 19.5 million euros.

SAFEE is expected to include, among other things, imaging systems to ensure that the person boarding a plane is the same as the one who checked in; RFID tags that will match passengers and luggage to ensure that no unaccompanied bags are in the hold; a video system that will detect abnormal passenger behavior; biometric identification systems in the cockpit and throughout the airport to block unauthorized people from entering restricted areas; chemical sensors positioned at the last point in the airport before entry onto a plane to detect explosives; onboard computer systems that will make it impossible to steer a plane into a building, mountain, or other obstacle; and, possibly, onboard systems capable of taking control of the plane and landing it at the nearest airport in case of a hijacking.

With SAFEE technologies onboard, pilots won't have to push a panic button to signal a threat. The biometric readers be not only on the cockpit door, but also on the airplane's controls. The onboard computer will recognize a hijacking if the biometric readings don't match the authorized flight crew.

Some of the SAFEE technologies are expected to be available and deployed within the next couple of years. Others will likely take more than a decade to appear. The ultimate goal is to make planes "un-hijackable," to use the term that appeared in the Reuters story.

Obviously, I wish these researchers and engineers well. I definitely hope they succeed. Unfortunately, as regular readers will no doubt guess, I'm skeptical. Airplanes, airports, and our use of them involve incredibly complex systems and processes. The likelihood of spotting all possible vulnerabilities seems exceptionally remote to me. One unguarded open door is enough to let the bad guys in. I'm referring here to metaphorical "doors" rather than real ones. Real doors are easy to find and catalog. The ones that are, instead, electronic gadgets, computer programs, or human processes are much more difficult to recognize and secure.

I have another concern that I probably would not have had if I had not been a programmer for about 10 years and a user of computers ever since. Unfortunately, I had been and have been. My experience has taught me one thing: All complex systems have bugs. And the more we entrust our lives to technology, the greater the harm that a bug can do to us.

Consider just two of innumerable types of faulty system behavior that might be triggered by bugs. First, the system might incorrectly detect a hijacking when no such thing is taking place. It might then unnecessarily divert the plane to a nearby airport that's not the intended destination. That problem is not too bad. The negative effects will be limited to inconveniencing the passengers and crew and costing the airline a lot of money. But the other possible bug that came quickly to my mind would be considerably more serious. What if the system correctly detects a hijacking, disables the pilot's controls, and steers the aircraft to the nearest airport, but a bug causes the plane to nosedive? With the pilot's controls disabled, there would be no opportunity to override the computer's bug even if the hijacker is overpowered. Oops.

I was happy to see that the article did not suggest that SAFEE might include an idea that was put forward after 9/11. Back then, a few people suggested that it might be a good idea to install systems that would allow a ground-based air traffic controller to take over a plane's controls and, from the control tower rather than the cockpit, land the plane at the nearest airport in the case of a hijacking.

On the surface, this sounded like a good idea, except for one wee problem. Over the years, a few supposedly exceptionally high-security computer networks, including military installations, have been hacked into. If you give air traffic controllers the ability to take over a plane, you also give that same capability to an exceptionally smart hacker who manages to break into the system and electronically impersonate an air traffic controller. A hacker terrorist would then be able to commit 9/11-like atrocities by remote control, without the need to commit suicide to do it. Call me crazy, but that never sounded like a particularly good idea to me.

Despite my concerns about bugs and hacks, I want to make it clear that if I ever find myself in the position of deciding between putting my life in the hands of either a potentially buggy computer system or a terrorist, I'll choose the computer every time. The terrorist won't even be a close second.

Airplane security issues are particularly germane for me right now because I'm writing this a few days before I'm scheduled to board a plane to go visit some friends and a few days after British police and security forces uncovered and, thankfully, foiled an alleged plot to blow up as many as 12 planes using liquid explosives. I don't want to minimize in any way the horrendousness of the thwarted plot or of the 9/11 atrocity, but, beyond my revulsion over those events, what annoys me on an ongoing basis is the inconvenience that has been introduced as a result of the new security measures they prompted, measures that will undoubtedly remain in place until security technologies that are less intrusive for passengers, such as those contemplated by SAFEE, are implemented.

When I was a kid (yes, that was after the Wright brothers' Kitty Hawk flight), there was no obvious security at airports. You checked in and walked in a relatively straight line to your gate, without being bottlenecked through a security checkpoint. The PLO hijackings of the late 1960s and early 1970s put an end to that. After they occurred, we all had to pass through metal detectors and have our carry-on luggage inspected before we boarded a plane.

Many years later, 9/11 happened. Security tightened considerably.

Next came the attempted shoe-bombing. All of a sudden, airlines started worrying about whether our loafers were loaded. Consequently, security officers at many airports make us run our shoes through the x-ray machines. Now, I have to try to remember to check my socks for holes before leaving for the airport to avoid embarrassment when I get there.

Then came the alleged plot in Britain. Now all liquids are suspect. I can imagine some bizarre scenes at airports in the future. A security guard draws his gun and shouts, "Freeze. If you slowly put down the tube of toothpaste and back away, nobody will get hurt. ... I don't care what your dentist told you. Put down the toothpaste or I'll be forced to shoot." Today, good dental care is a threat to airline security.

On trips of less than I week or so, I always used to fly with only carry-on luggage to avoid delays on arrival and to eliminate the risk of lost luggage, but thanks to these new restrictions, I'm going to have to either check a bag or buy toiletries at my destination and discard the leftovers before returning.

You're probably going to tell me that these inconveniences are trivial compared to the threat of terrorism. If so, you are absolutely right. But that doesn't stop me from being annoyed.

I used to love traveling. That's probably less because of a desire to see new sights and experience different cultures and more because I'm the world's biggest slob, but I don't like living in a mess, so I'm always thrilled about the prospect of getting away from my place. Nonetheless, whatever the reason for enjoying travel, because of the hassle at the airport, I'm now considerably less eager to fly than I used to be.

To paraphrase a line from the movie Casablanca, the problems of one little person (me) don't amount to a hill of beans in this crazy world. That may be so, but I worry that if people stop traveling because of increased airport hassles, that will lead to an increased potential for terrorism. Call me a bleeding-heart liberal if you must, but I honestly believe that the more people travel, learn about other cultures, get to know people from other lands, and, most importantly, allow "us" and "them" to see that neither they nor us are so bad after all, the less likely the terrorists are to find willing recruits.

Don't get me wrong. I'm not naïve. I don't believe we can eliminate terrorism through increased travel. Nor do I think that we'll bring about world peace by getting together and singing camp songs. Quite the contrary. As anyone who has been unfortunate enough to have heard my singing will attest, assuming that they've recovered sufficiently to do so, my singing is much more likely to provoke an international incident than prevent aggression. No, I think that increased global travel will reduce terrorism by, at best, an infinitesimal fraction of 1 percent. But if it comes to a choice between increasing or decreasing the breeding ground for terrorism by an infinitesimal fraction of 1 percent, I choose decreasing.

Maybe I'm exaggerating and the current level of inconvenience isn't enough to dissuade many people from flying, but recent history suggests that additional security measures will be added as new threats are recognized, thereby increasing the aggravation level. And there will inevitably be new threats. Once implemented, the old measures are rarely eliminated. You've got to wonder what airport security is going to be like in the future. If it continues on its current trajectory, I foresee the day when we'll be required to fly naked, without any luggage whatsoever—carry-on or checked. We'll have to courier our credit cards to our destinations in advance so we can buy new clothes and toiletries when we get there.

Furthermore, we'll have to spend the few days before our flight isolated at the airport to ensure that any dangerous substances we might have swallowed in order to smuggle them on the plane pass through us before flight time.

As a final insult, just before boarding the plane, we'll be required to submit to full body searches. On the upside, to prevent the dramatic decline in business that this massive inconvenience and indignity would otherwise engender, the airlines will likely offer, as a free service, to have physicians perform medical exams while searching the insides of our body cavities. That will save us the bother of separate visits to our doctors for annual physicals.

Obviously (at least I hope it's obvious), I'm joking about my airport security forecast, but just in case I accidentally turn out to be correct, I'm going to start spending a lot more time at the gym. If I have to fly naked, I want to be in much better shape than I am now. What's more, I'm going to configure my spam filters to stop blocking those male enhancement promotions.

Joel Klebanoff is a consultant, a writer, and president of Klebanoff Associates, Inc., a Toronto, Canada-based marketing communications firm. He is also the author of BYTE-ing Satire, a compilation of a year's worth of his columns. Joel has 25 years experience working in IT, first as a programmer/analyst and then as a marketer. He holds a Bachelor of Science in computer science and an MBA, both from the University of Toronto. Contact Joel at This email address is being protected from spambots. You need JavaScript enabled to view it.. If he is ever forced to fly naked, he wants to be able to select his seatmate using recent photographs. Unfortunately, she'll probably refuse to sit beside him.

Joel Klebanoff

Joel Klebanoff is a consultant, writer, and formerly president of Klebanoff Associates, Inc., a Toronto-based marketing communications firm. He has 30 years' experience in various IT capacities and now specializes in writing articles, white papers, and case studies for IT vendors and publications across North America. Joel is also the author of BYTE-ing Satire, a compilation of a year's worth of his columns. He holds a BS in computer science and an MBA, both from the University of Toronto.


MC Press books written by Joel Klebanoff available now on the MC Press Bookstore.

BYTE-ing Satire BYTE-ing Satire
Find out the hilarious answer to the eternal question: "Is technology more hindrance than help?"
List Price $14.95

Now On Sale

BLOG COMMENTS POWERED BY DISQUS

LATEST COMMENTS

Support MC Press Online

$

Book Reviews

Resource Center

  • SB Profound WC 5536 Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application. You can find Part 1 here. In Part 2 of our free Node.js Webinar Series, Brian May teaches you the different tooling options available for writing code, debugging, and using Git for version control. Brian will briefly discuss the different tools available, and demonstrate his preferred setup for Node development on IBM i or any platform. Attend this webinar to learn:

  • SB Profound WP 5539More than ever, there is a demand for IT to deliver innovation. Your IBM i has been an essential part of your business operations for years. However, your organization may struggle to maintain the current system and implement new projects. The thousands of customers we've worked with and surveyed state that expectations regarding the digital footprint and vision of the company are not aligned with the current IT environment.

  • SB HelpSystems ROBOT Generic IBM announced the E1080 servers using the latest Power10 processor in September 2021. The most powerful processor from IBM to date, Power10 is designed to handle the demands of doing business in today’s high-tech atmosphere, including running cloud applications, supporting big data, and managing AI workloads. But what does Power10 mean for your data center? In this recorded webinar, IBMers Dan Sundt and Dylan Boday join IBM Power Champion Tom Huntington for a discussion on why Power10 technology is the right strategic investment if you run IBM i, AIX, or Linux. In this action-packed hour, Tom will share trends from the IBM i and AIX user communities while Dan and Dylan dive into the tech specs for key hardware, including:

  • Magic MarkTRY the one package that solves all your document design and printing challenges on all your platforms. Produce bar code labels, electronic forms, ad hoc reports, and RFID tags – without programming! MarkMagic is the only document design and print solution that combines report writing, WYSIWYG label and forms design, and conditional printing in one integrated product. Make sure your data survives when catastrophe hits. Request your trial now!  Request Now.

  • SB HelpSystems ROBOT GenericForms of ransomware has been around for over 30 years, and with more and more organizations suffering attacks each year, it continues to endure. What has made ransomware such a durable threat and what is the best way to combat it? In order to prevent ransomware, organizations must first understand how it works.

  • SB HelpSystems ROBOT GenericIT security is a top priority for businesses around the world, but most IBM i pros don’t know where to begin—and most cybersecurity experts don’t know IBM i. In this session, Robin Tatam explores the business impact of lax IBM i security, the top vulnerabilities putting IBM i at risk, and the steps you can take to protect your organization. If you’re looking to avoid unexpected downtime or corrupted data, you don’t want to miss this session.

  • SB HelpSystems ROBOT GenericCan you trust all of your users all of the time? A typical end user receives 16 malicious emails each month, but only 17 percent of these phishing campaigns are reported to IT. Once an attack is underway, most organizations won’t discover the breach until six months later. A staggering amount of damage can occur in that time. Despite these risks, 93 percent of organizations are leaving their IBM i systems vulnerable to cybercrime. In this on-demand webinar, IBM i security experts Robin Tatam and Sandi Moore will reveal:

  • FORTRA Disaster protection is vital to every business. Yet, it often consists of patched together procedures that are prone to error. From automatic backups to data encryption to media management, Robot automates the routine (yet often complex) tasks of iSeries backup and recovery, saving you time and money and making the process safer and more reliable. Automate your backups with the Robot Backup and Recovery Solution. Key features include:

  • FORTRAManaging messages on your IBM i can be more than a full-time job if you have to do it manually. Messages need a response and resources must be monitored—often over multiple systems and across platforms. How can you be sure you won’t miss important system events? Automate your message center with the Robot Message Management Solution. Key features include:

  • FORTRAThe thought of printing, distributing, and storing iSeries reports manually may reduce you to tears. Paper and labor costs associated with report generation can spiral out of control. Mountains of paper threaten to swamp your files. Robot automates report bursting, distribution, bundling, and archiving, and offers secure, selective online report viewing. Manage your reports with the Robot Report Management Solution. Key features include:

  • FORTRAFor over 30 years, Robot has been a leader in systems management for IBM i. With batch job creation and scheduling at its core, the Robot Job Scheduling Solution reduces the opportunity for human error and helps you maintain service levels, automating even the biggest, most complex runbooks. Manage your job schedule with the Robot Job Scheduling Solution. Key features include:

  • LANSA Business users want new applications now. Market and regulatory pressures require faster application updates and delivery into production. Your IBM i developers may be approaching retirement, and you see no sure way to fill their positions with experienced developers. In addition, you may be caught between maintaining your existing applications and the uncertainty of moving to something new.

  • LANSAWhen it comes to creating your business applications, there are hundreds of coding platforms and programming languages to choose from. These options range from very complex traditional programming languages to Low-Code platforms where sometimes no traditional coding experience is needed. Download our whitepaper, The Power of Writing Code in a Low-Code Solution, and:

  • LANSASupply Chain is becoming increasingly complex and unpredictable. From raw materials for manufacturing to food supply chains, the journey from source to production to delivery to consumers is marred with inefficiencies, manual processes, shortages, recalls, counterfeits, and scandals. In this webinar, we discuss how:

  • The MC Resource Centers bring you the widest selection of white papers, trial software, and on-demand webcasts for you to choose from. >> Review the list of White Papers, Trial Software or On-Demand Webcast at the MC Press Resource Center. >> Add the items to yru Cart and complet he checkout process and submit

  • Profound Logic Have you been wondering about Node.js? Our free Node.js Webinar Series takes you from total beginner to creating a fully-functional IBM i Node.js business application.

  • SB Profound WC 5536Join us for this hour-long webcast that will explore:

  • Fortra IT managers hoping to find new IBM i talent are discovering that the pool of experienced RPG programmers and operators or administrators with intimate knowledge of the operating system and the applications that run on it is small. This begs the question: How will you manage the platform that supports such a big part of your business? This guide offers strategies and software suggestions to help you plan IT staffing and resources and smooth the transition after your AS/400 talent retires. Read on to learn: