This is somewhat old news, but Chris Soghoian (one of the new Informatics PhD students) was visited by the FBI recently. Chris’s “crime” was posting a web page that would automatically generate fake Northwest Airlines boarding passes. Chris’s act could be seen in two lights: A) He’s helping terrorism by providing a ‘service’ to potential terrorists…. or B) He’s helping airline security by exposing flaws in their system.
Knowing that Chris is a fledgling expert in cybersecurity should prompt you to select option B, but maybe with reservations. After all… why would he expose the flaws publicly rather than directly to the appropriate committees?
Well, his actions seem to expose “security” (most notably airport security) as a troubling new dimension for our society to deal with… Chris would argue that the notion of security is being used as an “instrument” of the government for the indirect control or distraction of a population, rather than its assumed purpose of protecting the population. He calls this particular context “security theater“.
Under the assumption of “security theater”, the government and it’s various security committees would have no direct interest in acting on the advice of security experts… instead the security measures taken would function mainly as a “scare tactic”. In other words, the government would rather spend more money on armed security guards to shake down suspicious looking grandmas and expensive bomb sniffing machines than to fix simple technical vulnerabilities with easily duplicated boarding passes. Many security experts believe that “security theater” is indeed occurring, and are attempting to expose security threats through other channels.
The true test of whether or not “security theater” is occurring is watching how the government responds to Chris’s actions. The government’s first action was to send in the FBI, seize all of his passports and computers, and call for his arrest.
Now, the government is changing its tune… not only dropping their case (seemingly) but calling for Chris to be in direct talks with the Department of Homeland Security itself.
Is the government’s intentions sincere? Or have they realized that the biggest show in “security theater” is now “back stage” and are trying to cover their actions? I would wager that they can’t afford to be exposed as “the bad guys” in the current political situation.
Anyways, I think this puts Chris in an enviable role, even though he’s a bit disadvantaged in the short run. As America learns to deal with increased homeland security fear, I think we need more than one voice offering their perspective. If we’re going to be truly secure, we need experts like Chris exposing our flaws publicly rather than privately. Perhaps we should realize that we’re never really truly safe, and come to terms with it rather than trust in security theater.