• Clay_pidgin@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    179
    ·
    6 days ago

    The “agents” always swear the rules are the same everywhere even though I was just in the other airport a few hours ago and no they aren’t!

    • Chozo@fedia.io
      link
      fedilink
      arrow-up
      94
      ·
      6 days ago

      “This is how it’s always done, sir… on the second Tuesdays of months with an even number of days and for the full duration of Toyotathon. Now don’t make me repeat myself: laptop under the bag and over the shoes or we cavity search you.”

    • NaibofTabr@infosec.pub
      link
      fedilink
      English
      arrow-up
      51
      arrow-down
      2
      ·
      6 days ago

      Random Antiterrorism Measures

      The Random Antiterrorism Measure (RAM) program uses random, multiple security measure that change the look of an installation’s force protection program and introduce uncertainty to defeat surveillance attempts and make it difficult for a terrorist to accurately predict security actions.

      “A unit could conduct random antiterrorism measures by checking parking lots, conducting bag checks and ID cards in locations where that is not the normal security posture,” said Ann Moree, security manager, DPTMS.

      This is basically what’s going on. The theory is that by making changes to the process it will be more difficult for someone to plan a way to defeat it (not really true, as several TSA pentests have shown).

      There’s also this classic quote attributed to a German general during WWII:

      War is Chaos, and the reason why the American Army excels at War is because they practice Chaos on a daily basis.

      It may look like the front-line guys have no idea what’s going on, and that might actually be true. If they have no idea what’s going on, neither will anybody observing their activities.

      • Clay_pidgin@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        25
        ·
        6 days ago

        I had not considered that. It sounds like it’s actually a sound precaution, or would be if TSA weren’t so incredibly incompetent and the threat so exaggerated.

        • NaibofTabr@infosec.pub
          link
          fedilink
          English
          arrow-up
          8
          ·
          6 days ago

          Yeah I’m not sure how useful it is in practice - possibly not at all - but at least some of it is intentional and not completely the result of poor management.

          I also wouldn’t be surprised if some of the apparent incompetence was intentional… but that’s just speculation.

      • leisesprecher@feddit.org
        link
        fedilink
        English
        arrow-up
        15
        ·
        6 days ago

        I think this kind of reasoning just desperately tries to find reason in insanity.

        You’re basically implying that the coordinated uncertainty is so incredibly good at being covert, that it’s absolutely indistinguishable from underpaid incompetence and power tripping pettiness.

        Maybe I’m not giving enough credit to government agencies, but actual incompetence and artisanal pettiness seem to be more likely to me than a planned behavior.

        • fuzzzerd@programming.dev
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 days ago

          Maybe it is as you say the government incompetence and the artisanal pettiness that are the planned behavior, knowing it leads to this randomization.

      • snooggums@lemmy.world
        link
        fedilink
        English
        arrow-up
        9
        ·
        6 days ago

        That would matter if ‘screwing up’ had any bearing on the outcome, which isn’t the case because the TSA is just security theater. If they mix up the order and the result is just making you do whatever the thing is, then it is just wasted time with the same end result and security is NOT improved.

        This is just incompetence and shitty training.

        • NaibofTabr@infosec.pub
          link
          fedilink
          English
          arrow-up
          3
          ·
          6 days ago

          Yeah, well, that’s just like, your opinion man.

          In all seriousness though, I’m not saying that RAM is effective in any measurable way. I’m saying that it’s part of the SOP and helps explain some of what people experience as apparently inconsistent behavior from the TSA.

      • kettle@lemm.ee
        link
        fedilink
        English
        arrow-up
        7
        ·
        6 days ago

        It makes sense in theory to deter someone planning something sketchy. But if that’s the purpose, they should try to make it known to everyone.

        Basically, the agents should be telling everyone - “yes, the procedure can change every time”, so the potential villain scouting out the procedures would think “oh man, I thought I got it figured out, but what if tomorrow they change the rules?”

        If they instead keep insisting “you should know this, it’s the same every time”, the potential villain is more likely to feel confident in their preparation and go ahead.

    • Kitathalla@lemy.lol
      link
      fedilink
      English
      arrow-up
      24
      ·
      6 days ago

      If the rules are the same everywhere, they would do what every other competent place that has procedures that need to be followed does, and post them at the front. The fact that a TSA bitch has to stand there and tell you what to do means they’ve already failed.

    • Zachariah@lemmy.world
      link
      fedilink
      English
      arrow-up
      22
      ·
      6 days ago

      Yes, they are. The rule is: No matter what you do, you’ll be called a dumb bitch.

      This rule is universal and the whole point of the TSA.

      • Toribor@corndog.social
        link
        fedilink
        English
        arrow-up
        10
        ·
        6 days ago

        They seem to relax the rules when it’s really busy… Like wait… Isn’t that when an attack would be the most dangerous meaning security would be even more important rather than less?

        Goes to show how pointless most of it is.