Forgot your password?
typodupeerror
Security

What Examples of Security Theater Have You Encountered? 1114

Posted by timothy
from the kip-hawley-please-to-the-white-courtesy-phone dept.
swillden writes "Everyone who pays any attention at all to security, both computer security and 'meatspace' security, has heard the phrase Security Theater. For years I've paid close attention to security setups that I come in contact with, and tried to evaluate their real effectiveness vs their theatrical aspects. In the process I've found many examples of pure theater, but even more cases where the security was really a cover for another motive." swillden would like to know what you've encountered along these lines; read on for the rest of his question below.
swillden continues: "Recently, a neighbor uncovered a good example. He and his wife attended a local semi-pro baseball game where security guards were checking all bags for weapons. Since his wife carries a small pistol in her purse, they were concerned that there would be a problem. They decided to try anyway, and see if her concealed weapon permit satisfied the policy. The guard looked at her gun, said nothing and passed them in, then stopped the man behind them because he had beer and snacks in his bag. Park rules prohibit outside food. It's clear what the 'security' check was really about: improving park food vending revenues.

So, what examples of pure security theater have you noticed? Even more interesting, what examples of security-as-excuse have you seen?"
This discussion has been archived. No new comments can be posted.

What Examples of Security Theater Have You Encountered?

Comments Filter:
  • Frist Posty? (Score:5, Insightful)

    by Anonymous Coward on Wednesday May 28, 2008 @04:49PM (#23576201)
    Airports... Need I say more?
    • by Anonymous Coward on Wednesday May 28, 2008 @05:35PM (#23576929)
      in 2002 I bought a ford focus zx3, complete with a blinking red light on the dash, which the dealer refered to as an "anti-theft device."
    • Re:Frist Posty? (Score:4, Interesting)

      by seededfury (699094) on Wednesday May 28, 2008 @05:55PM (#23577277) Homepage
      I just got back from TRAFFIC court.... I had to go through security very similar to the airport so I could walk up to a window which was 15 feet from the front door. I walked through the front door, five feet later I was being scanned, searched and forced to return to my car because my 1 inch pocket knife was a threat, then when I got past that crap I had to stand in line and wait to talk to someone behind a window. I saw no rational reason for any of this...

      Traffic court is now very "secure"
    • by hobb0001 (989441) on Wednesday May 28, 2008 @05:59PM (#23577357)
      Security systems that will let you in with nothing more than a fingerprint scan. Gee, what's more difficult: guessing the correct password within 3 attampts, or lifting a fingerprint and making a gelatin mold? (hint: see Mythbusters to see how difficult it isn't to create a gelatin mold)
  • Nom nom nom (Score:5, Funny)

    by Applekid (993327) on Wednesday May 28, 2008 @04:49PM (#23576213)

    The guard looked at her gun, said nothing and passed them in, then stopped the man behind them because he had beer and snacks in his bag. Park rules prohibit outside food. It's clear what the 'security' check was really about: improving park food vending revenues.
    Heh heh, the fools. The gun's cartridge was loaded with small pretzels and Tootsie Rolls.
  • The Iraq theater (Score:5, Insightful)

    by Harmonious Botch (921977) * on Wednesday May 28, 2008 @04:50PM (#23576219) Homepage Journal
    No trolling intended, but the war in Iraq now is the biggest piece of security theater on the planet. It does not make the US safer ( indeed it probably does the reverse ) but it does give certain people benefits. Chaney and friends make millions on no-bid contracts, and neocons get to implement policies that in more normal conditions would not be tolerated by the public.
  • by Mordok-DestroyerOfWo (1000167) on Wednesday May 28, 2008 @04:51PM (#23576241)
    While creating an intranet for the company I was doing some outside work for I ran into a problem authenticating through their antiquated AD system. Rather than updating everything or heaven forbid give management an actual password to remember my instructions were to "make it as scary as possible but don't actually put a password on it." I had a four tiered authentication system which would allow you to move forward regardless of what was put in the text boxes. They loved it, and a little piece of me died when I cashed the check.
    • by Chapter80 (926879) on Wednesday May 28, 2008 @05:30PM (#23576845)
      Slightly off topic, but your story reminds me of software I was involved with.

      We created a delete function, and kept getting reports that the customer accidentally deleted records. (And we had no undelete function.) So we added a "Are you sure?" dialog.

      The incidents of accidental deletion did not go down.

      So we added text "This cannot be undone. Continue?" and still the incidents did not go down (People just randomly click OK.)

      Finally we changed it to "Please key in 'irreversible' to continue with the deletion." This solved the problem.

      • by Anonymous Coward on Wednesday May 28, 2008 @06:13PM (#23577587)
        Why the hell would you have a button that actually says "OK" on it? That's poor design, because you should know that people always click OK. A better design would be to have buttons that say "Delete" and "Cancel", with the Cancel button selected by default. Typing the phrase was a good alternate solution to eventually arrive at, though.
    • by Ungrounded Lightning (62228) on Wednesday May 28, 2008 @05:35PM (#23576935) Journal
      The consulting algorithm:

        1) Find out what they want. (They will ask for bells and whistles and not tell you core process basics.)
        2) Figure out what they actually need. (Research their actual process and design improvements.)
        3) Try to convince them to want what they actually need and change the spec go with that.
        4) After step 3), give them what they now want, whether it's what they need or not. (Provided it's legal and ethical.)

      And of course:

        5) Profit!

      They are the bosses / customers. They decide what to spend money on. You are the hireling. You agree to do what they want in trade for the fee they pay. After step 3) your moral and ethical obligations are discharged - and if your suggestions are good you've proved your worth. If they're smart they go with what you suggested - or know something about their business that you didn't and reject your suggestion on that basis. But if they decide to do something you think is stupid once they've been informed, it's their business, so it's their call.
  • by hal9000(jr) (316943) on Wednesday May 28, 2008 @04:52PM (#23576251)
    If public CA's are supposed to be trusted authorities of identity on the Internet, why do we have to have "extended validation" of an entity before they get a certificate? If we can't trust the CA to validate entities before issuing certificates in the first place, how can we trust them to issue Extended Validation Certificates in the second?

    Oh, I forgot, they are in collusion with Microsoft and other CA's to inflate the cost of digital certificates they already issue.
  • by sgtron (35704) on Wednesday May 28, 2008 @04:54PM (#23576279)
    In 2001 I was living in an apartment complex in a North Dallas suburb. If you got a package that wouldn't fit in those teeny-tiny mailboxes then the mail man would drop off the package at the apartment complex office and you could pick it up in normal office hours.

    After September 11th, the apartment management sent out a memo to all residents that because of the heightened state of terrorism awareness the office would no longer allow packages to be held there for the residents.

    Of course my first thought was they were just tired of dealing with the packages and saw this as a convenient excuse to stop holding packages for people.
  • Disneyland (Score:5, Funny)

    by Eco-Mono (978899) on Wednesday May 28, 2008 @04:55PM (#23576297) Homepage
    My adviser back at University, Rich Maddox, used to tell a story from his youth, when he was dating a girl who (apparently for religious reasons? I don't remember exactly) always carried a large knife in her purse. So anyway, they were going to Disneyland with a couple of friends, and as they went through the entry turnstile they stopped Rich and asked to check his backpack for weapons and so forth. And they found a pocket knife there, and told him he couldn't bring it into the park because it was dangerous. That's when Rich called over to his girlfriend who was already inside, and said "Honey, do you still have that knife with you?" And she pulled it out of her purse and said "Yeah, why do you ask?"
  • Oh Sure (Score:5, Insightful)

    by eldavojohn (898314) * <[moc.liamg] [ta] [nhojovadle]> on Wednesday May 28, 2008 @04:57PM (#23576337) Journal
    Every time I'm held up by the "No Fly List" because I have an insanely common name, I feel like a victim of security theater. How many would be terrorists have been caught by the no fly list?

    In my opinion almost all forms of random searches are security theater.

    People putting loaded handguns in their homes in the case of a wood-be assailant or robber breaking in. This is not only security theater, it increases the risk you are putting yourself and your family in. Not to mention that in most instances of murder the victim knew the assailant. You're more likely to die of suicide than a robber killing you.

    I don't know if these are examples where the security theater is a cover for another reason--unlikely. But there's clearly examples where it just makes your life worse more often than better.
    • Re:Oh Sure (Score:5, Funny)

      by UESMark (678941) on Wednesday May 28, 2008 @06:20PM (#23577685)
      Two things: Firstly wooden assailants are very dangerous and resistant to gunshot wounds. Your best bet against this sort of wood-be assailant is a flamethrower or an ax.

      Secondly, saying that you shouldn't have a gun because you are more likely to commit suicide than be killed by an intruder implies that either people randomly commit suicide for no reason or that people choose to have home invasions. They are not really the same sort of thing so the statistics aren't really a helpful metric.

      That said, if you are a person with suicidal tendencies you should keep neither firearms nor flamethrowers (which confusingly are not generally considered firearms) around the house. Axes however are very difficult to commit suicide with, and as such should be kept in the event you run into any would-be wood-be assailants.
    • Re:Oh Sure (Score:5, Insightful)

      by Braino420 (896819) on Wednesday May 28, 2008 @06:24PM (#23577761)

      People putting loaded handguns in their homes in the case of a wood-be assailant or robber breaking in. This is not only security theater, it increases the risk you are putting yourself and your family in. Not to mention that in most instances of murder the victim knew the assailant. You're more likely to die of suicide than a robber killing you.
      Gun vs Burglar is not security theater. It actually does have value in your defense against the burglar and it's not really a "theater" in the sense you aren't even advertising that you are keeping a gun in your home.
    • Re:Oh Sure (Score:5, Insightful)

      by ChaosDiscord (4913) * on Wednesday May 28, 2008 @06:25PM (#23577789) Homepage Journal

      Random searches provide excellent security, provided the punishment for getting caught exceeds the benefits multiplied by the risk. Let's say I'm asked to smuggle weapons onto a plane. Not for a hijackings or anything, just as a black market delivery. I'm offered $10,000 to do it. I've got a great plan; assuming the security screeners don't hand search my bags, there is basically zero risk of getting caught. So now it's down to the random searches. If the punishment is 1 year in prison, and they only screen 1 in 10 people, the odds are pretty good; assuming that I value my freedom at less than $100,000 per year. Now if the punishment is 20 years in prison, now my freedom is worth less than $5,000 per year.

      Let's hypothetically try to redo 9-11. (Yes, only a stupid terrorist would try that exact same attack again, but it's a good example with concrete numbers.) We're all expecting to die, so the threat of jail is irrelevant. However, if a single one of us gets caught with weapons, there is a good chance security will be stepped up and my 19 accomplices will be caught as well. That's very bad, from my terrorist point of view. Since 20 of us need to get past security, even if they only randomly screen 1 in 20 people, there is a 64% chance of at least one person getting searched and busted. 1 in 10? 87% chance of getting busted. Very bad odds.

      Now obviously it's better to only search people who are bad guys. Unfortunately the entire point of searching people is to identify the bad guys, so that's unhelpful. We can try to be clever and profile people based on, say, their ethnicity. After all, statistically aren't Arab men more likely to hijack planes and crash them? Oddly, this makes the attack easier for the bad guys. Just start flying people around without weapons. See who gets searched. The people who run several flights without getting searched are ideal for your next attack. (A good article with further links on the complexities with profiling. [schneier.com] As he points out, profiling based on suspicious behavior is good, although hard.)

      Of course, I'm glossing over lots of details. We need to balance many other things, including civil rights. Random searches of homes would likely be a very effective way to stop many crimes. It's also a violation of the US constitution and the principles our country was founded on. Many relatively minor crimes would necessitate punishments that many people would describe as cruel and unusual to compensate for the low risk of getting caught. The benefit of stopping the bad thing may be very minor compared to the cost of the searches. (For example, random drug tests for most jobs hurts moral and costs money, with little benefit.) But fundamentally random searches do work.

  • by FranTaylor (164577) on Wednesday May 28, 2008 @05:00PM (#23576389)
    I cannot verify this story, anyone else?

    Back in ArpaNet days, MIT had machines running an OS called ITS. It was a friendly and happy world and there were user accounts but no passwords. But networking means that strangers can connect and so Arpa insisted that passwords be added. So the ITS developers added a password prompt that ignored the password, and this made the Arpa people happy for a while until they figured it out and made them actually check the password.

    In a similar vein, Microsoft file server passwords were originally checked only on the client, a fact which went undiscovered until Samba came along.

  • by Toreo asesino (951231) on Wednesday May 28, 2008 @05:00PM (#23576391) Journal
    I had a boss that named the wireless network "Virus". On asking him about this, he explained "it's to scare off hackers - they won't connect if they think they'll get a virus". Ah, ok.

    It's probably worth pointing out he wasn't aware you could "secure" a wireless point with a basic WPA key at least - it was completely open, anyone could walk right in, assuming they beat the fear of the "virus" that was.
    • by Anonymous Coward on Wednesday May 28, 2008 @05:10PM (#23576525)

      I had a boss that named the wireless network "Virus". On asking him about this, he explained "it's to scare off hackers - they won't connect if they think they'll get a virus". Ah, ok.
      I named two network printers I didn't want people using "Broken" and "Dot_Matrix" (before there were access lists)
  • by Anonymous Coward on Wednesday May 28, 2008 @05:04PM (#23576449)
    The libraries let you sign your own books out. You place your book and card under a scanner, and then it demagnetizes the book so the alarms won't go off when you leave. The scanner only reads a barcode though, so you can stick five books on it, sign out one, and demagnetize them all. Presto, four free books.

    Of course, when the security alarms do go off at the library anyway, they just let the people walk out.
  • by hudsonhawk (148194) on Wednesday May 28, 2008 @05:08PM (#23576495)
    ...while I was temping for a company in Chicago, I was asked to deliver a box of candy to a client in the Sears Tower. While entering, I went though the giant, heightened security setup - x-rays and all - and got held up because I had a box cutter in my backback.

    They held it up triumphantly and shouted at me, "Just what do you expect to do with this?!"

    I wanted to ask them them the same question back. Just what did they expect I'd do with that? In a building that had security guards with guns? Was I going to hijack the building and crash it into a plane?
    • by maxume (22995) on Wednesday May 28, 2008 @05:19PM (#23576661)
      You also had a box. You should have pointed at it.
    • by OglinTatas (710589) on Wednesday May 28, 2008 @05:37PM (#23576955)
      Glad to see you back from Gitmo, man. We missed you.
    • by Tycho (11893) on Wednesday May 28, 2008 @06:51PM (#23578115)
      Back in 2005, I bought, which at the time, was a high-end Acer laptop. Less than a month later I took the laptop with me on a vacation, where I flew to Missoula, Montana from Minneapolis - St. Paul International Airport. The MSP airport is also Idaho Senator Larry Craig's favorite layover destination. So after arriving at the airport on the day of the flight, I got in the line for the security screening and I did not remove the laptop from the bag, which was bad of me. I overheard one of the security screeners state to another screener that he had observed the laptop during the scanning and then my bag was flagged. Another screener took my bag, called me over and asked me to open my bag and asked me to turn on my laptop. Things seemed to go well at first, I turned the computer on and proved that it worked. As the computer was booting up, the TSA screener wiped a disposable microfiber cloth on parts of the exterior of the laptop. However, the screener had some sort of spectrometer. The screener put the cloth into this spectrometer. Something was wrong with the results and the screeneer started to wipe down the inside and outside of my backpack with additional cloths. The trace chemical results from the backpack were similar to the initial results from the laptop. The spectrometer results showed trace amounts of the explosive TNT. The screener asked me if I gone hunting with that bag, which I had not done. However, three years earlier I had been to Montana for a field camp class for my Geology degree and put several rocks in the backpack. Some of the rocks apparently had a residual amount of TNT left on them, after being blasted, and the TNT was transfered onto the surfaces of the backpack. The screener was satisfied with this explanation and allowed me to go and catch my flight.
  • by rduke15 (721841) <rduke15@@@gmail...com> on Wednesday May 28, 2008 @05:08PM (#23576501)
    On my bank's web site, when I used the browser's back button, things started to get out of sync. You had to click their own custom back button somewhere in the pages so that everything would continues to work.

    When I called to report it, I was explained that I had to click their own back button, not mine. When I said "Yes, I know, I just wanted to let you know so that you can fix the bug sometime", the final answer was something like "It's by design. It's for security reasons". At that point I was expected to say "ok. thank you" or whatever, and to understand that a "bug" was totally unthinkable on their super-reliable ultra-secure blah blah bank site.

    Nevertheless, a few months later, the bug was gone. I didn't call back to say I'm now worried about the security...
  • Nice Article (Score:5, Insightful)

    by dunezone (899268) on Wednesday May 28, 2008 @05:09PM (#23576515) Journal
    The article fails to talk about security as a deterrent.

    The RFID bracelets on an infant can give comfort to the parents but its more of a deterrent then anything. Sure the hospital can tell the parents that their child is protected. But the hospital is not protecting the child as much as its protecting itself. For example:

    A guard that is in the bank is not there to stop a bank from being robbed. He deters people from committing the crime itself. In a robbery situation the guard himself is useless because the individual or individuals robbing a bank would take him out first. But in most bank robberies, the criminals are going to go after a bank without a guard anyway.

    A mall guard doesn't stop people from stealing, he creates the presence of being watched, therefor deterring people from stealing.

    Same goes with cameras in stores. Most of the time no one is monitoring the cameras and if anything their used to watch employees over customers. But their deterring employees from doing anything unethical or illegal and they deter people from stealing.

    In my opinion the idea of security theater and feeling safe is crap. You might as well spend the time and effort to know your safe then make it seem like you feel like your safe.
  • by Hatta (162192) on Wednesday May 28, 2008 @05:11PM (#23576537) Journal
    What's left to say? It's pretty clear that drugs are more dangerous when they're only available in the unregulated black market than in a regulated legal market. Criminalizing the use of drugs only hurts drug users more, yet it's done in the name of safety.

    What's worst is that we've been fighting this war for decades, no end is in sight, we've spent more money and lost more freedoms fighting it than we have in Iraq. And still, no one in power has the balls to speak out against this.

    We live in a sick, sad world. People who would meet the non-violent act of drug use with the violent acts of arrest and imprisonment are themselves violent criminals. Yet in this society they are deemed good citizens.
    • by mkcmkc (197982) on Wednesday May 28, 2008 @05:32PM (#23576873)
      The purpose of the War on Drugs is to support the price of illegal drugs. If these drugs were legalized, the price would instantly collapse, and lot of powerful people would be very upset. (credit to Doonesbury or Outland (?) for pointing this out)

      It also helps politicians pander to ignorant members of the right.

  • My fave (Score:5, Insightful)

    by Deadstick (535032) on Wednesday May 28, 2008 @05:11PM (#23576547)
    ...is the one we've all seen in the airport: confiscation of bottled water. Every time a TSA guy finds your bottle of Dasani, he pours the suspected explosive in the trash. His very first good catch will be his last...

    rj

  • Passwords (Score:5, Informative)

    by qoncept (599709) on Wednesday May 28, 2008 @05:12PM (#23576565) Homepage
    The DOD replaced reasonable passwords with Common Access Cards. The difference? Instead of having to find out someone's 8+ character alphanumeric password that changes every month, you need to have physical access to their card and need to know their 6 digit number that never changes. Meanwhile, everyone is forgetting their card in the reader when they go to lunch, so they can't get back on base -- but feel free to use it yourself in the meantime.
  • by Aram Fingal (576822) on Wednesday May 28, 2008 @05:13PM (#23576577)
    I was working with a particular system where the vendor added a strict password security policy. They require a mixture of uppercase and lowercase letters as well as at least one digit or special character. Later on, I discovered, by accident, that the password is not case sensitive when you actually go to login. It turns out that the routine for setting the password enforces stronger passwords than the underlying system can actually support. The vendor, of course, claimed that they would be upgrading their underlying password encryption algorithm very soon.
  • 2002 Winter Olympics (Score:5, Interesting)

    by ryanisflyboy (202507) * on Wednesday May 28, 2008 @05:16PM (#23576611) Homepage Journal
    I was living in Salt Lake City during these games. Remember that the Olympics were only a few months after 9/11. There were huge security concerns. We saw low flying helicopters over the city we were told were searching for nuclear material. We saw various 'special forces' teams deployed in the mountains around venues looking for 'snipers.' The security downtown was surreal. People were checking every car coming in and out for bombs. Everyone had to go through metal detectors (in some cases, you actually had to pass two layers of metal detectors). The amount of government agents per city block was astounding. Many were armed with sub-machine guns. For such a quiet city like Salt Lake, seeing troops walk around in full combat gear was quite theatrical.

    My favorite security theatric was an ATF agent standing on a street corner, machine gun in hand and in full combat gear. He was waving and smiling at people driving buy to be sure they all saw him and his gun. I stopped and watched him for about 20 minutes before he started using his radio while giving me the 'killer' eyes. Despite the smiling and waving, he was not friendly, not at all. I decided to vacate my vantage point. Those guys were so bored they were looking for targets to harass.
  • by SoCalChris (573049) on Wednesday May 28, 2008 @05:17PM (#23576643) Journal
    Patriot Act

    I had some stock options through my job that I tried to cash through the etrade account that had been set up for me. The stock price was rather high, and our trading window was about to close, so I tried selling at literally the last minute. The sell order failed, and no reason was given. A few days later, I received a letter in the mail from etrade telling me that my account was locked. Several years before, while living in a different state, I had an etrade account. Because the SSN was the same on both accounts, but the addresses were totally different, some part of the Patriot Act made them lock my account until I could prove my identity by sending them a notarized copy of my social security card.

    Another example, which isn't really security theater, just shitty work by the TSA happened to me a few years before that.

    My wife had to fly out of state for a funeral, and she took our 6 month old daughter with her. I took them to the ticket counter. Since she was traveling with a baby, a car seat, and her carry on bag, the ticket agent offered to print me a pass that would allow me to accompany her to the gate and help her carry her things.

    As I was getting up to the xray machines, I remembered that I had a small pocket knife in my pocket. I hadn't removed it since I wasn't expecting to go through security. As I got to the xray machine, I told the operator what had happened, and told her that I'd just go back through the line and put the knife out in our car.

    She seemed ok with that, and told me that I could just go ahead and go through the xray machine, and out the exit that was just a few feet from the xray machine, so I didn't have to go back and work my way through the line.

    As soon as I went through, several TSA agents came up and detained me for attempting to bring a weapon through the security checkpoint. I wound up being searched, my 6 month old daughter that I was holding was searched, and I was questioned for about an hour as to why I had tried to take a knife through security. Not once did they go talk to the lady running the xray machine less than 50 feet away, who had told me to go through.

    In the end, my knife was confiscated (It was about a $50 knife), and I was threatened that I could be under arrest for attempting to smuggle a weapon through the airport, and I could be facing a several thousand dollar fine for it. They filled out a report, and made me immediately leave the terminal.

    About a month later, I received a letter from the TSA saying that they had chosen not to fine me this time, but if I ever came up in their system again I would face the maximum penalties.

    That was the day that I lost all faith in our government.
  • Guard Gates (Score:5, Interesting)

    by PPH (736903) on Wednesday May 28, 2008 @05:18PM (#23576655)

    In a past life, I worked for a major aerospace company. Security appeared pretty tight, what with armed guards checking IDs at entry points. They also had manned checkpoints to check vehicle passes at the road entrances. These were usually issued to upper management, enabling them to park inside the fence, close to the buildings. The peons had to park outside and walk in.

    Because of my job in various R&D labs, I was always hauling equipment around in my personal vehicle. There were provisions to issue employees in my position a temporary vehicle pass and a 'parcel pass', allowing us to transport company equipment through the gates.

    Throughout my career, I was never ever challenged when exiting a facility with a hatchback, obviously loaded with expensive equipment. The vehicle pass system existed only to ensure that some scumbag grunt didn't park in a manager's space. Security guards were nothing more than glorified parking enforcement.

    At some of the production facilities, gate guards were instructed to examine lunch boxes of the workers exiting to ensure that they were not swiping tools. Briefcases were exempt from such checks, as they were typically carried by trusted engineers and management. As most of the engineers working within production facilities were indistinguishable from mechanics by dress or any badge markings, I suppose it never occurred to security that a worker intent on swiping tools could obtain a briefcase.

  • by Anonymous Coward on Wednesday May 28, 2008 @05:20PM (#23576693)
    I was trying to transfer some funds out of a joint bank account. I used the phone based system (and answered the usual security questions). Then the person told me that for the transfer to be allowed, both people on the joint account needed to sign-off on the transfer.

    The other person wasn't available... so I just said "Ok, hold on I'll get him." Then waited a few seconds and said "Hi. Yes, I'm he. Yes I confirm the transfer."

    They transferred the money. No authentication, no double-checks. Just some voice on a phone (I didn't even bother faking a different-sounding voice) saying that it was ok.
  • by Anonymous Coward on Wednesday May 28, 2008 @05:24PM (#23576775)
    I have a friend who works for *organization*. They work in a
    single-story building, in a suburb of a second-tier city. The building
    sits on its own plot of land, on a hill, in an industrial-office-park
    kind of area. The building is a lab, but it's mostly monitoring
    equipment. It's not weapons, or explosives, or significant quantities
    of chemicals.

    This is probably not what anyone would consider a high-value target.
    There's never been any kind of attack or threat against the building
    or its personnel. But after 9-11, management started obsessing about
    security.

    The first thing they did was get armed guards for the building. Armed
    guards did not make my friend feel secure. My friend wondered about
    their training and worried about getting shot.

    Guard duty is tough. It's hot in the summer and cold in the winter,
    and the guards aren't in good condition to begin with, since they just
    stand there all day and never get any exercise. In practice, the
    guards spend most of their time sitting in their cars in front of the
    building, with the engine running for heat or AC.

    Management decided that this didn't look good, so they built a guard
    shack along the right-hand side of the driveway. Now the guard sits in
    the shack and watches the cars go by.

    But that didn't seem very secure either--a bad guy could just drive
    right by without stopping
    (http://en.wikipedia.org/wiki/1983_Beirut_barracks_bombing).

    So they added a gate, and spikes, and a card reader. To pass, an
    employee stops at the gate, rolls down their window and swipes their
    card. The gate goes up, the spikes retract, and they drive through.

    My friend doesn't trust this system a bit, and makes a point of
    watching to see that the spikes have retracted before driving over
    them. There was speculation among the staff as to who would be the
    first to blow out their tires on the spikes. As it happenes, it was
    the mailman, followed some time later by two visitors who either
    didn't see or didn't understand the signs warning against following
    another vehicle through the gate.

    I suggested that they stencil silhouettes of all the vehicles they've
    caught on the guard shack, the way fighter pilots (used to?) record
    kills on the nose of their airplanes.

    My friend points out that even with a gate and spikes, the system only
    protects against attackers who
    - care about their tires, and
    - don't have trucks
    because any vehicle can blow through the gate and make it the short
    distance to the building on four flat tires, and any truck can drive
    over the curb and avoid the whole thing.

    Management decided that blowing out their visitors' tires was
    unfriendly, so they instituted a new procedure for passing the gate.
    Now, drivers stop at the gate and roll down their window. The guard
    walks from the shack (on the right), in front of the car, to the card
    reader (on the left), takes the driver's card, swipes it, and returns
    it to the driver. Then the driver can pass.

    The staff considered that the guards were now at risk of being run
    over--and it happened. An employee reached down in his car to get his
    card, his foot came off the brake, and the car rolled forward into the
    guard. The guard was taken to hospital--I don't think the injuries
    were too serious. The driver has to appear in court and pay fines--I
    don't know if it is criminal or civil.

    This is beyond security theater. This is real damage.
  • by KC7GR (473279) on Wednesday May 28, 2008 @05:33PM (#23576893) Homepage Journal
    Every year, my lady and I go up to Canada for the 4th of July weekend to escape the annual (and mostly illegal, under local city codes) fireworks war-zone that infests our neighborhood. We've been doing this for several years, and in fact we both just got our NEXUS cards. [cbsa-asfc.gc.ca]

    To help put this in context: I'm a ham radio operator, as well as a volunteer first-responder. I've had formal training, through our city's fire department, in disaster relief, emergency medical procedures, basic search-and-rescue, the whole bit.

    Because of the above, our minivan is well-equipped for emergencies. I've installed multiple communication radios, a navigation computer, and I carry a medical trauma kit and various safety gear such as flares and a reflective vest. Besides the small antenna farm on the roof, I also have a light bar mounted on the back end (amber, red, clear... same as many tow trucks).

    Every bit of it is legal under the road laws of every state except New York (I know, because I spent a couple of long nights going through said laws to make bloody sure!). Couple all that with the fact that I work for our state's police agency (non-commissioned, civil service).

    Now, with all the above in mind -- Last year, we're coming back through on Sunday afternoon. I normally have the radios and navigation system on while driving, and this has never, in times past, been an issue.

    Not this year. The border guard we drew seemed to be short on both sleep and temper, and rudely ordered me to turn EVERYthing off before he would even talk to us. One of the questions he asked, after that point, was who I worked for. When I told him, he said (snappily) that, for that reason alone, I should understand why he'd told me to turn everything off.

    He let us move on at that point, but before I took off I told him, flat out, "No, I don't understand."

    And it was the honest truth! If someone's going to try and set off something that goes bang via radio, or other wireless means, it strikes me that they're going to go to considerable effort to keep such activities hidden. They certainly would not do so in a hugely-long border-crossing line, where there was absolutely no way to move anywhere but through the guard posts, in a minivan that stands out like a solar flare and has ham radio callsign plates to boot!

    I have no clear idea why this guard was so nasty, or what bizarre purpose his attitude served. I will say that it did indeed strike me as pure theater.

    The only thing I can think of is that, perhaps, his sergeant or lieutenant was observing him at the time, and we didn't notice...?

    Keep the peace(es).

  • Fake Camera (Score:5, Interesting)

    by daveywest (937112) on Wednesday May 28, 2008 @05:47PM (#23577139)
    My wife manages an apartment complex. She was having problems with messes left in the laundry room. We installed a fake camera with a flashing led light.

    The office had a second door with a peep hole into the laundry. To give the camera an air of legitimacy, she sat in the office one night and made a note of everyone who came into the laundry. When they came in to pay their rent the next week, she mentioned that she saw them doing their laundry on the "tape" and asked about a fictitious mess that was left.

    She managed to do this to a couple of the complex gossips, and never had a problem in there again.

  • by charlie763 (529636) on Wednesday May 28, 2008 @05:48PM (#23577163) Homepage
    I was an intelligence analyst in the NJ Army National Guard until my contract ended in 2006.

    We were deployed twice to protect Port Authority facilities around NY and NJ. On both deployment we had our weapons M16A2s or pistols. On our second deployment we were not given ammunition. Yes, we were walking around in uniforms holding empty rifles.

    The best we could do is radio the Port Authority Police or possible club someone trying to steal our weapons. Our combat effectiveness was slightly above that of Nerf.
    • by Herkum01 (592704) on Wednesday May 28, 2008 @06:58PM (#23578213)

      Remind me of a friends story while in China. His friend, who was Chinese, was driving down this shortcut and in front of him was the very professional, and heavily armed Chinese soldier standing in the way. He decided to just drive around him and my friend started to freak out and asked him, "what the hell was he doing, he could have gotten them killed!" His friends reply was, 'oh they don't give them any bullets!"

  • by Uhlek (71945) on Wednesday May 28, 2008 @05:58PM (#23577331)
    Not having flown a commercial airliner recently, I'd completely forgotten about the liquid/aerosol rule and decided to carry my luggage onboard. After standing in line for awhile, I noticed the signs and remembered. Crap! I had my mouthwash, an aerosol can of deodorant, and my aerosol shaving cream with me. Given the length the line had grown to, I decided to just forgo those items than risk being late.

    A bit about those three items. Both the shaving cream and deodorant were in aerosol cans, both larger than the size allowed, but obviously retail items. The mouthwash was too large as well, and was a generic amber bottle, about 14 or so ounces, with a prescription sticker (I have gingivitis).

    I pull all three items out, and just tell the TSA guy that I know I need to toss them. He glances at all three and tells me I have to ditch the deodorant and the shaving cream, but I can keep the mouthwash.

    Because it's prescription.

    So, the two retail aerosol cans that are nearly impossible to inject anything into are verboten, but the amber bottle with the mystery liquid in it, that's okay, because it has a sticker with a Walgreens logo on it. Fan-fucking-tastic.
  • by rMortyH (40227) on Wednesday May 28, 2008 @06:04PM (#23577445)
    Of course there are the obvious TSA stories, but I think the more common stuff may actually be worse.

    Working as a contractor for a giant Electronics retailer that shall remain nameless, I saw a memo regarding their policy of searching people's bags as they left, and sometimes entered, the stores.

    The public reason given for searching those who left the store was, of course, loss of merchandise. The public reason given for searching those entering was safety...

    However the REAL reason for both of these, was to (paraphrasing from memory) 'Establish [company name] as the authority figure in the sales transaction and subsequent customer service encounters...'

    Yikes! 'We're in charge here, we've got big scary minimum-wage thugs, You'd better Buy as we say!'

    Now if that's not 'Security Theatre' at it's worst, I don't know what is....

    =R
  • by nsayer (86181) <nsayerNO@SPAMkfu.com> on Wednesday May 28, 2008 @06:19PM (#23577671) Homepage
    I've read a lot of replies that said that TSA security checks were theatre, and they're right, but nobody has mentioned the requirement to present identification. To me, this is the most glaring bit of airline security theatre, because it has almost no security value at all, but a huge ulterior motive for the airlines.
  • by DeanFox (729620) * <spam.mynameNO@SPAMgmail.com> on Wednesday May 28, 2008 @07:01PM (#23578259)

    I had a contract at a high security government site. At one location an MP actually had a M16 pointed at me while I worked but that's a different story. At this location the computer room was raised and had a ramp leading to a secure door. Not having the proper card to get in I always needed an escort for access. The problem was no one was ever around when I needed in.

    One day after waiting 45 minutes for my escort I had an idea. I lifted one of the tiles in front of the door, slipped under and came up the other side of the raised floor. Another 45 minutes and my escort finely arrived beside himself I was already in the room. He lectured me about Top Secret this and Top Secret that, the ramifications and had to know how I got in... So I told him. They installed a barrier under the floor.

    The next time it happened I looked up and saw a tile ceiling. The lecture worked because I didn't go over but I was tempted.

    -[d]-
  • by Goonie (8651) <[gro.arbmaneb] [ta] [lekrem.trebor]> on Thursday May 29, 2008 @12:21AM (#23581601) Homepage
    I visited Washington DC in 2003, and went for a wander around the White House boundary fence.
    One thing you don't realize when you see it on television is just how big the garden is, and how far away the fence is.

    But that's by the by. As I was walking around the boundary fence, I noticed a security guard, armed with what appeared to be a shotgun, hiding behind a bush. What was even stranger, he was attempting to, but failing, to hide from me, armed with what was obviously a digital camera and nothing else.

    I continued walking around a bit, looking at him. He continued to edge around the particular shrub; again, trying, and failing, to keep out of my view.

    It was so patently absurd that I felt like taking a photo of the scene, but given that the guy was carrying a shotgun and this was the White House, I thought it might be prudent to ask first.

    So, I called out to the guy "excuse me, but do you mind if I take a photo"?

    The reply comes back "no, don't take one". And he tries even harder, and fails, to hide himself.

    This is despite the fact that anybody with a pair of binoculars, or a long lens camera, would have easily spotted the bloke from several hundred yards away. The Secret Service must, of course, know this, and probably had two other armed guards I hadn't spotted watching me.

    For the life of me, I still don't understand what this guy was trying to achieve hiding behind the shrubbery. Look, everybody expects there to be guards in the White House gardens, some of whom you'll see, some of whom you won't unless you try something insanely stupid. But this whole hide-and-seek routine made absolutely no sense at all.

Somebody ought to cross ball point pens with coat hangers so that the pens will multiply instead of disappear.

Working...