Human Ingenuity

Today’s Wall Street Journal has an interesting article addressing a problem I have worried over since September 2001; the vulnerability of cargo containers and the intermodal transit system to large scale catastrophic terrorism. Companies such as NaviTag and Savi have been working on “smart” cargo containers, steel boxes equipped with satellite tracking, two-way communication capabilities, and/or sensors to monitor temperature, shock, and radioactivity.

Within the article, someone who finds fault with the new technology is an official of Maersk, the biggest container company in the world, who says the technology “could send out false alerts, leading to costly shutdowns of terminals”. I wonder what would be more costly, several one-day terminal shutdowns, or the cleanup from a low-tech radioactive dirty bomb shoved into an unsecured container somewhere along the way?

19 thoughts on “Human Ingenuity”

  1. This just seems like common sense. I hope insurers drive the private sector to install these through reduced premiums…and if not, let the regulators loose.

  2. Well said.

    Although he might still have a valid point, and one that has been made by Bruce Schneier about other systems. Repeated, frequent false alerts invariably lead to their being ignored. So you eventually bear the cost and no benefit.

    Note that I am assuming here the occurrences would be frequent. Still, the odds are that after a while, a container sensor-alert occurring soon after a false positive at the same location could be ignored. Specially if the previous error was attributed to some generic malfunction. Or if eight containers in a row proved to be false positives, employees under pressure might not check the ninth.

  3. Maersk guy has a point, if you have these things sending odd alarms from the bottom hold of an 8,000+ or 12,000 container liner ship, where it’s 20 containers deep, and it’s the fifth one today, and it’s blocking up 3 more ships from un/loading at this container port, and it’s throwing the whole Maersk world wide cargo-liner schedule into disarray, it’ll be ignored or somebody will come and hammer the sensor into junk (uh, unknown malfunction…).

    Aside from which, if your’re smart enough to build a (dirty) bomb that’s any use, you are MORE than smart enough to spoof any sensor cheap enough to be installed.

    That being said, inspection ports in containers, and better tracking, etc… Could go a long way to help.

  4. Yes, I think Maersk has a point. But they don’t articulate it well by focusing on the cost to themselves. (Or the reporter focused on that particular bit…). Clearly, the potential consequences make reasonable costs relatively secondary. But this assumes the system is effective. If we are going to get additional costs and no benefits, they have a point.

  5. And from a terrorist perspective I bet it would be easier to arrange for hundreds of false reports per day than to arrange for a radioactive bomb.

    The interesting thing about that is they could cause huge problems for years, and then by the time they have a good bomb, everyone is ignoring the system.

    But that sounds like an argument for never having tracking. (sigh) So I don’t know. Tightly controlled alert thresholds?

  6. Sebastian, we do need a solution. But we must also resit the urge of doing something for the sake of doing something. Which seems to be a priority of politicians worldwide these days.

    One reaction that was symptomatic of this attitude occurred immediately after 9/11. Curb-size baggage check-in was suspended. Why ? How did that relate to 9/11, and how would it help prevent another one ? Baggage checked in that way ends up on the plane the same way as any other, and those passengers still have to get boarding passes and get through security. No explanation was given but somehow, it looked serious, since it was restrictive. We were giving up a little convenience, so it had to be making us safer, right ?

    In this case, there is a very real risk. Which makes it all the more important to get it right.

  7. I don’t think it would take too much brainpower to come up with an effective dirty bomb. It is a rather crude instrument: A timed explosive jacketed with some radioactive medical waste. Toughest part seems to be getting hands on the radioactive material. If it’s so easy, then why hasn’t it happened yet? I don’t pretend to have all the answers.

  8. Andy, it’s easy to make a bomb period. I am just amazed – and grateful – no suicide bombing has happened in the U.S. since 9/11. Of course, the media has a vested interest in worrying about the 9/11-like spectacular threats. But a suicide bomber with a little backpack full of plastic explosives in the NY subway at rush hour could inflict a lot of pain…Never mind a bunch of them.

    I don’t think we have any idea what some people in Israel go through in their daily lives. Like putting each child on a different school bus to limit family casualties if it blows up or is attacked. I know folks here who say the color-coded alert levels stress them. I can only wish it’s the most stressful thing we’ll have to deal with.

    We’re vulnerable all right. Airport security and screening luggage is the easy stuff. Even containers. We’ll get that right eventually. It’s the nasty, vicious, “traditional” low-tech attack that worry me most. It just seems easier for the attacker, and likelier to succeed.

    As for why it hasn’t been done so far, well, look at 9/11. Why didn’t they try that in 1993 ? Or before ? Both the technology and the target had been around for 30 years. Matter of time…

  9. The bomb used in the 1993 WTC bombing was quite large, as the bombers intended to collapse the building. I think the logistics of bombing are, happily, more difficult than they appear to be at first glance. Even in Israel, which has (not for much longer, I hope) a porous border with a hostile territory, bombers require substantial logistical support.

  10. The problem with false alarms is real.

    If the test is 99.9% accurate, then out of 10,000,000 containers shipped, there will be 10,000 false alarms. The next level investigation team will get stressed out, bored, and superficial by the time the one real threat appears.

    Lots and lots of containers are shipped in any given year.

    And most of these tests will be far less than 99.9% accurate.

  11. Bob G, I agree. False positives are likely to be the problem here, and are the Achilles heel of attempts to find a handful of bombs or terrorists by screening millions of objects or people.

    I suspect that in practice, in order to be effective, it will be necessary to use humint and rational guessing (“profiling”) to reduce the suspect population to manageable size.

    Maybe the detection technology for bombs is good enough to obviate the need for profiling, but I doubt it. It gives me the willies to realize that our political leaders would rather risk people’s lives than acknowledge that profiling, of the kind that is done at Israeli airports, would be immediately effective in preventing terror attacks.

  12. “arrange for hundreds of false reports per day …”

    The terrorists know that false alarms cost us lots of money. The recent increase in “chatter” that caused our alert level to be raised was probably just that…chatter and nothing else.

  13. jsb, we don’t know that. The Air France alert in Paris looks more serious by the day as bits and pieces of information dribble out.

  14. We are the Borg. You will be assimilated.

    Well, it’s not QUITE that bad.

    But.

    Radio Frequency Interactive Documentation (RFID)and the Electronic Product Code (EPC) have unavoidable commericial appeal. Rather than crack open a sea-container to pull a paper manifest, you “ping” a chip and — lo! — the data appears on your handheld screen. How many rolls of toilet paper, how many cans of baked beans, how many rounds of 5.56 mm ammunition. The U.S. military AND WalMart are insisting that pallet loads of cargo shipped to their major distribution hubs be enabled for RFID by January 2005. Putting the chips on truck-trailers and sea containers is the next logical step. And putting readers around ports and load points, feeding the data via satellite to a central database, will be GOOD for transporters — in the same way that putting barcodes on boxcars has been good for railroads tracking their rolling stock.

    The security payoff is gravy compared to the logistics R.O.I. — the meat and potatoes.

  15. The cost payoff of using RFID is undeniable, but does it really help security? Seems to me that it will still be necessary to search containers, or at least to scan them for radioactivity and explosives.

  16. Will RFID help security? It depends.

    Obviously you can’t count on the chip telling you the truth about the contents, any more than you rely on the current paperwork. Counterfeit cargo declarations will be possible.

    The security pay off comes from tracking and tracing. A forty-foot box doesn’t move easily, or invisibly (not to spy satellites, anyhow.) It becomes feasible to know _where_ in the world all equipped sea-containers are at any moment. Just as it is now — and has been, the past decade — possible to know where in the U.S. any bar-coded railcar is. Boxes that “disappear”, or are “duplicated”, or “teleport” from one documented place to another can be identified by idiot-computer analysis. Then, human investigators can look into the problem. This should make it a lot less likely that a rogue state can maintain plausible deniability if a container should turn out to have been loaded with WMD, or even mis-documented and incompatibly loaded hazmat.

    And, in fact, the ability for a container’s RFID chip to squawk an alert when an RFID-pallet’s load of oxidizing pool chemicals is loaded in next to another, similarly equipped, pallet-load of flammable cosmetics will heighten our security against the “normal” disasters to which the technological world is prone. Securing against a dozen “little” accidents may pay off quicker than securing against deliberate, major, terror.

    So, is it worth doing? If the chips come down in price as projected, they’ll be selling at under a dime (U.S.D $0.10) by the 2005 “sunrise” date.
    As always, economics rules. But I think it will pay off.

  17. Expand the scenario a bit: RFID’s to be intalled at all loading destinations, with encrypted ids, or cargo doesn’t come into US waters or over US borders or near US bases overseas. Manifests to be sent ahead before the ship reaches port, the truck or train crosses the border. Encrypted identification codes matched against identified shippers. SHIPPERS to be held responsible for cargo contents.

    Not foolproof, but it could do two things: first, create much more of a trail back to the origin of any threatening cargo and second, make it much harder for nasty stuff to be send from small and less stable countries with Islamacist camps.

    The weakness inevitably is that we would end up paying some of those countries to set this up and that corruption would weaken the whole system.

  18. Pouncer, you have touched on the one assumption we cannot make. Namely, that the chip ‘tells us the truth’. The chip only tells you what it was told. If you tell it ‘bananas’, it will repeat ‘bananas’ when it’s probed, regardless of the amount of depleted uranium ammo actually sitting underneath it.

    RFID is brilliant. It works well at Wal-Mart and has a bright future ahead of it. But it doesn’t mean it can solve national security issues. At least, not yet.

    Besides, the guy sitting in the container – like that dude they got in Canada – does not wear an RFID tag on his ass, does he ?

  19. Syvlain, they’d certainly LIKE to RFID his posterior, and yours, and mine.

    If not literally, then essentially, as your credit card gets tied to that shirt you bought, or the car you drive/rent, or it’s tires, etc.. etc… etc… Bloody nightmare technology.

    Fred

Comments are closed.