Why the "No-Fly List" is a Fraud

by cbsm2009

The U.S. "No-Fly List" has been in effect for over five years now, but there's no reason to think that it has been successful or even useful in preventing terrorist attacks, as it was designed to do.  In fact, there is just cause to think that the list makes us less secure.  The names of people on the lists (the No-Fly List and the Selectee list, which doesn't prevent a person from flying but requires him or her to undergo additional physical searches) are classified by the U.S. government, cannot be challenged in a court of law, and are compiled from unknown sources.  The names of babies, American soldiers, and even those with TOP SECRET security clearances have all appeared on the secret list, causing these unfortunate people many hours of delays and paperwork to get their names off the lists.  But does the list really accomplish anything?  A simple and practical way of circumventing the list, along with a statistical analysis done by researchers at MIT, proves that it is only creating a false sense of security.

As a practical example on how to render the No-Fly List completely useless, let us assume that you have the name of a terrorist or someone else on the list.

For the purpose of this example I will use "Ahmed Mohammed," an actual terrorist name listed on the FBI Ten Most Wanted list.

Can you still board an airplane even though your name is on the No-Fly List?  Yes, easily.

Here's how: Ahmed buys a plane ticket in a false name, such as John Smith.  Within 24 hours before the flight, he checks in online and prints out his boarding pass in the name of John Smith.  He also saves a copy of the HTML file for the boarding pass to his computer, then changes the HTML in a text editor so that his real name appears in place of John Smith.  He then prints out a second boarding pass with his real name on it.  When Ahmed gets to the airport, he does not check any baggage, since he knows that the airline's agent will ask to see his ID when they attach the baggage ticket.  He proceeds directly to the security screening with his carry-on luggage and when the Transportation Security Administration (TSA) agent asks for his boarding pass and ID, he shows his fake boarding pass with his real name on it, along with his real ID.  The TSA agent looks at both, scribbles her initials on the fake boarding pass and thinks she has just done her part as a good American to stops terrorists in their tracks.

Since she does not scan the barcode on the boarding pass and pull up the passenger name record from the airline's database, she has no way of telling whether the boarding pass has the right name on it.

Ahmed proceeds through the security screening and to the gate, where he puts away his fake boarding pass and takes out his legitimate one in the name of John Smith.  When the gate agent calls everyone to board, he simply presents the real boarding pass, which the agent scans and sees the name of John Smith appear on the computer.  Since the gate agent does not check IDs at boarding, she has no way of knowing that the ticket holder's real name is Ahmed Mohammed.

Ahmed has successfully boarded the plane even though his name is on the "No-Fly List."

Considering that terrorists were capable enough to fly a few jumbo jets into the World Trade Center and the Pentagon, it seems likely that they could figure this out too.

Several years ago, some students at MIT published an analysis entitled: Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System

Their purpose was to show that having a "No-Fly List" actually decreases security instead of increasing it.  The summary of the paper is that, assuming the TSA has enough staff at a certain airport to give intensive physical searches to 8% of travelers passing through the security checkpoint, then if 5% of passengers are selected for an intensive search based on the fact that their name appears on the "Selectee List," then that leaves only 3% of passengers who are subjected to a truly random search.

In spite of the list being "classified," once a person actually buys a ticket and tries to fly, they are going to find out if they are either on the No-Fly List, in which case they will not be allowed to fly, or on the Selectee List, in which case they will find a row of "SSSS" conveniently printed on their boarding pass and will get extra special attention at the security checkpoint.

Since terrorists generally don't act alone and usually are part of a cell, the cell can send their members on "scout missions" in order to see who is given extra screening and who is not.  This means that when the terrorist cell actually carries out an attack, they can send the people who they know are not on the lists, and those people will only have a 3% chance of being searched instead of an 8% chance, which would be the case if all searches were done at random.

In effect, more that half of the TSA's screening staff are wasted on doing Selectee List screenings, allowing the terrorist cell to be more than twice as likely to get their member through security without additional screening.

Perhaps the TSA will start scanning the barcodes on boarding passes at the security checkpoint, or requiring the gate agent to check IDs.  However, the fact that this massive security flaw has existed for the past five years shows that the No-Fly List is a government attempt to collect information about its citizens or to provide a false sense of security, or both.

Either way, for the past five years we Americans have been sacrificing our privacy and security with a sham system that decreases, rather than increases, our air travel security.