Risk
11/3/2010
05:16 PM
50%
50%

TSA Calls Tech Key To Combating Terrorism

New investments in technology and continued use of body scanners to secure airports are part of strategy outlined by Transportation Safety Administration's John Pistole.

Inside DHS' Classified Cyber-Coordination Headquarters
(click image for larger view)
Slideshow: Inside DHS' Classified Cyber-Coordination Headquarters

Strengthening counter-terrorism efforts through technology is a priority of the Transportation Safety Administration, as it looks to 2011 and beyond, its administrator said this week.

Speaking at the AVSEC World 2010 aviation security conference Tuesday, TSA Administrator John Pistole outlined technology investments that his agency is making to improve airport security and counter would-be terrorist plots.

In the text of his prepared remarks available online, Pistole also defended the use of controversial Advanced Imaging Technology (AIT) -- more commonly known as body scanners -- at airports.

The machines, first deployed earlier this year at select airports, require people to walk through a full-body scanner that allows screeners to see if they have any metallic devices beneath their clothing. The use of AIT has raised privacy and health concerns, both of which the TSA has deflected.

In his comments Pistole said that AIT "has an important role in the future of aviation security." To foster better understanding of the technology, the TSA is holding an international policy summit about it next week, with representatives of 30 countries expected to attend, he said.

The TSA has deployed 350 ATI machines in nearly 70 U.S. airports, and expects to have 1,000 machines in use by the end of 2011.

Other technology the TSA plans to tap for airport security is an enhancement to ATI called Automated Target Recognition (ATR).

ATR uses an algorithm or device to recognize targets or objects based on data obtained from sensors. The technology is currently being used in Amsterdam's Schipol airport and tested in other locations.

Pistole said ATR would solve some of the issues surrounding AIT. "This capability would make screening more efficient and would eliminate most privacy concerns about the technology," Pistole said.

The TSA director also provided hope that there will soon be a solution for traveler limitations for carrying liquid through airport security checkpoints, which have been in place since would-be terrorists carried bomb-making liquids aboard an aircraft in 2006.

Pistole acknowledged that these restrictions "burden travelers and make air travel less efficient," adding that the agency is working on a "long-term, technology-based solution for screening liquids, aerosols and gels."

One such solution may be baggage X-ray belts that use advanced technology to distinguish between liquids that could be a threat and liquids that don't, he said.

Pistole said the solution would combine technologies currently in use or being tested by the TSA, such as specialized bottled liquid scanners, AIT and explosives trace-detection technology.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2027
Published: 2015-03-31
eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans parameter to addressbook/csv_import.php, (3) cal_fields or (4) trans parameter to calendar/csv_import.p...

CVE-2014-2830
Published: 2015-03-31
Stack-based buffer overflow in cifskey.c or cifscreds.c in cifs-utils before 6.4, as used in pam_cifscreds, allows remote attackers to have unspecified impact via unknown vectors.

CVE-2014-7876
Published: 2015-03-31
Unspecified vulnerability in HP Integrated Lights-Out (iLO) firmware 2 before 2.27 and 4 before 2.03 and iLO Chassis Management (CM) firmware before 1.30 allows remote attackers to gain privileges, execute arbitrary code, or cause a denial of service via unknown vectors.

CVE-2014-9462
Published: 2015-03-31
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.

CVE-2014-9706
Published: 2015-03-31
The build_index_from_tree function in index.py in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a commit with a directory path starting with .git/, which is not properly handled when checking out a working tree.

Dark Reading Radio
Archived Dark Reading Radio
Good hackers--aka security researchers--are worried about the possible legal and professional ramifications of President Obama's new proposed crackdown on cyber criminals.