The whole article is relatively short (you may be interested in reading all of Crypto-Gram; it's worth the time). Schneier is a computer security guy (his Applied Cryptography is the Bible of modern cryptography), who's recently been applying the security wisdom that it's easy to learn in the relatively controlled environment of computer networks to the real world, and he applies it very well (see his latest book, Beyond Fear, which I confess to not having read yet).
Some excerpts from “Color-Coded Terrorist Threat Levels” (in the first paragraph of which Schneier is quoting from Beyond Fear):
“[...] The difference is that the DEFCON system is tied to particular procedures; military units have specific actions they need to perform every time the DEFCON level goes up or down. The color-alert system, on the other hand, is not tied to any specific actions. People are left to worry, or are given nonsensical instructions to buy plastic sheeting and duct tape. [...] The threat levels actually do more harm than good, by needlessly creating fear and confusion (which is an objective of terrorists) and anesthetizing people to future alerts and warnings. [...] Terrorist attacks are rare, and if the color-threat level changes willy-nilly with no obvious cause or effect, then people will simply stop paying attention. And the threat levels are publicly known, so any terrorist with a lick of sense will simply wait until the threat level goes down.”
Living under Orange reinforces this. It didn't mean anything. Tom Ridge's admonition that Americans “be alert, but go about their business” reinforces this; it's nonsensical advice. I saw little that could be considered a good security trade-off, and a lot of draconian security measures and security theater.
I think the threat levels are largely motivated by politics. There are two possble reasons for the alert.
Reason 1: CYA. Governments are naturally risk averse, and issuing vague threat warnings makes sense from that perspective. Imagine if a terrorist attack actually did occur. If they didn't raise the threat level, they would be criticized for not anticipating the attack. As long as they raised the threat level they could always say “We told you it was Orange,” even though the warning didn't come with any practical advice for people.
Reason 2: To gain Republican votes. The Republicans spent decades running on the “Democrats are soft on Communism” platform. They've just discovered the “Democrats are soft on terrorism” platform. Voters who are constantly reminded to be fearful are more likely to vote Republican, or so the theory goes, because the Republicans are viewed as the party that is more likely to protect us.
Seriously, take a few moments to read this month's Crypto-Gram Newsletter. Schneier goes on to discuss the new vistor-to-US fingerprinting at border crossings (it doesn't actually provide security) and the prohibition against almanacs (he thinks it's absurd).
Post a Comment