Fraysters scrutinize security at the nation's airports.

Andy Bowers' piece about a potential security loophole in the airline's check-in system had fraysters busily contemplating all of the possible permutations by which a fake/valid boarding pass and/or fake/valid ID and/or alert/braindead security screener could result in the foiling of the TSA's terrorist "no-fly" list.

Concerned3, a self-proclaimed frequent flyer, is underwhelmed by Bowers' "realization" about this supposed loophole:

First of all, I don't see what the big realization is about printing two boarding passes. Why would anyone whose name is on the do not fly list have ANY ID which gives their real name? If high school kids can get fake IDs to buy beer, can't terrorists get them as well? Wouldn't they have to have fake passports and the like to have even gotten into this country in the first place?

Second, if someone really wanted to cause harm on our nation's airlines, couldn't they just take a cue from the world's drug smugglers and swallow explosives internally? If you're going to kill yourself anyway in the name of Jihad, would the extra discomfort really be that bad? A car-key remote (or something that looks like one) would be enough for a detonator. And how would you go about screening that one?

Why am I bringing this up? Because I honestly want to feel safer when I fly. I fly a lot for my job, and I have yet to see where the TSA is taking a more pro-active approach to airline security. The writer was correct in saying that the terrorists are smart, and I doubt they would try the same thing twice (which makes x-raying our shoes seem kind of pointless). I can only hope the same goes for attacking our nations air traffic.

TheRanger detects an ideological subtext to Bowers' rant:

If a terrorist was succesful in getting through to the gate with his real id, what makes him think that the name reference by the bar code would match the substituted name on the pass?

Any level of successful forgery of id requires a level of theft somewhere. The possibilities for that are long:
Fake passport
credit card under an assumed name
altered drivers license
drivers license stolen from a look alike (real or disguised)

I would guess the main purpose of the No Fly list is not boarding passes but immigration where passports must be shown. Again given time and money fake passports can be made too.

I think Bowers is trying to get even with conservatives who paid to see a different movie and then sneake into Fahrenheit 9/11 so Moore wouldn't get any money.

Predictably, many heaped the blame not on the TSA for its faulty system but on Bowers for being the whistleblower, from lokibob here to space-2, who considers this article tantamount to giving terrorists a "handbook."

afaderman rises to Bowers' defense with this plea for transparency:

The idea of "security through obscurity" is that you don't have to make your systems really secure; all you have to do is keep their flaws under wraps, and trust that nobody malicious will have the brains to figure them out. Practitioners of this sort of "security" paradigm, like Slate's accusers now, get mad at people who write about flaws in the system.

The problem with security through obscurity is that it doesn't actually work. Malicious hackers, and terrorists, actually aren't that stupid. If they were, they wouldn't be a threat--we could just wait for them to shoot themselves in the foot, like the characters in those "stupid criminal" stories who write "Give me all the money in the till" on the back of an accurately filled-out deposit slip. Trying to protect systems from smart, evil people by hiding their flaws is, in the long term, doomed to failure.

A much better plan is security through scrutiny. Under security through scrutiny, people are public about the flaws in the system. If you find a loophole that lets someone crack a program, or find a flaw that lets terrorists sneak onto airplanes, rather than trying to keep it under wraps, you point it out so that it can be fixed properly. Ideally, you even point out how to fix it.

Speaking of which, forget optical eye scans and other fancy-schmancy technology that will be obsolete as soon as it is implemented in airports across the country. Kah3 suggests this additional safeguard:

the "no fly" list is invoked when you purchase the ticket, not simply checked at a checkpoint on the day you fly. As you can't purchase a ticket without ID any longer, the loophole is slightly smaller -- you have to get a third-party to purchase the ticket in their own, non-no-fly, name and then use that ticket to fly.