Shostack + Friends Blog Archive


86%: Would you buy an IDS this good?

A number of commenters on yesterday’s post, “Noh Entry: Halvar’s experience and American Legalisms” are taking me to task for being idealistic about rule of law. I agree strongly with what Nicko wrote in the comments:

[C]ountries are at liberty to apply “complex, stupid, and complete arbitrary” rules but one of the fundamental tenants of the rule of law is that any rules should be applied consistently. It’s naive to suggest that all travellers should be fully knowledgeable of all aspects of immigration law; that’s an expertise for which people pay hundreds of dollars an hour.

Since this is sometimes an information security blog, I’d like to put this another way. Imagine you’re testing an IDS that watches 7 identical packets flow by, and flags one of them. It either has an 86% success rate or a 14% success rate.

Without paying someone several hundred dollars, I don’t know if Halvar got lucky 6 times, or unlucky once.

I do know that I’m upset that our border agents aren’t consistent. If they were an IDS system, and that’s all the data I had, I wouldn’t be buying right now.

5 comments on "86%: Would you buy an IDS this good?"

  • Nicko says:

    “I do know that I’m upset that our border agents aren’t consistent.”
    Just think of it as stochastic monitoring; it’s all the rage in the high-thoughput IDS market 🙂

  • David Brodbeck says:

    Maybe they’re like the TSA, and consider inconsistency a feature because it keeps terrorists “off-balance.”

  • rybolov says:

    You see, it’s all part of our deception plan–“maskirovka” if you will–designed to keep the bad folks from figuring out our master plan, like hanging camouflage netting on buildings like during the Great Patriotic War. =)
    If we can’t figure out how to enter the country legally, neither can the terrorists. Or some trollop along those lines.

  • You are probably thinking that there is a purpose to all this, and that it is possible to metricize whether the objective is met.
    There is no purpose to border guards. They are simply the combination of multiple conflicting angsts coming together in a positive correlation. Today they are working efficiently (in the sense of randomly knocking out lots of people) but until 9/11, the US ran probably the most successful secretly inefficient border control system in the world. Ask any Californian.

  • anonymous says:

    This is an important point that many people didn’t get, especially those who congratulated the authorities for “doing their job”. Silent evidence suggests that they were in fact remiss in doing their job the multiple times he entered under similar circumstances and so instead of congratulating them, they should be reprimanded for allowing somebody to enter the country illegally multiple times in succession.

Comments are closed.