I've noticed that many programmers seem to be overly annoyed by airport security. I've seen airport security complaints all across the net, but especially by the people I follow on twitter (techies mostly) and tech sites like The Register, where they refer to it as security theatre. (british spelling, innit) And of course my own feelings on the subject, which follow pretty closely the security theatre line.

I wasn't sure exactly why I felt that way, but as I was stuck in the scanner line today, I had quite a bit of time to think about it. I think as programmers we draw natural analogies between computer systems and well, every other type of system. Airports being such a system, and therefore TSA being the security of the system.

Ineffective security being one of those things that programmers hate most, it seems natural that we'd be annoyed as we examine the obvious flaws in the TSA systems. I won't go into those flaws right now, as I would like to get on the plane and not be arrested, but it does seem to me that the TSA could use some improvements.

It's difficult to examine such a large and complex system for flaws, but I think a similar analysis could be done with airport security that is done with computer security - break it down to the basic components and examine each of those individually. For example, authentication seems to be something that is done fairly well, considering the large attack surface that the airport naturally has.

Not that I think that the US government would ever be able to competently perform such an analysis.