Behavioral screening is a useful tool in deterring and preventing terrorist attacks. As I noted in this piece at Politico, a border patrol agent successfully used behavioral screening to stop the would-be Millennium Bomber. She noticed something “hinky” about a man driving south across the Canadian border. That “hinky” – fidgety and nervous behavior when asked routine customs questions – exposed a car full of explosives intended for the passenger terminal of Los Angeles International Airport.

Two items from the USA Today travel section highlight some mixed results with TSA behavioral screening. Today’s edition reports that behavioral screening, applied by Behavioral Detection Officers (BDOs) missed at least 16 people later linked to terror plots. On the other side of the equation, false positives can impose burdens on those who are nervous or upset for reasons other than terrorism aspirations.

The TSA Blog defended the program: “If you’re one of those travelers that gets frazzled easily (not hard to do at airports), you have no reason to worry. BDOs set a baseline based on the normal airport behavior and look for behaviors that go above that baseline. So if you’re stressing about missing a flight, that’s not a guaranteed visit from the BDOs.”

That would be reassuring if yesterday’s travel section hadn’t revealed that TSA screeners are keeping a list of those who get upset at intrusive screening procedures. “Airline passengers who get frustrated and kick a wall, throw a suitcase or make a pithy comment to a screener could find themselves in a little-known Homeland Security database.”

Of course, we can take comfort from the words of a TSA screener to security expert Bruce Schneier. “This isn’t the sort of job that rewards competence, you know.”

TSA Behavioral Screening is a post from Cato @ Liberty - Cato Institute Blog

Bruce Schneier has a typically good essay on the use of “worst-cases” as a substitute for real analysis. I noticed conspicuous use of “worst-case” in early reporting on the oil spill in the Gulf. It conveniently gins up attention for media outlets keen on getting audience.

There’s a certain blindness that comes from worst-case thinking. An extension of the precautionary principle, it involves imagining the worst possible outcome and then acting as if it were a certainty. It substitutes imagination for thinking, speculation for risk analysis and fear for reason. It fosters powerlessness and vulnerability and magnifies social paralysis. And it makes us more vulnerable to the effects of terrorism.

Worst-case thinking—the failure to manage risk through analysis of costs and benefits—is what makes airline security such an expensive nightmare, for example. Schneier concludes:

When someone is proposing a change, the onus should be on them to justify it over the status quo. But worst case thinking is a way of looking at the world that exaggerates the rare and unusual and gives the rare much more credence than it deserves. It isn’t really a principle; it’s a cheap trick to justify what you already believe. It lets lazy or biased people make what seem to be cogent arguments without understanding the whole issue.

It’s not too long for you to read the whole thing.

Are You Substituting Worst-Case Thinking for Reason? is a post from Cato @ Liberty - Cato Institute Blog

Businessweek has a story quoting a former federal prosecutor in Brooklyn, Michael Wildes, speculating that Faisal Shahzad, the would-be Times Square bomber, made so many mistakes (leaving his house keys in the car, not knowing about the vehicle identification number, making calls from his cellphone, getting filmed, buying the car himself) that he may be the “dumbest terrorist in the world.” But Wildes can’t accept the idea that an al Qaeda type terrorist would be so incompetent and suggests that Shahzad was “purposefully hapless” to generate intelligence about the police reaction for the edification of his buddies back in Pakistan.

Give me a break. This incompetence is hardly unprecedented. Three years ago Bruce Schneier wrote an article titled “Portrait of the Modern Terrorist as an Idiot,” describing the incompetence of several would-be al Qaeda plots in the United States and castigating commentators for clinging to image of these guys as Bond-style villains that rarely err.  It’s been six or seven years since people, including me, started pointing out that al Qaeda was wildly overrated. Back then, most people used to say that the reason al Qaeda hadn’t managed a major attack here since September 11 was because they were biding their time and wouldn’t settle for conventional bombings after that success. We are always explaining away our enemies’ failure.

The point here is not that all terrorists are incompetent — no one would call Mohammed Atta that — or that we have nothing to worry about. Even if all terrorists were amateurs like Shahzad, vulnerability to terrorism is inescapable. There are too many propane tanks, cars, and would-be terrorists to be perfectly safe from this sort of attack. The same goes for Fort Hood.

The point is that we are fortunate to have such weak enemies. We are told to expect nuclear weapons attacks, but we get faulty car bombs. We should acknowledge that our enemies, while vicious, are scattered and weak. If we paint them as the globe-trotting super-villains that they dream of being, we give them power to terrorize us that they otherwise lack. As I must have said a thousand times now, they are called terrorists for a reason.  They kill as a means to frighten us into giving them something.

The guys in Waziristan who trained Shahzad are probably embarrassed to have failed in the eyes of the world and would be relieved if we concluded that they did so intentionally. Likewise, it must have heartened the al Qaeda group in Yemen when the failed underwear bomber that they sent west set off the frenzied reaction that he did.  Remember that in March, al Qaeda’s American-born spokesperson/groupie Adam Gadahn said this:

Even apparently unsuccessful attacks on Western mass transportation systems can bring major cities to a halt, cost the enemy billions and send his corporations into bankruptcy.

As our enemies realize, the bulk of harm from terrorism comes from our reaction to it.  Whatever role its remnants or fellow-travelers had in this attempt, al Qaeda (or whatever we want to call the loosely affiliated movement of internationally-oriented jihadists) is failing. They have a shrinking foothold in western Pakistan, maybe one in Yemen, and little more. Elsewhere they are hidden and hunted. Their popularity is waning worldwide. Their capability is limited. The predictions made after September 11 of waves of similar or worse attacks were wrong. This threat is persistent but not existential.

This attempt should also remind us of another old point: our best counterterrorism tools are not air strikes or army brigades but intelligence agents, FBI agents, and big city police.  It’s true that because nothing but bomber error stopped this attack, we cannot draw strong conclusions from it about what preventive measures work best. But the aftermath suggests that what is most likely to prevent the next attack is a criminal investigation conducted under normal laws and the intelligence leads it generates. Domestic counterterrorism is largely coincident with ordinary policing. The most important step in catching the would-be bomber here appears to have been getting the vehicle identification number off the engine and rapidly interviewing the person who sold it. Now we are seemingly gathering significant intelligence about bad actors in Pakistan under standard interrogation practices.

These are among the points explored in the volume Chris Preble, Jim Harper and I edited: Terrorizing Ourselves: Why U.S. Counterterrorism Policy is Failing and How to Fix It — now hot off the presses. Contributors include Audrey Kurth Cronin, Paul Pillar, John Mueller, Mia Bloom, and a bunch of other smart people.

We’re discussing the book and counterterrorism policy at Cato on May 24th,  at 4 PM. Register to attend or watch online here.

‘The Dumbest Terrorist In the World’? is a post from Cato @ Liberty - Cato Institute Blog

Since they were announced recently, I’ve been working to make sense of new security procedures that TSA is applying to flights coming into the U.S.

“These new measures utilize real-time, threat-based intelligence along with multiple, random layers of security, both seen and unseen, to more effectively mitigate evolving terrorist threats,” says Secretary Napolitano.

That reveals essentially nothing of what they are, of course. Indeed, “For security reasons, the specific details of the directives are not public.”

But we in the public aren’t so many potted plants. We need to know what they are, both because our freedoms are at stake and because our tax money will be spent on these measures.

Let’s start at the beginning, with identity-based screening and watch-listing in general. A recent report in the New York Times sums it up nicely:

The watch list is actually a succession of lists, beginning with the Terrorist Identities Datamart Environment, or TIDE, a centralized database of potential suspects.  . . . [A]bout 10,000 names come in daily through intelligence reports, but . . . a large percentage are dismissed because they are based on “some combination of circular reporting, poison pens, mistaken identities, lies and so forth.”

Analysts at the counterterrorism center then work with the Terrorist Screening Center of the F.B.I. to add names to what is called the consolidated watch list, which may have any number of consequences for those on it, like questioning by the police during a traffic stop or additional screening crossing the border. That list, in turn, has various subsets, including the no-fly list and the selectee list, which requires passengers to undergo extra screening.

The consolidated list has the names of more than 400,000 people, about 97 percent of them foreigners, while the no-fly and selectee lists have about 6,000 and 20,000, respectively.

After the December 25, 2009 attempted bombing of a Northwest Airlines flight from Amsterdam into Detroit, TSA quickly established, then quickly lifted, an oppressive set of rules for travelers, including bans on blankets and on moving about the cabin during the latter stages of flights. In the day or two after a new attempt, security excesses of this kind are forgivable.

But TSA also established identity-based security rules of similar provenance and greater persistence, subjecting people from fourteen countries, mostly Muslim-dominated, to special security screening. This was ham-handed reaction, increasing security against the unlikely follow-on attacker by a tiny margin while driving wedges between the U.S. and people well positioned to help our security efforts.

Former DHS official Stewart Baker recently discussed the change to this policy on the Volokh Conspiracy blog:

The 14-country approach wasn’t a long-term solution.  So some time in January or February, with little fanfare, TSA seems to have begun doing something much more significant.  It borrowed a page from the Customs and Border Protection playbook, looking at all passengers on a flight, running intelligence checks on all of them, and then telling the airlines to give extra screening to the ones that looked risky.

Mark Ambinder lauded the new policy on the Atlantic blog, describing it thusly:

The new policy, for the first time, makes use of actual, vetted intelligence. In addition to the existing names on the “No Fly” and “Selectee” lists, the government will now provide unclassified descriptive information to domestic and international airlines and to foreign governments on a near-real time basis.

Likely, the change is, or is very much like, applying a Customs and Border Patrol program called ATS-P (Automated Targeting System – Passenger) to air travel screening.

“[ATS-P] compares Passenger Name Record (PNR) and information in [various] databases against lookouts and patterns of suspicious activity identified by analysts based upon past investigations and intelligence,” says this Congressional Research Service report.

“It was through application of the ATS-P that CBP officers at the National Targeting Center selected Umar Farouk Abdulmutallab, who attempted to detonate an explosive device on board Northwest Flight 253 on December 25, 2009, for further questioning upon his arrival at the Detroit Metropolitan Wayne County Airport.”

Is using ATS-P or something like it an improvement in the way airline security is being done? It probably is.

A watch-list works by comparing the names of travelers to the names of people that intelligence has deemed concerning. To simplify, the logic looks like something like this:

If first name=”Cat” (or variants) and last name=”Stevens”, then *flag!*

Using intelligence directly just broadens the identifiers you use, so the comparison (again simplified) might look something like this:

If biography contains “traveled in Yemen” or “Nigerian student” or “consorted with extremists”, then *flag!*

The ability to flag a potential terrorist with identifiers beyond name is a potential improvement. Such a screening system would be more flexible than one that used purely name-based matching. But using more identifiers isn’t automatically better.

The goal—unchanged—is to minimize both false positives and false negatives—that is, people flagged as potential terrorists who are not terrorists, and people not flagged as terrorists who are terrorists. A certain number of false positives are acceptable if that avoids false negatives, but a huge number of false positives will just waste resources relative to the margin of security the screening system creates. Given the overall paucity of terrorists—which is otherwise a good thing—it’s very easy to waste resources on screening.

I used the name “Cat Stevens” above because it’s one of several well known examples of logic that caused false positives. Utterly simplistic identifiers like “traveled in Yemen” will also increase false positives dramatically. More subtle combinations of identifiers and logic can do better. The questions are how far they increase false positives, and whether the logic is built on enough information to produce true positives.

So far as we know, ATS-P has never flagged a terrorist before it flagged the underwear bomber. DHS officials tried once to spin up a case in which ATS-P flagged someone who was involved in an Iraq car-bombing after being excluded from the U.S. However, I believe, as I suggested two years ago, that ATS-P flagged him as a likely visa overstayer and not as a terror threat. He may not have been a terror threat when flagged, as some reports have it that he descended into terrorism after being excluded from the U.S. This makes the incident at best an example of luck rather than skill. That I know of, nobody with knowledge of the incident has ever disputed my theory, which I think they would have done if they could.

The fact that ATS-P flagged one terrorist is poor evidence that it will “work” going forward. The program “working” in this case means that it finds true terrorists without flagging an unacceptable/overly costly number of non-terrorists.

Of course, different people are willing to accept different levels of cost to exclude terrorists from airplanes. I think I have come up with a good way to measure the benefits of screening systems like this so that costs and benefits can be compared, and the conversation can be focused.

Assume a motivated attacker that would eventually succeed. By approximating the amount of damage the attack might do and how long it would take to defeat the security measure, one can roughly estimate its value.

Say, for example, that a particular attack might cause one million dollars in damage. Delaying it for a year is worth $50,000 at a 5% interest rate. Delaying for a month an attack that would cause $10 billion in damage is worth about $42 million.

(I think it is fair to assume that any major attack will happen only once, as it will produce responses that prevent it happening twice. The devastating “commandeering” attack on air travel and infrastructure is instructive. The 9/11 attacks permanently changed the posture of air passengers toward hijackers, and subsequent hardening of cockpit doors has brought the chance of another commandeering attack very close to nil.)

A significant weakness of identity-based screening (which “intelligence-based” screening—if there’s a difference—shares) is that it is testable. A person may learn if he or she is flagged for extra scrutiny simply by traveling a few times. A person who passes through airport security six times in a two-month period and does not receive extra scrutiny can be confident enough on the seventh trip that he or she will not be specially screened. If a person does receive special scrutiny on test runs, that’s notice of being in a suspect category, so someone else should carry out a planned attack.

(“We’ll make traveling often a ground for suspicion!” might go the answer. “False positives,” my rejoinder.)

Assuming that it takes two months more than it otherwise would to recruit and clear a clean-skin terrorist, as Al Qaeda and Al Qaeda franchises have done, the dollar value of screening is $125 million. That is the amount saved (at a 5% interest rate) by delaying for one month an attack costing $15 billion (a RAND corporation estimate of the total cost of a downed airliner, public reactions included).

Let’s say that the agility of having non-name identifiers does improve screening and causes it to take three months rather than two to find a candidate who can pass through the screen. Ignoring the costs of additional false positives (though they could be very high), the value of screening rises to $187.5 million.

(There is plenty of room to push and pull on all these assumptions. I welcome comments on both the assumptions and the logic of using the time-value of delayed attacks to quantify the benefits of security programs.)

A January 2009 study entitled, “Just How Much Does That Cost, Anyway? An Analysis of the Financial Costs and Benefits of the ‘No-Fly’ List,” put the amount expended on “no-fly” listing up to that time at between $300 million and $966 million, with a medium estimate of $536 million. The study estimated yearly costs at between $51 and $161 million, with a medium estimate of $89 million.

The new screening procedures, whose contours are largely speculative, may improve air security by some margin. Their additional costs are probably unknown to anyone yet as false positive rates have yet to be determined, and the system has yet to be calibrated. Under the generous assumption that this change makes it 50% harder to defeat the screening system, the value of screening rises, mitigating the ongoing loss that identity-based screening appears to bring to our overall welfare.

Hey, if you’ve read this far, you’ll probably go one or two more paragraphs…

It’s worth noting how the practice of “security by obscurity” degrades the capacity of outside critics to contribute to the improvement of homeland security programs. Keeping the contours of this system secret requires people like me to guess at what it is and how it works, so my assessment of its strengths and weaknesses is necessarily degraded. As usual, Bruce Schneier has smart things to say on security by obscurity, building on security principles generated over more than 125 years in the field of cryptography.

DHS could tell the public a great deal more about what it is doing. There is no good reason for the security bureaucracy to insist on going mano a mano against terrorism, turning away the many resources of the broader society. The margin of information the United States’ enemies might access would be more than made up for by the strength our security programs would gain from independent criticism and testing.

Making Sense of New TSA Procedures is a post from Cato @ Liberty - Cato Institute Blog

Nearly half of the security cameras in the New York City subway system don’t work. That may seem like cause for alarm, and it may be from a financial standpoint — NYC isn’t getting a lot of return on its investment.

From a broader security standpoint, I don’t find this particularly disturbing. As the article points out, crime is down as ridership increases. Reducing the number of police officers on patrol in the subway (as NYC is doing) is more likely to facilitate increased criminality. A camera can catch many things on film, but the presence of law enforcement officers provides intangible benefits that technology cannot. The would-be Millenium Bomber was stopped by a border patrol agent who interviewed him and thought that something was “hinky” about his behavior. That hinkiness involved explosives, and the plot was foiled. Cameras don’t spot “hinky” like people can.

Security expert Bruce Schneier has been talking about this on his blog (emphasis on the Dubai assassination), and provides a fuller discussion of security cameras in this article on CNN.com:

If universal surveillance were the answer, lots of us would have moved to the former East Germany. If surveillance cameras were the answer, camera-happy London, with something like 500,000 of them at a cost of $700 million, would be the safest city on the planet.

We didn’t, and it isn’t, because surveillance and surveillance cameras don’t make us safer. The money spent on cameras in London, and in cities across America, could be much better spent on actual policing.

Security cameras have not proven a great deterrent to crime or terrorism. The attacks on September 11^th and the London commuter bombings were not stopped by pre-attack footage of the perpetrators’ activities. Creating a surveillance state may make some people feel safer, but the resources can be better used elsewhere.

Insecurity Cameras is a post from Cato @ Liberty - Cato Institute Blog

I wrote some posts a few months ago (1, 2, 3) about the difficulty of discovering and preventing essentially random events like the Fort Hood shooting. I was pleased by the compliment security guru Bruce Schneier paid them in his recent post, “Small Planes and Lone Terrorist Nutcases.” (Such happy subject matter we get to write about!)

Now comes Radley Balko with a great column illustrating what you get when authorities try to “get ahead” of this problem. “Pre-Crime Policing” tells the story of a gun buyer who had been tagged with the adjective “disgruntled.” A SWAT team appeared on his property, police tricked him into surrendering for a mental evaluation, they illegally entered his home, and they seized his guns.

Says the victim of these invasions, “South Oregon is big gun country. If something like this can happen here, where just about everyone owns a gun, it can happen anywhere.”

Especially if we ask law enforcement to prevent random violence.

How to Prevent a Fort Hood Shooting is a post from Cato @ Liberty - Cato Institute Blog

Ari Schwartz responded in characteristic even tones to my critique of his testimony in favor of the PASS ID Act, which would revive the moribund REAL ID law. It’s worth a rejoinder, and I’ll offer him the same again here if he wishes.

Ari clouds matters slightly by suggesting that my “strong biases” obscure certain facts. I readily admit having a strong bias in favor of liberty — it’s why I do what I do. Ari admits several biases, including one in favor of consensus-building, which was what I accused him of prioritizing over principle. Let’s put aside the question of bias.

It’s good to see Ari state that CDT does not support a national ID system. It would be better to see him state that CDT opposes having a national ID system. (I imagine this is just a matter of word choice, but it would be good to have clarity.)

Next, Ari says his testimony “makes it clear that we believe that PASS ID prevents the creation of a National ID system.” I don’t believe this is clear from his testimony. More importantly, this is not a sound assessment of what a national ID is or what PASS ID does.

We need some defined terms, so let’s tease out what he means by “national ID.” (He has told me that there is some distinction between a “national ID,” a “national ID system,” and perhaps a “national ID card,” but the distinction is lost on me. I believe a national ID card is part of a national ID system, both of which are commonly referred to in shorthand as a “national ID.”)

Twice in his testimony, he correctly calls REAL ID a national ID system. The factors that make it so appear to be “the very real possibility that individuals would not be able to function in American society without a REAL ID card” and “giving unfettered discretion to DHS to expand the ‘official purposes’ for which REAL ID cards could be required.”

In my recent post on the subject, I defined a national ID as being a card: 1) nationally uniform in its key elements; 2) the possession of which is either practically or legally required; and 3) that is used for identification.

I think 1) and 3) are both given. Ari’s take on 2) – inability to function without it — and my formulation — practically required — are equivalent, so Ari and I agree on that much.

But is DHS discretion to expand “official purposes” an essential element of a national ID card? I don’t think so.

Let’s say Congress passes a law requiring employers to check a certain card before they hire new workers. What if Congress requires credit issuers to check the card? States require presentation of the card at the voting booth? What if Congress requires pharmacists to check it before selling people cold medicine?

Is this card system saved from being a “national ID system” because someone other than DHS came up with these ideas? Of course not. DHS discretion to expand usage is not what makes an ID system a “national ID system.”

The better definition is what we agree on: A national ID is national, identifying, and practically or legally required, meaning the lack of it disables people from functioning in society.

Do REAL ID and PASS ID differ in ways that make the one a national ID and the other not a national ID? No, and Ari doesn’t say so. He merely says PASS ID would slow national ID mission creep by some margin because it denies DHS some discretion. (PASS ID “[r]emoves from DHS’s authority the ability to unilaterally determine new official purposes for which a PASS ID-compliant card can be required . . . .”)

This is not central to “national ID-ness,” and PASS ID doesn’t actually deny DHS that authority — it simply removes the specific grant of authority in REAL ID. Removing a grant of authority in one law does not deny an agency authority it has elsewhere. (It’s like the difference between “not supporting” and “opposing” something.) DHS and other agencies almost certainly have power under other law to require the IDs they choose for functions that are plausibly related to security or fraud prevention.

I was wrong to assume that it was lack of principle driving CDT and Ari to endorse the PASS ID Act, which revives our moribund national ID law. Other explanations are no more palatable, though, and no other group that I am aware of missed the true import of PASS ID.

Here’s a memorable Bruce Schneier quote to emphasize the importance of opposing a national ID, which so many civil liberties groups are doing:

History will record what we, here in the early decades of the information age, did to foster freedom, liberty and democracy. Did we build information technologies that protected people’s freedoms even during times when society tried to subvert them? Or did we build technologies that could easily be modified to watch and control? It’s bad civic hygiene to build an infrastructure that can be used to facilitate a police state.

No civil liberties group supports PASS ID. CDT can’t claim that mantle while it does.

PASS ID and National ID – Rejoinder to Schwartz is a post from Cato @ Liberty - Cato Institute Blog

A federal judge just threw out three fake passports discovered by a Transportation Security Agency (TSA) screener, holding that the search exceeded the TSA’s aviation security mission. (H/T Bruce Schneier)

This is long overdue; the TSA has moved beyond its original mandate and is now conducting searches for “contraband.” The search for anything that seems suspicious can quickly turn into an inquisition at the security checkpoint. Campaign for Liberty staffer Steven Bierfeldt experienced this at the St. Louis airport, and is now suing to prevent future searches beyond what is necessary for aviation security.

The invasive searches don’t add much to airline security anyway. Just as GAO investigators consistently defeat security at federal buildings, TSA screeners often fail to find fake explosives on security test teams.

As Bruce Schneier points out in his excellent book, Beyond Fear: Thinking Sensibly About Security in an Uncertain World, the two effective changes in airline security since September 11, 2001 have been (1) hardening of cockpit doors; and (2) airline passengers will resist because they know that their hijackers are playing for keeps.

Schneier spoke at Cato’s two-day conference on counterterrorism in January. Video at the link.

TSA Search Overturned is a post from Cato @ Liberty - Cato Institute Blog

Bruce Schneier skewers an imaginative fear-mongerer.

Terrorist Risk of Cloud Computing is a post from Cato @ Liberty - Cato Institute Blog

Security guru Bruce Schneier comes down on the strictly pragmatic side in this essay called “Fixing Airport Security.” Because of terrorism fears, he says, TSA checkpoints are “here to stay.” The rules should be made more transparent. He also argues for an amendment to some constitutional doctrines:

The Constitution provides us, both Americans and visitors to America, with strong protections against invasive police searches. Two exceptions come into play at airport security checkpoints. The first is “implied consent,” which means that you cannot refuse to be searched; your consent is implied when you purchased your ticket. And the second is “plain view,” which means that if the TSA officer happens to see something unrelated to airport security while screening you, he is allowed to act on that. Both of these principles are well established and make sense, but it’s their combination that turns airport security checkpoints into police-state-like checkpoints.

The comments turn up an important recent Fourth Amendment decision circumscribing TSA searches. In a case called United States v. Fofana, the district court for the southern district of Ohio held that a search of passenger bags going beyond what was necessary to detect articles dangerous to air transportation violated the Fourth Amendment. “[T]he need for heightened security does not render every conceivable checkpoint search procedure constitutionally reasonable,” wrote the court.

Application of this rule throughout the country would not end the “police-state-like checkpoint,” but at least rummaging of our things for non-air-travel-security would be restrained.

I prefer principle over pragmatism and would get rid of TSA.

Schneier and Friends on Fixing Airport Security is a post from Cato @ Liberty - Cato Institute Blog

Bruce Schneier, a participant in our January counterterrorism conference, reviews a recent report and discusses the possibility of attacks on the food supply in a post on his blog:

The quantities involved for mass poisonings are too great, the nature of the food supply too vast and the details of any plot too complicated and unpredictable to be a real threat. That becomes crystal clear as you read the details of the different incidents: it’s hard to kill one person, and very hard to kill dozens. Hundreds, thousands: it’s just not going to happen any time soon. The fear of bioterror is much greater, and the panic from any bioterror scare will injure more people, than bioterrorism itself.

Don’t Fear Attacks on the Food Supply is a post from Cato @ Liberty - Cato Institute Blog