Are you David Nelson?
http://www.kuro5hin.org/story/2003/6/17/161652/663

It seems that a glitch in US airport security is causing headaches for men named "David Nelson." For some unknown reason (supposedly if "they" discussed the matter it would breach security) security computers give a "no fly" or "potential terrorist" warning whenever someone named David Nelson attempts to board an airliner...

--Joey

That's really strange dude.

Airline security: Carlin's Take. http://www.humorcafe.com/humor/gems/george_carlin.htm

He has been saying this for awhile, this published version comes from may 2001 but the actual spiel is much earlier, and the best part is that he was right about several of the things he listed.

i think jasons is more likey, but jeds would be way cooler. reminds me off that onion article where bill Gates built robots to attack his chilhood bully, and announces on the news "you got away this time, but there is no escape from my andriod army!"

Jason's theory sounds about right, but whew, that has got to be the laziest testing procedure I've ever even imagined; I mean who hardcodes test data? Apparently these guys.

but yeah, Jason sounds dead on to me.

IS

Input parsing and pointer manipulation are different; this should have been a test entry in the database. There's no reason to have it in code. And even less reason to forget about it and leave it there. :)

While I like Jason's theory, I think the article points to a potentially more serious problem : supposing we had one David Nelson who was a terrorist (the article quotes unnamed sources about a David Nelson being investigated), he would cause problems for all David Nelsons everywhere. This seems to be stupid functionality for me, for a variety of reasons.

First, the odds that any terrorists are going to be flying under the name we have in our database for them are probably pretty low (although I suppose you could implement it to catch the low hanging fruit, those members who got admitted to Al Qaeda University only through affirmative action or legacy, and are now trying to overthrow the civilized world despite failing Forging Unsecure Documents 101). Second, a name is really a cruddy way to individually identify someone when your database includes a large number of people -- for many entries it isn't going to be unique, causing wasted resources as you investigate shoe salesmen from Idaho. Third, the particular names we are searching for aren't normally written in roman letters (we do call them that, right? Thats what its called in Japan, I forget if I ever learned what they're called in the States) and a terrorist could screw up any number of even fairly sophisticated matching algorithms just by changing the transliteration scheme they use for their name. How many different romanized spellings of Al Qaeda have you seen, for example? My sense, and this is a guess based on extremely limited knowledge of Arabic, is that if the flag algorithm is anything but a simple string matcher there are going to be false positives all over the place as the algorithm will target large portions of that subset OR it will be too dumb to tell that Mohamed Atta and Muhammed Atqa are the same person (I've seen both of those in the same newspaper).

Now, I realize and am willing to accept that any profiling system is going to cause false positives, and probably a lot of them. This being the case, wouldn't we want our profiling system to target something a little less easily fooled than a name?

Patrick McKenzie

Yeah, there's no way that database is designed with the name as the primary key. That's just ridiculous. Sure the government screws up sometimes but that's like accidentally shooting DVDs of The Patriot instead of Patriot missiles.

IS

Ian wins the "analogy of the day" award. :p

The David Nelsons may be innocent... but I'd be worried about Dan Nelson :D

Patty