it's in the way that you use it

When it comes to securing their cargo containers, shippers often buy the most sophisticated high-tech seal they can find and figure they're covered. But that might be a risky assumption. After testing more than 200 different container seals, scientists at Los Alamos National Laboratories reported that every single one could be defeated, often in less than two minutes and with easily available materials and techniques.

Based on its tests, the lab's Vulnerability Assessment Team (VAT) concluded that the type of seal used matters less than how it is used. "High-tech (electronic or electro-optic) seals are often very easy to defeat," according to a statement on the VAT's Web site. "In most cases, simple changes to a seal and/or to how it is used can dramatically improve its effectiveness. Unfortunately, these changes are almost never implemented."

The VAT's Web site turns out to be a treasure trove of information about security seals, including how to use them (and more importantly, perhaps, how not to use them); the findings and lessons learned from the testing; and articles, papers, and speeches about the failures of seals, geographic positioning systems (GPS), and RFID as security devices.

One of our favorite pages on the site is "Common Myths About Tamper-Evident Seals." Herewith, the team's list of widely believed "facts"—all of which are NOT true:

1. There is such thing as a "tamper-proof" seal.
2. Only experts can easily defeat a seal.
3. Since all seals can be defeated, seals have no value in providing security.
4. A vulnerability assessment of an effective seal or tamper-detection program should find no problems.
5. The best seals can withstand thousands of pounds of force.
6. High-tech seals are harder to defeat than low-tech seals.
7. High-tech seals and/or seals that have electronic readers don't require manual inspection.
8. The more expensive a seal, the better the security it provides.
9. The only important issues in choosing a seal are its unit cost and whether it has been "certified" or "tested."
10. A good seal requires little effort or training to use.
11. A seal that is good for one application is good for another.

The list finishes with a reference to Greek mythology, noting that using low-tech techniques (a mirror and a sword), Perseus defeated the supposedly invulnerable Medusa. If Medusa had done a proper vulnerability assessment, the VAT researchers suggest, she might not have lost her head.