So there's three problems with the argument for TSA:
1. We did a lot of things in response to 9/11 (e.g. locking cockpit doors, TSA, increasing awareness). It's unclear whether TSA was a component that helped.
2. In the modern world, it's unclear whether hijacking is a severe risk to planes (compared to drones or missiles which are way more acquirable by terrorists and civilians than they were 25 years ago)
3. TSA has a documented and repeated ~80% failure rate at detecting threats. To the extent security theater is effective, you would expect that that effectiveness would disappear once everyone knew that they most likely wouldn't stop the attack.
> TSA has a documented and repeated ~80% failure rate at detecting threats. To the extent security theater is effective, you would expect that that effectiveness would disappear once everyone knew that they most likely wouldn't stop the attack.
Well, if we caught 20% of threats across the 19 hijackers on 9/11, there would have been a 99% chance one was caught. And a 67% chance that someone was caught in each group for each of the first 3 planes with 5 hijackers.
But even if they do miss 80% of the failures in penetration tests, what actually matters is whether or not real world threats are being caught. Threat actors in the real world act with different motivations than penetration testers, and with different skill sets.
2. In the modern world, it's unclear whether hijacking is a severe risk to planes (compared to drones or missiles which are way more acquirable by terrorists and civilians than they were 25 years ago)
3. TSA has a documented and repeated ~80% failure rate at detecting threats. To the extent security theater is effective, you would expect that that effectiveness would disappear once everyone knew that they most likely wouldn't stop the attack.