Matthewonlive and let's fly

TSA Gives Away Its Secrets in Massive Security Breach

The story is not as bad as it sounds, but the TSA has embarrassed itself again:

In a massive security breach, the Transportation Security Administration (TSA) inadvertently posted online its airport screening procedures manual, including some of the most closely guarded secrets regarding special rules for diplomats and CIA and law enforcement officers.

The most sensitive parts of the 93-page Standard Operating Procedures manual were apparently redacted in a way that computer savvy individuals easily overcame.

The document shows sample CIA, Congressional and law enforcement credentials which experts say would make it easy for terrorists to duplicate.

The improperly redacted areas indicate that only 20 percent of checked bags are to be hand searched for explosives and reveal in detail the limitations of x-ray screening machines...

Senators are outraged and a hearing has already been held:

The story broke when The Wandering Aramean, a friend of upgrd.com, broke the story on his blog. Apparently, a thread on Flyertalk contained a link to the document and Seth posted about it on his blog, which in a snowball effect was picked up by various media outlets including the Washington Post and the AP.

The TSA did not intend to make available all of the text, but rather than cutting "sensitive" text from the document, they merely put some sort of black text box around it which was easily removable. Smart.

This appeared at the bottom of each page of the document:

I urge you to explore the manual yourself. You can find it here.

Oh, and TSA: thanks for keeping us safe. 

 

This content is not provided or commissioned by the company whose products are featured on this site. Any opinions, reviews, analyses, or evaluations provided here are those of the author's alone, and have not been reviewed, approved or otherwise endorsed by the Advertiser. This site may be compensated through the Advertiser's affiliate programs.

Comments

#1
kd5mdk December 9, 2009 at 07:23 pm

While I don't meet an official definition of "need to know" on that document, I probably had access it to it when I worked for their IT contractor.

Leave a Comment

Your email address will not be published.

e.g. http://www.example.com/