Tuesday, December 8, 2009

TSA security "blooper" out gaffes the last

c/o Jaunted.com

A few years ago, the TSA was forced to acknowledge that print-at-home boarding passes represented a huge airport security loophole, since terrorists on the no-fly list could use a fake boarding pass at the kiosks and a legitimate one at ID stations. But it's OK, TSA assured us, because the no-fly is only the first line of defense and the metal detectors were the real security.

Then it was announced—on the very same weekend—that TSA missed 20 out of 22 hidden weapons at the metal detectors during a Newark security drill. Now take all that and fast forward to this weekend, when the TSA accidentally posted the entirety of their screening procedures on the Internet.

it's pretty bad...

According to Boing Boing, the TSA was instructed to release their screening procedures on the Internet, which is an extremely delicate and risky process. Releasing too much information would allow someone to reverse engineer screening criteria—who TSA looks for, how they look for them, and who gets a pass—and maximize their chances of slipping contraband into the terminal.

So TSA staffers, because they're security-minded, redacted the sensitive parts. But TSA staffers, because they're ferrets, did the redacting by drawing big black boxes all over the PDF, which can be removed. Suffice to say that as of this morning the screening procedures protecting airports in the United States are available to the planet.

We'll avoid the political angles on this story, if only because they'll be available on other blogs. But just to give you a small sense of what a monumental national security clusterfark this is: there's a list of 12 countries where if you have those passports you're automatically selected for additional screening. So now if you want to avoid additional screening, you know which passports not to forge. And if you're a big terrorist organization looking for hijackers, you know which citizens not to send.

There are also sections on how instruments are calibrated and, maybe best of all, on what kinds of credentials people have to present to get exemptions from screening.

Obviously some of these procedures can't be altered and some of this damage can't be repaired. But let's imagine none of that was true and that all the sensitive policies could be changed. It would still be the undeniable case that our safety has been entrusted to morons.


No comments: