You are here: Home / Archives for transportation security administration

Former TSA Contractor Gets Two Years for Damaging Data – PCWorld Business Center

January 12, 2011 By Leave a Comment

A former U.S. Transportation Security Administration contractor will serve two years in prison for messing with sensitive government databases used to identify terrorists as they try to enter the U.S.

James Duchak, 47, pleaded guilty in October to charges that he messed with code at the TSA’s Colorado Springs Operations Center in October 2009. Prosecutors say he tried to damage the TSA’s vetting database, just a week after learning that he was to be let go from his job.

Duchak deleted important code, used to properly format the birth dates of people entered into the system.

Duchak had been working as a data analyst at the TSA for about five years at the time of the incident. His job was to update TSA servers with data scraped from the government’s terrorist screening database and the United States Marshals Service Warrant Information Network.

The former contractor’s replacement — who Duchak was training at the time of the incindent — noticed the code changes, and the TSA shut down the database immediately.

via Former TSA Contractor Gets Two Years for Damaging Data – PCWorld Business Center.

Filed Under: Tech Bytes Tagged With: , , , , , , , , ,

Lawyer Creates Special Underwear for Modest Airline Passengers – News – ABA Journal

January 4, 2011 By Leave a Comment

A Northern Kentucky lawyer has turned underwear salesman with the goal of offering a solution for modest airline passengers.

Lawyer Marc Carey’s T-shirts, undies and briefs contain strategically placed emblems designed to blur a person’s private parts in airport scanners, report Cincinnati.com and Fox19.com. The costs start at $14.99. The emblems for men and women are patriotic stars and eagles, while kids’ T-shirts sport a happy face, according to Carey’s website, ScannerShirts.com.

Carey says the special ink used on his shirts blurs body parts that aren’t subject to search during a pat down by airport screeners from the Transportation Security Administration. “They’re not protest garments,” Carey told Fox19.com. “They’re designed to be a reasonable compromise for travelers to allow the TSA to do their job, but allow people to travel without a great deal of inconvenience and preserve their dignity.”

via Lawyer Creates Special Underwear for Modest Airline Passengers – News – ABA Journal.

Filed Under: From The News Tagged With: , , , , , , , , ,

George F. Will – The T.S. of A takes control

November 21, 2010 By Leave a Comment

Fifty years ago, William F. Buckley wrote a memorable complaint about the fact that Americans do not complain enough. His point, like most of the points he made during his well-lived life, is, unfortunately, more pertinent than ever. Were he still with us, he would favor awarding the Presidential Medal of Freedom, which he received in 1991, to John Tyner, who, when attempting to board a plane in San Diego, was provoked by some Transportation Security Administration personnel.

When Buckley was asked how he came up with topics for three columns a week, he jauntily replied that the world annoyed him that frequently. The fecundity of the world as an irritant was on display one winter evening in 1960 when Buckley found himself in an insufferably hot car on a New Haven Railroad commuter train from Grand Central Station to his Stamford, Conn., home. Everyone was acutely uncomfortable; no one was complaining.

“In a more virile age, I thought, the passengers would have seized the conductor and strapped him down on a seat over the radiator to share the fate of his patrons.” But he had “nonchalantly walked down the gauntlet of eighty sweating American freemen, and not one of them had asked him to explain why the passengers in that car had been consigned to suffer.”

via George F. Will – The T.S. of A takes control.

Filed Under: From The News Tagged With: , , , , , , , , ,

TSA document release show pitfalls of electronic redaction

January 4, 2010 By Leave a Comment

The inadvertent exposure of a sensitive Transportation Security Administration security manual last month serves as a sobering reminder about the pitfalls of trying to redact, or hide, electronic text.

The lapse occurred when a contract employee posted the improperly redacted security manual — which described TSA airport screening methods that are designed to thwart terrorists — on a public Web site for federal procurements.

Other organizations, such as HSBC Bank and Facebook Inc., have also had embarrassing incidents in which text in electronic documents that they thought was unreadable was revealed.

Such lapses often result from a simple misunderstanding of how electronic redaction works, said Barry Murphy, an analyst at Murphy Insights, a Boston-based consultancy specializing in e-discovery and records management.

“Obscuring portions of text in a word processor by placing black boxes over it, for instance, does nothing to redact it,” Murphy said. The text may not be viewable, but it still can be indexed, making it very searchable and easily retrieved by copying and pasting the blacked-out portion to another document, he said.

via TSA document release show pitfalls of electronic redaction.

Filed Under: Tech Bytes Tagged With: , , , , , , , , , ,

TSA drops subpoena for blogger’s information

January 1, 2010 By Leave a Comment

31/12/2009 – SD-1544-09-06 : This Comes To An End

Shortly before 7:00pm this evening I received a phone call that would end this year and allow me to have a Happy New Year. My call this evening came from John Drennan, the Transportation Security Administration’s Deputy Chief Counsel for Enforcement informing me that the TSA would no longer be pursing me for information regarding the identity of the person who sent me Security Directive SD-1544-09-06.

The subpoena that Chris Elliot was fighting was also dropped in its entirety by the TSA.

Hopefully this is the end of this situation, the agency will replace the MacBook they damaged, and we can all move forward.

I hope 2010 is the year the TSA can find a permanent Administrator the agency can find its defined focus to become a shining star within the Department of Homeland Security.

Happy Flying!

via Flying With Fish » SD-1544-09-06 : This Comes To An End.

Filed Under: From The News Tagged With: , , , , , , , , , ,

Did The TSA Compromise An Intelligence Program?

December 9, 2009 By Leave a Comment

What the heck is WOMAP? The unredacted version of the Transportation Security Administration's supervisor security manual includes references for a heretofore unrevealed Central Intelligence Agency program called WOMAP — The Worldwide Operational Meet and Assist Program.

According to the TSA's regulations, “foreign dignitaries” escorted by CIA officers are exempt from screening so long as the CIA submits their name, date of birth, itinerary and other information in advance. In general, the CIA officers who accompany these dignitaries are members of the Agency's Office of Protective Services, which provides security for the agency, its assets and its people. There's a separate procedure for screening foreign dignitaries approved by the Department of State. So it would seem as if the WOMAP program serves another purpose. Helpfully, the TSA manual provides some clues.

Persons who receive WOMAP status must be provided to the TSA's Office of Security and classified at the For Official Use Only Level. It “may be provided at the classified” level too. Importantly, the WOMAP information is so sensitive that  ”[t]he title or position of the dignitary will be used by the Office of Intelligence to determine eligibility for screening courtesies, but will not be forwarded to the TSOC and respective FSDs.” That is — too secret for even the airport federal security directors, who have Top Secret clearance, to know.

via Did The TSA Compromise An Intelligence Program? – The Atlantic Politics Channel.

Filed Under: From The News Tagged With: , , , , , , , , , ,

TSA Breach Exposes PDF File Risk — InformationWeek

December 9, 2009 By Leave a Comment

Employees at the Transportation Security Administration inadvertently exposed classified information about the agency’s security procedures because, apparently, they don’t know how PDF documents work.

What’s not clear is how many other government departments, legal agencies, healthcare providers, and other organizations that deal with sensitive information are unaware that a quirk in Adobe’s Portable Document Format can leave data open to prying eyes.

TSA officials posted what they thought was a redacted version of the TSA's airport security operating manual on a Web site used by private contractors looking for government work. The problem: the officials didn't actually delete sensitive parts of the document—they just blacked them out using a graphics tool.

That method left the underlying words intact, and they were exposed when readers cut and pasted pages from the document, “Screening Management Standard Operating Procedures,” into a new file. The vulnerability isn't technically a bug in Adobe's product, but its existence shows how those handling secure information should be fully trained in the software they're using.

The end result of the foul-up was that highly sensitive information about TSA screening methods, interviewing procedures, X-ray machines and other terrorist prevention tools became easily available to millions of people on the Web.

via TSA Breach Exposes PDF File Risk — InformationWeek.

Filed Under: Tech Bytes Tagged With: , , , , , , , ,

Another PDF “redaction” issue: The TSA makes another stupid move | The Wandering Aramean

December 7, 2009 By Leave a Comment

When the TSA make mistakes this egregious it really isn’t all that hard to pick on them.

The latest is that their Screening Management Standard Operating Procedure is published on the internet.  I actually like that.  I don’t think that security through obscurity is a good idea.  Of course the document is marked SSI and includes this footnote on every page:

SENSITIVE SECURITY INFORMATION

WARNING: THIS RECORD CONTAINS SENSITIVE SECURITY INFORMATION THAT IS CONTROLLED UNDER 49 CFR PARTS 15 AND 1520. NO PART OF THIS RECORD MAY BE DISCLOSED TO PERSONS WITHOUT A “NEED TO KNOW,” AS DEFINED IN 49 CFR PARTS 15 AND 1520, EXCEPT WITH THE WRITTEN PERMISSION OF THE ADMINISTRATOR OF THE TRANSPORTATION SECURITY ADMINISTRATION OR THE SECRETARY OF TRANSPORTATION. UNAUTHORIZED RELEASE MAY RESULT IN CIVIL PENALTIES OR OTHER ACTION. FOR U.S. GOVERNMENT AGENCIES, PUBLIC DISCLOSURE GOVERNED BY 5 U.S.C. 552 AND 49 CFR PARTS 15 AND 1520.

So the decision to publish it on the Internet is probably a questionable one.  On top of that, however, is where the real idiocy shines.  They chose to publish a redacted version of the document, hiding all the super-important stuff from the public.  But they apparently don’t understand how redaction works in the electronic document world.  See, rather than actually removing the offending text from the document they just drew a black box on top of it.  Turns out that PDF documents don’t really care about the black box like that and the actual content of the document is still in the file.

Yup, their crack legal staff managed to screw this one up pretty badly.  Want to know which twelve passports will instantly get you shunted over for secondary screening, simply by showing them to the ID-checking agent?  Check out Section 2A-2 (C) (1) (b) (iv).  Want to know the procedure for CIA-escorted passengers to be processed through the checkpoint?  That’s in the document, too.  Details on the calibration process of the metal detectors is in there.  So is the procedure for screening foreign dignitaries.

It is pretty pathetic that the folks supposedly responsible for administering this “security” program cannot even be bothered to do the simplest parts of their job correctly.  Then again, passing through the checkpoint every time I fly it is pretty clear that they do a lot of things incorrectly.  Just chalk this one up to more of the same idiocy.  More done badly.

via The Wandering Aramean

Filed Under: From The News Tagged With: , , , , , , , , , , , , ,