Wednesday, December 09, 2009

Blogger exposes TSA security lapse

Hurray for bloggers. “Wandering Aaramean”, that is Seth Miller, 32, has exposed a security scandal at the TSA, which posted all of its screening policies for contractors ("Screening Management: Standard Operating Procedures"), and used a program to cover up classified words, which a programmer could easily disable. It would have been safer just to use 1920s technology -- an ink blot pen.

Here is his blog.

The person who posted the document(s) was a contractor, but several TSA managers have been placed on administrative leave for the laspe.

I applied for a job a security screener in 2002, and once again as a parttimer in 2003. You’re supposed to keep the application secret when you are in process, and back in 2002 the TSA 800 numbers were very hard to reach. I think I’ve covered why it broke down on the blogs before. Yet they were “gung ho” to hire screeners then, although it was less clear whether screeners needed previous experience.

Are there legal problems with deliberately exposing a security breach that you find? As they say, it ain't that hard to do. Look at the posting here about the Salahi's Nov. 26.
Maybe, as with journalists shield laws in Congress, it could matter if you're "professional".

"Security through obsurity" never works (CNN). Look at the controversy a couple years ago over bump keys.

No comments: