/ / / / /

TSA Deals With Their Security Blooper By Treating Americans Like Morons

December 10, 2009 at 4:24 PM | by | ()

The Department of Homeland Security is really having a banner few weeks. First there was the White House gate crashing fiasco, which the Secret Service is still trying to unravel. Now there's this ongoing airport security debacle where TSA posted a "redacted" PDF of their security procedures online. Except their people didn't realize that "drawing big black boxes on your PDF" is about as effective as using White Out on your monitor.

It's OK though, because they've suspended 5 people and want you to know that they're taking the situation very seriously. Here's the full statement from their blog, after which we've offered a few comments:

I published a blog post yesterday on the outdated, unclassified version of a Standard Operating Procedures document that was posted by the agency. It was improperly posted to the Federal Business Opportunities Web site wherein redacted information was not properly protected. Once we were made aware of the situation, it was immediately taken down from the Web site and a full review by TSA’s Office of Inspection was initiated.

TSA takes full responsibility for this improper posting and all individuals who may have been involved have been placed on administrative leave, pending the outcome of the review. This document was not the everyday screening manual used by Transportation Security Officers at airport checkpoints. Thorough analysis has determined the flying public and aviation community are safe and our systems are secure. TSA is confident that screening procedures in place remain strong.

This is insulting. They must think we're idiots.

Before we get to how they're implicitly lying, let's focus on how they're unblinkingly incoherent. This is literally just a sketch of initial thoughts. With an exception at the beginning, we've chosen not to get into some of the debates about screening criteria and random searches, since those require a bit of math about what happens to the probability of failure if terrorists reverse engineer procedures. We're also avoiding any broader issues—the inefficiency of large government bureaucracies, privatization vs. federalization vs. neither, etc—that might be wrapped up in partisan differences. We don't want to muddy the waters. Demanding accountability from these tools should be something everyone can agree on.

First the incoherence. If the investigation has just been initiated, how can they possibly have already conducted "thorough analysis" and concluded that they haven't done any damange? It's only been a couple days. What exactly have they analyzed?

One small example: the manual reveals TSA's black light corner cutting guidelines. Usually, the manual says, you want to run everything under a black light 100% of the time. But under certain conditions you can reduce that to 25% of the time for no more than 30 minutes. How did they come up with those numbers? They ran simulations about the tolerable probability of failure, and concluded that we would be almost certainly safe if those were the guidelines. Fair enough. But those simulations all made very specific assumptions about secrecy, since if the terrorists knew how we check certain things they could adjust accordingly. Those assumptions weren't "no secrecy at all," which is why that portion were supposed to be redacted. Now the simulations have to be redone. They almost certainly haven't been. TSA is making this up as they go along.

Also: there were five employees involved in what should have been a routine website update? Really? Either the TSA is the most bloated bureaucracy in the history of government or this document, in addition to going through the public relations/communications department, also had to get a series of security writeoffs. That makes it sound like it was filled with anything but outdated material. Although maybe it really does take five signatures to post something to a TSA website, in which case we want some people fired just on principle. We know it's a bad economy and employment and so on, but come on.

Now the implicit lies. Even if everything they say about this being a previous version is true, The Wandering Aramean does a good job walking through some of the stuff that's still relevant: the specific thickness of wires that will and will not show up on the x-ray machines, the process by which they test the calibration of the magnetometers with pseudo-guns, etc. Anyone from TSA want to make a case that that stuff is "outdated, unclassified."

If the TSA was a bunch of accountants and they screwed up this badly on your tax return and they told you "we're not going to show you the numbers, but trust us that our monumental screwup didn't lose you any money," there's no way they'd get away with that. We're not children. Don't pat us on the head and say "everything's just fine." They should say what everyone knows: "we screwed up, we don't know how bad yet, but it's going to require some fixing." Instead they're hoping to stonewall the public and shed incompetent employees, which is how we got into this position in the first place.

[Photo: robby-T / Flickr]

Related Stories:
· Update on Standard Operating Procedures [TSA]
· New TSA Security Blooper Might Be The Stupidest Yet [Jaunted]
· TSA Coverage [Jaunted]
· Airport Security Coverage [Jaunted]

Archived Comments:


Good points, but I wouldn't hold my breath and wait for the TSA to be totally candid with the flying public. That said, enough with the name calling. They're human beings. I still feel bad about jumping on them after I read that "TSA Agents Took My Son" story that turned out to be complete bullshit. Are they really "tools" or just people charged with a delicate and thankless task? And it's spelled Wite-Out, not White Out. But that's okay, everybody makes mistakes.

We need real answers!

They are going to hose the 5 people because it wasn't the "routine website update" that went wrong. It was someone in the legal department inappropriately redacting the document. Then their supervisor approving the release of that document. And on and on and on.

Of course the document is not substantially different today than it was back in May 2008. They sortof acknowledged that during the testimony that was provided in Congress yesterday. But they won't come out and say that officially.

Even worse, however, is that there are still a number of potential issues with the statements they've made and the document. They originally said that it was not ever released. But it was used for a binding bid. Fraud much? Now it seems that they have taken a step back on that claim and are admitting it was approved, but that isn't 100% clear.

In that same vein, they previously used a document with the exact same date and version stamps as a reply to a FOIA request. How could they use a document that was never approved for just an action? That's rather felonious last time I checked.

And exposing the CIA's WOMAP program to the public for the first time probably wasn't that classy a move either.

C'mon, TSA. We're waiting for some real answers!