I published a blog post yesterday on the outdated, unclassified version of a Standard Operating Procedures document that was posted by the agency. It was improperly posted to the Federal Business Opportunities Web site wherein redacted information was not properly protected. Once we were made aware of the situation, it was immediately taken down from the Web site and a full review by TSA’s Office of Inspection was initiated.
TSA takes full responsibility for this improper posting and all individuals who may have been involved have been placed on administrative leave, pending the outcome of the review. This document was not the everyday screening manual used by Transportation Security Officers at airport checkpoints. Thorough analysis has determined the flying public and aviation community are safe and our systems are secure. TSA is confident that screening procedures in place remain strong.
This is insulting. They must think we're idiots.
Before we get to how they're implicitly lying, let's focus on how they're unblinkingly incoherent. This is literally just a sketch of initial thoughts. With an exception at the beginning, we've chosen not to get into some of the debates about screening criteria and random searches, since those require a bit of math about what happens to the probability of failure if terrorists reverse engineer procedures. We're also avoiding any broader issuesthe inefficiency of large government bureaucracies, privatization vs. federalization vs. neither, etcthat might be wrapped up in partisan differences. We don't want to muddy the waters. Demanding accountability from these tools should be something everyone can agree on.
First the incoherence. If the investigation has just been initiated, how can they possibly have already conducted "thorough analysis" and concluded that they haven't done any damange? It's only been a couple days. What exactly have they analyzed?
One small example: the manual reveals TSA's black light corner cutting guidelines. Usually, the manual says, you want to run everything under a black light 100% of the time. But under certain conditions you can reduce that to 25% of the time for no more than 30 minutes. How did they come up with those numbers? They ran simulations about the tolerable probability of failure, and concluded that we would be almost certainly safe if those were the guidelines. Fair enough. But those simulations all made very specific assumptions about secrecy, since if the terrorists knew how we check certain things they could adjust accordingly. Those assumptions weren't "no secrecy at all," which is why that portion were supposed to be redacted. Now the simulations have to be redone. They almost certainly haven't been. TSA is making this up as they go along.
Also: there were five employees involved in what should have been a routine website update? Really? Either the TSA is the most bloated bureaucracy in the history of government or this document, in addition to going through the public relations/communications department, also had to get a series of security writeoffs. That makes it sound like it was filled with anything but outdated material. Although maybe it really does take five signatures to post something to a TSA website, in which case we want some people fired just on principle. We know it's a bad economy and employment and so on, but come on.
Now the implicit lies. Even if everything they say about this being a previous version is true, The Wandering Aramean does a good job walking through some of the stuff that's still relevant: the specific thickness of wires that will and will not show up on the x-ray machines, the process by which they test the calibration of the magnetometers with pseudo-guns, etc. Anyone from TSA want to make a case that that stuff is "outdated, unclassified."
If the TSA was a bunch of accountants and they screwed up this badly on your tax return and they told you "we're not going to show you the numbers, but trust us that our monumental screwup didn't lose you any money," there's no way they'd get away with that. We're not children. Don't pat us on the head and say "everything's just fine." They should say what everyone knows: "we screwed up, we don't know how bad yet, but it's going to require some fixing." Instead they're hoping to stonewall the public and shed incompetent employees, which is how we got into this position in the first place.
[Photo: robby-T / Flickr]
· Update on Standard Operating Procedures [TSA]
· New TSA Security Blooper Might Be The Stupidest Yet [Jaunted]
· TSA Coverage [Jaunted]
· Airport Security Coverage [Jaunted]