New TSA Security Blooper Might Be The Dumbest One Yet

December 7, 2009 at 2:44 PM | by Omri | Comments (2)

A few years ago, the TSA was forced to acknowledge that print-at-home boarding passes represented a huge airport security loophole, since terrorists on the no-fly list could use a fake boarding pass at the kiosks and a legitimate one at ID stations. But it's OK, TSA assured us, because the no-fly is only the first line of defense and the metal detectors were the real security.

Then it was announced—on the very same weekend—that TSA missed 20 out of 22 hidden weapons at the metal detectors during a Newark security drill. Now take all that and fast forward to this weekend, when the TSA accidentally posted the entirety of their screening procedures on the Internet.

it's pretty bad...

According to Boing Boing, the TSA was instructed to release their screening procedures on the Internet, which is an extremely delicate and risky process. Releasing too much information would allow someone to reverse engineer screening criteria—who TSA looks for, how they look for them, and who gets a pass—and maximize their chances of slipping contraband into the terminal.

So TSA staffers, because they're security-minded, redacted the sensitive parts. But TSA staffers, because they're ferrets, did the redacting by drawing big black boxes all over the PDF, which can be removed. Suffice to say that as of this morning the screening procedures protecting airports in the United States are available to the planet.

We'll avoid the political angles on this story, if only because they'll be available on other blogs. But just to give you a small sense of what a monumental national security clusterfark this is: there's a list of 12 countries where if you have those passports you're automatically selected for additional screening. So now if you want to avoid additional screening, you know which passports not to forge. And if you're a big terrorist organization looking for hijackers, you know which citizens not to send.

There are also sections on how instruments are calibrated and, maybe best of all, on what kinds of credentials people have to present to get exemptions from screening.

Obviously some of these procedures can't be altered and some of this damage can't be repaired. But let's imagine none of that was true and that all the sensitive policies could be changed. It would still be the undeniable case that our safety has been entrusted to morons.

[Photo: Greg O'Beirne / Wiki Commons]

Related Stories:
· TSA can't redact documents properly, releases s00per s33kr1t operations manual [Boing Boing]
· Airport Security [Jaunted]
· TSA [Jaunted]

Comments (2)

Return to » New TSA Security Blooper Might Be The Dumbest One Yet

My post is the one that Boing Boing references about the issue. I've been in touch with the TSA Office of Public Affairs since this morning to follow up on the issue. They absolutely refuse to comment on any of the contents of the document, claiming that it is still SSI even though it is now plastered across the internet. Their only statement is that "a full review is underway" of the incident. That and the "many layers of security" will protect us. More of the same old crap. More on their response here.

(1) Your post was quite good on the details of the material, especially the 12 nations stuff. Folks who are interested in this kind of thing should also check out the followup post. (2) It's a little subtle but the most disturbing parts are the percent breakdowns on when it's OK to cut corners and what the screening criteria are. The entire debate over random screening vs. profiling turns on whether profiling criteria can be reverse engineered - if they can then the simulations show that the terrorists get a huge advantage. And here they are!

Jaunted

Select a Destination:

TSA / Airport Security / Stupid Ideas / Travel News / Airports / → All Tags