Patterico's Pontifications

12/9/2009

TSA Posts Sensitive Info Online

Filed under: Air Security — DRJ @ 2:45 pm



[Guest post by DRJ]

During a hearing on the recent White House security breach, the government disclosed that sensitive screening information has been posted on the internet since March:

“According to the [Wandering Aramean] blog, TSA posted a redacted version of the document but did not delete the sensitive information from the file. Instead of removing the text, the government covered it up with a black box. But the text was still embedded in the document and could be uncovered.

TSA had the document removed from the Federal Business Opportunity site on Dec. 6 but copies – with the redacted portions exposed – circulated on the Internet and remain posted on other Web sites not controlled by the government.

Noting that the transportation agency uses multiple layers of security, Lee said, “TSA is confident that screening procedures currently in place remain strong.”

The document reportedly listed screening protocols for security access to aircraft and facilities. Five TSA employees have been relieved of duty pending a review.

— DRJ

5 Responses to “TSA Posts Sensitive Info Online”

  1. DOH!

    idiots……

    redc1c4 (fb8750) 12/9/2009 @ 2:57 pm

  2. A lesson for those in the legal field who need to redact documents for litigation purposes, have the technical knowledge of how to do it correctly. This is far from the first time this has happened.

    SPQR (26be8b) 12/9/2009 @ 3:50 pm

  3. Ditto to what SPQR said. The government has been embarrassed before by putting sensitive stuff up on the Web with “redactions” consisting of highlighting text in black and then PDFing the document. http://www.law.com/jsp/law/LawArticleFriendly.jsp?id=900005549014

    A lawyer who is dumb enough to do something like that in documents passed to the other side in litigation is asking for a malpractice suit. And there are other electronic things that can bite you in the butt if you’re not careful — document metadata, for instance.

    Alex (a02c27) 12/9/2009 @ 5:03 pm

  4. A better solution would have been to promote those three, and fire all of the rest.

    AD - RtR/OS! (160cdd) 12/9/2009 @ 6:59 pm

  5. seriously, for people who have to do this sort of thing, don’t get cute. make it a pdf image scan by physically scanning it. otherwise you are in danger of metadata getting through.

    This is rank incompetance. i wish i could say i was surprised.

    A.W. (e7d72e) 12/10/2009 @ 6:01 am


Powered by WordPress.

Page loaded in: 0.0729 secs.