Tag Archives | Airport Security

D’oh! TSA Posts Airport Screening Procedures Online

The Transportation Security Agency accidentally posted its 93-page manual on airport screening procedures online, a mistake that has since been addressed although reports indicate the document is still widely available online. Making matters worse, the agency used redaction techniques that can be easily overcome.

Former Homeland Security Inspector General Clark Kent Ervin told ABC News that the event was “an appalling and astounding breach of security that terrorists could easily exploit.” He urged the TSA to launch an investigation into how the breach had occurred.

Among the topics covered in the document are items which do not have to be screened such as wheelchairs and orthopedic shoes, and countries from whose citizens must be screeened more closely than others.

TSA officials are claiming that the document is “outdated,” however critics argue that the screening process has likely not changed that drastically that the procedures detailed here are worthless to terrorists and other interested parties.

Certainly this breach is a threat to national security, and I tend to agree with those critics who say this one is pretty serious. 9/11 was a product of terrorists understanding the loopholes in our airport security procedures, and this breach now threatens to give our enemies insight into how we’re keeping them out.

Not good at all.


Note to Self: Don't Pack Tech When Flying

airplane_movie2One of the stories linked in today’s 5Words had me grumbling.

A Yale University student is suing US Airways for losing his Xbox 360, which was packed among his checked bags. But it’s not a simple matter of lost luggage; the kid opened his suitcase after pulling it from baggage claim to find all his belongings inside except the console and accompanying components. He wants $1 million for damages, but that’s not the part that shocked me.

In the story, reported by the Cincinnati Enquirer, a US Airways spokeswoman said the airline isn’t responsible because “publicly available baggage policies specifically exclude liability for electronics checked in luggage.”

Is this common knowledge? I know most people understand that fragile items may not survive the rigors of baggage handling — we’ve all seen luggage carelessly tossed about the tarmac — but the idea that airlines take no responsibility whatsoever, even if the item magically disappears from a suitcase, seems pretty wild to me.

I pulled up the baggage liability limitations for all the other major U.S. airlines — American, Continental, Delta and United — and they all say the same thing. To paraphrase: You’re welcome to bring your electronics on board or in checked baggage, but don’t blame us if anything goes wrong. Continental’s policy even excludes liability for CDs, DVDs and cell phones.

The other factor, besides the airlines, is the Transportation Security Administration. Travel writer Christopher Elliott wrote a lengthy article filled with horror stories of TSA agents swiping things (“Taking Something Always,” he calls the administration) and tips on how to hang on to your stuff. Basically, it boils down to one piece of advice: Keep it in your sights, or leave it at home.

Duly noted.


SFO’s Bizarre Laptop Theft Story

Here’s yet another airport security tale that would be perversely funny if our safety wasn’t at stake: A laptop containing personal information on 33,000 travelers who are members of the Clear program for expedited security-line service went missing at San Francisco’s SFO airport last week. The latest word is that it’s mysteriously reappeared in the same locked office that it vanished from.

I’m not sure if that sounds more like a high-tech Harry Houdini trick or the plot of a novel that Agatha Christie would write if she were still with us; I do know that it’s pretty dang unsettling on multiple levels.

Clear members go through extensive screening (and pay a $128 fee) in order to skip normal airport security procedures; if this were a movie, the laptop would have ended up in the hands of some terrorist organization, which would use it to steal those travelers’ identities and send armies of fanatics onto the nation’s planes. But a spokeswoman for Verified Identity Pass, the company behind Clear, told the San Francisco Chronicle that there’s no reason to panic: The laptop contained info such as names, addresses, and birthdates, not biometric stuff like fingerprints. While it wasn’t encrypted as TSA regulations mandate–oops!–it was protected with two levels of passwords. And a preliminary inspection indicates that the data wasn’t compromised.

Then again, the TSA has told Clear that it can’t register any new members until it gets its act together, but the enrollment page on Clear’s Website merely states that they’re “currently updating our software and are unable to process enrollments at this time.” I’m not sure if Clear is skirting around the truth or what, but if that’s a reference to what’s going on, it borders on a bald-faced lie. Which is not something you want to hear from a company that’s involved with airport security.

And the privacy page at the Clear site refers to “a comprehensive information security program to ensure the privacy of Clear applicants and members as well as the integrity of our systems” that’s impossible to reconcile with a laptop full of unencrypted data apparently sneaking out of an office and then sneaking back in.

I travel enough that when I’ve walked by Clear kiosks at airports, I’ve sometimes considered joining up. The main reason I haven’t is that among the airports I use most, the ones that Clear first tended to be the ones with the fastest security in the first place. (I rarely wait more than about three minutes at the United terminal at JFK, but if Clear served the nightmarish McCarran airport in Las Vegas I’d probably be a member today.)

But in the back of my mind, I think, I’ve always been uneasy about the idea of a background check and money overriding airport security practices…and yes, I feel that way even though I know just how lame many of those practices are.

So I never signed up. And I’m glad that I’m following this story as a bystander, rather than as someone whose personal information information might have been sitting on the amazing disappearing laptop…