Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lax TSA Website Exposed Travelers' Information

Posted by kdawson on from the speaking-truth-to-stupidity dept.

sjbe sends in an old story with a poetic justice ending. Almost a year ago Chris Soghoian blogged about multiple security holes exposing visitors to a TSA site to possible identity theft. Wired and others picked up the story and the TSA took down the insecure site and fixed the problems. On Friday the US House of Representatives Committee on Oversight and Government Reform released a report (PDF; HTML summary) finding that the TSA contractor, Desyne Web Services, had received a no-bid contract for the faulty site from a former employee who was then a TSA project manager. TSA has taken no action to sanction the responsible parties for the vulnerabilities. The poetic justice is that Soghoian had been investigated for 6 months by the FBI and TSA because he pointed out a vulnerability in the US air transport system; no charges were ever filed.

2 of 81 comments (clear)

  1. Re:Like most security theater in this country ... by Kelz · · Score: 5, Funny

    Did they mean "lax" as in "Loose and not easily retained or controlled." or LAX as in the airport?

  2. Re:Like most security theater in this country ... by ScrewMaster · · Score: 4, Funny

    Did they mean "lax" as in "Loose and not easily retained or controlled." or LAX as in the airport?

    Well, I've been through Los Angeles Airport a couple of times recently. I'd say either appellation is apt.

    --
    The higher the technology, the sharper that two-edged sword.