Slashdot Mirror

← Back to Stories (view on slashdot.org)

TSA's Sloppy Redacting Reveals All

Posted by kdawson on from the hire-a-competent-clerk-why-don'tcha dept.

A travel blog breaks the story of a poor job of redacting by the TSA: they posted a PDF of airport screening policies, with certain sections blacked out — not realizing that simply laying a black rectangle over the text is hardly sufficient. Cryptome has posted a copy with the redaction removed (ZIP).

25 of 605 comments (clear)

  1. Actual Link to the zip by hcmtnbiker · · Score: 4, Informative

    http://cryptome.org/tsa-screening.zip The actual link.

    --
    If i had one dollar for every brain you dont have, i would have $1.
    1. Re:Actual Link to the zip by afidel · · Score: 4, Informative

      Then use mod_gzip (if the text field's aren't already compressed, which they can be) and mod_cache.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    2. Re:Actual Link to the zip by EMN13 · · Score: 2, Informative

      You do realize that despite the internals, a zipped pdf may be quite a bit smaller than the raw pdf?

      Perhaps you'd prefer a smarter more time intensive approach (tweaking the pdf itself), but there's no question that if you're just out to reduce size in a simple easy-to-understand and perform manner, this is a perfectly reasonable action.

    3. Re:Actual Link to the zip by Inda · · Score: 4, Informative

      If zipping a PDF makes it smaller, you've created the PDF wrong.

      --
      This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
    4. Re:Actual Link to the zip by Le+Marteau · · Score: 3, Informative

      You do realize that the linked zip was 1,776 KB, and contained a PDF which, when unzipped, was 2,198 KB, right?

      --
      Mod down people who tell people how to mod in their sigs
    5. Re:Actual Link to the zip by CecilPL · · Score: 2, Informative

      Use Foxit Reader instead. It's singlehandedly destroyed my fear of pdfs.

    6. Re:Actual Link to the zip by commodore64_love · · Score: 2, Informative

      Well that 422 kilobytes saved me 3 minutes of download time on my 28k modem

      Okay yes it's ridiculous to zip it.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    7. Re:Actual Link to the zip by Bigjeff5 · · Score: 2, Informative

      Apparently you don't host a website, because serving files is extremely expensive - 400kb over thousands of downloads works out to quite a bit of money saved.

      --
      Security is mostly a superstition... Avoiding danger is no safer in the long run than outright exposure. - Helen Keller
    8. Re:Actual Link to the zip by Mr.+DOS · · Score: 2, Informative

      Over hundreds of requests, that 422KB less saves them possibly hundreds of megabytes of bandwidth.

            --- Mr. DOS

  2. The real link to the cryptome file by JesseL · · Score: 3, Informative

    is here:
    http://cryptome.org/tsa-screening.zip

    --
    "Prefiero morir de pie que vivir siempre arrodillado!"
  3. Use what they give you! by adamchou · · Score: 5, Informative

    How stupid are these people?! Adobe even has a feature to redact (not draw black boxes) text from documents

  4. Comment removed by account_deleted · · Score: 2, Informative

    Comment removed based on user account deletion

  5. Re:The TSA redacting process by supersat · · Score: 2, Informative

    I suspect the boarding pass check is primarily to keep the TSA from being overwhelmed by people not flying, such as family members waiting for you to arrive. Using it for any other purpose (including identifying selectees) is pretty pointless until they actually validate the boarding pass. They're slowly starting to do this, but it's a long process.

  6. Re:then why was it redacted? by Martin+Blank · · Score: 2, Informative

    The document states explicitly that, absent a Federal Flight Deck Officer ID and presence of a TSA-issued weapon, aircraft crew are to be subjected to normal screening. An FFDO that is unarmed is also screened.

    The exemptions that you're talking about are exemptions from selectee screening (Section 4.3.15 B). Military, FEMA, forest firefighters, etc., are exempted from selectee screening. They're not exempted from standard screening.

    --
    You can never go home again... but I guess you can shop there.
  7. Re:then why was it redacted? by billsnow · · Score: 2, Informative

    you misread: the category you just listed is merely exempt from random extra screening. they still get screened, and if their boarding pass has "selectee" markings they have to get screened extra too.

  8. Re:Silly by Anonymous Coward · · Score: 1, Informative

    More relevant, I think, is that knowing the exact calibration thresholds for the xray machines; which aircrew uniforms are exempted from screenings, etc might allow terrorists/malcontents to adjust their smuggling/terrorism plans to better avoid or circumvent those protection.

    While this *IS* unquestionably a form of security through obscurity, I can clearly see whey a security force would want to prevent this information being public.

    (EG, knowing that the sensitivity cut-off for wire is 28 gauge, one could substitute say-- 36 gauge wire in their bomb instead, because that would be too thin to be reliably detected, and may pass right through inspection unnoticed.)

    Or, in the case of a suicide bomber, knowing which aircrew uniforms to procure prior to the operation to avoid being detained and searched by the airport security personnel could be very handy.

    Essentially, they wanted to "black box" the details of their security protocols, to make them harder to target for circumvention. (No puns about the ineffective redaction intended)

  9. Re:Well, at least the rest don't do this. by Dr+Damage+I · · Score: 4, Informative

    It's worse than that. One trick that the IRA used to use (not sure if it originated with them or not) is to have sequenced bombings: Determine where people fleeing the first bomb will go then set off a second bomb (or bombs) at the logical escape routes. People fleeing danger tend to get densely packed at choke points.

    --
    "Cursed is he who rises early in the morning..." Isiah 5:11
  10. Re:Well, at least the rest don't do this. by chrb · · Score: 4, Informative

    the goal of terrorism is to cause terror

    The goal of terrorism is to effect political and social change. The terror is just a means to an end.

  11. Re:Well, at least the rest don't do this. by registrar · · Score: 2, Informative

    there's no security (or at least none that would stop a luggage bomb) before you reach the checkpoint

    There is if you travel through a country with serious security issues, like India or Israel.

  12. Re:Well, at least the rest don't do this. by ei4anb · · Score: 2, Informative

    During the "troubles" in Northern Ireland the Irish airport police had checkpoints at the airport doors where they used explosives sniffers to check luggage. They were efficient and I never saw a queue more than a minute or two long. It was enough deterrent and there never was any attack in an airport or on a 'plane.

  13. Re:Well, at least the rest don't do this. by beowulfcluster · · Score: 4, Informative

    Indeed, the Lockerbie bombing for example. Apparently a bomb that fit in a tape recorder was enough to blow a hole in the fuselage and that was that.

  14. Re:Well, at least the rest don't do this. by icebrain · · Score: 5, Informative

    Are you actually a pilot, or do you just play one on TV?

    Barrel rolls are 1G maneuvers. A "normal" roll down the axis of the airplane is an aileron roll. This would probably cause injury to those not sitting down with their seat belts on, and those who are hit by the unseated, but won't cause the plane to crash as long as the pilots don't overstress the airframe during the recovery. A snap roll is something else; it's a more violent maneuver that's more complicated than an aileron roll, and one that would likely break the airplane.

    Your "analysis" of Airbus FBW systems is entirely off-base. Fly-by-wire is not some fuzzy-logic computer that tries to think about what you want vs. what it wants to do; rather, such systems have known, hard, rigidly-defined limits. They may have pitch and roll angle limits (as you allude to) in addition to other ones, but essentially they are just feedback controllers, not much more complicated than the PID ones we all remember from our controls theory classes.

    --
    The meek may inherit the earth, but the strong shall take the stars.
  15. Re:TSA? by PhilHibbs · · Score: 3, Informative

    From the FAQ:

    Q: Slashdot seems to be very U.S.-centric. Do you have any plans to be more international in your scope?

    A: Slashdot is U.S.-centric. We readily admit this, and really don't see it as a problem. Slashdot is run by Americans, after all, and the vast majority of our readership is in the U.S. We're certainly not opposed to doing more international stories, but we don't have any formal plans for making that happen. All we can really tell you is that if you're outside the U.S. and you have news, submit it, and if it looks interesting, we'll post it.

    It is worth noting that there is a Japanese Slashdot run by VA Japan. While we helped them a little in their early days, they essentially run their own content without any real involvement from us... none of us can read Kanji! There are currently no plans to do other language or nation specific Slashdot sites.

  16. Re:Silly by steronz · · Score: 2, Informative

    http://en.wikipedia.org/wiki/Working_dog

    The only question is why they replaced "dog" with the snootier "canine," but the sentences parses just the same. /Buzz Killington

  17. Re:Well, at least the rest don't do this. by Anonymous Coward · · Score: 2, Informative

    Just FYI, parent is definitely NSFW.