Monday, December 7, 2009

TSA Leaks Sensitive Airport Screening Manual

Via Wired.com -

Who needs anonymous sources when the government is perfectly capable of leaking its own secrets?

Government workers preparing the release of a Transportation Security Administration manual that details airport screening procedures badly bungled their redaction of the .pdf file. Result: The full text of a document considered “sensitive security information” was inadvertently leaked.

Anyone who’s interested can read about which passengers are more likely to be targeted for secondary screening, who is exempt from screening, TSA procedures for screening foreign dignitaries and CIA-escorted passengers, and extensive instructions for calibrating Siemens walk-through metal detectors.

The 93-page document also includes sample images of DHS, CIA (see above) and congressional identification cards, with instructions on what to look for to verify an authentic pass.

The manual, titled Screening Management Standard Operating Procedure, is dated May 28, 2008. It contains this warning: “NO PART OF THIS RECORD MAY BE DISCLOSED TO PERSONS WITHOUT A ‘NEED TO KNOW.’”

Notwithstanding that disclaimer, the document appeared on FedBizOpps, a government clearinghouse that lists federal contracting opportunities for vendors. It has since been removed from the site, but not before someone grabbed it and submitted it to the whistleblower site Cryptome, where the formerly-redacted portions are highlighted in red boxes. The discovery was first made by a blogger at Wandering Aramean.

TSA spokeswoman Sterling Payne told Threat Level that the document was an “outdated version” of its operating procedures, and that the administration “took swift action when this was discovered.” She said “a full review” is underway to discover why the redacted material was not properly protected.

“TSA has many layers of security to keep the traveling public safe and to constantly adapt to evolving threats,” added Payne in an e-mail. “TSA has appropriate measures in place to effectively screen passengers at airport security checkpoints nationwide.”

The manual was posted as a redacted .pdf document, with sensitive sections blacked out. But the government apparently hasn’t learned from past redaction flubs and merely overlaid black rectangles on the sensitive text in the .pdf, instead of cutting the text itself. Anyone can uncover the hidden text by simply copying and pasting the blacked out portions into another document.

One of the redacted sections, for example, indicates that an armed law enforcement officer in or out of uniform may pass beyond the checkpoint without screening after providing a U.S. government-issued photo ID and “Notice of LEO Flying Armed Document.”

Some commercial airline pilots receive training by the U.S. Marshals Service and are allowed to carry TSA-issued firearms on planes. They can pass through without screening only after presenting “bonafide credentials and aircraft operator photo ID,” the document says.

Foreign dignitaries equivalent to cabinet rank and above, accompanying a spouse, their children under the age of 12, and a State Department escort are exempt from screening.

There are also references to a CIA program called WOMAP, the Worldwide Operational Meet and Assist Program. As part of WOMAP, foreign dignitaries and their escorts — authorized CIA representatives — are exempt from screening, provided they’re approved in advance by TSA’s Office of Intelligence.

Passengers carrying passports from Cuba, Iran, North Korea, Libya, Syria, Sudan, Afghanistan, Lebanon, Somalia, Iraq, Yemen or Algeria are to be designated for selective screening.

---------------------------

http://cryptome.org/tsa-screening.zip

1 comment:

  1. What?! A government agency is incompetent? Naaa!

    Let's give 'em our healthcare too!

    Love,

    Beau

    ReplyDelete