Jump to content

Missing TSA Hard Drive Could Be Used Against Air Marshals


Sidepocket

Recommended Posts

The disappearance last week of a Transportation Security Administration hard drive that contains personal data on 100,000 TSA employees has raised the frightening prospect that terrorists might soon be able to identify the undercover air marshals who toil to keep our skies safe.

With their brush cut hair, bull necks and oh-so-casual Dockers attire, air marshals have never blended in too well. They're the serious looking chaps who board planes early. But letting their names, birth dates and Social Security numbers walk right out of TSA headquarters in Arlington, Va., boggles the mind. This is the agency that's supposed to screen crazies from getting on planes?

"When you can't even secure computers inside TSA, it kind of makes you wonder," said Sen. Pat Leahy (D-Vermont) at a Senate Judiciary hearing on Tuesday.

A federal criminal probe into the hard drive theft is underway. The FBI and Secret Service are helping out. Apparently, the TSA is unsure whether the drive was stolen or simply lost. TSA administrator Kip Hawley downplayed the threat to air marshals yesterday. But some law enforcement experts see it differently. It wouldn't require much effort to use information from the drive to identify and track down air marshals.

"There are grave security concerns here," said Bruce Schneier, an information security expert testifying before Congress this morning.

At least TSA's web designers have their $#*% together. The agency quickly worked up a slick flash presentation about the incident. The effect is kind of like having someone scream at you repeatedly that everything is under control. Sure. We believe you.

--------------------------------------------

Federal authorities have launched a "full-blown criminal investigation" into the disappearance of a computer drive holding personal and banking records of 100,000 Transportation Security Administration employees, agency Administrator Kip Hawley said Monday.

"We're doing a full-court press on this," Hawley told TSA employees in a conference call that USA TODAY was able to listen to.

Hawley's comments downplayed the possibility that the portable hard drive had been lost from TSA headquarters in Arlington, Va., on Thursday. The TSA had said Friday that it was "unclear" whether the device was "still within headquarters or was stolen."

Agency spokeswoman Ellen Howe acknowledged Hawley's comments and added that "nothing has been ruled out," including the possibility the hard drive was lost.

On Monday, TSA employees questioned how the drive went missing and whether it would expose the identities of the thousands of armed air marshals, who ride undercover on airplanes to thwart terrorists. Air marshals, who are TSA employees, fear what someone could do with their names, birth dates and Social Security numbers — data that were on the hard drive.

"If that information is out there, it's very easy to find out who they are," said John Adler, executive vice president of the Federal Law Enforcement Officers Association, whose members include air marshals. Adler said terrorists could use personnel information to find where air marshals live, photograph them and disseminate the photos.

Hawley said air marshals' security "was one of our first concerns" but downplayed the risk to them. The TSA said on its website that "without extensive knowledge of TSA's human resource system, it is extremely difficult to determine what positions employees on the missing hard drive have."

The TSA has not ruled out the possibility that an insider took the drive.

Aviation-security consultant Rich Roth said the data theft "shouldn't affect the air marshals at all." Terrorists who are determined to spot air marshals can simply watch passengers boarding planes early, he said.

The FBI and Secret Service have joined the investigation, which began Thursday after employees in the TSA personnel office who frequently use the hard drive found it missing.

Howe, the TSA spokeswoman, said the drive is about the size of a desk telephone.

Paul Stephens, a policy analyst at the Privacy Rights Clearinghouse, a consumer advocacy group, questioned why a federal security agency would store sensitive information on "something that could be carried away in a briefcase" and not on a larger, less-portable device. External hard drives store data such as text files and photographs and are plugged into a computer.

Cris Soulia, a TSA screener in San Diego and a former Navy computer technician, said he was "dumbfounded" that the agency would store personnel records on a portable device.

"That's really irresponsible," Soulia said.

Howe declined to address why the records were stored on an external hard drive, saying it is "an element of an ongoing investigation."

Stephens said stealing hard drives "is a bit unusual" and usually indicates that "the purpose of the theft was to obtain the data." Many data breaches are the unintentional result of someone stealing a computer to sell it and the computer happens to hold personnel information, he said.

The clearinghouse has tracked hundreds of security breaches that exposed 154 million data records.

http://blog.wired.com/27bstroke6/2007/05/m...a_har.html#more

http://www.usatoday.com/news/washington/20...tsa-probe_N.htm

Link to comment
Share on other sites

Makes me wonder why they never encrypt such things.

That would be stupid. I mean, how would the people that need to access it be able to? You can't expect these people to be able to run a program to open a file, that's above even my comprehension!

Damn my sarcasm, damn how most laws that require peoples information to be encrypted still accept ROT13 as sufficient.

Link to comment
Share on other sites

That would be stupid. I mean, how would the people that need to access it be able to? You can't expect these people to be able to run a program to open a file, that's above even my comprehension!

Damn my sarcasm, damn how most laws that require peoples information to be encrypted still accept ROT13 as sufficient.

I guess your right.  Encryptions are just way to complicated.  I propose we make laws that say such hard drives need to be chained and locked to the hard drive.

privacyPolicy.jpg    +    hard%2520drive111.jpg             

              =  hacking.gif

Link to comment
Share on other sites

It doesn't matter to them (TSA), they expect people to obey them without question (ie: their stupid restrictions and policies), but never take responsibility for their actions (like the kid who's money was taken from his wallet, or the kid who was banned from flying for a book cover).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...