WTF @ TSA



  • This really is Worse Than Failure.

    http://news.yahoo.com/s/ap/20070505/ap_on_go_ca_st_pe/tsa_missing_data

    WASHINGTON - The Transportation Security Administration has lost a computer hard drive containing Social Security numbers, bank data and payroll information for about 100,000 employees.

    Rep. Sheila Jackson Lee (news, bio, voting record), D-Texas, whose Homeland Security subcommittee oversees the TSA, promised to hold hearings on the security breach. She said Homeland Security buildings are part of the critical infrastructure the agency is charged with protecting.

    I think I just WTF'd in my mouth a little.



  • This kind of thing happens all the time.  TJX released news that 46 million customer files (with credit card numbers, expiration dates, and security codes) were compromised.



  • Yes, but, TJ Maxx is reponsible for providing you with designer shoes at an affordable price.  TSA is responsible for protecting your security, and they can't even protect their own.



  • It only takes 1 disgruntled employee to break the system you know.  besides, that article doesn't even tell us if the information on the hard drive was encrypted or not.



  • The real WTF is holding hearings. Is Congress really going to do anything worthwhile except spend millions of dollars trying to figure out whom to point the finger at? They never provide a solution, they always figure out some low level peon to blame. Then, they give everyone a feel good fuzzy in the back of their mind. Then, six months later, it happens again (see the two data losses at the V.A. for proof of that.)

    The TSA are the same bumbling idiots who have let people into airports with hand guns. Two stories come to mind, both ladies discovered after they went through security that they had forgotten they had handguns in their bags (yes, an WTF inside a WTF inside a....) They reported the incidents to police (both went through security in Atlanta) then THEY were arrested. WTF? Where are your congressional hearings on that?






  • @tster said:

    It only takes 1 disgruntled employee to break the system you know.  besides, that article doesn't even tell us if the information on the hard drive was encrypted or not.

    It doesn't matter if they're encrypted. If I've learned anything from watching 24, you can just defrag the Huffman keys to get at the decrypted data.

     



  • @JeffRules said:

    The real WTF is holding hearings. Is Congress really going to do anything worthwhile except spend millions of dollars trying to figure out whom to point the finger at? They never provide a solution, they always figure out some low level peon to blame. Then, they give everyone a feel good fuzzy in the back of their mind. Then, six months later, it happens again (see the two data losses at the V.A. for proof of that.)

    The TSA are the same bumbling idiots who have let people into airports with hand guns. Two stories come to mind, both ladies discovered after they went through security that they had forgotten they had handguns in their bags (yes, an WTF inside a WTF inside a....) They reported the incidents to police (both went through security in Atlanta) then THEY were arrested. WTF? Where are your congressional hearings on that?




    Just goes to show you, never and I mean NEVER! admit wrongdoing to our government, even if you think it will help someone. They are far more concerned with finding scapegoats then fixing problems.



  • @KattMan said:


    Just goes to show you, never and I mean NEVER! admit wrongdoing to our government, even if you think it will help someone. They are far more concerned with finding scapegoats then fixing problems.

    Too right! All police organisations just want bodies to put in cells, its what they live for. Who the bodies belong to is immaterial.



  • @method1 said:

    @KattMan said:

    Just goes to show you, never and I mean NEVER! admit wrongdoing to our government, even if you think it will help someone. They are far more concerned with finding scapegoats then fixing problems.

    Too right! All police organisations just want bodies to put in cells, its what they live for. Who the bodies belong to is immaterial.


    Great example of that: the Detroit Police homicide department.  For many years, standard policy was that whenever a murder was reported, they'd arrest the person doing the reporting, any witnesses, and if possible, the victim.  They had the highest rate of arrests per murder of any police department in the country, the lowest rate of convictions per murder, and a line item in the budget for paying off false-arrest lawsuits.



  • @Carnildo said:

    @method1 said:
    @KattMan said:

    Just goes to show you, never and I mean NEVER! admit wrongdoing to our government, even if you think it will help someone. They are far more concerned with finding scapegoats then fixing problems.

    Too right! All police organisations just want bodies to put in cells, its what they live for. Who the bodies belong to is immaterial.


    Great example of that: the Detroit Police homicide department. For many years, standard policy was that whenever a murder was reported, they'd arrest the person doing the reporting, any witnesses, and if possible, the victim. They had the highest rate of arrests per murder of any police department in the country, the lowest rate of convictions per murder, and a line item in the budget for paying off false-arrest lawsuits.

    Yeah, but to be fair, if you pull a random person off the street in Detroit, there's a better-than-even chance that they've killed or severely injured somebody.

    That's not to say that it justifies a corrupt police force, but if you recruit cops from a city like that, you're pretty much asking to get a bunch of criminals in uniform. The solution is, of course, to divide the police into two groups and have them go around arresting each other.



  • I won't mention what company I work for, but this kinda thing happened to us about a year ago. Someone broke into a corporate office building and stole some computers, at least one of which had employees' information stored on it. They weren't exactly sure how extensive the information was, or how many employees were affected. There was a flood of bank account changes for direct deposit, credit report requests to ensure none of our identities were stolen, and a new task force charged with preventing this from happening again.

    Now we have ridiculous password requirements, and are required to encrypt the hard drives on our work PCs and laptops. Even though the encryption software only works on the C: partition, takes up to 48 hours to encrypt it, and has a high probability of corrupting your drive in the process.

    In case you're curious how the computers were stolen from a corporate facility where all sensitive employee information was stored: the thieves used a rock to break an office window. Now the employees have to go through this extra trouble because Corporate won't hire a security service to watch over the building.



  • Reading about these stolen SSNs almost daily, I wonder what's the probability that your SSN wasn't stolen if you're American...



  • The real WTF is that the TSA has 100,000 employees, I would say.



  • @dp.design said:

    The real WTF is that the TSA has 100,000 employees, I would say.

    I second this motion!!



  • [ deleted cause the forum software was screwing with me ]



  • @dp.design said:

    [ deleted cause the forum software was screwing with me ]

    wtf?



  • @asuffield said:

    That's not to say that it justifies a corrupt police force, but if you recruit cops from a city like that, you're pretty much asking to get a bunch of criminals in uniform. The solution is, of course, to divide the police into two groups and have them go around arresting each other.

    We could even come up with names for the two groups. And have them each have a signature color.

     (On an unrelated note, I never realized from just commenting (which doesn't use this interface) just how much of a WTF the forum software is. Is there any way to turn off this html editor thingy?)
     



  • @Random832 said:

     (On an unrelated note, I never realized from just commenting (which doesn't use this interface) just how much of a WTF the forum software is. Is there any way to turn off this html editor thingy?)

    Yes, it's in the user options. Sadly, the alternative is actually worse, because then there's no way to enter raw html and so everything you put in gets mangled.



  • Yeah, but to be fair, if you pull a random person off the street in Detroit, there's a better-than-even chance that they've killed or severely injured somebody.

    dude. detroit really isn't that bad.

     



  • @asuffield said:

    @Random832 said:

     (On an unrelated note, I never realized from just commenting (which doesn't use this interface) just how much of a WTF the forum software is. Is there any way to turn off this html editor thingy?)

    Yes, it's in the user options. Sadly, the alternative is actually worse, because then there's no way to enter raw html and so everything you put in gets mangled.

    Really? It used to let you enter raw HTML, IIRC. The people who had problems were the ones (like me) who used unsupported browsers that the HTML editor wasn't shown in - for some reason, the forums software used it as an excuse to mangle the post in interesting ways. Once I convinced the forums (via user agent trickery) that yes, I could use the HTML editor, I'd just chosen to disable it in my settings, everything worked OK. (IIRC, it was the user agent when you submitted the post that mattered.)



  • @makomk said:

    @asuffield said:
    @Random832 said:

     (On an unrelated note, I never realized from just commenting (which doesn't use this interface) just how much of a WTF the forum software is. Is there any way to turn off this html editor thingy?)

    Yes, it's in the user options. Sadly, the alternative is actually worse, because then there's no way to enter raw html and so everything you put in gets mangled.

    Really? It used to let you enter raw HTML, IIRC.

    You can enter html tags, but I'm fairly sure it does some kind of bizarre postprocessing on whatever you enter, so what you type in is not what comes out.


Log in to reply