Homeland Security Secretary Chertoff often seems mystified that the public doesn’t want to be protected as much as he wants to protect them. Maybe a look at the record of the protectors will provide some clue. Protectors like the Transporation Security Administration (TSA), the lovable airport screeners that have done so much to make air travel a tiring and tiresome pain in the ass.
TSA makes mistakes. Quite often, it appears. Some of those mistakes can be pretty onerous. If your name gets on a no-fly list you are in for a heap of inconvenience — or worse. But, as we were assured by TSA after the recent case of a five year old detained, searched and kept from the comforting embrace of his mother because his name, Sam Adams, was the same as someone immigration wanted to nab, all you have to do is apply to get your name off the list (admittedly the original Sam Adams was a rabble rousing revolutionary, but he’s dead now). TSA even makes it easier to get your name off the list by providing a website for the purpose. As you might expect from this crony infested and corrupt administration, the resulting product is worse than a complete cock up. They should have called it the “Cheers” website, as in the place where “everybody knows your name”:
In October 2006, the Transportation Security Administration launched a website to help travelers whose names were erroneously listed on airline watch lists. This redress website had multiple security vulnerabilities: it was not hosted on a government domain; its homepage was not encrypted; one of its data submission pages was not encrypted; and its encrypted pages were not properly certified. These deficiencies exposed thousands of American travelers to potential identity theft. (House Oversight Committee statement; hat tip Boingboing)
The piss poor security design was identified by a blogger and the site has since been moved to a more secure host. But how could this have happened? Some findings of the congressional investigation:
TSA awarded the website contract without competition. TSA gave a small, Virginia-based contractor called Desyne Web Services a no-bid contract to design and operate the redress website. According to an internal TSA investigation, the “Statement of Work” for the contract was “written such that Desyne Web was the only vendor that could meet program requirements.”
The TSA official in charge of the project was a former employee of the contractor. The TSA official who was the “Technical Lead” on the website project and acted as the point of contact with the contractor had an apparent conflict of interest. He was a former employee of Desyne Web Services and regularly socialized with Desyne’s owner.
During this period, TSA Administrator Hawley testified before Congress that the agency had assured “the privacy of users and the security of the system” before its launch. Thousands of individuals used the insecure website, including at least 247 travelers who submitted large amounts of personal information through an insecure webpage.
Desyne’s punishment? Nothing. In fact the firm is still used by TSA on other projects involving “treaveler redress.” TSA Technical Lead’s consequences? None. Still in senior management. Accountability? None.
So it’s the same old Bush administration story. National security is a cover for personal gain; screw-ups that hurt people go unpunished; absolutely no accountability or consequences for massive incompetence. They don’t care, of course. It’s not really about security. If it were, they would take it more seriously.
At the moment I am keyboarding this, these losers will be in office for just 375 days, 15 hours, 42 minutes and 26 seconds longer. I’m sure they will have stopped working long before that as they sally forth to secure some lucrative lobbying job even as they draw a paycheck paid for by moi.
On balance I don’t mind about that. Because every second they are driving the car the rest of us are at risk of reckless endangerment.