TSA Vendor Who Lost Laptop Apologizing To People Who Didn't Even Apply
from the good-record-keeping dept
We recently wrote about how TSA-approved vendor, Verified Identity Pass, had lost a laptop containing all sorts of unencrypted data on people who had applied to be a part of the TSA’s “fast pass” Clear program (letting you skip the long security lines for a $100/year). While the laptop was eventually found (in the same place it was lost), the company insists that no data on the laptop was compromised, and has sent out emails to applicants for Clear. But, it appears that at least something is amiss as David Weinberger received one of the emails despite never having applied for the program. So apparently they’re just informing people at random now. Or someone else applied in Weinberger’s name. Makes you feel very secure, doesn’t it?
Filed Under: clear, laptops, lost data, security, tsa, verified identity
Companies: verified identity pass
Comments on “TSA Vendor Who Lost Laptop Apologizing To People Who Didn't Even Apply”
Clear
Clear is subsidized by the taxpayers so “special” people can cut to the front of the line.
This isn’t fair to the other taxpayers in the long line.
There is no way 100 a year covers background checks and extra security lines for the clear people.
Call your congressman and dump this crap now!
Re: Clear
Actually, a background check costs about $15.
Re: Clear
While I agree it should not be subsidized, I didn’t think less than $12/month could only be affordable to “specials.” I’m piss poor, but if I traveled alot I would budget it in. Seems like the subsidy helps keep it affordable for “less than special” people. Otherwise it would be like the disparity between the price of coach to the price of 1st class. Take the subsidy away and it might only be for the rich in the long run.
Re: Re: Clear
*EDIT* I meant less than $10/month
What difference does it make?
Good Idea, very very very bad execution..
I was a clear member when they were first rolling out the program. They promised me the Clear lanes would open at the San Jose airport on a specific date. When there were delays, they refused to extend my membership and I actually never used my card. I was ripped off by CLEAR and would never recommend this program to anyone. Oh, BTW… I keep getting renewal offers from clear and it’s $128.00 for the first year (not $100 as the article states).
Now… it’s a great idea to have an idea of who to filter out of your system. The system as it stands now is horribly flawed and I have heard news reports of people on the list can’t get off, people who’ve been openly critical of the system being somehow on the list, and I’m sure there are people not on the list who should be. Now watch, I’ll be on the list next.
We take our shoes off at the airport as part of a knee-jerk reaction, we finally can leave our laptops in their bags and we can’t take but a thimble full of fluids with us… and the list goes on. It’s a major disaster and probably should be scrapped so we can begin anew.
As I understand it, Clear is NOT a pre-screening or “trusted passenger” service: if you’re a member you still have to pass the metal detector and X-ray machine like everyone else, it’s just that you get to use the “members only line” (which is probably less crowded) and maybe you have valets helping you with your bags. It’s a matter of convenience, not security.
Therefore, two points spring to mind: 1) There is no good reason to require applicants to supply sensitive personal information to apply, it’s just more of the knee-jerk “we want all your information” thinking (which leads to bad security). And 2) so what if somebody applied in Weinberger’s name? Depending on how stupid Clear’s own security is, it’s either a membership that no one can use, or one that Weinberger can use for free.
Q: if they cannot guard a laptop, how can they protect an airport?
Q: if they cannot guard a laptop, how can they protect an airport?
the deal was, citizen would trade comfort for safety… and know we have neither…
if TSA keeps this or any other vendor capable of such a knucklehead play, there should be terminations of senior managers…
the C-levels at the vendor should be asked to step down — today
Amazing, I didn’t know the technology existed to tell whether information was copied off a laptop’s hard disk. Maybe there’s a tiny little odometer on each byte and they read all the odometers and they were the same.
So there’s something I don’t know about, or they’re lying through their teeth.
How did they win the bid?
This story really makes me wonder how TSA screens and picks contractors. Is there a bid competition? What are the criteria? It does look like TSA needs to rethink this process. Perhaps a major overhaul of TSA itself may be a good start.
i bet mohhamad atta
would have enjoyed the convenience of this program.
Amazing, I didn’t know the technology existed to tell whether information was copied off a laptop’s hard disk. Maybe there’s a tiny little odometer on each byte and they read all the odometers and they were the same.
So there’s something I don’t know about, or they’re lying through their teeth.
Yes, very true. And even if something was in place to track that on the OS running on the laptop, it’s not hard to boot it with a CD with Linux on it, mount the file system in read only mode and copy away. They couldn’t reliably prove that no data was copied. Actually, the smartest of thieves may have well swiped it, copied needed data and put it right back where they found it.
Hey – question – could they be sued for ‘making available’ the data? 🙂 Why not? The RIAA seems to think so.
Security is a problem.
What ever ways are invented toprotectcomputer codes the faster the guys learn to break the codes.
Maybe there’s a tiny little odometer on each byte and they read all the odometers and they were the same.