Posted on 01/31/2008 7:49:21 AM PST by ddtorquee
For the four months that [a TSA Web site supposed to help travelers whose names were erroneously listed on airline watch lists] was up, thousands of people visited it, and 247 travelers submitted highly personal information (including their Social Security number and place of birth) through an insecure, non-SSL encrypted form. TSA's lax security practices resulted in thousands of Americans being put at a direct risk of identity theft.
The site was only taken down after I discovered it in February 2007 and posted something to my blog. Shortly after, Wired and a number of other sites picked up the story, and TSA was shamed into pulling down the site.
In addition to noting the security problems on the site, I also expressed significant skepticism regarding Desyne Web Services, the Virginia-based Web site design firm that was running and operating the site. In my original blog post, I wrote:
"This begs the question: Who are these guys, why don't they know how to use SSL and how were they awarded this sweet contract? Why can't TSA do a simple form submission themselves?"
My initial concern seems to be well founded, as the newly released report reveals. The TSA official in charge of the project awarded the contract--without competition--to one of his former employers, a company owned by one of his high school buddies.
Proving that this is just business as usual for TSA, the report notes that "neither Desyne nor the technical lead on the traveler redress Web site have been sanctioned by TSA for their roles in the deployment of an insecure Web site. TSA continues to pay Desyne to host and maintain two major Web-based information systems. TSA has taken no steps to discipline the technical lead, who still holds a senior program management position at TSA."
(Excerpt) Read more at cnet.com ...
Unless your a Senator sole source are pretty much reserved for very small contracts. This kinda stuff happens all the time in Washington.
The incompetance also happens all the time in Washington. :)
Don’t criticze TSA or you’ll never hear the end of it. You must be a terrorist sympathizer to criticize TSA. Without govt agents permeating society everywhere we are doomed.
I learned that here over the past few years.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.