TSA's Sloppy Redacting Reveals All

A travel blog breaks the story of a poor job of redacting by the TSA: they posted a PDF of airport screening policies, with certain sections blacked out — not realizing that simply laying a black rectangle over the text is hardly sufficient. Cryptome has posted a copy with the redaction removed (ZIP).

Actual Link to the zip

[hcmtnbiker]

http://cryptome.org/tsa-screening.zip [cryptome.org] The actual link.

Re:Actual Link to the zip

[Kral_Blbec]

dude, you zipped a pdf....
thats almost as bad as when my mom puts a jpg in a doc to email it.

Re:

[girlintraining]

dude, you zipped a pdf....thats almost as bad as when my mom puts a jpg in a doc to email it.

When you're expecting several tens of thousands of people to download it in a short time period -- every kilobyte helps.

Re:Actual Link to the zip

[afidel]

Then use mod_gzip (if the text field's aren't already compressed, which they can be) and mod_cache.

Re:

[afidel]

You obviously don't use Acrobat reader!

Re:

[CecilPL]

Use Foxit Reader instead. It's singlehandedly destroyed my fear of pdfs.

Re:Actual Link to the zip

[Inda]

If zipping a PDF makes it smaller, you've created the PDF wrong.

Re:Actual Link to the zip

[dkleinsc]

Which, as the summary explains, is absolutely true.

Re:

[Looce]

I know your post was meant to be a joke, but a .zip file is not usually opened automatically by a Web browser like a .pdf is, and the guess might be that most people who open that document would want to save it. I don't know why; maybe it's because cryptome.org expects to get a takedown request soon from the Transportation Security Administration in a great display of Streisand effect... :)

Re:Actual Link to the zip

[zmotula]

Just this weekend I experienced a flash game embedded in a XLS enclosed in an Outlook .eml file. I hope it does not get worse than that, otherwise I am sure we'd be breaking some laws of topology.

Re:

[Bazzargh]

Ok how about... a uuencoded[1], corrupt[2], powerpoint attachment inside an email that got pasted (as the raw text of an email) into a word doc, reformatted, and then mailed to me (as a base64'd attachment).

Got sent that ~12 years ago by a PHB who wanted help getting the powerpoint out of his mail. It wasn't that hard - I wrote a little uudecoder in perl that started dumping when it saw the magic bytes for OLE...that format has a LUT for 512-byte blocks of the doc at the start, if you have trailing junk its

Re:

[EMN13]

You do realize that despite the internals, a zipped pdf may be quite a bit smaller than the raw pdf?

Perhaps you'd prefer a smarter more time intensive approach (tweaking the pdf itself), but there's no question that if you're just out to reduce size in a simple easy-to-understand and perform manner, this is a perfectly reasonable action.

Re:

[Le Marteau]

You do realize that the linked zip was 1,776 KB, and contained a PDF which, when unzipped, was 2,198 KB, right?

Re:

[JWSmythe]

    Since they mangled the link in the story, I'm pretty sure it's mostly Slashdot-effect-proof. Or I guess that would be slashdoteffectproof. :)

Select All

[Reason58]

ctrl-a is a bitch, huh?

Re:Select All

[MichaelSmith]

Whats the penalty for subverting a copy prevention measure?

The real link to the cryptome file

[JesseL]

is here:
http://cryptome.org/tsa-screening.zip [cryptome.org]

Well, at least the rest don't do this.

[JoshuaZ]

I know people who work in the US government. As I understand it, when releasing material that is partially blacked out, in most departments the procedure is to simply black it out on a hard copy and then photocopy the hard copy or scan it if it is to go online. This removes any chance of clever ways of getting the data if there's something about the file format or such that is strange. I don't see why the TSA wouldn't do the same thing. Moreover, isn't the fact that you can do this with PDFs well known? I've even seen it used as a way of covering up spoilers. What were they thinking?

Re:Well, at least the rest don't do this.

[Reason58]

I don't see why the TSA wouldn't do the same thing.

For the same reason they make you take your shoes off? For the same reason they have so many ineffective security policies that busy airports often have security checkpoint lines containing more people than a plane, which makes for extremely easy bombing targets (no security!)? Clueless, inept, and there to absorb money and power.

Re:Well, at least the rest don't do this.

[JWSmythe]

    It's not clueless and inept. It's the illusion of security. Take off your shoes. Put your liquids in a clear bag. Stand here while we do a cursory search of your carry on luggage. It's to make the general population *FEEL* secure, not to actually secure them. Have you looked in their trash bin of confiscated items? It's all stuff that wouldn't sell at a yard sale. Their "explosive" detectors are a joke. And backscatter xrays? I went through one. Because of the way my shirt was sewn, it looked like I was wearing suspenders. 15 minutes to explain that it was just a shirt. How about recent tests where only 25% of the tests done passing obvious dangerous items (bombs, knives, guns, etc) through security were caught?

    They still allow objects with more serious potential through. A laptop as a blunt force instrument? The potential energy stored in a laptop battery? The RF radiation created by handheld electronics? The fact that a highschool football player could overpower the flight crew and air marshals? They worry about that tube of toothpaste. What if 100 of the tickets for a flight were booked by terrorists? Good luck for the rest of the passengers to overpower them.

    But, the people demanded higher security, so they get the illusion of higher security.

    Now, take off your shoes, and play along with the security theater.
 

Re:Well, at least the rest don't do this.

[JoshuaZ]

Security theater isn't inherently bad. People get scared very easily. We could say "sure, we've added in some minor stop gaps but the main result is that we hope if you get hijacked you'll do your patriotic duty to stop the hijackers or barring that bringing the plane down. And bombings? We aren't very concerned about them. Such events have been very rare for a long time." People wouldn't respond rationally to that. So instead we add steps that are ostentatious and feel like security. The result is people behave more reasonably and use airplanes they wouldn't otherwise do so. This is a cynical but strong argument for security theater.

Re:Well, at least the rest don't do this.

[JWSmythe]

    No, your views aren't cynical. They're realistic. Unfortunately, we (the gov't with our tax dollars) are spending so much to enhance the illusion, that could be better spent elsewhere. But, the TSA isn't going away any time soon, and "security" measures will continue, even though they are entertaining at best.

    I had a nice talk with a TSA agent once. I had time to waste, and he was going through the drill. It was obvious that he understood his job was just to maintain the illusion. We both understood that if air travel is the path of most resistance, a real terrorist would choose the path of least resistance. There are so many options, and even in a total police state those methods wouldn't be fool proof. Consider the underground movements during WWII in Europe. Even in occupied cities with Axis troops on every corner, the resistance was able to not only subvert their security by moving people in and out, but they were able to stage resistance attacks (as we'd now know as terrorist attacks). But as it goes, one man's freedom fighter is another man's terrorist.

Re:Well, at least the rest don't do this.

[Jbcarpen]

I'd like to point out that a Terrorist (in general) deliberately targets civilians. If someone is claiming to be a Freedom Fighter they had better be taking steps to ensure that their targets are military in nature. If they target civilians out of choice, then they lose the right to claim freedom fighter status (doesn't stop them from claiming it anyway, but they're just deluding themselves.)

Re:Well, at least the rest don't do this.

[Uberbah]

I'd like to point out that a Terrorist (in general) deliberately targets civilians.

If they aren't targeting civilians, they aren't terrorists. Marine barracks bombing in Lebanon? Not terrorism. Flying a plane into the Pentagon? Not terrorism (though it was for the folks on the plane). Bombing the U.S.S. Cole? Not terrorism. Attacks on military installations and personnel is not terrorism, it's an attack on the military.

Re:

[chrb]

And flying a plane into the WTC? Osama viewed himself and his group as being at war with the U.S. They had bombed the U.S.S. Cole, the U.S. had attacked their training camps with cruise missiles. The question is whether attacking enemy civilians during a time of war should be classed as "terrorism"? Most people would not call the attacks of Germany and Britain on each others civilian populations during WWII "terrorism", even though the blanket targeting of civilian populations did occur (ie. the bombing of

WWII terrorism : Who wrote the history books ?

[DrYak]

Most people would not call the attacks of Germany and Britain on each others civilian populations during WWII "terrorism", even though the blanket targeting of civilian populations did occur (ie. the bombing of civilians was not an accident, or "collateral damage", it was a deliberate act designed to kill and undermine moral).
Why was the bombing of civilian cities (those with no or little military infrastructure) during WWII considered valid, and yet now is considered "terrorism"?

Well from a purely theoretical point of view, these bombings (and also the nuclear bombs on Hiroshima and Nagasaki) were *indeed* perfect example of the definition of terrorism (killing civilian target for the sole purpose of undermining the moral), even if they were done by government instead of some rebel groups.

But now you see, with wars done by governments, the small difference is that the winners get to write the history books. And if they choose to call their deeds as "glorious acts of democratic resistance against the evil empire of dumb-stupid nazis" instead of "acts of terror to break the enemy's morale", so be it.
And that's how some doctrine like "Shock and awe" are born.

In an alternate reality where the American economy had collapsed, giving a chance to Afghanistan to actually win the war, you know how the books where going to describe this conflict.

Re:

[bkr1_2k]

The problem is that we classify the bombings done by the Axis powers as war too, not terrorism. It's not just about who gets to write the history books. It's about the constant changing of language and acceptance of new things. We never heard "collateral damage" until the early 90s (as civilians). We certainly never heard words like Jihad, or WMD, or rendition, or any other of a number of words that have "evolved" from the last couple of wars the US has been involved with fighting. And let's not forget

Re:Well, at least the rest don't do this.

[Aceticon]

It's even more complicated than that:
- It's a well known military adage that you attack your enemy where it is weakest, not strongest.

A bunch of (relatively) poorly armed civilians attacking well armed, well prepared military targets is at best a form of ritual suicide.

I would change the definition of terrorist to be somebody that purposefully attacks civilian targets and/or willingly accepts civilian casualties with the objective of terrorizing the civilians into compliance.

Note that this definition does include state actors - states often act as terrorists.

Even under this definition, you can still say that some in the Resistance during WW2 were terrorists: the executions of "collaborators" were done to induce compliance in others by terror.

Re:Well, at least the rest don't do this.

[meringuoid]

If they target civilians out of choice, then they lose the right to claim freedom fighter status

In such a campaign, who's a civilian? Are informers considered civilians, or can the Resistance shoot them? Are collaborators considered civilians, or can the Resistance intimidate or terrorise them to discourage working with the enemy?

I'm pretty sure the French Resistance did both. So did the IRA.

Re:Well, at least the rest don't do this.

[Phylomo]

Awesome branch on this thread. So many people don't know the difference. "Terrorist" designation comes from tactics, from choice of targets, NOT from motivation. Your examples, merinquoid, point out where the line is fuzzy. Another example: PLO suicide bomber attacks against an Israeli military checkpoint? Not terrorism. PLO suicide bomber attacks against a school-bus full of children? Terrorism. PLO suicide bomber attacks against adult Israelis, all of whom might be armed and capable of defending themselves? Civilians, but civilians who view themselves as an extension of the military? Maybe terrorism, maybe not. Certainly an attack that the Israelis have a right to defend themselves against, but maybe not terrorism. (Thanks, jbcarpen, uberbah and merinquoid)

Re:

[Pig Hogger]

(I don't want to tar all or even most Americans with this brush, but the high level of IRA funding that came from the US is openly accepted).

That’s because the IRA’s fight is the same the US went through back around 1776.

And IRA’s fight is just as legit, by the way. It's the limeys' indomitable pigheadedness that is the source of all the trouble. They only need to dump Northern Ireland to EIRE; the orangists who live there will then appropriately dealed with by the irish or they will b

Re:Well, at least the rest don't do this.

[The Wooden Badger]

...Oxygen gets you high. In a catastrophic emergency, you're taking giant panicked breaths. Suddenly you become euphoric, docile. You accept your fate. It's all right here. Emergency water landing - 600 miles an hour. Blank faces, calm as Hindu cows.

Re:Well, at least the rest don't do this.

[LordLimecat]

Most people at airports dont seem afraid, or reassured, they tend to simply be irritated at what the average citizen can recognize as silly and ineffective.

I dont know what part of the population the TSA hopes to fool, but its not the majority.

Re:Well, at least the rest don't do this.

[JimboG]

Forget the laptop battery... On most planes there is a canister of chemicals stored above every seat that when mixed produces oxygen. Combine that with some duty-free Bacardi 151 (You know, the one with the flame retardant top) and the cigarette lighter you bought just before the flight and you could make you're own very effective little bomb right on the plane itself! All these so called security measures are a joke, when things like spirits and cigarette lighters are still allowed on flights. TSA... I'm not even going to start thinking about those morons. It just gets me all angry.

Re:

[I confirm I'm not a]

Your comment re: spirits onboard reminded me of travelling into New Zealand - you're not allowed to carry spirits into Australia or New Zealand. The cause was a flight that crash-landed in Guam: the plane got down relatively safely, minimal people were hurt during the landing, but in the aftermath the duty-free spirits in the overhead lockers caught fire and the deaths quickly mounted up. A Kiwi on the flight survived and began campaigning for a change to the regulations regarding spirits on flights. To da

Re:Well, at least the rest don't do this.

[MartinSchou]

Have you looked in their trash bin of confiscated items?

This bit actually says it all.

1) You're not allowed to bring liquids above a certain quantity for fears it might be part of an explosive device
2) Throw said components into an open trash can
3) Repeat 1 and 2 until you hit critical mass
4) Throw an igniter into the trash can
5) Big boom

When's the last time you saw the police or military treat a package like that, when they suspect it might be an explosive? It never happens. They take very serious steps to prevent injuries, going as far as blowing up small bags of bikinis.

But at the airport, where you have hundreds of people standing in line, you're supposed to just toss it all into an open container next to the line. Security indeed.

Re:Well, at least the rest don't do this.

[JWSmythe]

    I have one better for you.

    I upgraded my ticket at a kiosk for a flight. I love the $75 upgrades. :) My original boarding pass already had "SSSSS" on it, which means I was flagged to be checked. The upgraded ticket also had the "SSSSS" on it. I went through the metal detector. I was patted down, and questioned about my intentions on the flight (Umm, to get from Point A to Point B). Something trivial was taken from me and thrown in the bin, but I don't remember exactly what. My seat? Row 1, Seat C. That put me in the very first row, on the aisle. If I sneezed, the snot would have hit the cockpit door. If I was a security concern for any reason, is that really where you want me?

    At one point during the flight, the pilot came out to use the restroom. The only thing between me and the controls? A petite stewardess. Obviously I had no intention of doing anything bad, since I'm writing this in freedom. :) But, come on, if there was even a hint that I'd do something bad, would it be appropriate to give me the perfect seat to do it from?

Re:Well, at least the rest don't do this.

[tyldis]

Also, I did WLAN installations at a range of airports as a hired consultant.
They only checked my police record before issuing me with an access to *all* areas on *every* airport in the country. Not even security officers matched my clearance.

To make it even 'worse': I had clearance to bring any item or equipment past the security checkpoint, except explosives. I had knives and all sorts of sharp/blunt objects.

On one occasion I also brought my car and got clearance to bring it on the same side as the airplanes. The security officer who was to inspect my car rolled his eyes to see it filled with ~60 boxes (containing WLAN AP) and decided it was too much of an effort to check the vehicle so I could just pass.

No interview, deep background checks, nothing before I got clearance. I suspect the cleaning staff have similar clearance (except their equipment might already be inside).

I guess I was just one of many... It then bothers me endlessly to be stripped of my toothpaste when flying civil (my clearance ended this summer, a ear after I switched jobs...).

Re:

[jimicus]

If I was a security guard and I thought you were wearing suspenders [twenga.co.uk] under a shirt, I'd be interested in speaking to you further as well.

Re:

[Jeremi]

For the same reason they have so many ineffective security policies that busy airports often have security checkpoint lines containing more people than a plane, which makes for extremely easy bombing targets (no security!)?

There are lots of places where many people gather together. The critical difference is that those places don't also contain several thousand gallons of jet fuel, and you you can't fly them into a skyscraper.

Re:

[Duradin]

1. Don't open cockpit door.
2. Light fasten seatbelt sign.
3. ????? (do a barrel roll, steep climb/dive/banking or parabolic arcs)
4. Don't fly into skyscraper, do collect badly injured terr'ists.
5. Profit.

Re:

[Mr. Freeman]

A barrel roll is actually a 1 G maneuver that if performed correctly no one will notice until they look out their window. You're probably thinking of a snap roll (plane spins around the axis running down the fuselage). This would injure the terrorists... and everyone else on the plane... and break the plane and crash and burn.

You can perform a barrel roll in Boeing commercial airliners, and someone actually did so with a 707 when they introduced the model during an airshow. You can't do it in an airbus b

Re:Well, at least the rest don't do this.

[icebrain]

Are you actually a pilot, or do you just play one on TV?

Barrel rolls are 1G maneuvers. A "normal" roll down the axis of the airplane is an aileron roll. This would probably cause injury to those not sitting down with their seat belts on, and those who are hit by the unseated, but won't cause the plane to crash as long as the pilots don't overstress the airframe during the recovery. A snap roll is something else; it's a more violent maneuver that's more complicated than an aileron roll, and one that would likely break the airplane.

Your "analysis" of Airbus FBW systems is entirely off-base. Fly-by-wire is not some fuzzy-logic computer that tries to think about what you want vs. what it wants to do; rather, such systems have known, hard, rigidly-defined limits. They may have pitch and roll angle limits (as you allude to) in addition to other ones, but essentially they are just feedback controllers, not much more complicated than the PID ones we all remember from our controls theory classes.

Re:Well, at least the rest don't do this.

[furball]

Obviously the solution is a security line for the security line. That way the security line can't be bombed. Duh.

Re:Well, at least the rest don't do this.

[Xaositecte]

Yo dawg, I heard you like security, so I put some lines in your lines so you can wait while you wait.

Re:

[janek78]

And yet, their budged is several times more than the FDA. Given how many people drugs (and their improper use) kill every year, you'd think that if the US government really wanted to save lives....

Re:

[Jarjarthejedi]

Uhh...the people in a checkpoint line are far more densely packed than people on a plane, so ignoring that factor in your analysis is a bit of a mistake. Not to mention that, as the GP said, there's no security (or at least none that would stop a luggage bomb) before you reach the checkpoint, so size isn't a huge issue.

But ignoring all of that the goal of terrorism is to cause terror, and where do people feel safer, a plane, or the security line before a plane?

Re:

[TapeCutter]

"the people in a checkpoint line are far more densely packed than people on a plane" - You're either joking or travelling first class but I agree the security line is a sitting duck.

Re:Well, at least the rest don't do this.

[Dr Damage I]

It's worse than that. One trick that the IRA used to use (not sure if it originated with them or not) is to have sequenced bombings: Determine where people fleeing the first bomb will go then set off a second bomb (or bombs) at the logical escape routes. People fleeing danger tend to get densely packed at choke points.

Re:Well, at least the rest don't do this.

[DMUTPeregrine]

Also, if they bomb the checkpoints what is the response going to be? More checkpoints further out? An infinite array of security checkpoints?

Re:

[s1lverl0rd]

It's turtles all the way down!

Re:

[ei4anb]

During the "troubles" in Northern Ireland the Irish airport police had checkpoints at the airport doors where they used explosives sniffers to check luggage. They were efficient and I never saw a queue more than a minute or two long. It was enough deterrent and there never was any attack in an airport or on a 'plane.

Re:

[Tony Hoyle]

That's because they were dealing with a real threat not just playing at it. If there's a risk of bombs the last thing you want to do is cause a choke point meaning large numbers of people congregate in a single area - you keep the checks as efficient and fast as possible.

Re:Well, at least the rest don't do this.

[chrb]

the goal of terrorism is to cause terror

The goal of terrorism is to effect political and social change. The terror is just a means to an end.

Re:

[registrar]

there's no security (or at least none that would stop a luggage bomb) before you reach the checkpoint

There is if you travel through a country with serious security issues, like India or Israel.

Re:Well, at least the rest don't do this.

[Uberbah]

Even though I don't agree with the stupid security "measurements" taken, this is just absurd and not particularly well thought through.

You shouldn't throw stones....

It takes a very, very small bomb to kill the same amount of people once they are on the plane.

Hardly. Planes are designed to withstand heavy weather and have redundant systems. Carrying a large bomb into a long security line is trivial. Carrying a bomb onto a plane large enough to hit the fuel tanks, the cockpit or severely damage one of the wings is NOT trivial.

Re:Well, at least the rest don't do this.

[Richard_at_work]

Aircraft are designed for stresses in particular ways - apply stresses in other ways and its easy to bring down the plane.

You don't have to hit the cockpit, fuel tanks or wings - you simply have to disrupt the fuselage structure itself, which is actually fairly trivial to do. Once the fuselage structure has lost integrity, there is no aircraft.

Re:Well, at least the rest don't do this.

[beowulfcluster]

Indeed, the Lockerbie bombing for example. Apparently a bomb that fit in a tape recorder was enough to blow a hole in the fuselage and that was that.

Re:

[bkr1_2k]

This is exactly why military planes aren't pressurized (at least not to the same altitude--when there is any pressurization). It's a lot easier to withstand holes if there isn't a significant pressure difference. Maybe airlines should consider changing the pressure levels of the cabins.

Re:Well, at least the rest don't do this.

[QuantumG]

There's always one. "Hey everyone, I'm so stupid that I don't even understand how to keep my stupidity a secret."

Ok, I'll try to explain this really simply to you.

1. There's more people in line at the checkpoints than there is on a single plane because there's more than one plane at the airport and the checkpoints take so god damn long.
2. The mythical* terrorists can make those lines even longer just by sending people in to fool around at the checkpoint.
3. People are made of squishy stuff, and are therefore easy to explode.
4. Planes are made of metal which is much stronger than people, so they are harder to explode. And before you mention fuel, the fuel is inside the metal.
5. There's no checkpoints to get to the checkpoints, so it's easier to attack the big mass of people before the checkpoint than it is to attack the small masses of people after the checkpoint.

* All of this is so damn obvious that the only sensible conclusion is that there are no terrorists trying to blow up airports in the US. Further evidence of this is that, in countries that actually have suicide bombings, attacking checkpoints is exactly the strategy they use and, as such, checkpoints are designed to keep people moving through them as fast as possible.

Re:

[IndustrialComplex]

As I understand it, when releasing material that is partially blacked out, in most departments the procedure is to simply black it out on a hard copy and then photocopy the hard copy or scan it if it is to go online.

The reason that we often see these types of failed redaction is that they attempt to black out the text before it is printed, then you can scan it. If you don't black out the text prior to printing it is possible that the scanner picks up on subtle hints as to what the text might have been.

Take

^H is cheaper on ink

[syousef]

Hey TSA dudes, do your bit for the environment and use ^H like we do on slashdot.

I've always had the greatest confidence in TSA

[edwebdev]

but must admit that this strikes a blow to their reputation for competence and effectiveness.

Redaction

[A Guy From Ottawa]

ttp:cryptomeorgtsa-screeningzip [ttp]

The cryptome URL has been redacted. Nothing to see here, move along.

Sincerely,
TSA

wow

[ZosX]

CIA Badges look pretty easy to fake......

Idiots

[Dan East]

Idiots. They should have changed the text color to white for the stuff they wanted to hide.

Re:Idiots

[MichaelSmith]

You would need to find a way to stop people printing the PDF on to black paper.

Re:

[19thNervousBreakdown]

Or just get rid of the white ink WAIT A MINUTE+++ath0
NO CARRIER

Re:

[Tom]

Don't worry, they'll lobby a law against that. Problem solved. Right? RIGHT?

Can the mirrors please

[shermo]

Dammit. The mirrored files have the highlighting taken out so I don't know where the juicy bits are in the document.

Can someone mirror it with the highlighting left in?

why are they so scared about xray monitors?

[SuperBanana]

photographing EDS or ETD monitor screens or emitted images is not permitted. [...] Whenever possible, x-ray machine images must not be visible to the public or press. When physical constraints prevent x-ray images from being fully protected from public viewing, TSOs must ensure no member of the public or press is in a position to observe an x-ray monitor for an extended period of time. Passengers and other unauthorized individuals must not be allowed to view EDS or ETD monitors and screens.

Huh. Now...why would that be?

First guess, they don't want the "terrorists" to see how good/bad the x-ray devices are.

Second more cynical guess: Xray machines are mostly useless and the TSA doesn't want the public to realize it's a bunch of voodoo?

Re:why are they so scared about xray monitors?

[frdmfghtr]

First guess, they don't want the "terrorists" to see how good/bad the x-ray devices are.

Second more cynical guess: Xray machines are mostly useless and the TSA doesn't want the public to realize it's a bunch of voodoo?

Perhaps it a privacy concern between whomever owns the bag being scanned and other members of the public.

Re:

[Martin Blank]

The document states explicitly that, absent a Federal Flight Deck Officer ID and presence of a TSA-issued weapon, aircraft crew are to be subjected to normal screening. An FFDO that is unarmed is also screened.

The exemptions that you're talking about are exemptions from selectee screening (Section 4.3.15 B). Military, FEMA, forest firefighters, etc., are exempted from selectee screening. They're not exempted from standard screening.

No, pilots DO need to be screened...

[SmoothTom]

No, pilots DO need to be screened, because the chance of ONE cockpit crew member going bad and wanting to take the plane out is much better tha the chance of ALL the cockpit crew members wanting that.

That means that with zero screening the "bad pilot" could bring on board a weapon (gun, grenade, knife, flammable liquid, acid, whatever) to either take out the rest of the cockpit crew or the controls.

If the "bad pilot" is unable to get something more dangerous than normal on board, he has less chance to destr

Re:

[pete-classic]

It's almost certainly to prevent test runs.

Suppose you're a religious fundamentalist wack-job who thinks your God wants you to kill people who aren't following his rules. You'd probably have ideas about ways to get certain things on the plane*. (And you'd probably just do it.)

Now, imagine you're some white-bread, middle aged man from the Midwest with a wife, a couple of kids, and a dog. Suppose it's you're job to stop Mr. Wack-job. You'd probably think in terms of what you'd have on the line if you went

Re:

[girlintraining]

reminds me of a comic i read, where some female security personnel would crank the metal detector sensitivity to 11 when a choice man showed up...

You think that's a joke? Portable breathalizers can be made to give false positives by chirping the radio while the suspect exhales. The TSA just makes the job of making an excuse a whole lot easier: Push the button. You don't need any reason beyond "seemed suspicious." Other kinds of security personnel need to manufacture a reason first. :\

Use what they give you!

[adamchou]

How stupid are these people?! Adobe even has a feature to redact [adobe.com] (not draw black boxes) text from documents

Re:

[Uberbah]

People are stupid, corrupt and incompetent. How is your Enron stock doing these days?

Pehaps intentional?

[a whoabot]

From what I can tell, some of the information which was poorly blacked out could be helpful to people who want to get things/persons past security.

However, that is under the assumption that the information is accurate. Perhaps this information is just misleading and the file was poorly blacked out so that people would crack it and assume that it is accurate.

Maybe one way to find out: Does anyone can fired or demoted for this? If not...maybe because it was intentional after all.

Re:

[MaXintosh]

Slashdotters are fond of pointing out that you should never ascribe to malice what you can ascribe to incompetence.

Silly

[QuoteMstr]

Here are typical examples of redacted paragraphs:

Ensure TSOs do not handle explosives, incendiaries, or weapons if such items are discovered during the screening process.

D. Whenever a Threat Image Projection (TIP) enabled x-ray is unable to detect 28-gauge wire at Step 10 on the Test Step Wedge, discontinue use. The STSO must immediately notify TSA management.

An airport assigned LEO (if available), STSO, or designated TSA representative clears the individual after inspecting his or her badge, credential, and Government-issued photo ID, and if flying, his or her boarding pass and Notice of LEO Flying Armed Document.

Aircraft operator flight crewmembers in uniform, with valid aircraft operator employee identification, are
exempt from the Unpredictable Screening Process and restrictions involving liquids, gels, aerosols, and footwear. Aircraft operator flight crewmembers in uniform, designated as selectees, are not exempt from the requirements regarding liquids, gels, aerosols, or footwear. Any alarm of the aircraft operator flight crewmember's person or accessible property must be cleared.

On what planet is it necessary to keep facts like these secret?

Re:Silly

[IndustrialComplex]

On what planet is it necessary to keep facts like these secret?

Is it necessary to reveal them in this manner, or would the interest of the public be served by simply knowing that:

1. TSOs follow a procedure when explosives are discovered
2. X-rays have a test procedure
3. Only certain personnel are allowed to clear indivudals
4. Aircrew are subjected to modified screening procedures.

Is it relevant to know the details of those items? If it was related to my FOIA request, perhaps, but I think we should keep in mind that an open government doesn't require fully open records to meet the spirit of an open government.

If I somehow needed a database from a military hospital for a court case I was involved in, I would hope that any patient records would be anonymized if they weren't necessary for the trial.

Just as we don't necessarily need to know the exact metrics which cause an x-ray machine to fail an inspection unless we were specifically interested in the testing procedures of x-ray machines.

Re:

[R3d M3rcury]

Or my personal favorite:

If designated by the FSD, inspect the credentials of LEOs, LEOs escorting prisoners, Federal Flight Deck Officers (FFDOs), Federal Air Marshals (FAMs), credentialed TSA employees flying with a working canine, and U.S. Government employees required to fly armed in order to clear them through the screening checkpoint.

The bolding is from the original, which is why the whole "credentialed TSA employees flying with a working canine" caught my eye.

A working canine?

1. This is a good thing. After all, unemployed canines could disrupt a flight. But does the canine also have to have some idea to show it's gainfully employed? Does it have to be employed by the TSA? Can an employee show up with Jilli [jillidog.com]?
2. Do TSA employees show up with broken canines?

The mind reels...

As effective as the rest of the TSA

[BrianRoach]

Why is the fact that their redacting technique is as useful and effective as their screening techniques surprising to anyone?

TSA, bringing you the best in security theatre since 2001!

Re:

[Anarchduke]

Especially when part of the redaction specifically talks about TSA Field Intelligence agents. Since when does the TSA have field intelligence agents???

The TSA redacting process

[MosesJones]

This clearly comes from the people who thought up my favourite piece of brain dead "security" from the TSA

When you enter the line to the security gate a TSA numpty checks your boarding pass to make sure you are allowed to join the line. Everyone joining the line has their boarding pass checked, this is a piece of paper often printed on a computer that says what flight you are on, its just about the easiest thing to fake in the history of fakery.

Then you lob everything into the x-ray machine, clearly needing to separate your laptop out as clearly its impossible to see stuff through that. Shoes of course, belts, internal organs...

Then as you step through the body scanner some TSA numpty says "boarding pass please". Pointing out that you've just put all your crap through the machine and that your boarding pass is with your passport and your wallet is of course pointless. The answer... wait until it comes out of the machine and then show the numpty. you are of course also checked at the gate with both passport (hard to fake) and boarding pass (trivial to fake).

So in otherwords the TSA check TWICE a piece of easy to fake information and NEVER check your ruddy passport.

So how did the TSA redact this PDF. Well simple they had the same process. The first person pasted on the black squares. This was then printed out.

The first checker then looked at the printed out copy and said "looks fine to me"

This document was then scanned in and then printed again to be checked by a second checker who said "yup all okay"

And then they put the ORIGINIAL electronic copy on line with the pasting over the top.

The TSA is to security what Micheal Vick is to Pet Care

Re:The TSA redacting process

[nacturation]

The TSA is to security what Micheal Vick is to Pet Care

Slashdot should have a facility to nominate quotes like this for a Slashdot Hall of Fame.

Re:

[drinkypoo]

Professional sports is only vaguely "the real world". And what in the world is going to change if a pro player gets in trouble for dog fighting? Jack diddly shit. The time people waste committing knowledge about professional sports they will never play is pathetic at best. Oh sure, I do pathetic things, but attacking slashdotters for not being familiar with professional sports is like attacking mother theresa for not being a unicycle rider.

Re:

[supersat]

I suspect the boarding pass check is primarily to keep the TSA from being overwhelmed by people not flying, such as family members waiting for you to arrive. Using it for any other purpose (including identifying selectees) is pretty pointless until they actually validate the boarding pass. They're slowly starting to do this, but it's a long process.

Not the first time I've seen it.

[Anonymous Coward]

I used to manage an E-discovery group at a
lawfirm. We would receive stuff like this from
opposing council all the time.

People really are that stupid.

Re:Not the first time I've seen it.

[ledow]

Maybe the people on the other side were like yourself: your credentials hold no water if you weren't involved enough to spell "counsel" - the word you used means something completely different.

THIS HAS HAPPENED BEFORE!

[slimjim8094]

The exact same thing has happened before, and was even covered on slashdot, many many times.

http://entertainment.slashdot.org/story/08/05/20/0228229/FBI-Wiretapping-Audit-Secrets-Uncovered-Via-CtrlC [slashdot.org]
http://it.slashdot.org/article.pl?sid=06/06/22/138210 [slashdot.org]
http://yro.slashdot.org/story/03/11/01/1729257/Memory-Hole-Un-Redacts-Redacted-DOJ-Memo [slashdot.org]

Re:

[Wuhao]

The exact same thing has happened before, and was even covered on slashdot, many many times.

http://entertainment.slashdot.org/story/08/05/20/0228229/FBI-Wiretapping-Audit-Secrets-Uncovered-Via-CtrlC [slashdot.org] http://it.slashdot.org/article.pl?sid=06/06/22/138210 [slashdot.org] http://yro.slashdot.org/story/03/11/01/1729257/Memory-Hole-Un-Redacts-Redacted-DOJ-Memo [slashdot.org]

It's almost as if the sort of people who would think drawing black rectangles in a PDF renders text unreadable don't read the sort of websites that laugh at people for drawing black rectangles in a PDF to render text unreadable.

One interesting redacted section

[jonwil]

iv. If the individual's photo ID is a passport issued by the Government of Cuba, Iran, North
Korea, Libya, Syria, Sudan, Afghanistan, Lebanon, Somalia, Iraq, Yemen, or Algeria, refer
the individual for selectee screening unless the individual has been exempted from selectee
screening by the FSD or aircraft operator.

This section proves that the US Government and the TSA DO target certain groups (in this case people from certain countries) for extra screening (regardless of the individuals who may be members of these groups)

Are people with a Lebanese or Algerian passport more of a risk than other people? Or is it that these passports are easier for the bad guys to legitimately obtain than any other one?

Re:One interesting redacted section

[Ralph Spoilsport]

Then why isn't Saudi Arabia on that list?

Re:One interesting redacted section

[thisnamestoolong]

Mod parent up to +11 Insightful -- the ONE major terrorist attack that precipitated all of this nonsense was perpetrated by Saudi nationals, yet they are not on this list of nations? That list has no place being in existence, but if it is to exist, it is psychotic to not include Saudi Arabia.

Re:CIA Redactions

[unitron]

You just gave me a mental image of some TSA bureaucrat sitting at his computer putting black magic marker lines on the CRT screen as he reviews the PDF.

Re:TSA?

[amRadioHed]

Since when has global significance been a requirement for slashdot articles? Half the time significance isn't even a requirement.

Re:

[PhilHibbs]

From the FAQ [slashdot.org]:

Q: Slashdot seems to be very U.S.-centric. Do you have any plans to be more international in your scope?

A: Slashdot is U.S.-centric. We readily admit this, and really don't see it as a problem. Slashdot is run by Americans, after all, and the vast majority of our readership is in the U.S. We're certainly not opposed to doing more international stories, but we don't have any formal plans for making that happen. All we can really tell you is that if you're outside the U.S. and you have news, subm

Re:

[Overzeetop]

Prior to 1/1/2002, what percentage of people who flew were killed by terrorists. Tell you what, let's add in everyone killed on the ground as a result of the plane crashes on 9/11/01. Now what's the percentage. What percentage of people who drive cars are killed every year prior to mandatory seatbelts? And after?

Now compare the percentage reduction in each to the total annual cost of each. I think you'll find the TSA screening to be horribly cost ineffective.

Besides, how many passenger groups are likely to