Truemors
is reporting from
Member
NP Rank:
NP Rank:
TSA Axes Online Traveler Redress System
Share: 
by Jordan Yerman | February 17, 2007 at 09:03 am
413 views | 10 Recommendations | 1 comment
So the TSA cannot secure their own website. And they rely on MS Word to somehow provide that security. How encouraging.
TSA Removes Online Traveler Redress SystemThe Transportation Security Agency has removed from its website an online system designed for travelers who have been told they are on a watchlist and inserted a statement that the agency takes information security seriously, following reporting by 27B (and others) that the site could put travelers at risk of identity theft and looked like online fraud.
A link on the TSA's "Our Travelers" page earlier this week directed people who wanted to get help from the Traveler Identity Verification program to a page that looked like the TSA website but was actually a subdomain hosted by a web design company with a P.O. Box for an address (see previous link for screenshot). The site, which was full of misspellings and nonsensical directions, asked travelers to provide sensitive personal information via an unencrypted page. A traveler in an airport using a wireless connection would be at risk of having their personal information stolen and used to commit identity fraud. TSA first responded on Wednesday by changing the link to a DHS subdomain and serving all the pages on the site through a secure https:// url.
Now travelers are directed, as they had been in the past, to download a Word document (proprietary, insecure format) and mail it in.
What is NowPublic?
NowPublic lets people work together to cover news events around the world.
Most RecentMost Recommended Comments (1)
at 11:17 on February 17th, 2007
This is an important issue. The Redress system may have not become more insecure, but the story does bring into question the whole enterprise of trusting the watchlists to these folks. It is somebody's law: collect it, and it will be found. Great spot.