OK, so I have to take my shoes off now (even though there is technology in some airports where I can place my feet on a sensor to tell me if there is metal in my shoe). That’s fine. I’ll wear the nice socks on travel days. Now it’s liquids. I guess with the amount of hair gel I use (see avatar) that I won’t be carrying on anymore. Goodbye, luggage. But exposing my personal information to the Web? TSA, you’ve gone too far.
A blogger uncovered serious security flaws, including things as basic as no SSL certificate, in a TSA Web site that collects personal data from travelers mistakenly placed on terror watch lists. You’d think with all the wiretapping, they’d know by know exactly who the terrorists are, but I digress. A House Oversight Committee has scolded the organization for its serious vunerabilities in the site, which could offer a wealth of personal data to even amateur hackers.
Maybe I’m being hard on the TSA. This problem doesn’t really affect me, because my name wouldn’t put me on any watch lists except the “extremely caucasian and pale” list. Lindsay Lohan and I are the founding members. However I just can’t imagine how this happened. I mean everyone checks their site for general security concerns before going live. Most of the issues would’ve been caught. But when you’re the TSA, dealing with social security numbers, driver’s license numbers, etc, wouldn’t you take some extra steps?
Makes you wonder where all their advertising revenue is going. That’s right…there are now ads in some of the trays where I place my personal belongings for the x-ray machine. Talk about a captive audience!