« SDRNews: Social Media and Holiday Shopping
SDRNews: Slow WiFi and the WiMax-LTE Saga »

SDRNews: The Perils of Careless Redaction

  • Hackers Find EC2 Home
  • WiMax Gets Second Chance
  • Posterous Makes Business Blogs Easy
SDR 125x50

SDR News is a Daily (M-F) Technology Podcast with Tech News Highlights from Slashdot, Digg and Reddit

Click Here to Sign Up for the SDR Newsletter

Podtrac Player
Prefer a Direct Download ? (mp3)
Download today’s show.


If a news item has disappeared from the Del.icio.us list above, try the full list here.


SEARCH ANY STORY YOU HEAR ON THE PODCAST


More Info on Screencasts Online

Perils of Careless Redaction

by Andrew McCaskey
Heroes, Not Villains

There was all sorts of uproar in the mainstream media concerning the publishing of the TSA procedures manual, with redaction removed. It was as if a great hacker-based scandal had erupted, pushing the security of the US air transport system closer to the brink, just at the time when millions were contemplating their Christmas season travels. Not only was it dramatic, it was the sort of fear-mongering that was sure to set the airwaves of telephone call in urgency in motion.

The facts of the matter seem to point to a clumsy request for quotation that was put in place by the TSA, with the material put forth as an example of procedures that prospective bidders would have to comply with. The TSA itself “redacted” the more sensitive information by turning the text background black around the sensitive areas. It’s just the sort of technique that might be effective in say, preventing a fifth grade class from seeing the answers in a “fill in the blank” quiz, but giving them some idea of what the test might look like.

The various al-Quaeda tech teams around the world probably had more than a few chuckles. Note that by the time that the students were in the seventh or eighth grade, the redaction would be worthless.

So, if the bad guys have the information anyway, why not expose some incompetence in the agency procedures that permitted the incident to happen in the first place ? Embarrassing, yes – but the hackers did not tell any bad guys what they didn’t already know. {sharethis}

Contact Us

TED Talk Sixth Sense Pranav Mistry

Watch Today’s Video Episode

Be sure to check out GoToMeeting. Why? Because you can hold meetings right over the Net — from anywhere. Plus, you can hold all the meetings you want for one flat rate. To get your free 30-day trial , visit www.gotomeeting.com/techpodcasts.

468x60_free_email_10.gif

This entry was posted on Thursday, December 10th, 2009 at 11:58 pm and is filed under SDRNews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

You must be logged in to post a comment.