TSA Vendor Who Lost Laptop Apologizing To People Who Didn't Even Apply

from the good-record-keeping dept

Mon, Aug 11th 2008 1:51pm — Mike Masnick

We recently wrote about how TSA-approved vendor, Verified Identity Pass, had lost a laptop containing all sorts of unencrypted data on people who had applied to be a part of the TSA's "fast pass" Clear program (letting you skip the long security lines for a $100/year). While the laptop was eventually found (in the same place it was lost), the company insists that no data on the laptop was compromised, and has sent out emails to applicants for Clear. But, it appears that at least something is amiss as David Weinberger received one of the emails despite never having applied for the program. So apparently they're just informing people at random now. Or someone else applied in Weinberger's name. Makes you feel very secure, doesn't it?

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: clear, laptops, lost data, security, tsa, verified identity
Companies: verified identity pass

14 Comments

If you liked this post, you may also be interested in...

Reader Comments

Subscribe: RSS

View by: Time | Thread

TSA GUY, 11 Aug 2008 @ 2:19pm

Clear
Clear is subsidized by the taxpayers so "special" people can cut to the front of the line.
This isn't fair to the other taxpayers in the long line.
There is no way 100 a year covers background checks and extra security lines for the clear people.
Call your congressman and dump this crap now!
[ link to this | view in chronology ]
- Jason, 11 Aug 2008 @ 2:55pm
  
  Re: Clear
  Actually, a background check costs about $15.
  [ link to this | view in chronology ]
- Chris, 11 Aug 2008 @ 3:48pm
  
  Re: Clear
  While I agree it should not be subsidized, I didn't think less than $12/month could only be affordable to "specials." I'm piss poor, but if I traveled alot I would budget it in. Seems like the subsidy helps keep it affordable for "less than special" people. Otherwise it would be like the disparity between the price of coach to the price of 1st class. Take the subsidy away and it might only be for the rich in the long run.
  [ link to this | view in chronology ]
  - Chris, 11 Aug 2008 @ 3:49pm
    
    Re: Re: Clear
    *EDIT* I meant less than $10/month
    [ link to this | view in chronology ]
Anonymous Coward, 11 Aug 2008 @ 2:50pm

What difference does it make?
[ link to this | view in chronology ]
Don, 11 Aug 2008 @ 4:01pm

Good Idea, very very very bad execution..
I was a clear member when they were first rolling out the program. They promised me the Clear lanes would open at the San Jose airport on a specific date. When there were delays, they refused to extend my membership and I actually never used my card. I was ripped off by CLEAR and would never recommend this program to anyone. Oh, BTW... I keep getting renewal offers from clear and it's $128.00 for the first year (not $100 as the article states).

Now... it's a great idea to have an idea of who to filter out of your system. The system as it stands now is horribly flawed and I have heard news reports of people on the list can't get off, people who've been openly critical of the system being somehow on the list, and I'm sure there are people not on the list who should be. Now watch, I'll be on the list next.

We take our shoes off at the airport as part of a knee-jerk reaction, we finally can leave our laptops in their bags and we can't take but a thimble full of fluids with us... and the list goes on. It's a major disaster and probably should be scrapped so we can begin anew.

[ link to this | view in chronology ]
Beta, 11 Aug 2008 @ 4:24pm

As I understand it, Clear is NOT a pre-screening or "trusted passenger" service: if you're a member you still have to pass the metal detector and X-ray machine like everyone else, it's just that you get to use the "members only line" (which is probably less crowded) and maybe you have valets helping you with your bags. It's a matter of convenience, not security.

Therefore, two points spring to mind: 1) There is no good reason to require applicants to supply sensitive personal information to apply, it's just more of the knee-jerk "we want all your information" thinking (which leads to bad security). And 2) so what if somebody applied in Weinberger's name? Depending on how stupid Clear's own security is, it's either a membership that no one can use, or one that Weinberger can use for free.
[ link to this | view in chronology ]
Howard_NYC, 11 Aug 2008 @ 5:19pm

Q: if they cannot guard a laptop, how can they protect an airport?
Q: if they cannot guard a laptop, how can they protect an airport?

the deal was, citizen would trade comfort for safety... and know we have neither...

if TSA keeps this or any other vendor capable of such a knucklehead play, there should be terminations of senior managers...

the C-levels at the vendor should be asked to step down -- today
[ link to this | view in chronology ]
Cynic, 11 Aug 2008 @ 5:59pm

Amazing, I didn't know the technology existed to tell whether information was copied off a laptop's hard disk. Maybe there's a tiny little odometer on each byte and they read all the odometers and they were the same.

So there's something I don't know about, or they're lying through their teeth.
[ link to this | view in chronology ]
VMD, 12 Aug 2008 @ 6:14am

How did they win the bid?
This story really makes me wonder how TSA screens and picks contractors. Is there a bid competition? What are the criteria? It does look like TSA needs to rethink this process. Perhaps a major overhaul of TSA itself may be a good start.
[ link to this | view in chronology ]
known coward, 12 Aug 2008 @ 8:39am

i bet mohhamad atta
would have enjoyed the convenience of this program.
[ link to this | view in chronology ]
Overcast, 13 Aug 2008 @ 8:33pm

Amazing, I didn't know the technology existed to tell whether information was copied off a laptop's hard disk. Maybe there's a tiny little odometer on each byte and they read all the odometers and they were the same.

So there's something I don't know about, or they're lying through their teeth.

Yes, very true. And even if something was in place to track that on the OS running on the laptop, it's not hard to boot it with a CD with Linux on it, mount the file system in read only mode and copy away. They couldn't reliably prove that no data was copied. Actually, the smartest of thieves may have well swiped it, copied needed data and put it right back where they found it.

Hey - question - could they be sued for 'making available' the data? :) Why not? The RIAA seems to think so.
[ link to this | view in chronology ]
David@Used laptops, 12 Jan 2009 @ 1:42am

Security is a problem.
What ever ways are invented toprotectcomputer codes the faster the guys learn to break the codes.
[ link to this | view in chronology ]
Cheap computers Canada, 16 Sep 2009 @ 12:04pm

Maybe there's a tiny little odometer on each byte and they read all the odometers and they were the same.
[ link to this | view in chronology ]