Network World
Saturday, November 22, 2008
DNSstuff.com
Get information about your IP
IP Information
50+ On-demand DNS and network tools

Stiennon on Security

NetworkWorld.com > Community > Stiennon on Security

Navigation

User identities are not the issue in SFO laptop theft.

By stiennon on Tue, 08/05/2008 - 3:45pm.

There seems to be a lot of hand ringing going on over the complete incompetence displayed by a contractor that administers the “Clear” program at San Francisco International.  The concern is for the identity protection of the 33,000 or so applicants that provided thumbprints, drivers licenses, and passports in exchange for an accelerated clearing process though airport security. 

A laptop was reported stolen from a room at the airport on July 29th and just turned up again in the same room!  In other words, someone took it and returned it.  

I think Bruce Schneier, frequent writer and blogger on airport security, hit it on the head when he originally wrote about the “Clear” program for the New York Times:

And have we forgotten how prevalent identity theft is these days? If you think having a criminal impersonating you to your bank is bad, wait until they start impersonating you to the Transportation Security Administration.

That is exactly what the identities on that laptop could be used for. So, it is not worthwhile worrying about people’s identities, credit records, etc. in this case. The big concern is that the “Clear” program has been completely compromised.  Those 33,000 identities can be used to help miscreants slip past airport security.  It is the TSA and the airlines, and of course we passengers that have to be concerned about this theft.

Permalink
Tags:

CLEAR

Useful answer?
0
By Dave Kearns (not verified) on Wed, 08/06/2008 - 2:08pm.

While it's still unclear if the laptop was actually stolen and if the data was actually compromised, without my iris the data is virtually worthless for bypassing security purposes...

The Clear program never

Useful answer?
0
By Freq Flyer (not verified) on Wed, 08/06/2008 - 2:25pm.

The Clear program never allowed anyone to bypass security. It was a way to bypass the line to access the security screening so I don't see how this could be used to let anyone "slip" past airport security.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <i> <b> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <blockquote> <br /> <br> <p>
  • Lines and paragraphs break automatically.
  • You can use BBCode tags in the text.
  • Web page addresses and e-mail addresses turn into links automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.

About Stiennon

Richard Stiennon is a security industry analyst. He is currently consulting, speaking and writing on all manner of security topics for IT-Harvest, the IT research firm he founded to cover the security space. He was most recently chief marketing officer for Fortinet. He has served stints at PricewaterhouseCoopers, Gartner, and Webroot Software.

RSS feed XML feed

Follow Stiennon on Twitter.

Stiennon's archive.

The opinions expressed in this Weblog are those of the writer and may not represent the opinions of Network World.

Advertisement: