Comments on: Clear Card Security Breached

By: Michael

Michael — Wed, 06 Aug 2008 15:52:02 +0000

Update: As Anon hoped, the laptop has been found in the same locked office where it was "lost". I still say the data should be treated as compromised. Further information:

The computer held names, addresses and birthdates for people applying to the program, as well as driver's license, passport and green card information. But, she said, the computer contained no Social Security numbers, credit card numbers, fingerprints, facial images or other biometric information.

By: Michael

Michael — Wed, 06 Aug 2008 13:26:51 +0000

WTF? This is criminally incompetent for a security vendor.

I agree, unfortunately it's pretty much par for the course. No large company seems to understand fundamental electronic security.

Let's hope that it was just misplaced, and will turn up later under a pile of papers, or something.

Hell, that'd be even scarier. If someone wanted to use this information to breach security, they wouldn't let it be known that it had been taken. If it "turns up", it still shouldn't be trusted anymore, every last name on that list should now be suspect, more so than a random name not on the list.

Have we forgotten that 9/11 might have been prevented, if not for the gross incompetence of the government pencil-necks - who wouldn't last until lunch in a real job,

I think this article clearly demonstrates that gross incompetence thrives even in private sector "real jobs". Bureaucracy exists outside of government.

By: anjin-san

anjin-san — Wed, 06 Aug 2008 03:44:14 +0000

who wouldn't last until lunch in a real job, and none of whom had their worthless asses thrown out?

RE: Bush... I could not agree more.

By: graywolf

graywolf — Wed, 06 Aug 2008 03:04:13 +0000

Just another incident in the ongoing saga of government stupidity.
Have we forgotten that 9/11 might have been prevented, if not for the gross incompetence of the government pencil-necks - who wouldn't last until lunch in a real job, and none of whom had their worthless asses thrown out?

By: James Joyner

James Joyner — Wed, 06 Aug 2008 00:56:14 +0000

Your laptop make it through unscathed?

The screening was perfunctory even though we had a laptop for our carry-on. There was simply a very long line ahead of us even though it was early on a Saturday morning.

By: sam

sam — Tue, 05 Aug 2008 22:14:24 +0000

Then again, coming back from Canada Saturday morning

Your laptop make it through unscathed?

By: fredw

fredw — Tue, 05 Aug 2008 19:36:12 +0000

Boyd - Read the news stories on this. Those files contain ALL of the security information on the customers; name, address, dob, ssn, passport number, etc. This is an identity theft kit containing the identities of 33,000 people who are guaranteed to pass security checks. It is naive to think this is not a serious security risk. To keep us safe these names must be put on the list and subject to increased checks at the airport.

By: Anon

Anon — Tue, 05 Aug 2008 18:26:02 +0000

What's disconcerting about this, is that it seems the laptop was stolen from a locked office. In other words, it seems to have been a targeted theft, though perhaps it was merely stolen for identify theft purposes rather than something scarier. Let's hope that it was just misplaced, and will turn up later under a pile of papers, or something.

By: Boyd

Boyd — Tue, 05 Aug 2008 18:12:01 +0000

fredw: Having the name (or even the rest of the data on the missing computer) isn't sufficient. It would get them closer to their goal, but by itself, it's not enough.

By: charles austin

charles austin — Tue, 05 Aug 2008 18:08:22 +0000

...until they can install encryption.

WTF? This is criminally incompetent for a security vendor.

By: fredw

fredw — Tue, 05 Aug 2008 17:30:02 +0000

If terrorists get that data they will have 33,000 safe prescreened names to use to get on flights. Just to be safe, I suppose that now we will put all 33,000 names on the no fly list.