January 14, 2008 | By Richard Esguerra

House Committee Issues Report on TSA's Website Security Flaws

Last Friday, a House committee published a report about the launch of a Transportation Security Administration (TSA) website that had egregious security vulnerabilities that "exposed thousands of American travelers to potential identity theft." The "Traveler Redress" website was intended to allow travelers erroneously listed on airline watch lists to get help from the government. The summary of security issues includes:

[I]t was not hosted on a government domain; its homepage was not encrypted; one of its data submission pages was not encrypted; and its encrypted pages were not properly certified.

The report from the House Committee on Oversight and Government Reform faults a no-bid contract process that benefited a single company with close ties to the TSA employee in charge of the project. The report also demonstrates that the site would have continued putting travelers' personal information at risk if it hadn't been exposed by blogger and security researcher Chris Soghoian.

Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

We knew AT&T & the NSA work together. We didn't know how accurate our diagrams of that collaboration were—until now. https://eff.org/r.3q4p

Oct 7 @ 10:25am

Dear @JerryBrownGov: if you only personally read one item about CalECPA, this should be it: https://eff.org/r.6oqg

Oct 7 @ 9:44am

Teledildonics patent troll backs down from lawsuit against Kickstarter https://eff.org/r.50wk via @joemullin

Oct 7 @ 9:05am
JavaScript license information