The AirSafe.com News

↑ Grab this Headline Animator

30 December 2009

CHQR Radio Interview About Attempted Bombing of Northwest Flight 253

Dr. Curtis and host of the Calgary Today show Whitney Dean of CHQR radio in Calgary, Canada discuss a number of issues related to the Christmas day bombing attempt on Northwest flight 253, including Nigerian airline security, a review of US terrorists databases, and the technologies and procedures that are currently used to prevent airliner bombing attempts. The following interview took place on 29 December 2009.

Listen to the interview
(16:10)

29 December 2009

WGN Radio Interview About Attempted Bombing of Northwest Flight 253

As information about the unsuccessful bombing of Northwest Airlines flight 253 continues to be uncovered, some are questioning the usefulness of some of the security measures being implemented, and whether profiling may be needed to deter attacks. The following interview was with WGN radio in Chicago on 29 December 2009

Listen to the interview
(14:39)

The Bombing Attmept on Northwest Flight 253 and TSA's Accidental Release Secret and Sensitive Security Information

After the unsuccessful bombing attempt last week on Northwest Airlines Flight 253, not much is known for sure, including how the suspect was able to overcome all the various layers of security. One possibility was that the information accidentally released earlier this year by TSA may have helped the suspect.

The TSA manual was reviewed by Dr. Curtis of AirSafe.com, and there did not appear to be any obvious or even indirect connection between the actions of the suspected bomber and the information in the manual.

The video and audio podcast below provides an overview of the information that was in the manual, and the links at the bottom of the article go to previous AirSafeNews.com articles on the TSA manual, as well as to the edited and unedited versions of the TSA manual. AirSafeNews.com encourages its readers to review the information, and to contact AirSafeNews.com if they have any insights or opinions on either the TSA manual release, or the recent bombing attempt.

Video and Audio Podcast Links (2:23)
Audio: MP3 | VideoiPod/MP4 | WMV | YouTube




Related Information
Full TSA report
Redacted TSA report
TSA prohibited and restricted Items

Related AirSafeNews.com Articles
AirSafeNews.com article on the attempted bombing
Description of four key US terrorist and TSA security databases
BBC interview with AirSafeNews.com's Dr. Todd Curtis

28 December 2009

BBC Interview About Attempted Bombing of Northwest Flight 253

As the investigation into the unsuccessful bombing of Northwest Airlines flight 253 enters its early stages, there are already several security issues that are being discussed by the media, including short term security measures and issues with US government terrorist databases.

Listen to the interview
(4:09)

27 December 2009

What Are the Key Airline Security and Terrorists Databases?

With the recent arrest of a suspect in the failed bombing of Northwest flight 253, one of the questions asked was why was this person allowed to get on an airplane if his name was in one of the US databases of suspected terrorists? The short story is that the suspect would have been barred from boarding if he were on a very specific list called the Transportation Security Administration's (TSA's) No-fly list. He would have been subject to extra scrutiny, but not necessarily barred from boarding, if he were on the TSA's Selectee list.

The suspect was on a much larger list of people with terrorists ties, but being on that list doesn't lead to increased TSA scrutiny. What follows is a very brief description of these three databases, plus a fourth database, that are relevant to the recent bombing situation.

Terrorist Identities Datamart Environment (TIDE)
This is the US government's central repository of information on international terrorist activities. The database includes people who commit terrorist activities, who plan such activities, or perform supporting activities such as fund raising providing safe houses. The suspect, Umar Farouk Abdulmutallab, was added to this database last month, and there are about 500,000 unique individuals in the database, of which 95% are non-US citizens. For more details, you can view the fact sheet on this database.

Terrorist Screening Database (TSDB)
only individuals who are known or reasonably suspected to be or have been engaged in conduct constituting, in preparation for, in aid of, or related to terrorism. This database consolidates information that used to be located in several different US government agencies. It is more restrictive than the TIDE database, and contains about 400,000 names. The suspect in the bombing was not one of them. The FBI has a list of frequently asked questions about this database.

Selectee List
Maintained by the Transportation Security Administration (TSA), this database contains the names of individuals who must undergo additional security screening before being permitted to board an aircraft. This list, which has about 14,000 people, is a subset of the TSDB.

No-fly List
As the name implies, this is a list of people who are not allowed to board an airliner. Like the Selectee List, this No-fly list is maintained by the TSA and is a subset of the TSDB. This list has fewer than 4,000 names.

So far, the US government has admitted that there was insufficient information available on the suspect to place him in any of the last three lists, including the no-fly list. Also, the suspect's US entry visa, which was granted in 2008 before he was placed on the TIDE list, was not restricted or revoked after being placed on that list.

25 December 2009

Unsuccessful Attempt to Detonate a Bomb on Northwest flight 253 near Detroit


A passenger on a Northwest Airlines A330-300(N820NW) apparently attempted to detonate an explosive device while the aircraft was approaching Detroit. Flight 253 was an international flight from Amsterdam to Detroit, and early reports are that a passenger, Umar Farouk Abdulmutallab (earlier reports had his name as Abdul Mudallad), a 23-year-old Nigerian national, allegedly had the device strapped to one of his legs, and that the device was triggered during descent (about 20 minutes before landing) and started a small fire. The flight, operated by Northwest Airlines using an Airbus 330-300 aircraft with 278 passengers and 11 crew members on board, landed safely, and the suspect, the only person injured, was transported to a local hospital for treatment of serious burns.

A passenger who was interviewed by CNN stated that the suspect was sitting in seat 19A, that he heard a popping sound, followed by a glow and the smell of smoke . Nearby passengers subdued the suspect. Another passenger in an interview published by the Wall Street Journal said that she was in seat 18B, and she heard a loud bang after the aircraft had lowered its landing gear. Reportedly, at first she thought the plane might have gotten a flat tire, but then she said saw a flame leap from the lap of a man sitting in the row behind her in the window seat, 19A. The suspect was subdued, and moved to another part of the aircraft for the rest of the flight.

Northwest flight 253 had departed Amsterdam at about 0845 local time Friday morning, and arrived at Detroit, MI at about noon local time. The flight crew had declared some kind of emergency before the landing. The Airbus A330 had 278 passengers on board. Early reports also indicate that the suspect started his journey on a KLM flight from Nigeria to Amsterdam, and had connected with flight 253 in Amsterdam.

The device was described by unidentified US officials as a mixture of powder and liquid. Other reports included details such as the suspect using a syringe to inject some kind of liquid into the device.

Rep. Peter King, a US congressman from New York State, claims that the suspect's name did not appear on any of the terrorist watch lists maintained by US authorities, but that his name did turn up in other terrorism-related databases maintained by intelligence officials. An unidentified US official also claims that the suspect told investigators that he was given the device by al Qaeda operatives in Yemen, where he was also given instructions on how to detonate it. An unidentified White House official claims that this event was “an attempted act of terrorism.”


According to this Trip Advisor seat map of a Northwest A330-300, seat 19A would be a window seat situated directly over the left wing.

The White House has reportedly ordered unspecified increased security procedures at airports around the country, though the Department of Homeland Security threat level for the air transportation system has not changed from it current level of 'High' (orange) to 'Severe' (red).


Additional Information

Fatal US and Canadian bombing events
Other A330 crashes and significant events
Airline security suggestions from AirSafe.com
Top Ten AirSafe.com tips for high threat travel

A330 Photo: J.P. Karas; Seat Map: TripAdvisor.com

Why TSA Cannot Order Sites to Take Down Sensitive Manual - with Notes and Commentary

The following 17 December 2009 article by Steven Aftergood of Secrecy News features some highlights from a 16 December 2009 hearing of the House Homeland Security Subcommittee on Transportation Security on the ongoing problems caused by an accidental release of very sensitive security information by the Transportation Security Administration (TSA). Based on these highlights, it would appear that several members of Congress do not understand the difficulty of getting web sites (including AirSafeNews.com partner AirSafe.com) to remove a sensitive TSA procedures manual form the Internet. Additional notes,links, and commentary were added by AirSafeNews.com

After a Transportation Security Administration manual containing “sensitive security information” was inadvertently disclosed on a government website (see earlier AirSafeNews.com article), it was reposted on several non-governmental websites where it remains freely available. Asked what TSA intends to do about that, Acting TSA Administrator Gale D. Rossides told Congress that her agency does not have the legal authority to compel members of the public to remove sensitive TSA documents from their websites, though she wished that they would do so.

“Do the current regulations provide you a mechanism to keep individuals from reposting this information on other web sites?” asked Rep. Charles W. Dent (R-PA), at a December 16 hearing of the House Homeland Security Subcommittee on Transportation Security.

“No, sir, they do not,” Ms. Rossides replied. “We do not have any authority to ask non-government or non-DHS (Department of Homeland Security, which includes TSA) sites to take it down.”

“What action does TSA intend to take against those who are reposting this sensitive document that should not be in the public domain?” Rep. Dent persisted.

“Well, right now, there really isn’t any authoritative action we can take,” Ms. Rossides said. “Honestly, persons that have posted it, I would, you know, hope that out of their patriotic sense of duty to, you know, their fellow countrymen, they would take it down [1]. But honestly, I have no authority to direct them and order them to take it down.”

But Rep. Dent expressed his own indignation at the web sites that ignored the official control markings on the TSA manual. “To those who reposted this security information on the internet, you should share in the blame should security be breached as a result of this disclosure,” he said [2].

But the urgency of the need to restrict continued access to the leaked TSA manual seemed diminished by Ms. Rossides’ declared view that aviation security has not “been compromised or weakened because of this incident.” Furthermore, she said, that manual was now obsolete because “very significant changes” have been made to airline security policy since the manual was issued.

Ms. Rossides added that in order to prevent further inadvertent disclosures of the newest security measures, she was refusing to provide a hardcopy of the latest edition of the TSA security manual to Congress. “I just wanted to take the absolute measures to protect that information, and that’s why a hardcopy wouldn’t be presented,” she said [3].

Rep. Dent objected to this. “By refusing to give a document to this committee because of concern about a public disclosure, that’s implying that this subcommittee would disclose the document. And that’s what, I guess, troubles me the most.” He said he would press the issue.

Subcommittee chair Rep. Sheila Jackson-Lee (D-TX) said she would introduce legislation to bar contractors from access to “sensitive security information,” since contractors apparently were at fault in the inadvertent disclosure of the security manual. “It’ll be my legislative initiative to insist that contract employees not be used to handle sensitive security information, period,” she said [4].

Rep. James Himes (D-CT) asked whether TSA was examining who had downloaded the security manual.

“I believe that is part of what [the TSA Inspector General] is looking at,” Ms. Rossides said. “We do know — our CIO shop has done an initial review of who did download it and has it on their website — non-government, non-DHS websites. We do know that.” [5]

Resources
Listen to a brief description of the TSA document controversy
Full TSA report
Redacted TSA report
TSA prohibited and restricted Items
TSA Statement from December 9, 2009
Original AirSafeNews.com article on this topic
Follow-up article on how to safely redact an electronic document
Visitor feedback on the TSA data release
NSA procedures for redacting a document
Microsoft advice for minimizing metadata in Word documents
Tools for removing hidden data from Government Computer News

Notes
[1] The creator of AirSafeNews.com and AirSafe.com, Dr. Todd Curtis believes that in this particular situation, that threat to public safety made by making the document freely available to the public is minimal, and the the higher patriotic duty is to make the public aware of the situation, including making the document available through AirSafeNews.com and AirSafe.com.

[2] Dr. Curtis has stated that this attitude is complete nonsense. Security was breached when TSA accidentally released the document, and by now any attempts to erase a document that is already widely available online would be at best futile.

[3] If you wish to have a hardcopy of either the redacted or unredacted version of the document, please visit 2009.airsafe.org, download the appropriate PDF file, and print out your own hard copy edition. There are no legal limitations to printing this document, which is in the public domain. Any security classifications on the document must be followed only by those who are legally required to do so, which would likely include any US government employee or members of the US military.

[4] Dr. Curtis hastens to point out that any contractors would have been overseen by US government employees. This member of Congress implies that contractors are not fit to handle sensitive security information, but a reasonable extension of this argument is that government employees are also not fit to handle such information.

[5] The TSA Inspector General is invited to contact AirSafeNews.com for a list of all those associated with publication of this web site who have downloaded this document. AirSafeNews.com will also willingly supply information on the number of downloads made from the server at AirSafe.com that contains this manual. As of 24 December 2009, that number is just under 7,000. Unfortunately, AirSafe.com's privacy policy prevents that site from tracking the destination of these downloads, so we can only provide the US government with general guidance on just how daunting any search for copies of this document will be.

23 December 2009

Dozens Injured After American Airlines 737 Crashes in Jamaica

American Airlines flight 331, a Boeing 737-800 (N977AN) on a scheduled flight from Miami, Florida to Kingston, Jamaica, had a landing accident that resulting in the aircraft departing the runway. According to early reports, the aircraft was severely damaged after it overran the runway and about 40 of the 154 occupants (148 passengers and six crew members) were injured. The accident occurred about 10 pm local time, and it was raining at the time. The plane came to rest just short of the ocean, and had damage to the fuselage, as well as a separated engine and collapsed landing gear.

American Airlines Information
Anyone who believes they have family members or friends aboard Flight 331 may contact American Airlines at the following toll-free numbers: (800) 245-0999 for calls originating in the United States; (800) 872-2881 for calls originating in Jamaica. Family members from other locations outside the U.S. may contact American through the AT&T Direct Access system.

Callers should dial the local AT&T Access telephone number, which can be found at www.usa.att.com/traveler, for the country from which they are calling. Once in the AT&T system, callers can then dial American toll-free at (800) 245-0999. Family members in Canada, Puerto Rico, or the U.S. Virgin islands can call the (800) 245-0999 number directly. Non-family members are asked not to call those numbers so the lines can be kept available for those who truly need them.

Accident Investigation
The investigation is being led by the government of Jamaica Civil Aviation Authority, with help from a variety of organizations including the NTSB, FAA, American Airlines, Boeing, and General Electric Aircraft Engines. The Jamaican CAA phone number is 876- 960-3965, and the agency’s email address is jcivav@toj.com.

Additional Resources
Additional information on this event
American Airlines plane crashes
Boeing 737 plane crashes

Photos: Bryan Cummings, Naphtall Junior, Garfield Robinson


22 December 2009

US Government Proposes Compensation and Other Requirements for Passengers Delayed Three Hours or More

Yesterday, the US Transportation Department announced new limits on how long airline passengers will be forced to wait in planes stuck on the airport tarmac. The key changes, which are scheduled to go into effect about four months after the rule is published in the Federal Register, include the following:
  • Planes must return to the terminal if the delay exceeds three hours.

  • Requires airlines to display on their web site the flight delay information for each domestic flight they operate.

  • Requires air carriers to adopt contingency plans for lengthy tarmac delays and to publish those plans on their web sites.

  • Carriers are required to provide adequate food and potable drinking water for passengers within two hours of the aircraft being delayed on the tarmac and to maintain operable lavatories and, if necessary, provide medical attention.
There are some exceptions for security reasons and if air traffic control orders the crew to not return to the terminal. More details are available in the

History of These Rule Changes
These rule changes didn't happen because of the recent snowstorm in the northeast US last week, but because of numerous severe delay incidents over the last several years, including an August 2009 event where Continental Airlines, ExpressJet Airlines and Mesaba Airlines were fined a total of $175,000 for stranding passengers on an aircraft for nearly six hours.

Related AirSafeNews.com Articles
Delays of Three Hours or Longer from January to August 2009
Databases That Track Long Tarmac Delays.

19 December 2009

Severe winter storm in the eastern US forces airlines to cancel and delay flights

The winter storm that has swept through the northeast US the weekend before Christmas, forcing a number of airlines to cancel, delay, and reroute flights. JetBlue, United, and Virgin America were just some of the airlines that canceled flights, and experienced delays and other problems associated with the heavy snowfall associated with the storm.

If you plan to travel by air in the US in the next few days, even if your trip does not take you to the east coast, you should take the time to do the following:
  • Check with your airline to see if your flight is affected
  • Check the airline's web site to see if they are posting special notices about the storm
  • Keep track of storm forecasts
  • Be prepared to have your flight delayed, rerouted, or canceled

Many airlines are waiving change fees associated with any affects flights. Keep in mind that airlines are not obligated to provide any compensation for flight delays. Just about the only situation where you can get compensation for a delay is if you are significantly delayed because you were involuntarily bumped from a flight.

Additional Resources
Dealing with delays, bumping, and cancellations
How to make an airline complaint
General baggage advice
US flight delay data from the FAA

18 December 2009

Second Interim Report on Air France Flight 447 Investigation Released - No Causes Found Yet

Report Summary
The organization responsible for investigating the 1 June 2009 crash of Air France Flight 447, the French Bureau d’Enquêtes et d’Analyses pour la sécurité de l’aviation civile (BEA), released their second interim report on the accident investigation. Although the BEA did not identify one or more causes of the crash, it did conclude that inconsistencies in airspeed measurement led to the disconnection of various flight control systems, the autopilot, and the autothrottle.

Similar airspeed inconsistencies had occurred on other A330 and A340 flights, and the BEA performed a detailed analysis of 13 significant events involving five airlines operating these aircraft models. These events had several similarities with the accident flight. They occurred when the aircraft was in an area of unstable air masses with deep convective phenomena, the autopilot disconnected, and invalid airspeeds were reported to the flight control system. However, unlike Flight 447, these five aircraft had altitude deviations less than 1000 feet, and all remained within their normal flight envelope.

The BEA concluded that inconsistency in the measurement of airspeeds was one of the elements in the chain of events that led to the accident, though these inconsistencies did not fully explain why the airplane crashed. The BEA has so far not been able to recover the flight data recorder or the cockpit voice recorder. The information from these black boxes, as well as an examination of additional wreckage, may help the BEA figure out the cause of the accident.

The second interim report went into quite a bit of detail about what has so far been uncovered in the investigation, and the highlights of that interim report are below.

Accident Overview
The aircraft aircraft, an Air France A330-200 (F-GZCP), operating and flight 447, was on a scheduled international flight from Rio de Janeiro, Brazil to Paris, France. The aircraft departed late on 31 May 2009 from Rio, and crashed in the Atlantic Ocean in the early hours of 1 June 2009. The crash occurred about three hours and 45 minutes after takeoff, in an area of the Atlantic Ocean about 435 nautical miles north-northeast of Fernando de Noronha island.

There were no emergency or distress messages sent by the crew, though there were numerous automatically generate maintenance messages that were sent by the aircraft back to Air France. The last contact between the airplane and Brazilian air traffic control happened around 35 minutes before the crash.

Debris from the aircraft was found near the estimated position of its last radio communication. There were 216 passengers and 12 crew members on board, representing 32 nationalities. A total of 5o bodies were recovered from the ocean, and the remaining passengers and crew are missing and presumed dead.
Automated Maintenance Messages
The automated maintenance messages sent by the aircraft back to Air France provided information on the state of the airplane's systems and on the position of the aircraft. Almost all of these messages were linked to faults in the system used to measure the speed of the aircraft. These airspeed measurement issues were discussed in more detail in an earlier AirSafeNews.com article and on AirSafe.com's Flight 447 page.

Condition of the Airplane When it Struck the Ocean
Based on an examination of the recovered debris the BEA reported that the airplane struck the surface of the sea violently, with a slight pitch-up attitude and with a slight bank. The airplane was largely intact at the moment of the impact since the debris found came from all over the airframe. The airplane was pressurized, the oxygen masks had not been released, all of the life jackets that were found were still in their containers, and the airplane’s flaps were retracted at the time of the impact with the water. All of the wreckage that has been located or collected, and bodies that have been recovered had been floating on the surface of the ocean.

The investigators also said that 43 of the 50 bodies, which based on their assigned seats were from all parts of the cabin, showed multiple fractures to their spinal columns, pelvises and chests. These injuries were consistent with an upward shock to passengers seated in an aircraft that struck the water belly first.

Planned Undersea Search Operations
The BEA, with the help of Airbus, Air France, and a host of organizations from the US, Europe, and Brazil, will conduct an undersea search operation scheduled to start in February 2010 and with a planned duration of 60 days.

Initial AirSafe.com Reports on This Event (4:10)
Audio: MP3 | VideoiPod/MP4 | WMV | YouTube



Additional Resources
AirSafe.com Flight 447 page
Synopsis of second BEA interim report (English)
Complete second BEA interim report (English)
Complete second BEA interim report (French)
First BEA Interim Report (English)
First BEA interim report (French)
Other Air France Plane Crashes
Other Airbus A330 Plane Crashes
BEA Flight 447 page
Wikipedia Flight 447 page

Previous AirSafeNews.com Articles
Initial AirSafeNews.com article 3 June 2009
Air France Flight 447 Update 9 June 2009
Air France Flight 447 Update 10 June 2009
Air France Flight 447 Update 15 June 2009
Air France Flight 447 Update 19 June 2009
Air France Flight 447 Update 26 June 2009
Todd Curtis BBC Interview about Air France Flight 447
FAA orders A330 pitot tube replacements

A330 Photo: Garret Lockhart

16 December 2009

NTSB to Open Up Public Docket on Northwest Airlines A320 Overflight in October 2009

Detailed information from the NTSB investigation into the October 21, 2009 incident involving the distracted Northwest Airlines pilots have been released to the public. The incident, which resulted in a large amount of media attention, occurred when the pilots of Northwest Airlines flight 188 was out of contact with air traffic control for about for 77 minutes while cruising from San Diego to Minneapolis.

The Airbus A320 (N03274) overflew Minneapolis by more than 100 miles before re-establishing radio contact with air traffic controllers and landing at the destination airport. There were no injuries to the 149 aircraft occupants, or damage to the aircraft.

Overview of Final Stages of the Flight


Reportedly, one of the reasons why the pilots did not respond to radio calls was because they were using their laptop computers in the cockpit and were distracted. While using laptops in the cockpit is allowed by the FAA, use of personal computers in the cockpit was not allowed by Delta (which owns Northwest). Both pilots were dismissed by the airline, and the FAA revoked their licenses.

Included in the docket will be factual reports from several of the NTSB-led groups involved in the investigation, including the Operations Group, Air Traffic Control Group, Survival Factors Group, Cockpit Voice Recorder Group and Flight Data Recorder Group. The docket will be available on Wednesday morning, December 16th. To view the contents of the docket, visit the the public docket page for this incident.

Related Information
Northwest Flight 188 public docket page
Previous AirSafeNews.com Incident Update
Original AirSafeNews.com article on this incident
Delta Airlines Statement 26 October 2009
FAA air traffic control transcripts and audio recordings
NTSB Update from 26 October 2009

15 December 2009

Colgan Air Submits Report to NTSB About Its Fatal Crash in February 2009

The fatal 12 February crash of Colgan Air Flight 3407 is still under investigation by the NTSB, but last week, the airline submitted a report to the NTSB which blamed pilot actions as the probable cause of the accident. The Bombardier Dash 8 aircraft, which was operating as a scheduled Continental Connection flight from Newark, NJ to Buffalo, NY, crashed into a house about five miles from the airport during an instrument approach to runway 23. All four crew members and 45 passengers were killed, as well as one of the three people in the house.

The NTSB launched a major investigation, which is still ongoing. The NTSB's public docket of this investigation contains over 100 items, including a report submitted by Colgan earlier this month. That report identifies the probable cause of the accident as the flight crew’s loss of situational awareness and failure to follow Colgan Air training and procedures, which led to a loss of control of the aircraft.

According to Colgan, contributing to the accident was the flight crew’s failure to follow Colgan Air procedures and training, and the lack of adequate warning systems in the aircraft.

The investigation is not yet completed, and the final NTSB report may or may not reflect the analysis or conclusions of the Colgan report. AirSafeNews.com encourages you to review the Colgan report, and other items in the public docket, as well as following information from the NTSB and AirSafe.com

Colgan Air Crash Animation (no audio)



AirSafe.com's Initial Report on this Accident
Audio: MP3 | VideoiPod/MP4 | WMV | Google Video | YouTube





Resources
Additional accident details
Colgan Air Submission to the NTSB
Other NTSB public docket documents
Other AirSafe.com Videos
Fatal Continental plane crashes
Fatal Dash 8 plane crashes

11 December 2009

Continued Fallout from TSA Release of Sensitive Security Information

Rep. Peter King of the US House of Representatives recently sent a letter to Secretary Janet Napolitano, head of the Department of Homeland Security (which oversees TSA), and among other requests asked DHS how it was addressing the repeated posting of the security manual on other web sites and "what legal actions, if any, could be taken to compel its removal."

AirSafeNews.com is not one of those sites that has posted copies of the unredacted security manual. However, it has provided links to both the redacted and unredacted versions of the document that are hosted by its partner site AirSafe.com.

However, by the time AirSafeNews.com first wrote about this document, it was already available in a wide variety of places, including major US media organizations like ABC News, and CBS News; and also at document sharing sites like Scribd.com. The document is also available at sites the specialize in releasing secret and restricted government and corporate documents such as Cryptome.com and Wikileaks.org. A search on Google or Bing would quickly reveal many other sites that have either the document or links to the document.

Even if all online copies were to disappear from the web tomorrow, it has likely already been downloaded millions of times around the world. The unredacted copy hosted at AirSafe.com was downloaded over 4,000 times in the first two days that it was available. The reality of the Internet is that it is an international enterprise, and no single nation, not even the United States, can eliminate access to a document. Once a document is available online, it is very, very difficult to make it unavailable online. Using legal means to remove the TSA document from the Internet would be at best an exercise in futility.

Survey Responses
Earlier this week, we put out a survey asking three questions about this latest TSA scandal. The survey in the article asked three questions, and 21 members of the AirSafe.com audience responded.

The the first question asked for a yes or no response. The second question had as response choices Yes, No, Maybe, and Other. The third question asked for a general response. The questions and their responses were as follows:

1. Did you download and review the TSA report?
Thirteen had downloaded the document, and eight did not.

2. Should the head of the TSA resign?
Nine believed that the head of the TSA should not resign, seven thought the head should resign, four said maybe, and one did not respond.

3. Tell Us What You Think About this Situation
The responses are included below with only slight editing for spelling and grammar:
  • No-one should be exempted from screening now that we know who has been allowed in without a check.

  • Whoever is in charge of the section responsible for dissemination of documents.

  • It's unfortunate maybe the guy who didnt black out the areas correctly should resign.

  • I do not care about very strict screening, it has to be, what matters to me is security.

  • I downloaded the manual but did not review fully. Yes he should resign, same with the fellow that made the document public. TSA should learn from this and ensure they do not create additional work for themselves and avoidable delays for the rest of us at the airports.

  • This was an accident; not so serious one, in my opinion.

  • It puts the traveling public in danger.

  • I think that if this is typical of how our government functions, then it's no wonder half of Americans have no faith in the ability of the government to run things like health care. Whoever is responsible for this error should be fired and steps should be taken to be sure this doesn't happen in the future. First of all they need a competent IT person to do this sort of thing.

  • Absolutely unacceptable and sooooooo stupid!!

  • Really? You people (presumably those behind AirSafeNews.com) are just feeding the fire and all of you who keep circulating this information should be tried as traitors to the US Constitution.

  • Typical no-brainer attitude. Shouldn't try something unless you know what you are doing.

  • I don't feel safer.

  • Use it to prevent other occurrences...firing only encourages cover ups.

  • The responsible employee should resign.

Related Articles
TSA Releases Extremely Sensitive Security Information Online
How the TSA Could Have Easily Avoided Its Recent Security Problem

Resources
Full TSA report
Redacted TSA report
TSA prohibited and restricted Items
TSA Statement from December 9, 2009
Original AirSafeNews.com article on this topic
NSA procedures for redacting a document
Microsoft advice for minimizing metadata in Word documents
Tools for removing hidden data from Government Computer News

Photo: gregoryjameswalsh

10 December 2009

How the TSA Could Have Easily Avoided Its Recent Security Problem

The recent controversy over the accidental release of extremely sensitive security information by the TSA has been a huge embarrassment to the agency, and very likely revealed details about the TSA security process that could make it easier for individuals or groups to bring prohibited items into the secure areas of airport terminal or onto aircraft. It would also make it easier for someone to take steps to avoid extra screening at the airport.

TSA Problem Was Completely Avoidable
One step that the TSA reportedly took, putting five employees and contractors involved in the document release on administrative leave, may have only involved those who were responsible for preparing and releasing the document. Perhaps a more important issue is whether this problem could have been avoided. It is very likely that the problem was not only avoidable, but specific step-by-step procedures to avoid this kind of problem have been widely available to the US government for several years.

According to an article in Federal Computer Week, over the last few years, the US military in Iraq, the White House, and the US Department of Justice have all had similar situations where a improperly redacted document was released to the public, and the sensitive information within those documents were later uncovered.

In wake of those events, the National Security Agency (NSA) issued guidance to US federal agencies that included detailed instructions on how to process a word processing document in such a way that any sensitive information would be eliminated from the final PDF document. The report, titled “Redacting with Confidence: How to Safely Publish Sanitized Reports Converted From Word to PDF,” has been freely available to the public for several years, and the instructions in that document could have been used by the TSA to avoid their recent embarrassing episode.

Highlights of the NSA Report
Word processing documents such as Microsoft Word contain many kinds of information such as text, graphics, tables, images, and metadata, and more. This complex combination of data makes it easy to accidentally expose information, especially when someone does not properly remove sensitive information before the document is released to the public.

Techniques that work with printed documents, such as blacking out an area of text or graphics, or reducing the size of a graphic, often do not work with electronic documents because the information is still contained within the document. Most word processing documents also contain hidden information such as comments or prior versions of the document, that may also be very sensitive.

The NSA's document had very clear instructions that anyone could use to take an MS Word file or just about any other kind of word processing file and systematically remove any sensitive content, including metadata, before creating a PDF file for public distribution. Let's hope that the TSA has the good sense to follow the NSA's procedures, or something like it, the next time they redact a document.

Related Articles
TSA Releases Extremely Sensitive Security Information Online
Continued Fallout from TSA Release of Sensitive Security Information

Resources
Full TSA report
Redacted TSA report
TSA prohibited and restricted Items
TSA Statement from December 9, 2009
Original AirSafeNews.com article on this topic
NSA procedures for redacting a document
Microsoft advice for minimizing metadata in Word documents
Tools for removing hidden data from Government Computer News

09 December 2009

TSA Releases Extremely Sensitive Security Information Online

The latest TSA controversy involves an inadvertent release of a document containing very sensitive security information that resulted in making key security procedures available to the public. The document, “Screening Procedures: Standard Operating Procedures,” provided standard procedures for TSA screening personnel in airports. It was the third revision, and was dated 28 May 2008. The document contained a range of information, including some sensitive security information that was redacted by the TSA.

The TSA posted it on the web site FedBizOpps.gov in March 2009, and it was removed from the site this past Sunday after the TSA realized, with the help of a number of blogs including Wanderingaramean.com, that the blacked out portion did not hide the information. You can download the redacted version and see for yourself.

It appears that the part of the TSA responsible for releasing the document to the FedBizOpps.gov site had a fundamental misunderstanding of how electronic documents work. It's likely that when the TSA 'redacted' areas of sensitive information in the original word processing document, black rectangles were placed over those areas, covering the information, but not deleting it. By selecting the blackened areas in the PDF document, copying it, and pasting it into a word processing file in a program like MS Word, Notepad, or OpenOffice Writer, anyone can recover the information that was within those blackened areas.

By the time the TSA had the document removed from the FedBizOpps.gov web site, it was too late. Copies of the redacted and unredacted information were now widely available online, and the information that was once hidden from the pubic is now out in the open.

Potential Security Impacts
The aviation security manual included details on TSA procedures for screening passengers, special rules for handling the diplomats, law enforcement officials, and CIA employees, and the technical settings and tolerances used by metal and explosive detectors used at airports.

Some of the more sensitive details in the TSA document were not widely known prior to the release of this document. Clearly, anyone attempting to do harm to the US air transportation system may use this information to attempt to fraudulently gain access to airliners or to secure areas of an airport terminal, or to take prohibited items through TSA security. This breach of security may force the TSA to change one or more procedures, and may make current security procedures and technology either less effective, or completely ineffective against some threats.

Because details about aviation security procedural or policy changes are typically not released to the public or subject to Freedom of Information Act requests, it is unlikely that the public will be made aware of any TSA changes, unless of course such information is accidentally released.

Highlights of Redacted Information
The redacted sections of the document contained a range of information, some of it mundane, and others frightening. The highlights, with page numbers from the 93-page document, are below:

  • There exists an explosives trace detection screening protocol in which a percentage of checked baggage is screened using closed bag search (40%), limited open bag search (40%), and full open bag search (20%) procedures (page 9).

  • Transportation Security Officers should not handle explosives, incendiaries, or weapons if such items are discovered during the screening process (page 20).

  • There are specific procedures to follow to check the credentials of law enforcement officers and other armed government employees (page 21).

  • Calibration testing procedures for walk-through metal detectors (page 27).

  • Daily testing procedures for walk-through metal detectors (page 28).

  • Operational test procedure for x-ray systems (page 29).

  • Contamination control procedures for explosives trace detection devices (page 30).

  • Procedures for clearing armed security officers into the secure area of the terminal (pages 28-40).

  • Procedures for the screening of foreign dignitaries being escorted by the Central Intelligence Agency (page 43-44).

  • Screening exemptions for TSA employees (page 45).

  • Categories of passengers who are to be exempted from closer scrutiny after initially being selected for extra screening (page 47).

  • Alternate screening procedures go into effect when primary screening devices are not working (page 52).

  • Matrix of special screening procedures for law enforcement officers ( pages 54-55).

  • Photos and graphics of with sample credentials for Federal Air Marshals, ATF employees, CIA employees, and members of the US Congress (pages 57-60).

  • Procedures to use if explosives trace detection devices or x-ray devices are are unavailable or have limited function (page 77).

  • Explosives trace detection exemptions for persons with disabilities (page 78).

  • Allowing explosives trace detection procedures for bags and containers while using physical searches for all other items (page 78).

  • Unless exempted by the airline or the TSA security director, passengers with passports issued by the following countries are to be selected for extra screening: Cuba, Iran, North Korea, Libya, Syria, Sudan, Afghanistan, Lebanon, Somalia, Iraq, Yemen, and Algeria (page 81).

  • Characteristics of suspect identification (page 82).

  • Alternative methods for checking travel documents (page 83).

Lessons Learned
Perhaps the most important lesson to be learned here is that electronic documents are not like printed documents. Depending on the document, what you see is not necessarily what you get. The version that you see may have coded within the document data about previous edits, formatting information, and hidden characters. There may also be several layers of information, such as the case with the TSA document where the blacked out portion did not eliminate the sensitive information, but merely covered it up.

A more effective method for redacting a document would have been to delete the sensitive information from the original document before turning it into a PDF file. Perhaps this TSA security controversy will be a lesson to anyone who works with electronic documents that they should be careful when 'redacting' documents.

Resources
Full TSA Report
Redacted TSA Report
TSA Prohibited and Restricted Items

Follow Up Articles
How the TSA Could Have Easily Avoided Its Recent Security Problem
Continued Fallout from TSA Release of Sensitive Security Information

Survey and Comments
Given the security implications of this TSA release of information, AirSafeNews.com would be particularly interested in any comments that you may have. Please take the time to fill out the survey below:

The survey is now closed. The results of the survey are available here.

08 December 2009

Airline Safety Survey Results

Last week, we put out a survey along with the article about the European Union's recently updated list of banned airlines. The article also included a comparison between the EU preference of banning airlines to the FAA preference of evaluating national civil aviation authorities. The survey in the article asked four questions, and 24 members of the AirSafe.com audience responded.

The first three questions had as response choices Yes, No, Not Sure, and Other. The fourth question asked for a general response. The questions and their responses were as follows:

1. Do the EU and FAA Go Far Enough?

These responses had the most agreement, with 16 of the 23 respondents agreeing that they don't go far enough, two agreeing that they do, and five who were not sure.

2. Are International Safety Standards Too Low?
Responses to this question were quite consistent, with 14 of the 22 agreeing that the standards were too low, four disagreeing with this statement, and two who were not sure. Of the 14 who thought that standards were too low, 12 also thought that the EU and FAA didn't go far enough.

3. Are US and EU Standards Too Low?
There was a variety of opinions here, with 11 of the 24 respondents agreeing that US and EU standards were too low, six believing that they were not too low, and four who were not sure. In addition, one thought that the EU standards were adequate but that the US standards were too low, another who only stated that EU standards were adequate.


4. What Are Today's Biggest Safety Issues?

This question had the most interesting and varied responses. They have been included below with only slight editing for spelling and grammar:

- Management forced cutbacks.

- Cost cutting on maintenance.

- In my view, safety hinges on two main items: pilot training and aircraft frame and engine maintenance. I also list pilot fatigue as a critical factor in airline safety. Get-home-itis is another issue that is not addressed often enough. That is, many air incidents have occurred because the command pilot was too anxious to get either home or to the next airport, often after lengthy delays.

- Hiring of security personnel is at too low a level of security, as is the out-of-public-view luggage inspection area. Once, fairly recently, upon arrival at a conference, I found a piece of someone else's junk jewelry at the bottom of my broken suitcase. While luggage inspection may not be on everyone's list of safety issues, I see it as emblematic of an airline's attention to detail. Which is crucial.

- FAA is too slow to issue EASA originated ADs (airworthiness directives) for Airbus airplanes. As always, economic pressures on both the airlines and authorities to endlessly cut personnel.

- Not enough consistency throughout the airport system (security and maintenance)

- Shortcuts on maintenance spending.

- Maintenance, crew training, and crew hours.

- The guys who work on the planes and the standards they have to uphold, in additional to pilot training and standards are the most important in my opinion.

- Boeing not inspecting planes before delivery.

- Security and too many flights with two engined jets. People feel safer with a four engined plane, especially on long haul flights.

- Extreme weather-due to climate chance.

- Air rage in flight

- Engine maintenance

Photo: gregoryjameswalsh

04 December 2009

Guidelines on the Use of Child Restraint Systems

The use of child seats on aircraft has long been a concern of AirSafe.com. One area of concern are the variation in rules around the world. While seat belt use by adults is fairly standard, the use of child restraint systems (CRS) is not. In the US, the rule on child travel has been that children up to the age of two could ride either in a passenger's lap (without restraints), and children two and older must have their own seat. Child restraint systems are not required, and the FAA generally approves for flight any seat that is approved for use in automobiles.

An approved restraint device should have a tag, sticker, or other documentation that shows that it is approved for flight. Some devices, such as child restraint harnesses or booster seats, may be restricted from use during taxi, takeoff, and landing. Check the CRS documentation to be sure.

Child Restraint Systems in Europe
The EU requires that children under the age of two must be secured by an approved “child restraint device” on EU airlines. The most common method is the “loop belt” which is attached to the seat belt of adult holding the child on his or her lap (such belts are not used in the US or Canada). A number of airlines provide the option of using car child seats which are secured to an individual passenger seat.

The German Airline Association has published a list of child seats currently accepted by its member airlines (it helps if you can read German). The European Aviation Safety Agency has also certified a dedicated aircraft child seat for specific aircraft types.

Convenience Factors
In the US, child seats don't count against your carry on item or checked baggage limitations, and you can often get early boarding if you have small children. On the other hand, many of the approved child restraint systems were designed for car seats rather than airplane seats, and often the process of strapping and unstrapping the CRS in an airline seat can be inconvenient and somewhat difficult, especially on those flights where every seat is filled and everyone is trying to rush off the aircraft to make a connection.

Before You Fly with a Child
Wherever you fly, you may want to follow these suggestions when traveling with small children:
  • Check with the airline to find their busiest days and times. By avoiding these times you are more likely to be on a flight with an empty seat next to a parent. In many cases airlines will allow you to seat your child under two years of age in a child restraint in the empty seat at no extra charge. Ask your airline for its policy regarding an empty seat.

  • Ask the airline if they offer a discounted fare for a child traveling in a CRS. When you buy a ticket (discounted or full fare) for your child, you are guaranteed that they will have a seat and that you will be able to use the CRS.

  • If you purchase a ticket for your child, reserve adjoining seats. A CRS should be placed in a window seat so it will not block the escape path in an emergency. A CRS may not be placed an exit row.

  • Check the width of your CRS. While child seats vary in width, a CRS no wider than 16 inches (40.6 cm) should fit in most coach seats. A CRS wider than 16 inches (40.6 cm) is unlikely to fit. Even if the armrests are moved out of the way, a wide CRS will not fit properly into the frame of the aircraft seat.

  • If you need to change planes to make a connecting flight, request that the airline arrange for assistance in your connecting city.

Other Resources
Top 10 Safety Tips for Traveling with Children
FAA Brochure on Child Restraints

03 December 2009

Woman Accidentally Smothers Infant on Transatlantic Flight

British media sources report that late last month, a woman who fell asleep while breastfeeding her infant accidentally smothered her four-week old child while on a United Airlines flight.

United Airlines flight 982 was a 777 en route from Washington Dulles to Kuwait City, and somewhere over the Atlantic, she reportedly awoke to find that her child had been smothered. Th crew was alerted by to the situation by the screams of the 29-year-old mother.

A doctor traveling on the flight treated the baby, and the aircraft diverted to London's Heathrow airport, landing on the morning of November 25th. The baby was transported to a local hospital, where she was pronounced dead on arrival.

An autopsy has been performed and the the authorities are awaiting results. At present, the death is considered to be from unexplained causes, and police and the Child Abuse Investigation Team are investigating the circumstances of the death.

Previous Breastfeeding-Related Death on an Airliner
This recent event was not the first report of suspected breastfeeding accidents on board an aircraft. According to a report in the Hindu newspaper, a child died from a breastfeeding accident while the aircraft was at the gate. On 11 March 2009, a mother and four-month-old child were an Air India Express flight to from Karipur to Salalah, India. The mother and child had boarded the aircraft (Flight 341) at Kochi. During pushback from the gate, the mother started screaming after seeing her baby choke during breastfeeding.

A doctor on board treated the baby, and the child was taken to a local hospital where the infant was declared dead on arrival. A hospital official speculated that death was due to ingestion into the lungs of either breast milk or particles of vomit.

Related Articles
Breastfeeding While Traveling
Inflight Breastfeeding Issues
Woman Kicked off Plane for Breastfeeding
Airline Breastfeeding Policies

02 December 2009

European Union Releases Latest List of Banned Airlines - Is Your Airline One of Them?


The aviation safety authorities of the European Union recently updated their list of banned airlines (sometimes referred to as an airline blacklist). Their list includes airlines that are completely banned from operating in Europe, and others which are restricted to operating in Europe under specific conditions.

Keep in mind that not all aircraft are inspected by the member states of the European Union, and that means that just because an airline isn't on the list doesn't mean that it meets EU safety standards. The most recent list is available at AirSafe.com (see resources section).

What Airlines Are on the EU List?
Most of the banned airlines are small, based in Africa, Asia, or the middle east, and are hardly household names. These include airlines like Air Koryo of North Korea, and all airlines operating from Benin, Democratic Republic of Congo, Zambia, and 12 other countries. Other airlines, like Air Bangladesh, can operate in Europe, but only by leasing an aircraft from a certified air carrier.

FAA Approach to Banning Airlines
In contrast to the EU, the FAA's FAA's International Aviation Safety Assessments (IASA) Program does not ban individual airlines, but divides countries into two groups, those that have the ability to oversee airlines to ensure that they meet minimum international safety standards and those that do not. Airlines from countries that don't meet standards would not be allowed to start US service, and those that already have US service may not be able to change their level of service.

What Countries Are on the US List?
In the most recently available list from December 2008, a few of the countries identified as not meeting international standards included Bangladesh, Israel, Indonesia, and the Philippines. All of these countries had at least one airline that served the US. Most of the other countries in this second category had no airline serving the US at the time of the survey.

What These Lists Don't Cover
The short story is that these two programs only cover international flights. What happens within a country is under the control of that country's government. For some countries like the US, Japan, Australia, and the countries of the European Union, the standards are as high or higher than international standards. For other countries, the standards can be much lower.

Should You Avoid These Airlines or These Countries?
These lists from the EU and the FAA don't say that flying on an airliner from a particular country is unsafe or recommend particular airlines to avoid. The final decision to take any trip will be based on many factors, and these lists may be help an individual passenger decide.

AirSafe.com founder Todd Curtis has discussed decision making about risks extensively over the years, and the following is from an article he wrote in 1997:

(W)hen I make a decision on whether to take a particular flight or use a particular airline, I don't make my decision based solely on the fatal event rate or any other single measure. I do so by first taking into account a wide range of information and then by considering the following questions:
  1. Would I allow my minor child to fly unaccompanied?
  2. Would I allow my minor child to fly with an adult?
  3. Would I allow an adult family member to fly?
  4. Would I allow myself to fly?
  5. Would I allow myself to fly only under special circumstances?
  6. Would I allow someone I know on the flight?
  7. Would I allow someone I did not know on the flight?

My personal interpretation of the level of safety of a particular flight or airline would depend on how I answered the question. For example, if I answered the first question yes, then all the other questions below it would also be yes. This is neither a comprehensive set of questions or a set of questions which can deal with everyone's safety issues. This is merely my personal scale for rating the safety of an airline or an airline flight (I'll call it the Curtis Criteria). This method may not work for many people, but it works well for me.


Resources
European Commission List of Banned Airlines (updated 26 November 2009)
European Commission Press Release (27 November 2009)
IASA Program Results (updated 18 December 2008)

Airline Safety Survey
Please take the time to respond to this short survey.

The survey is now closed. The results of the survey are available here.

01 December 2009

Pet Travel Issues and Related Online Resources

According the US Department of Transportation, over two million pets and other live animals are transported by air every year in the United States. Most airlines in the US allow pets to travel on aircraft, sometimes in the passenger cabin, but also in the cargo hold. Over the last few years, the US government has addressed traveler concerns about the extent of pet travel safety issues by providing regular updates concerning reports of the loss, injury, or death of animals in their Air Travel Consumer Report.

AirSafe.com's pet travel resource page has basic advice about pet travel, pointing out that there are a number of considerations that passengers must consider, including what extra charges you may face, limitations on when pets can travel, and many other conditions of travel. If you plan to travel with pets, the most important thing to know that is that rules can be very different for different airlines. In the US, the Federal Aviation Administration (FAA) allows each airline to set its policies on travel with pets, including whether they are allowed in the cabin, or for that matter whether they can be transported at all.

Pets and Security Screening
According to the TSA, you will need to present the animal to the security officers at the checkpoint. You may walk your animal through the metal detector with you. If this is not possible, your animal will have to undergo a secondary screening, including a visual and physical inspection by our Security Officers. Your animal will not be placed through an X-ray machine. However, you may be asked to remove your animal from its carrier so that the carrier can be placed on the X-Ray machine.

Pets in the Passenger Cabin
Not every airline allows pets in the passenger cabin. Those that do typically allow only small animals that must be kept in some kind of cage or kennel for the duration of the flight. Also, the pets must be able to fit in the area under the seat and can’t be in the overhead baggage compartments. An airline may also limit the maximum number of pets in the passenger cabin, as well is the number of pets in coach, business, or first class sections of the aircraft. It is also possible that an airline may allow pets in one class of service or section of the aircraft, but not another.

Pets in the Baggage Compartment
If pets are not in the passenger cabin, they are typically transported in pressurized, temperature-controlled aircraft compartments. Confirm with your airline that this is the case.

One of the most comprehensive sites providing useful pet travel information PetFlight.com. Featuring practical travel advice, details on pet travel policy by airline, and lists of pet travel incidents reported to the DOT, this site will address many common questions pet owners may have about animal air travel safety.

Traveling to Hawaii with Pets
Hawaii has special limitations on pet travel, including quarantines of animals traveling to the state, even for passengers flying from other parts of the US. Make sure that you review Hawaii’s requirements at http://hawaii.gov/hdoa/ai/aqs/info, contact the airline, and possibly consult your pet’s veterinarian, prior to your travel to Hawaii. Otherwise, your pet could be quarantined for up to 120 days.

Service Animals
Service animals are not pets, but rather an animal individually trained to provide assistance to an individual with a disability. In the U.S., a disabled passenger can travel with his or her service animal in the passenger with relatively few limitations compared to the limitations on pets. While U.S. airlines are required to make accommodations for travelers with service animals, there may be situations where a service animal may not be allowed in the cabin. If you plan to travel with a service animal, it would be a good idea to contact the airline prior to your travel to see if there may be any difficulties.

Photo: shanan