random memes }

Department of Homeland (in)Security

Why you should always question authority - before they waste too much of your kids money.

Top 10 27BStroke6 Posts of the Year - 2006 27BStroke isn't even a year old yet, but we've already fallen prey to the temptation to issue a top ten list.

Back in August 2005, a border-screening system supposedly unconnected to the internet was brought done by the Zotob worm, though Homeland Security denied it happened. Kevin Poulsen chronicled his attempt to get the proof through government sunshine requests here at 27B. The hilarity included government officials calling to ask Kevin to withdraw his request, then telling a judge they lost the paperwork several weeks before they called him.

When, last September, a spokeswoman for DHS's Bureau of Customs and Border Protection (CBP) phoned me to ask that I voluntarily withdraw a month-old Freedom of Information Act request, I had to wonder why.

The request was for any documents pertaining to an earlier failure of a sensitive DHS system used to screen incoming visitors to the US. Called US-VISIT, the system is a network of Windows PCs and mainframe servers that takes fingerprints and digital photos of travelers as they enter the country, and checks each visitor against scores of national security and criminal watchlists.

The August computer failure led to long queues at airports across the country, but was only tersely explained to the public. The DHS initially said a computer virus had infected one of the mainframe servers -- in Virginia. Later, the agency reversed itself and claimed there was no virus, and the outage was a normal computer crash.

We now know that neither version was entirely true. But I'm getting ahead of myself.

I declined to withdraw my request, and waited for DHS to produce some documents. And waited, and waited. Patience is a virtue when FOIAing a federal agency, and nothing is gained by jumping down bureaucrats' throats when they invariably miss the (20 day) statutory deadline.

But six months later, agency personnel still hadn't produced a shred of information, nor had they responded to an administrative appeal. That's when I took them to court, wondering what they were hiding.

Now we know. According to documents filed (.pdf) in the case last Thursday, they're hiding precisely 666 pages of documents about the virus infection that they've publicly denied ever occurred.

Yes, there are managers in government that will lie to protect their turf.

A computer failure that hobbled border-screening systems at airports across the country last August occurred after Homeland Security officials deliberately held back a security patch that would have protected the sensitive computers from a virus then sweeping the internet, according to documents obtained by Wired News.

The documents raise new questions about the $400 million US-VISIT program, a 2-year-old system aimed at securing the border from terrorists by gathering biometric information from visiting foreign nationals and comparing it against government watch lists.

The Aug. 18 computer failure led to long lines at international airports in Los Angeles, San Francisco, Miami and elsewhere, while U.S. Customs and Border Protection, or CBP, officials processed foreign visitors by hand, or in some cases used backup computers, according to contemporaneous press reports.

Publicly, officials initially attributed the failure to a virus, but later reversed themselves and claimed the incident was a routine system failure.

CBP officials have released six pages of heavily redacted documents about the Aug. 18 computer failure. Click here (.pdf) for the inside story in black and white (mostly black).

But two CBP reports obtained under the Freedom of Information Act show that the virulent Zotob internet worm infiltrated agency computers the day of the outage, prompting a hurried effort to patch hundreds of Windows-based US-VISIT workstations installed at nearly 300 airports, seaports and land border crossings around the country.

Judge Orders DHS to Come Clean on Border Cyber Attack A federal judge in San Francisco has ordered (.pdf) the Department of Homeland Security's Bureau of Customs and Border Protection (CBP) to give me additional documents on a cyber attack that shut down portions of the national border screening system last year.

The government had argued that releasing more than six partially-blacked-out pages on the August 2005 incident would make the sensitive US-VISIT system vulnerable to computer intruders. After reviewing the 672 pages of documents the government has in its possession, U.S. District Court Judge Susan Illston is unconvinced.

I must be in the wrong part of the industry.

The $400 million US-VISIT program is a network of Windows PCs and mainframe servers that takes fingerprints and digital photos of travelers as they enter the country, and checks each visitor against scores of national security and criminal watchlists.

Heck, I try to make sure our small software group (costing maybe $1 million a year) returns at least equal value to the company. I cannot imagine burning $400 million and screwing up so throughly.