National Archives Releases New Version of 9/11 Report
Yesterday more 9/11 information was declassified. Misty pointed out an obscure article that mentioned it, otherwise it would have escaped my notice.
A new version of the “Staff Monograph on the `Four Flights and Civil Avation Security'” is available here.
This newer version contains less redacted information than the first version released on January 28, 2005.
There is still redacted material, such as columns in some tables, a quote on page 56, another on 57, a paragraph on 63, etc. There doesn't appear to be a summary of what was released. I'll have to poke through both reports and see what we are now allowed to know. Amusing redacted material includes this paragraph:
To be listed in a security directive, an individual has to pose a “direct” threat to aviation. In other words…
The rest of the paragraph was redacted, indicating we shouldn't have a clearer definition of what a “direct” threat to aviation is. Much of the information obscured from us concerns CAPPS policy which, I guess, we don't need to know.
This worries me because security through obscurity only delays but does not prevent a breach. It also delays (and possibly prevents) experts from helping pro bono. What happened to open security? Perhaps that remains too hard or expensive.
I wonder if systems could be set up a similar way to CERT, which lets software vendors know about security problems a few months before publicizing those problems to the world. They are a trusted clearinghouse for information on breaches, and they force vendors to react by publicizing every breach they receive, after a suitable waiting period to correct the problem. There does not seem to be a similar system for policymakers.
Update: Looks like there's coverage in the NYT.
Josh Poulson
Posted Wednesday, Sep 14 2005 10:07 AM
![[Feed]](http://pun.org/oslo/feed_blue_32.png){kind=small}
