Re: US capitol not in US, according to TSA

["Blanchard, Michael (InfoSec)" <michael.blanchard () emc com>]

Regardless of how much or how little this TSA Agent makes... I could care less if he works for $1 an hour or if he 
makes $100k a year....  it has zero bearing to this conversation...
  he is still "airport police" and should at the very least know that the District of Columbia is the capitol of the 
united states.... AND he should be very well aware of ALL the US drivers licenses... it is, after all, HIS JOB TO KNOW 
THIS.... no excuses, I'm sorry...  with that said, he still did the right thing after not recognizing the license by 
asking for help...

An intern working for me, or a "fresh newbie" IT tech/security person, may not know what the autoconfig address is off 
the top of his head... Just like a TSA agent may not know that 1600 Pennsylvania Ave is where the president lives...  
But that new tech better damn well know that Microsoft makes windows and Apple makes OSX... 

Michael P. Blanchard
Principal Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE
Cyber Security Services
EMC ² Corporation
32 Coslin Drive
Southboro, MA 01772


-----Original Message-----
From: Bill Terwilliger [mailto:sideshowtwig () gmail com] 
Sent: Friday, July 18, 2014 12:28 PM
To: Blanchard, Michael (InfoSec)
Cc: Valdis.Kletnieks () vt edu; funsec () linuxbox org; rmslade () shaw ca
Subject: Re: [funsec] US capitol not in US, according to TSA

The average TSA worker earns $12-$17/hour.  In Florida, where this guy was from, he was probably closer to the $12 end 
of the scale.  This agent is probably in his early 20s and is only making slightly more than someone working at a fast 
food restaurant.  That is about as "most people" as you can get.  And given that most Americans don't understand 
confusing status of The District of Columbia, I stand by my assertion that it is completely reasonable for someone not 
to trust a license from some place that is not an state.

This whole situation reminds me of countless experiences I've had working with entry level IT/security people.  Entry 
level people are generally very passionate about their jobs, probably like this TSA guy is, but they are still filling 
in knowledge gaps, so it is reasonable to expect silly mistakes.  For instance, how many of us have been told that that 
a client connecting to a server has an IP address of 169.254.1.2 but they are *certain* that the issue is with the 
server?  It would be easy to criticize an over zealous newbie but that doesn't help anyone in the long run.  And that 
is why I feel that this reporter is making a mountain out of a molehill.  Does he reasonably believe that no one at the 
TSA knows that the District of Columbia issues their own licenses?  If not, then shouldn't the story should be "1 TSA 
employee out of 50,000 doesn't know that District of Columbia issues their own licenses."

-bill

On Jul 18, 2014, at 11:25 AM, Blanchard, Michael (InfoSec) <michael.blanchard () emc com> wrote:

> Sorry, this guy is supposedly a trained professional....  he's not "most people" he should have known that DC issues 
> their own license...


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.