Quantcast
Sign up for our Newsletter! Get it!

Saverocity Travel

Travel - Better

OPSEC

by Leave a Comment

Operations security (OPSEC) is a term originating in U.S. military jargon, as a process that identifies critical information to determine if friendly actions can be observed by enemy intelligence, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information. – Wikipedia

In less Jargony terms, it means that ‘one of the good guys’ looks for potential threats to their own operation by the actions/procedures within it, and attempt to close loopholes.

Here’s an example of a situation today that requires some more consideration:

Parody account attempts, for humor, and fun, to get an airline passenger upgraded.  No bad intent noticeable.  However, there are three OPSEC issues:

  1. The passenger publicly revealed his locator number, parody account screenshotted this and included it in his retweet.
  2. Passenger uses real name in Twitter handle.
  3. Passenger allows location services for his tweets.

The combination of the above reveals the following:

Locator, Name, Recent and Recurring Geographical Location.

From that, it is possible to access the reservation, view names and information of the passenger, and any friends/family members flying on that locator.  They can also change seating assignments, or even cancel the flight.

Actual Flight Details of stranger. Cancelling this ticket is a click away.

What should you do and why should you care?

If you wanted to show some kindness, you could give the person a heads-up about their mistake.  You could even link them to this post to explain more as Twitter has only 140 characters.

Delta informed me that they should be able to adjust the locator number if has been compromised.  I would recommend DMing Delta Twitter team to do this, as Twitter teams are able to get a lot done.  But if you don’t know how to DM and simply write public information (which started the issue) then you’d be creating a disaster.  Here’s how to DM.

If you don’t want to inform the person (and there is some good OPSEC logic behind not getting involved in other people’s business) then the least you could do is NOT retweet/share/compound the mistake.  Whether it is for humor or whatever reason, you are potentially causing real harm.

It’s time to be a little more thoughtful about our actions, consider their consequences, and build a stronger community.

Get posts by email

* indicates required
Signup Form

Leave a Reply

Your email address will not be published. Required fields are marked *

Disclaimer

This site is journalistic in nature, The information contained within this blog from all writers is provided for informational purposes only and is not intended to substitute for obtaining professional financial advice. Please thoroughly research everything you read here and seek professional representation before acting on any information you may have found in this blog.

Disclosure

Some links on this site are affiliate links and pay us a commission should you click them. We do our best to clearly label when these might appear.
Share This

Share This

Share this post with your friends!