Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Experts Warn About Security Flaws In Airline Boarding Passes

samzenpus posted about 2 years ago | from the to-screen-or-not-to-screen dept.

Security 199

concealment writes in with a story about a newly found security issue with the bar codes on boarding passes. "Flight enthusiasts, however, recently discovered that the bar codes printed on all boarding passes — which travelers can obtain up to 24 hours before arriving at the airport — contain information on which security screening a passenger is set to receive. Details about the vulnerability spread after John Butler, an aviation blogger, drew attention to it in a post late last week. Butler said he had discovered that information stored within the bar codes of boarding passes is unencrypted, and so can be read in advance by technically minded travelers. Simply by using a smartphone or similar device to check the bar code, travelers could determine whether they would pass through full security screening, or the expedited process."

Sorry! There are no comments related to the filter you selected.

Same security for all (5, Interesting)

Kwyj1b0 (2757125) | about 2 years ago | (#41761125)

Has anyone seen a case where a passenger is waved through security? Each time I go through, everyone in line for screening goes through the same process (then again, I am completely average and might not have seen advanced/reduced security for anyone except pilots).

Re:Same security for all (2, Insightful)

Anonymous Coward | about 2 years ago | (#41761195)

When I entered Australia as a U.S. citizen studying abroad I was waved through security. I'm still not sure why, but I don't think it had anything do with my boarding pass showing me as definitely not a terrorist.

Re:Same security for all (2, Interesting)

Anonymous Coward | about 2 years ago | (#41761203)

Possibly because we don't (yet!) have the same level of Security Theatre as our US counterparts?

Re:Same security for all (3, Interesting)

Anonymous Coward | about 2 years ago | (#41761209)

Most countries don't check entering the country other than customs. I suspect the TSA does it for more funding. It is a department with the largest scope creep I have ever seen.

Re:Same security for all (5, Interesting)

fustakrakich (1673220) | about 2 years ago | (#41762025)

It is a department with the largest scope creep I have ever seen.

You mean aside from the CIA, NSA, IRS, DOD, FBI, the executive branch of the government, the entire government itself? It's pretty hard to quantify 'scope creep' when everybody is guilty.

Re:Same security for all (0)

Anonymous Coward | about 2 years ago | (#41762431)

The DOD hasn't really changed scope much: it has always been about turning things into broken things: people, materiel, enemy cities, product designs, foreign countries, etc.

IRS, too, has always been about making sure that the treasury gets as much of their money out of you as possible, and not taking too much from the right people. That's pretty much what treasuries the world over do: their job is to accumulate money, not to spend it or leave it in the pockets of irresponsible amateurs.

Re:Same security for all (2, Interesting)

Anonymous Coward | about 2 years ago | (#41762503)

You mean aside from the CIA, NSA, IRS, DOD, FBI, the executive branch of the government, the entire government itself?

Oh, no no, assuming scope creep is computed as "total size/useful size", TSA can leave everyone in the dust. With CIA/NSA/IRS/DOD/FBI, there is some fraction (we can argue how big) that provides useful service. With TSA there is no such thing.

To my knowledge, TSA hasn't actually caught any terrorists in 11 years of its existence. Every time some other organization (or fellow passengers) apprehend a terrorist wanna be (rare, but it happens), TSA expands it's funding. So by my definition "total size/useful size", TSA scope creep is a glorious infinity.

Re:Same security for all (5, Informative)

GumphMaster (772693) | about 2 years ago | (#41761293)

Once you pass passport checks the 'security' on entering Australia [daff.gov.au] is to do with biological security. A US national entering from a US flight is low risk for carrying biological hazards like viable seeds, eggs, infested timber products etc. Had you entered on a flight you joined in Africa or Asia, or been a Chinese national (think suitcase full of traditional remedies), they would likely have X-rayed everything for biological matter. We have stiff penalties for failing to declare prohibited biological items.

Security on leaving Australia bound for the US is largely dictated by US policy.

Re:Same security for all (1)

jamesh (87723) | about 2 years ago | (#41761657)

Once you pass passport checks the 'security' on entering Australia [daff.gov.au] is to do with biological security. A US national entering from a US flight is low risk for carrying biological hazards like viable seeds, eggs, infested timber products etc. Had you entered on a flight you joined in Africa or Asia, or been a Chinese national (think suitcase full of traditional remedies), they would likely have X-rayed everything for biological matter. We have stiff penalties for failing to declare prohibited biological items.

We even have a TV show about customs and the crap people try to smuggle in. At least I think it's ours... I see ads for it all the time but have never actually watched it. It could be like the Highway Patrol show that comes from NZ.

Re:Same security for all (2)

thempstead (30898) | about 2 years ago | (#41761947)

The Australian programme I believe is Nothing to Declare. There is also a NZ equivalent called Passport Patrol.

One of the lesser digital channels in the UK broadcasts both shows (normally multiple times a day)

Re:Same security for all (2)

jamesh (87723) | about 2 years ago | (#41762003)

The Australian programme I believe is Nothing to Declare. There is also a NZ equivalent called Passport Patrol.

One of the lesser digital channels in the UK broadcasts both shows (normally multiple times a day)

The NZ one is Border Patrol. Not sure why they rename it Passport Patrol for the UK audience...

Re:Same security for all (5, Informative)

Joce640k (829181) | about 2 years ago | (#41762171)

When I entered Australia as a U.S. citizen studying abroad I was waved through security. I'm still not sure why, but I don't think it had anything do with my boarding pass showing me as definitely not a terrorist.

You mean you were treated like a human being? In the rest of the world that's what we call "normal".

Re:Same security for all (2)

ryanov (193048) | about 2 years ago | (#41761491)

You've not received the SSSS security scan (I've gotten it twice). Forget the barcode, it's written on your boarding pass!

http://en.wikipedia.org/wiki/Secondary_Security_Screening_Selection [wikipedia.org]

Re:Same security for all (3)

psiclops (1011105) | about 2 years ago | (#41761693)

i got that when i came back from the U.S.

i figured it was due to the fact that i had previously travelled to saudi arabia

Re:Same security for all (1)

Anonymous Coward | about 2 years ago | (#41761641)

You don't fly very often then or at least not a times that business travelers frequent the airport. I routinely get waved on into the don't take anything off or out line where I walk through a metal detector and they barely seem to glance at the xray monitors. I love it of course but I know this just keeps me and other frequent travellers from complaining so the TSA can say look our numbers are getting better... Why can't everyone go through the happy line? Seriously it's pre 9/11 great (well no pocket knives anymore :/) time from id check to in the airport is around 30s (my last time through LAX no joke)

Photoshop? (5, Interesting)

x_IamSpartacus_x (1232932) | about 2 years ago | (#41761127)

How possible would it be to do very subtle Photoshop (or the GIMP) changes to ensure someone goes through the expedited process? Heck, terrorism aside, I'D do it just to avoid the cancer machines.

Re:Photoshop? (3, Informative)

DecimalMan (2705599) | about 2 years ago | (#41761167)

Probably not a good idea. From TFA: "it is illegal to tamper with a boarding card under U.S. law."

Re:Photoshop? (4, Insightful)

Swampash (1131503) | about 2 years ago | (#41761219)

Printing an entirely new one with your own bar code doesn't tamper with the existing card at all.

Re:Photoshop? (0)

Anonymous Coward | about 2 years ago | (#41761567)

Printing an entirely new one with your own bar code doesn't tamper with the existing card at all.

I'm fairly certain that forging your boarding card is at least as serious of a violation, if not more.

Re:Photoshop? (2)

Firehed (942385) | about 2 years ago | (#41761581)

True, but I'm pretty sure they don't have any sort of HMAC-type mechanism ensuring they're untampered-with. i.e., unless you put something in there that causes their machines to get cranky, your chances of being caught is nearly zero.

Hacking into banks is also illegal, but that doesn't stop determined individuals from trying.

Re:Photoshop? (2)

Luckyo (1726890) | about 2 years ago | (#41761827)

You don't personally show up for hacking, and your real name isn't splattered all over the relevant systems.

Re:Photoshop? (4, Insightful)

zazzel (98233) | about 2 years ago | (#41761653)

It's not tampering, it's forgery. How much of a tech/nerd guy do you have to be to NOT immediately see this?

Re:Photoshop? (3, Interesting)

AmiMoJo (196126) | about 2 years ago | (#41761767)

I usually print my own boarding pass these days. Check-in online and print a web page with barcode image on it. Altering that barcode before printing would be trivial.

Fortunately I don't really need to because last time I travelled it appeared that the nude scanners and shoe removal queue had all gone and just the metal detector was left.

You can still get cheap thrills by putting on a metal belt buckle if you are into that sort of thing. I noticed that a lot of guys wait until they can see how is doing the checks, and if she looks hot they keep their belt on, otherwise it comes off and goes in the tray.

Re:Photoshop? (3, Insightful)

whoever57 (658626) | about 2 years ago | (#41761295)

Probably not a good idea. From TFA: "it is illegal to tamper with a boarding card under U.S. law."

As already pointed out, if you are a terrorist cell, you don't need to alter the boarding passes, just buy enough and see which ones have the minimum screening. Heck, the people selected for maximum screening could make the proccess longer (carry some items that are not allowed but are common and largely innocuous, such as scissors, bottles of water, etc..), thus reducing the likelyhood of the minimum screening catching anyone because of the distraction.

Re:Photoshop? (4, Insightful)

PerformanceDude (1798324) | about 2 years ago | (#41761459)

On the other hand, if you are a terrorist cell, you are probably not terribly concerned about U.S. law...

Re:Photoshop? (2, Insightful)

kasperd (592156) | about 2 years ago | (#41761551)

On the other hand, if you are a terrorist cell, you are probably not terribly concerned about U.S. law...

And from that you get a corollary saying that anybody who isn't terribly concerned about U.S. law is a terrorist. Of course deriving a corollary that way isn't logically sound, but the people who make up corollaries of the form "anybody who ... is a terrorist" aren't terribly concerned about logic.

Re:Photoshop? (2)

wvmarle (1070040) | about 2 years ago | (#41762073)

Since 11 Sept, all people caught trying to set off bombs on board planes, boarded those planes outside the US. So they didn't have much to do with US security regulations ('law' is the wrong word for this, GP most likely mean 'regulations' or so).

Re:Photoshop? (1)

kasperd (592156) | about 2 years ago | (#41762271)

Since 11 Sept, all people caught trying to set off bombs on board planes, boarded those planes outside the US. So they didn't have much to do with US security regulations

Last time I travelled to the US, I had to go through an extra round of security checks before and after the normal security checks. So it seems the US has succeeded in imposing some version of their regulations on airports in other countries.

Re:Photoshop? (1)

TimmyRt (1354547) | about 2 years ago | (#41762137)

Of course, everyone who doesn't make up corollaries that way are crazy about logic.

Re:Photoshop? (1)

Anonymous Coward | about 2 years ago | (#41762499)

And from that you get a corollary saying that anybody who isn't terribly concerned about U.S. law is a terrorist. Of course deriving a corollary that way isn't logically sound, but the people who make up corollaries of the form "anybody who ... is a terrorist" aren't terribly concerned about logic.

Anybody who tries to blow up a group of people in order to inflict terror on a larger group of people is a terrorist.

Re:Photoshop? (0)

Anonymous Coward | about 2 years ago | (#41761795)

very strict security steps!

Re:Photoshop? (1)

ryanov (193048) | about 2 years ago | (#41761497)

I'm almost certain you're already receiving the minimum scan. There are higher levels that you can and probably have not yet gotten.

Re:Photoshop? (4, Interesting)

gutnor (872759) | about 2 years ago | (#41761963)

That is the scary thing about all that. There is no real screening on site or behaviour analysis, or you know, normal police work. No the level of scrutiny you get is dictated in advance by some random algorithm and independent of what you do there.

Security theater indeed !

Re:Photoshop? (4, Interesting)

1u3hr (530656) | about 2 years ago | (#41762057)

the level of scrutiny you get is dictated in advance by some random algorithm and independent of what you do there.

Which is actually the safest method, short of checking 100% of passengers. It's easy to game any system that predictably targets specific groups, you just makes sure your agents aren't in those groups and you're safe. If the chances of being searched are random, you can't reduce the risk of getting caught.

Of course, you'd ideally also want to have some smart guys to do additional searches based on observation. But they seem in short supply.

The real security theatre is the immense effort devoted to imaginary threats, liquids and shoes, for instance, which were never a real threat to begin with.

Re:Photoshop? (5, Informative)

dkleinsc (563838) | about 2 years ago | (#41762379)

quite possible [schneier.com] , as Bruce Schneier explains in detail.

Re:Photoshop? (3, Funny)

wienerschnizzel (1409447) | about 2 years ago | (#41762423)

Or perhaps to do a good ol' "DROP TABLE flights;"?

So now we know (1)

Anonymous Coward | about 2 years ago | (#41761147)

Yup, sounds like proof that certain people will get discriminated against if their info keeps coming up 'heavy screening'

Profiling (2)

phorm (591458) | about 2 years ago | (#41761197)

Indeed. It's pretty hard to say "random search" if the guy's badge code has a special section selecting him for "extra screening"

This sounds more like a special code that exempts people from a full search, but I wonder what other codes there might be.

Re:Profiling (4, Insightful)

Black Parrot (19622) | about 2 years ago | (#41761275)

Indeed. It's pretty hard to say "random search" if the guy's badge code has a special section selecting him for "extra screening"

It could be determined randomly before people are able to print their boarding passes.

In fact that would probably be the best way to ensure a random search, since a person at the gate might be influenced by your appearance.

Plus, if you have legitimate reason to believe someone is higher than average risk, you could just specify what's needed on the boarding pass, and not have to rely on the staff to spot you based on a picture.

Re:Profiling (2)

lightknight (213164) | about 2 years ago | (#41761337)

Ah, for all values of random where random = any flag in a DHS database anywhere.

Just so thrilled that we have discrimination down to a science.

Re:Profiling (3, Informative)

xenobyte (446878) | about 2 years ago | (#41761513)

Ah, for all values of random where random = any flag in a DHS database anywhere.

Just so thrilled that we have discrimination down to a science.

Profiling is awesome. It surpasses all other screening methods in efficiency and effectiveness.

Not only is it fast (it can be done entirely before the passenger even arrives at the airport), and those not flagged can be sent through with a minimum of screening (all this equals much less waiting), it is also efficient as it would have caught all the 9/11 hijackers as well as the 'shoe bomber' and the 'underwear bomber', while none of the scanners would have caught anything, and even the grope search is likely to have missed almost everything.

Another backside to the current scanner-fixated system is that it creates some awfully attractive long queues filled with people outside the secure area where even a small nail bomb easily could kill hundreds. If you are going to assemble a lot of people in a confined space at the airport it should be inside the secured areas where they are less of a target.

And of course there's plenty of other places with lots of people assembled and little or no security - like malls, concerts, amusement parks, train- and bus stations or so on. There's a lot of potential targets so the only efficient means to secure them it to take out any potential terrorists way before they can get near such places or even get their hands on bomb materials and explosives.

Re:Profiling (1)

dkleinsc (563838) | about 2 years ago | (#41762465)

What kind of profiling are we talking about?

Racial profiling wouldn't have helped: Richard Reid (the shoe bomber) is mostly white, Umar Abdulmutallab (the underwear bomber) is black, and the 9/11 hijackers were Arabic-looking. And the most successful "home-grown" terrorists were white guys: Ted Kazinski and Timothy McVeigh. And if the bad guys figured out that, say, white women over 40 were getting screened less, they'd recruit a white-looking woman over 40 with a name like "Jane Smith".

Behavioral profiling might conceivably have made a difference, if the behavior we're talking about is "one-way ticket, no baggage", but again a reasonably smart terrorist group would figure out the pattern and plan for it by buying a round-trip ticket instead.

The good news: The various bad guys that have been caught in the US have gotten what they thought were explosives exclusively from FBI agents. In fact, the FBI agents were so involved in the apparant plots that there's a real question of entrapment. And your chance of being killed by a terrorist are still far far lower than your chance of being killed by a drunk driver.

Re:Profiling (1)

Aryden (1872756) | about 2 years ago | (#41761435)

Indeed. It's pretty hard to say "random search" if the guy's badge code has a special section selecting him for "extra screening"

It could be determined randomly before people are able to print their boarding passes.

In fact that would probably be the best way to ensure a random search, since a person at the gate might be influenced by your appearance.

Plus, if you have legitimate reason to believe someone is higher than average risk, you could just specify what's needed on the boarding pass, and not have to rely on the staff to spot you based on a picture.

It would be easier to have the system check against a database of persons for nationality / race. You could also have it parse the name for key consonant combinations like "kh", "Abd", "Muh", "Azi" so on and so forth. There are too many ways to reduce the "randomness" factor.

Re:Profiling (2)

Zontar The Mindless (9002) | about 2 years ago | (#41762163)

So you'd include my old classmate Bill Burkholder in that group. Good catch.

Re:Profiling (2, Interesting)

Anonymous Coward | about 2 years ago | (#41761537)

It could be determined randomly before people are able to print their boarding passes.

In fact that would probably be the best way to ensure a random search, since a person at the gate might be influenced by your appearance.

It doesn't make much sense from a security standpoint to roll the random dice in advance, since a terrorist could book a number of flights under different aliases and then miss the flights where he/she is pre-selected for screening.

I'm not ruling out the authorities actually reasoned the way you're describing, though. "Enhanced security" at airports seems to have very little to do with actual security, and more to do with reassuring the public the situation is under control.

Plus, if you have legitimate reason to believe someone is higher than average risk, you could just specify what's needed on the boarding pass, and not have to rely on the staff to spot you based on a picture.

Having the information on the boarding pass itself introduces an even higher security risk. The information doesn't need to be on the boarding pass at all; it could just contain a unique serial number, which is then looked up in a database by the barcode scanner.

Re:Profiling (1)

EmagGeek (574360) | about 2 years ago | (#41762455)

"In fact that would probably be the best way to ensure a random search, since a person at the gate might be influenced by your appearance."

There are PLENTY of other ways to discriminate without seeing a person's appearance.

Re:Profiling (5, Insightful)

PerformanceDude (1798324) | about 2 years ago | (#41761479)

Actually - for many years when I was traveling in the US, if (and only if) my boarding pass had SSSS printed on it, I would be subjected to extra screening. The SSSS would be printed in large clear letters on the document. I don't know what genius came up with that advance warning, but it sure as hell would tell a wannabe terrorist not to go through with his plan and try again some other time. The people managing these processes really need to think such things through a little bit better.

Re:Profiling (4, Informative)

ryanov (193048) | about 2 years ago | (#41761503)

Bingo. http://en.wikipedia.org/wiki/Secondary_Security_Screening_Selection [wikipedia.org]

I got into an argument with a customer service representative (and flew standby -- not sure which was responsible) and received this.

Re:Profiling (4, Interesting)

PerformanceDude (1798324) | about 2 years ago | (#41761579)

Hmm - funny that. I once got that too after complaining to an American Airlines check-in lady about a checked luggage fee. Qantas passengers are exempt from such fees, as I tried to point out to her, but she wanted to hit me with it anyway. After a long debate and a visit from her supervisor the fee was waived - but - surprise surprise - SSSS appeared on the boarding card. This was on one leg out of 10 flights around the US, so it could not have been on the basis of any kind of passenger profiling. Maybe some slashdotter in the airline industry can enlighten us here...

Re:Profiling (2)

MLBs (2637825) | about 2 years ago | (#41762047)

I have been told by airline representatives that this marking is random.

Although I know that mathematically it's possible, the fact that in my last 10 flights I always got this marking makes me believe there is profiling done based on various criteria.

Re:Profiling (5, Interesting)

excelblue (739986) | about 2 years ago | (#41762101)

Airline employees can manually mark any boarding pass as SSSS.

How do I know? When it was possible to fly by purposely refusing to present ID, I once flew on a ticket that was paid for by another family member. When I went to check in and check my bags, they asked for ID. I told nicely told them that I prefer not to be identified and will be flying as a selectee. Person at ticket counter gives me a dirty look and responds (expectedly) that the SSSS is required if you don't present ID, but everything flowed smoothly after that. It's a shame that you can't refuse to identify yourself anymore these days.

After that, I think I was flagged as all my boarding passes for the next couple years had SSSS on it.

Re:Profiling (0)

Anonymous Coward | about 2 years ago | (#41762183)

Willing to bet money that it was related to the amount of time it took to process your checkin. Because you argued with them, your checkin took too long compared to others, a risk indicator picked up by the software

Hot Damn! (-1)

Anonymous Coward | about 2 years ago | (#41761151)

Clip me off a piece of that! /HAHAHAH! CAPTCHA failings

The truth... (2)

CimmerianX (2478270) | about 2 years ago | (#41761165)

This will be buried.... people will forget... and the TSA security theater will continue or even get stepped up to counter this little mishap.

Re:The truth... (4, Insightful)

lightknight (213164) | about 2 years ago | (#41761363)

'Tis a jobs program, and nothing more. Even the congressmen who are against the idea of the TSA are busy spinning it as providing jobs to their constituents.

Which is funny on so many levels. We all know that the TSA was built on a lie, we all know that it is worthless, we all know that it is bleeding the taxpayers dry, and we all know that we'd be better off without it. And yet, they're going to keep it, because jobs. Jobs which provide no net income, jobs which cost three times more than they are worth, jobs with glass ceilings built in, jobs which do not help America to grow anywhere but the waistline, and yet, they are so desperate to protect them. The money they are earning in kickbacks must be tremendous.

Re:The truth... (1)

spatley (191233) | about 2 years ago | (#41761603)

amen brother

Re:The truth... (1)

dkf (304284) | about 2 years ago | (#41761893)

'Tis a jobs program, and nothing more. Even the congressmen who are against the idea of the TSA are busy spinning it as providing jobs to their constituents.

You could privatize the vast majority of the TSA without any ill-effects, keeping just a small rump whose job would be to test whether the privatized parts are still doing their security checks correctly. This is pretty much how airport security is handled in most of Europe; the security staff are employed by the airport (or, more usually, a specialist contractor) and there's just central validation that the checks being performed are adequate with respect to the threat.

Re:The truth... (0)

Anonymous Coward | about 2 years ago | (#41762457)

It depends on how it is implemented: if it is still treated as a jobs programme, all you'll do is add shareholder dividends and higher management salaries to the cost.

Re:The truth... (4, Insightful)

OrigamiMarie (1501451) | about 2 years ago | (#41761905)

Jobs which slow the economy by discouraging pleasure travel (and all of the nice tourist spending) and business travel (and the kinds of business deals and chance new acqaintances you only get in person). Travel is incredibly important to our economy, it is part of what makes a large country so strong. When people opt out of it, the ripple effects are amazing.

Re:The truth... (2)

fustakrakich (1673220) | about 2 years ago | (#41762079)

There is only one thing that is responsible for declining pleasure travel, and that is the condition of peoples' personal economy. The complaints are coming from an insignificant minority. All things considered, business is pretty good.

Re:The truth... (0)

Anonymous Coward | about 2 years ago | (#41761965)

'Tis a jobs program, and nothing more. Even the congressmen who are against the idea of the TSA are busy spinning it as providing jobs to their constituents. ... The money they are earning in kickbacks must be tremendous.

It is hardly much of a jobs program - the TSA screeners probably earn minimum wage or so

Money shoveling to contractors, on the other hand... Each of these machines costs like $250,000! There is no penalty when they are shown to not detect shit (as had been demonstrated), so I am surprised they do not just ship empty cardboard boxes instead. And once there are any doubts as to their safety, they are moved to smaller airports or retired and new generation machines are bought!

When the military is wasting lots of money on a new plane, at least they typically shovel more money to try and fix it. Here, they just dump the old design and try something new. WTF?

Re:The truth... (3, Insightful)

wvmarle (1070040) | about 2 years ago | (#41762085)

Besides that it's election time, you guys have high employment already so it's political suicide for either party to say "hey you couple hundred thousand (or however many work in TSA) low-educated workers, please go find another job as we're shutting you down".

Re:The truth... (0)

squiggleslash (241428) | about 2 years ago | (#41762289)

We could retrain these guys and up their salaries at the same time to be Air Marshalls. That way, everyone wins, except for idiot Tea Partiers who'll find they're suddenly in favor of random government gropings if it means 0.001% lower taxes.

Re:The truth... (1)

Mashiki (184564) | about 2 years ago | (#41762409)

'Tis a jobs program, and nothing more. Even the congressmen who are against the idea of the TSA are busy spinning it as providing jobs to their constituents.

It would be better to train those people in construction or trades, but I keep remembering that large swaths of the population have this thing against hard manual and physical labor.

Re:The truth... (2)

mynamestolen (2566945) | about 2 years ago | (#41761549)

I guess you meant "Security Theatre". Recently a rude TSA guy in USA ordered me go through the screen again - this time with my hands out of my pockets where he could see them. I asked him why and he said I could hide things in my hands (he did a scrunched up hand gesture to show me). Wow he was dumb - now I can tell the world how to fool the machine - just scrunch up those bits of metal in your hands.

Re:The truth... (1)

RivenAleem (1590553) | about 2 years ago | (#41761871)

I think that America has a fundamental learning issue, which leads to these kinds of flaws. They can't even get a three letter acronym right. Unless they are taking a leaf out of the French book, by calling it Theatre Security America.

What is wrong with that? (2)

hundredrabh (1531761) | about 2 years ago | (#41761171)

What flaw are we talking about?
Obviously it is a feature for "technically minded travelers". Ist'n it?

Re:What is wrong with that? (3, Insightful)

mi (197448) | about 2 years ago | (#41761399)

When people have tried to walk away from the airport upon discovering, they were selected for the extra microwaving (or groping), they were told, they can no longer leave and must go through the screening. The reason was given [go.com] , that doing otherwise would allow terrorists to attempt to travel, but back away if they find themselves selected for more rigorous checks.

Well, if the level of checking is printed right there on one's boarding pass, the terrorists don't have to reveal themselves. When they find out -- ahead of time -- that they were picked for extra attention, they can simply leave all the bombs at home, fly away and back, and then try again until they draw a "lucky" boarding pass.

Re:What is wrong with that? (2)

zill (1690130) | about 2 years ago | (#41761421)

I believe GP was being sarcastic. I believe he was referencing the fact that terrorists are [slashdot.org] usually [slashdot.org] technically [slashdot.org] inclined [slashdot.org] .

Re:What is wrong with that? (0)

Anonymous Coward | about 2 years ago | (#41761585)

What flaw are we talking about?
Obviously it is a feature for "technically minded travelers". Ist'n it?

I know you're trying to be sarcastic, but you're actually correct. If you've been flagged, it's also got SSSS printed in big bold letters, for the not so-technically minded people. With that in mind, I really don't see how it's any big deal that it's also encoded on the barcode.

TSA definition (-1)

Anonymous Coward | about 2 years ago | (#41761191)

TSA = Total Security Amateurs

Re:TSA definition (0)

Anonymous Coward | about 2 years ago | (#41761245)

TSA = Thespians of Security Appearances

Re:TSA definition (0)

Anonymous Coward | about 2 years ago | (#41761313)

Terrorist Scam Artists.

Re:TSA definition (0)

Anonymous Coward | about 2 years ago | (#41761739)

TSA = Thugs Standing Around

Full Security Screening for John Butler (1)

AntiBasic (83586) | about 2 years ago | (#41761201)

Which one will John Butler will be receiving...

How long till John Butler gets arrested? (4, Insightful)

Nyder (754090) | about 2 years ago | (#41761207)

Wonder how long till John Butler gets arrested for sharing this info. National security and all that.

Re:How long till John Butler gets arrested? (0)

Anonymous Coward | about 2 years ago | (#41761681)

And how low it takes until the whole trio 'disappears'

Re:How long till John Butler gets arrested? (5, Informative)

fatphil (181876) | about 2 years ago | (#41762153)

Not likely to be long at all. Here's wikipedia's take on Chris Soghoian's tale:

On October 26, 2006, Soghoian created a website that allowed visitors to generate fake boarding passes for Northwest Airlines. While users could change the boarding document to have any name, flight number or city that they wished, the generator defaulted to creating a document for Osama Bin Laden.

Soghoian claimed that his motivation for the website was to focus national attention on the ease with which a passenger could evade the no-fly lists.[3] Information describing the security vulnerabilities associated with boarding pass modification had been widely publicized by others before, including Senator Charles Schumer (D-NY)[4][5] and security expert Bruce Schneier.[6] Soghoian received media attention for posting a program on his website to enable the automatic production of modified boarding passes. Democrat Edward Markey, House of Representatives committee (telecommunications and the internet) stated Soghoian should be arrested.[2]

At 2 AM on October 28, 2006, his home was raided by agents of the FBI to seize computers and other materials.[7] Soghoian's Internet Service Provider voluntarily shut down the website, after it received a letter from the FBI claiming that the site posed a national security threat.[8] The FBI closed the criminal investigation in November 2006 without filing any charges.[9] The TSA also initiated a civil investigation in December 2006,[10][11] which was closed without any charges being filed in June 2007.[12][13]

Not a security flaw (0)

CanEHdian (1098955) | about 2 years ago | (#41761223)

This is not a security flaw but rather makes for some interesting question re the "random selection" process. But this will probably be yet another "nothing to see here, move along" type revelation.

Re:Not a security flaw (0)

Anonymous Coward | about 2 years ago | (#41761277)

It could be a security flaw depending on how the mode of scanning is assigned. A terrorist who knows they're going to get the full treatment will know to be "late" for their flight and try again another day.

Re:Not a security flaw (1)

sumdumass (711423) | about 2 years ago | (#41762221)

This type of thinking is much the same that brought us the dangers of your soda bottle or bottle of water and shampoo on the flights.

A terrorist could just decide not to be a terrorist on that flight and go again.

Re:Not a security flaw (1)

Black Parrot (19622) | about 2 years ago | (#41761279)

This is not a security flaw but rather makes for some interesting question re the "random selection" process. But this will probably be yet another "nothing to see here, move along" type revelation.

Indeed, I don't recall having anyone scan my BP until I go through the gate at boarding time. Unless I'm forgetting it, the TSA preprocessors look at it, and look at your passport through the little lens thingy, but don't use a scanner.

Re:Not a security flaw (1)

lightknight (213164) | about 2 years ago | (#41761367)

Do you want me to point out the flaw in that argument, or can you spot it yourself?

And on a side note, you seem to be one of the few, active named accounts I'm still seeing on /. these days. Where'd everyone go?

Only one way to stop this SP terrism (0)

Anonymous Coward | about 2 years ago | (#41761309)

I think Smart Phones are too dangerous to be allowed on a plane unless they are kept in a clear 3'' plastic bag, may be that is also bad idea. may be only if there is also water in that plastic bag. Pardon me, but I am not that bright. Hopefully, some one brighter than me at TSA will come with a better "solution".

Toilet Safety Administration (0)

Anonymous Coward | about 2 years ago | (#41761315)

Had to be said [youtube.com] .

Obvious High Risk (1)

dark grep (766587) | about 2 years ago | (#41761339)

I don't know about 'hidden codes' - a few years ago I took my family on an around the world trip, traveling west from Australia via Dubai and London. All our US boarding passes were stamped with big red 'SSS' letters, except for my wife, who has a British passport.

At every security gate my three kids and I got the full treatment of pat-downs and extra screening, even being pulled out of the normal line and taken aside in some cases.

The reason, I supposed, was because we came to the US from Dubai arriving on the east coast of the US, we clearly posed a 'high risk' in the view of US border protection. My wife, being on a British passport, posed no such risk, coming that way from London.

The ever alert US border security did prevent my 8yo son bringing a pair of paper scissors into the country.

Re:Obvious High Risk (2)

Que_Ball (44131) | about 2 years ago | (#41761471)

I was randomly selected for the SSS tag on my boarding pass. It was great. We were in Phoenix and the regular screening line was massive, at least an hour long. The "special" line had about 10 people in it. We zipped right through. Would have needed to skip lunch if we were in the regular line.

We noticed the letters on the pass too before entering the lines so I guess they have not really cared about this "issue" in the past.

I think the special screening is more of a quality control measure on the regular screening guys than it's a real boost to security.

Someone post the details.. Android app anyone? (0)

Anonymous Coward | about 2 years ago | (#41761529)

Writing an Android app to display the unencrypted data would be trivial.

TSA only = US focused (4, Informative)

ardiri (245358) | about 2 years ago | (#41761533)

this only applies to the TSA who actually scan and pass people around the security scanning solution based on the results of what is in the barcode. in europe, you always have to go through scanning process, regardless of what your 2D barcode has encoded within in. all the TSA is doing here, is opening up a chance for terrorists based on local soil to get through the security scanning process simpler. the challenge is that the USA has the most number of travelers through the airline system than anywhere else in the world; doing extensive security checks does choke the system - so, they need to try and filter out the more frequent/trusted flyers, the net result is they are wasting time screening some since they done screen everyone.

Re:TSA only = US focused (0)

Anonymous Coward | about 2 years ago | (#41761593)

This concerns everyone travelling from the US and everyone travelling to the US! Yes, there are other countries in the world but I can't imagine there are many flights between them.

Re:TSA only = US focused (1)

Uzull (16705) | about 2 years ago | (#41761687)

In today's times where you need a Visa to enter the US, a lot of people bypass it. In the past it was difficult to fly from let's say South America to the Far East, because everybody had to fly via the US. This is a thing of the past. You can now fly via Dubai or South Africa. You can even do a round the world tour without stepping on US territory a single time, but went through all continents.
With the Visa requirement, the US tracks foreigners. With TSA, the US tracks it's own citizen...

You think the barcode is bad... (4, Interesting)

T-Bucket (823202) | about 2 years ago | (#41761543)

Not only could you photoshop the barcode, but hell, you could photoshop the name, the destination, the flight number, pretty much anything you wanted... The brainless goons at the security checkpoint wouldn't know the difference. (They don't scan tickets or anything).

In my experience (working for a contractor for a major US airline), you could even use a photoshopped (printed at home) boarding pass to get on the plane. When they scan it at the gate and the computer beeps saying "no such thing", generally the non-english-speaking gate agent will just scan it a few more times, give up, and let the person on the plane. When the passenger count from the computer later doesn't match up to the number of people on the plane, they'll just "go with what's on the plane" in the interest of getting the plane out on time. This happens on a DAILY BASIS. "Security" is a joke.

Re:You think the barcode is bad... (2)

jamesh (87723) | about 2 years ago | (#41761669)

Not only could you photoshop the barcode, but hell, you could photoshop the name, the destination, the flight number, pretty much anything you wanted... The brainless goons at the security checkpoint wouldn't know the difference. (They don't scan tickets or anything).

In my experience (working for a contractor for a major US airline), you could even use a photoshopped (printed at home) boarding pass to get on the plane. When they scan it at the gate and the computer beeps saying "no such thing", generally the non-english-speaking gate agent will just scan it a few more times, give up, and let the person on the plane. When the passenger count from the computer later doesn't match up to the number of people on the plane, they'll just "go with what's on the plane" in the interest of getting the plane out on time. This happens on a DAILY BASIS. "Security" is a joke.

I'm a little dubious about your claims... although it wouldn't be the first time stupidity has exceeded expectations.

I wonder what will happen with all this security in place when another plane gets hijacked? I guess we'll all have to be put to sleep at boarding time and then shipped to our destination in cocoons. At least we wouldn't have to eat airline food and put up with people kicking our seats then.

Deja vu (0)

Anonymous Coward | about 2 years ago | (#41761569)

Where did I see this before...

Ah that's right, this year's underhanded C contest.

BP data (2)

aepervius (535155) | about 2 years ago | (#41761587)

BP data is not meant to be a security things. If they saved CAPS 2 data on it, well *shrug*. Anyway the rule at check in on how to set whether there will be a screening are known. If I recall correctely the code, if you paid with CC, are business traveler or better, have a return ticket, and a miles and more or similar card, given baggage, you have next to no chance beyond random chance, whether if you paid cash, one way, with carry on, belong to the monkey class (M - Eco) , no FT cards, you are bound to be checked 100% of the time. At least it used to be that way, now the rule might be a bit more elaborate but I doubt it changed. Also it used to be you had anyway a 10-20% chance of being selected anyway at the security point, independentely of what the BP said. IMHO it is a non story.

Oh great (0)

Chrisq (894406) | about 2 years ago | (#41761791)

The muzzies can find out if the white convert will be waived through security and give him the weapons if he is

The Joys Of Flying (5, Interesting)

rally2xs (1093023) | about 2 years ago | (#41762255)

including the inability to get non-stop flights for most routes, having to pay to park in a lot that is still a 10 minute ride to the terminal, having to arrive 2 hours early to ensure getting thru security on time to board, having small innocuous items in my pockets stolen by TSA, risking having large innocuous items in my bags stolen by TSA, getting severely overcharged for food at airport terminals, getting X-rayed by someone who is not my doctor or dentist, having to do mini-marathons thru airports to make connecting flights, getting my bags lost, etc. etc. have all combined to cause me to decide to drive everywhere I go. Eventually, the Alcan Highway is going to get photographed up the wazoo, by me, 'cuz I'll drive up and ferry back. But the X-rays were the last straw, that shall not stand. I quit. You can find me on I-10 to Tucson next year, I-74 from Indy to La Crosse, I-64 to St. Louis, etc. etc. Until the unconstitutional TSA activity is removed, I will not choose to fly anywhere I can drive, or boat, or travel by train.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?