Comments on: Fake boarding passes clear airport security http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/ Protect yourself from government gaffes, bureaucratic blunders and incumbent incompetence Mon, 06 Feb 2012 16:25:45 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: The news just keeps breaking - Homeland Stupidity http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11730 The news just keeps breaking - Homeland Stupidity Sun, 10 Dec 2006 09:07:30 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11730 [...] Christopher Soghoian, who blew the whistle on a serious airport security problem which had been ignored for years by creating a Web site which generated fake boarding passes, is still under investigation by the Transportation Security Administration for allegedly violating federal airport regulations and faces “civil penalties of not more than $11,000 per violation,” according to the threatening letter the TSA sent him as a Christmas present. They have plenty of time to go after whistleblowers, but no time for improving airport security, it seems. [...] [...] Christopher Soghoian, who blew the whistle on a serious airport security problem which had been ignored for years by creating a Web site which generated fake boarding passes, is still under investigation by the Transportation Security Administration for allegedly violating federal airport regulations and faces “civil penalties of not more than $11,000 per violation,” according to the threatening letter the TSA sent him as a Christmas present. They have plenty of time to go after whistleblowers, but no time for improving airport security, it seems. [...]

]]> By: Boarding pass creator: Out of frying pan, into fire? - Homeland Stupidity http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11729 Boarding pass creator: Out of frying pan, into fire? - Homeland Stupidity Fri, 01 Dec 2006 11:26:06 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11729 [...] This whole mess started when Soghoian posted a fake boarding pass generator on his Web site to draw attention to a long-standing problem with airport security that he felt nobody was sufficiently addressing. [...] [...] This whole mess started when Soghoian posted a fake boarding pass generator on his Web site to draw attention to a long-standing problem with airport security that he felt nobody was sufficiently addressing. [...]

]]> By: Whistleblower News From the NSWBC » http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11728 Whistleblower News From the NSWBC » Sun, 05 Nov 2006 05:07:06 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11728 [...] Christopher Soghoian created the Northwest Airlines Boarding Pass Generator to demonstrate flaws in the government’s implementation of airport security and the so-called no-fly list. A few short days later, on Friday, FBI agents visited him and, as he told it, handed him a “written order” to take down the site, and unfortunately, he did. Read More [...] [...] Christopher Soghoian created the Northwest Airlines Boarding Pass Generator to demonstrate flaws in the government’s implementation of airport security and the so-called no-fly list. A few short days later, on Friday, FBI agents visited him and, as he told it, handed him a “written order” to take down the site, and unfortunately, he did. Read More [...]

]]> By: Ottawa plans no-fly list by 2007, whats the point? - scruffydan.com/blog - Last year Pluto was a planet. Nothing surprises me anymore. http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11727 Ottawa plans no-fly list by 2007, whats the point? - scruffydan.com/blog - Last year Pluto was a planet. Nothing surprises me anymore. Fri, 03 Nov 2006 05:16:00 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11727 [...] The fake boarding pass generator exposes long-standing flaws in airport security as implemented by the federal government which would allow people on the no-fly list to buy tickets and board flights, possibly without even going through the somewhat invasive secondary screening that everyone whose boarding pass shows “SSSS” finds themselves subjected to. -Homeland Stupidity [...] [...] The fake boarding pass generator exposes long-standing flaws in airport security as implemented by the federal government which would allow people on the no-fly list to buy tickets and board flights, possibly without even going through the somewhat invasive secondary screening that everyone whose boarding pass shows “SSSS” finds themselves subjected to. -Homeland Stupidity [...]

]]> By: Stu http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11726 Stu Thu, 02 Nov 2006 02:11:07 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11726 Why not compare the ticket with the database entry for that ticket? No database entry for a ticket should be a big flag that something is wrong with the ticket. Also, update the database record with a unique key sequence printed on the ticket. That way the printed ticket would have to match the database entry. Even harder, encode the unique code on the ticket (and database record) with the ticket ID, name and destination. Anything that does not match, sets of a warning for more investigation. Using a single printed piece of bar coded paper for security is stupid. Why not compare the ticket with the database entry for that ticket?

No database entry for a ticket should be a big flag that something
is wrong with the ticket. Also, update the database record with a
unique key sequence printed on the ticket. That way the printed
ticket would have to match the database entry.

Even harder, encode the unique code on the ticket (and database
record) with the ticket ID, name and destination. Anything that does
not match, sets of a warning for more investigation.

Using a single printed piece of bar coded paper for security is
stupid.

]]> By: Louis Loizides http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11725 Louis Loizides Tue, 31 Oct 2006 14:15:29 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11725 I'd known plenty of people who've changed the name on their printable boarding passes to get around frequent flier loopholes. Doing so usually only requires a text editor, not a DIY boarding pass generator. Taking down that site was stupid and, if anything, it helped bring this security flaw to light. Printable boarding passes can be made secure with something as easy as an encrypted 2D barcode. I've seen them on printable concert tickets, but obviously the TSA is too stupid to figure this out right now. I’d known plenty of people who’ve changed the name on their printable boarding passes to get around frequent flier loopholes. Doing so usually only requires a text editor, not a DIY boarding pass generator. Taking down that site was stupid and, if anything, it helped bring this security flaw to light. Printable boarding passes can be made secure with something as easy as an encrypted 2D barcode. I’ve seen them on printable concert tickets, but obviously the TSA is too stupid to figure this out right now.

]]> By: IT Blogwatch http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11724 IT Blogwatch Mon, 30 Oct 2006 11:23:48 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11724 <strong>FBI smashes fake boarding pass guy's door (and new...</strong> Now boarding: IT Blogwatch, in which a security researcher demonstrates flawed airport security and gets his home searched by the FBI. Not to mention fresh meat from Go Home Productions...... FBI smashes fake boarding pass guy’s door (and new…

Now boarding: IT Blogwatch, in which a security researcher demonstrates flawed airport security and gets his home searched by the FBI. Not to mention fresh meat from Go Home Productions……

]]> By: FBI raids creator of fake boarding pass generator - Homeland Stupidity http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11722 FBI raids creator of fake boarding pass generator - Homeland Stupidity Sun, 29 Oct 2006 00:28:39 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11722 [...] Christopher Soghoian created the Northwest Airlines Boarding Pass Generator to demonstrate flaws in the government’s implementation of airport security and the so-called no-fly list. A few short days later, on Friday, FBI agents visited him and, as he told it, handed him a “written order” to take down the site, and unfortunately, he did. [...] [...] Christopher Soghoian created the Northwest Airlines Boarding Pass Generator to demonstrate flaws in the government’s implementation of airport security and the so-called no-fly list. A few short days later, on Friday, FBI agents visited him and, as he told it, handed him a “written order” to take down the site, and unfortunately, he did. [...]

]]> By: nathanr|com » Fake boarding passes clear airport security http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11721 nathanr|com » Fake boarding passes clear airport security Sat, 28 Oct 2006 07:59:58 +0000 http://www.homelandstupidity.us/2006/10/27/fake-boarding-passes-clear-airport-security/#comment-11721 [...] Fake boarding passes clear airport security [...] [...] Fake boarding passes clear airport security [...]

]]>