Exposing flaws in airport security by talking about them will get you watched closely by government agents. Hi, guys.
Creating a compelling demonstration of just how stupid the federal government is, though, will get you a less-than-friendly visit from the Federal Bureau of Investigation, followed by a predawn raid the next day.
Christopher Soghoian created the Northwest Airlines Boarding Pass Generator to demonstrate flaws in the government’s implementation of airport security and the so-called no-fly list. A few short days later, on Friday, FBI agents visited him and, as he told it, handed him a “written order” to take down the site, and unfortunately, he did.
Then the FBI agents kept a federal judge awake until two in the morning to get a search warrant (mirror) because Soghoian, in creating the site, supposedly engaged in “conspiracy to commit, or the commission of knowingly presenting a false and fictitious claim upon or against the United States, or any department or agency thereof,” according to the warrant.
I’m not even entirely sure what that means, or how this particular bit of security research qualifies as a federal crime. Earlier this week, Rep. Ed Markey (D-Mass.) had called for Soghoian to be arrested for putting up the site. Maybe he knows what it means. (Update: On Sunday morning, Rep. Markey rescinded his call for Soghoian to be arrested, and said that Homeland Security should hire him instead.)
Soghoian said he was shaken after the first FBI visit and spent the night elsewhere, and came home Saturday morning to find his door forced open, “a rather ransacked home, a search warrant taped to my kitchen table, a total absence of computers — and various other important things.”
It’s not that he’s trying to compromise airport security. It’s that he’s pointing out that airport security already is compromised, or, as his site used to read, “The TSA Emperor Has No Clothes.”
And it’s not that he’s some evil hacker or terrorist, either. He’s a fairly well known security researcher at Indiana University who has also done security work for Apple and Google. He obtained an M.S. in Security Informatics at Johns Hopkins University and is engaged in Ph.D. research at Indiana University. Earlier this year he created a new anti-phishing tool.
It’s also not like this particular security problem requires any particular technical skill. Anybody who can operate Microsoft Word could exploit this airport security problem. And only the most basic knowledge of Web programming would be necessary to re-create this particular code. Sites hosting mirrors of the boarding pass generator are already starting to appear on the Internet, as I predicted Friday.
So what we have is the FBI going after security researchers who are actually helping make us more secure. Apparently it’s perfectly fine to have bad airport security. After all, as long as nobody actually points out how bad the security is, then the security must be good! This is really how these people think.
This is also the mindset which let 19 terrorists hijack planes on September 11, 2001. The security was just as bad before 9/11 when it was heavily government regulated. Now that government controls it directly, it’s still just as bad. And these people want you to think that everything is all right.
Everything is not all right! Airport security sucks and it’s the government’s fault. It was the government’s fault on 9/11 and it is the government’s fault today.
And this completely misguided and probably illegal action by the FBI isn’t helping. (To get a search warrant like that, they would almost certainly have had to lie through their teeth to the judge.) In fact, it’s just covering up the problem.
This will not do.
We were right to get the FAA out of airport security after 9/11. They deserved their nickname of “Tomb Stone Agency.” Where we went wrong was in completely nationalizing it. Now we have a real Tomb Stone Agency. They even got the acronyms to match.
Instead, we should have gotten the government out of the airport security business, and turned it over to the airports, the airlines and the insurance companies, where it properly belongs in the first place. (See El Al for one possible example.) And you can be certain that until that happens, airport security will continue to have truck-sized holes in it, needlessly inconveniencing millions of innocent people while letting through the bad guys.
You can also be sure that complete idiots like Rep. Ed Markey and the FBI will continue to harass anybody who points out that the emperor has no clothes, while the terrorists laugh at us for destroying ourselves from within.
(No Ratings Yet)
Loading ...
Ultimately, the war supporters in Congress prevailed in the vote on the resolution. Still, the vote was significant because it places every member of Congress on the record as supporting or not supporting the unconstitutional, costly, violent occupation of a country that never attacked us. This vote should serve as an important reminder to the American people of where their representatives really stand when it comes to policing the world, empire building, and war.
Gardner Goldsmith explains why claims by politicians that consumers can become "irrational" and why claims by the same politicians that government can help "fix" markets are both false and misleading. He also explains what the terms Praxeology and Epistemology mean, which is key in understanding how to place free markets in their proper place among human history.
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works license.
Video published by this site is licensed under a Creative Commons Sampling+ license.
Facebook
Digg
del.icio.us
reddit.com
Newsvine
J. Bruno
Oct 28, 2006
Did they declare him an enemy combatant yet? He’s got balls to do this now with on right to a trial.
Michael Hampton
Oct 28, 2006
They haven’t even arrested him yet. I imagine it’ll be a while before they get around to that. After all, they have to find (or fabricate) evidence of a crime first.
murray white
Oct 28, 2006
thank you. main stream media about two days behind you.
Michael Hampton
Oct 28, 2006
Heh, I’m all about leaving the mainstream media in the dust. My personal record is 35 days before the MSM picked up a story I had here. :)
Oct 28, 2006
Security Blog » Blog Archive » FBI Raids Creator of Fake Boarding Pass Generator
Oct 28, 2006
Living in the Whine Country » FBI raids creator of fake boarding pass generator
Mr Obvious
Oct 28, 2006
Let’s see … some twit made a website that allows you to generate fake documents … he made it public, allowing anyone with a browser to quite easily make a fake boarding pass, bypassing security … the FBI followed the letter of the law, and asked a judge for a legal search warrant … the warrant was granted, and the warrant was executed …
What’s the problem here guys? I don’t see one. The FBI followed the letter of the law, and I’m glad they did. There are ways to work -*with*- the system, and ways to work -*against*- the system. This is working against the system, and in a bad way. He threw himself under the bus, and now he’s going to pay the price.
And what sweet irony … it was a Democrat that demanded the investigation … how ironic … I bet that makes your tiny bleeding moonbat hearts weep now doesn’t it?
ferdinand fairfax
Oct 28, 2006
I don’t get how that is ironical. Are you saying that Republicans are the party who usually stand behind the circumvention of civil liberties?
And since you used the phrase “letter of the law,” I was wondering if you be so kind as to cite some law proving the criminal nature of what he did.
Smarty
Oct 28, 2006
OK, hold on Mr Obvious
The real point is that security is flawed, why don’t you get this? Why assume that those that support this are liberal (bleeding hearts). Last time I checked security is everyones responsability. Duty, honor, country, live it don’t preach it. Maybe thats just my CIB talking, and if you don’t know what that is then well…
Oct 29, 2006
einstein’s poets» Blog Archive » Weeee!
l
Oct 29, 2006
Let’s arrest all the whistle blowers. Good going, government.
There is a silver lining, though at the expense of one man’s peace of mind (and potentially, personal record and freedom): the government is doing a good job at advertising its incompetency and draconian techniques. Trust bureaucracy to be its own undoing.
I’m anxiously awaiting reelections. While this has demonstrated that neither party totally understands what is going on, it also shows the current party in charge has done a great job of maintaining such an atmosphere at the official level.
- l
security
Oct 29, 2006
as of today you can still see a Cache of the site in Google Yahoo
and MSN – and in a few months it will be on the Internet achive
dubfire.net/boarding_pass/
he did in fact put this warning on his site:
This webpage will produce a boarding pass good enough to get anyone past TSA, and thus, into the “secure” gate areas of the airport terminal.
Note that this will not be a valid pass, so it will not get you on the airplane. For that, you need to actually buy a ticket.
—————————–.
Michael Skelton
Oct 29, 2006
Looks like we’re doomed to another security through obscurity country… Leaving the flaws un-found and just trusting that the whole thing works…
John
Oct 29, 2006
You see, this isnt democracy, laws were supposed to protect the people not make them suffer. FBI sucks.
Neil Kay
Oct 29, 2006
Yay for America – silence the person who points out your failings and it’s then like it never happened.
painhertz
Oct 29, 2006
Let’s see. Aiding and abetting terrorists. Add to it that Habeus Corpus has
has been done away with. He should get 25 years if he ever comes to
trial.The rules have changed and you can just dissapear. Gitmo here he
comes.
Mr Obvious
Oct 29, 2006
Why do I point to the liberals? Because it’s the liberals with their bleeding hearts that think that they can get away with crimes in the name of “making things better.”
Do you really think the TSA is unaware that a person with a computer can fake a boarding pass? I mean … seriously … do you really think that they have never thought of it before? They have thought of it before, and if you believe otherwise you are a fool.
Building a tool with the explicit purpose of defrauding a federal agency is a crime. Giving that tool to others to use is another crime. Using such tool to produce false documents is yet ANOTHER crime. Period. It’s that simple.
Oh … and I can hear it now … “but you can do this with Word or Photoshop …” yes … you can … and you could blow stuff up with chlorine tablets and gasoline, but it’s not a crime to pick some up from the pool store in your car, and shock your pool. The difference is intent.
This tool was -*intended*- to defraud. It wasn’t a paper describing a potential tool, it was a real working tool, and it was out there for anyone to use. He could have made his point just as well by writing a letter his congressman/congresswoman or even to the guy that stood up and got him busted.
And why do I say it’s ironic that a democrat busted you? Because my guess is that you are a died-in-the-wool blue stater that worships the democrat party, that’s why. And it’s also ironic because the democrats want to cripple the security of this country, not weaken it. If the democrats were in charge, we would just surrender the war on terror, and institute Sharia law.
Acts of civil disobedience such as these only accomplish these things:
1) Make you look like a whacko
2) Get you busted
3) Get all your stuff taken by the cops, never to be returned
4) Absolutely nothing for your cause
You see … now they can’t change it. If they did change it, they would look like mean assholes. Now they have to keep the status-quo just to save political face. If you think about it, what you did actually made things less-safe, rather than more safe, and have most likely prevented any real change.
I hope it was worth it.
Michael Hampton
Oct 29, 2006
Mr. Obvious, your credibility as a “conservative” is stretched pretty thin. And it’s clear you don’t know a lot about security.
Michelle Malkin, for instance, thinks this guy should get a medal.
And this didn’t make anyone any less safe. This security problem has been known for years, but Congress hasn’t done anything about it. This demonstration is nothing more than pointing out that the emperor has no clothes, and it was long overdue.
Hell, Sen. Charles Schumer described the problem in great detail a year and a half ago. Why aren’t you calling for his arrest? He’s a Democrat, after all.
Anyway, this isn’t a partisan issue either. We need real airport security, not this fake security we’ve had since well before 9/11. If pointing out that we don’t have any real airport security is illegal, then the Republic has failed.
local
Oct 29, 2006
This whole ordeal sums up what’s wrong with the security situation throughout the government. Anyone else remember Sean Gorman, the critical infrastructure researcher (http://www.washingtonpost.com/ac2/wp-dyn/A23689-2003Jul7)? This is a very similar situation.
Hopefully Mr. Soghoian will end up consulting for TSA, as Mr. Gorman consults for DHS. Though, don’t expect one individual to make much of a difference in the .gov. Too many dinosaurs and their lackeys are in the .gov. A vast number of the rest, especially in DoD, intel community, etc. are brainwashed into believing that “their way” is the best. If the management says something, then it must be true.
God, all of this is depressing.
Anyway, Mr. Soghoian did the right thing. It’s not like TSA was telling congress or anyone else about their security issues. TSA thinks it’s god’s gift to America… It’s about time someone pointed out that they’re not good at their jobs.
Michael Hampton
Oct 29, 2006
It’s not that TSA isn’t good at their jobs. In fact, they’re very good at their job, but their job isn’t what people think it is. Their job is, in fact, to keep up a charade of security, not to keep up security.
Changing the people at the top won’t fix the problem, just as changing people at the bottom didn’t fix it. As long as the government is in charge of airport security, we won’t be allowed to have any airport security.
J. Bruno
Oct 29, 2006
Mr. Obvious,
The explicit purpose of the tool is to emphasize how deliriously laughable the security of our nation is. Yes, the TWA is aware of that fact–the purpose of the tool is to alert everyone else about the TWA’s dereliction of duty.
You are a pansy socialist and should move to China where dodging responsibility and duty are acceptable behaviors in government officials. You bleeding heart communist republicans make me sick. How much more of my money am I obligated to donate to the cause of fake security–for the purpose of quelling your pansy-ass, pussified fear of Arabs? You little girls only comprise about 33% of the population; it might be more economical for the rest of us just to assign you each a security guard. Would that keep you from wetting your pants whenever someone says a terrorist is going to get you?
forstand
Oct 30, 2006
I cannot see where his actions would constitute a “claim” against the United States. Define “claim”. That would be tort, not criminal, in nature. In other words a lawsuit. What idiot judge does not know the difference? Oh, the one who signed the search warrant.
““conspiracy to commit, or the commission of knowingly presenting a false and fictitious claim upon or against the United States, or any department or agency thereof,†according to the warrant.”
The search warrant is seriously flawed. Unfortunately the government can afford the best lawyers to cover their asses. This is blatant intimidation, pure and simple. It is a case of my lawyer can beat up on your lawyer.
Oct 30, 2006
MellowBox » Blog Archiv » Fake Boarding Pass Generator
Oct 30, 2006
EveryDigg » Blog Archive » FBI Raids Creator of Fake Boarding Pass Generator
Frank the Democrat
Oct 30, 2006
“Let’s see … some twit made a website that allows you to generate fake documents … he made it public, allowing anyone with a browser to quite easily make a fake boarding pass, bypassing security…”
No, a fake boarding pass does not allow you to by-pass security. For that matter, a real boarding pass does not allow you to by-pass security.
Think about the last time you travelled. Everyone with a boarding pass has to be screened before entering the restricted area.
At the very worst, a fake boarding pass allows an individual access to a restricted area with other legitimate travellers.
Steve the Realist
Oct 31, 2006
Having flown twice in the last week, the idiocy we call security is fresh in my mind. We now have people standing around to confiscate your toothpaste (“that’s 4.2oz sir, you are only allowed 3…”) or Mountain Dew. The solution is simple. No carry-ons. Seriously – other than those business travellers that cannot be without their cellphone or laptop for more than 5 minutes, who actually uses all the stuff in their bags ?
Watching my fellow sheep this weekend, I paid special attention to the overhead lockers in the plane during my 3 hour flight. Out of the 200 or so people in the plane, maybe 2 or 3 actually got something out of their bags during the flight, yet most had 2 bags (One + a laptop or purse) plus a coat and so on.
The only reason I can understand for not checking this luggage is the complete lack of security for checked baggage…wait a second….the cabin environment is insecure because we are avoiding the insecurity of the cargo environment ? Methinks the TSA are missing the point ;)
Dan
Oct 31, 2006
Yep, this fake pass allows you to go through the same security screening that everyone has to pass through with real passes. Big whoop! Not a security breach. Much like a “fake” college degree. It makes you feel smarter but you’re still an idiot!
Carl P. Corliss
Oct 31, 2006
After reading about this story I was upset enough that I actually wrote my congressmen (yup, Ed Markey). Below is the reply I just recv’d from his office:
October 31, 2006
Carl Corliss
[My Address]
Dear Carl:
Thank you for expressing your concern about the issue of fake boarding
passes. When I first heard that someone had built a website for the
purpose of making it easier to create fraudulent boarding passes, I
called for the “apprehension” of the person or persons responsible.
Later, when I had confirmed that the creator of the website was a
student interested in publicizing – not creating – a security loophole, I
immediately issued the following statement:
October 29, 2006 – MARKEY: DON’T
ARREST STUDENT, USE HIM TO FIX
LOOPHOLES
WASHINGTON, D.C. — Statement of Rep. Ed
Markey (D-MA), a senior member of the
House Homeland Security Committee, on the
website created to expose a massive security
loophole in the printing of boarding passes for
commercial passenger planes:
“On Friday I urged the Bush Administration to
‘apprehend’ and shut down whoever had
created a new website that enabled persons
without a plane ticket to easily fake a
boarding pass and use it to clear security,
gain access to the boarding area and
potentially to the cabin of a passenger plane.
Subsequently I learned that the person
responsible was a student at Indiana
University, Christopher Soghoian, who
intended no harm but, rather, intended to
provide a public service by warning that this
long-standing loophole could be easily
exploited. The website has now apparently
been shut down.
“Under the circumstances, any legal
consequences for this student must take into
account his intent to perform a public service,
to publicize a problem as a way of getting it
fixed. He picked a lousy way of doing it, but
he should not go to jail for his bad judgment.
Better yet, the Department of Homeland
Security should put him to work showing
public officials how easily our security can be
compromised.
“It remains a fact that fake boarding passes
can be easily created and the integration of
terrorist watch lists with boarding security is
still woefully inadequate. The best outcome
of Mr. Soghoian’s ill-considered
demonstration would be for the Department
of Homeland Security to close these loopholes
immediately.”
I appreciate and agree with your point that the government should
spend its time and resources on closing security loopholes, not arresting
well-meaning graduate students. Thank you again.
Bill H
Nov 01, 2006
So, Mr. Obvious thinks acts of civil disobedience are not effective? He must have missed his history classes when they taught about the Boston Tea Party and Revolutionary War! High level acts of CD that begot us the opportunity to have these discussions in the first place.
He must blindly believe everything this flawed administration says, including all evil is the fault of Democrats. Next thing you know he will goose-step behind Bush, Cheney, and Rumsfield and lead us to victory in Iraq and over terrorists everywhere!
Nov 01, 2006
Yellow Swordfish » The Hype, The Fear, The Reality And The Fake Boarding Pass
DhamakKarab
Nov 05, 2006
Dear Readers,
I m a regular business traveler and dont understand the
security issue with this ? May be I m slow but how does
one getting into a gated area with a fake pass pose a
threat ? When a person is literally strip searched, her
belongings (especially the so called liquids) are
examined for 3oz vs 4oz and thrown in the garbage, when
there are more than hordes of TSA employess (ofcourse
paid by our tax money) watching you over.
As someone pointed out there is hardly anyone getting
up in the plane to look at their carry-on baggages. I
myself reach for my laptop but agree with the assessment
that its a very small percentage who really need their
carry-on while in flight. The big deal here is walking
out quickly when you get off the plane and not waiting
for your checked in baggage to show up like 30-45min
after you land…this brings us to the security of
checked in luggage and this is where all the loopholes
are there and need to be fixed.
A person getting into past TSA with fake id is not a big
deal as they still have to go through the strip search
bag search and they still cant get into the plane even
if they did they deal with air marshalls and much educated
passengers about hijackers.
so its just an intruder into the gated area.
This incident just goes to show how much the terrorists
are affecting our thinking and behavior and winning the
‘WAR’ as they say it.
Hopefully the responsible parties are smart enough and
doing the right things to keep the bad guys out. I think
they are doing excellent…given the record of ‘0′
9/11 type incidents since.
Comments welcome.
Dec 01, 2006
Boarding pass creator: Out of frying pan, into fire? - Homeland Stupidity
dekadyneka
Dec 20, 2006
I think the real story here is the inability for yet another conservative to identify the real story. Frankly, it’s beyond pathetic at this point; it’s absurd and dangerous.
What is the allure in attacking Democrats instead of being honest with oneself and sharply denouncing the worst modern American presidency? Honestly, what? How can you (Mr. Obvious) feel good about yourself and your respect for others if you cannot direct your attentiveness to life and prosperity in even the most generally appropriate direction?
Honestly, how can you continue to lie to yourself? How can you say that someone who reveals weaknesses is doing anything but revealing weaknesses? What is so friggin’ twisted in your mind? It’s the ultimate Mind Job.
That has been the hallmark of popular conservative thought since the beginning of the Bush Administration, and it’s self-defeating DNA
Carl P. Corliss
Dec 21, 2006
I think it’s pretty telling that Mr. Obvious doesn’t have a clue – he hasn’t even attempted to counter anyone’s arguments here since his last point. I think the troll has finally left the building.
...
Jan 31, 2007
you’re buffoons the lot of you
what mr soghoian did was a GOOD thing. end of.
Samson
Oct 25, 2007
A system really needs to check it’s flaws and strive to get better, even with the price of public embarecment.
Think of this positivly and get things done better next time…