TribLIVE

| USWorld


 
Larger text Larger text Smaller text Smaller text | Order Photo Reprints

Boarding pass bar codes could aid would-be terrorists, experts say

About The Tribune-Review
The Tribune-Review can be reached via e-mail or at 412-321-6460.
Contact Us | Video | Photo Reprints

Daily Photo Galleries


By The Washington Post

Published: Thursday, Oct. 25, 2012, 8:12 p.m.

Security flaws in airline boarding passes could allow would-be terrorists or smugglers to know in advance whether they will be subject to certain security measures, and perhaps even permit them to modify the designated measures, security researchers have warned.

The vulnerabilities center around the Transportation Security Administration's pre-screening system, a paid-for program in which the screening process is expedited for travelers at the airport: Laptops can remain in hand baggage, as can approved containers of liquid, and belts and shoes kept on.

Under the program, passengers can still be subject at random to conventional security screening.

Flight enthusiasts, however, recently discovered that the bar codes printed on all boarding passes —which travelers can obtain up to 24 hours before arriving at the airport — contain information on which security screening a passenger is set to receive.

Details about the vulnerability spread after John Butler, an aviation blogger, drew attention to it in a post late last week. Butler said he had discovered that information stored within the bar codes of boarding passes is unencrypted, and so can be read in advance by tech-minded travelers.

Simply by using a smartphone or similar device to check the bar code, travelers could determine whether they would pass through full security screening, or the expedited process.

Butler's findings are supported by information in a technical specification publicly available on the website of the International Air Transport Association, and some details about the vulnerability appear to have circulated in aviation chat forums since at least July.

The TSA declined to comment on the reports, and would not say whether the agency had been made aware of the issue. A spokesman stressed that screening at airport checkpoints is only one part of a much wider security process.

“TSA does not comment on specifics of the screening process, which contain measures both seen and unseen,” spokesman Sterling Payne said. “TSA Pre Check is only one part of our intelligence-driven, risk-based approach.”

The findings highlight serious vulnerabilities within the current TSA security systems, according to Chris Soghoian, a security expert who sought to draw attention to airline security vulnerabilities in 2006 by building a website that permitted travelers to produce fake boarding passes.

“If you have a team of four people ⅛planning an attack⅜, the day before the operation when you print the boarding passes, whichever guy is going to have the least screening is going to be the one who'll take potentially problematic items through security,” said Soghoian, now a senior policy analyst at the American Civil Liberties Union. “If you know who's getting screened before you walk into the airport, you can make sure the right guy is carrying the right bags.”

 

 
 


Show commenting policy

Most-Read Stories

  1. Garden Q&A: Firecracker vine OK for trellis?
  2. Kovacevic: Still waiting on Malkin, Crosby
  3. Fleury a bright spot among struggling Penguins in playoffs
  4. Pastors offer help in days following Franklin Regional stabbings
  5. Rossi: Lack of together time showing for Penguins’ defense
  6. Change in kidney allocation rules expected to help patients
  7. Talent on ice, effort off it help franchise grow hockey in Columbus
  8. Bedford County lawmaker’s mailings to potential new constituents under fire
  9. Gov. Corbett’s re-election campaign ‘unflappable’ amid challenges, criticism
  10. Murrysville woman shares her many tales as a professional storyteller
  11. Attorney wants lesser term for woman in Greensburg torture death
Subscribe today! Click here for our subscription offers.