Skip to content

Puckinflight

An all things aviation blog

Category Archives: TSA

Last year I wrote about how a person could conceivably take their boarding pass and edit it in such a way as to permit the passenger to use the PreCheck TSA line. The TSA has been telling us for years that all of the added security at U.S. airports is necessary. With the PreCheck system it suddenly became ok for frequent travelers and other people who submitted their information to the government to go through less stringent security. Through the use of online barcode readers, barcode makers, and something like MS Paint, it became possible for any determined person to edit themselves a new boarding pass that would allow them to go through the less stringent PreCheck security lane. As I pointed out this is an obvious security flaw. I suggested encoding the data on the boarding pass, but the powers that be had another idea in mind.

Continue reading this article ›

Tags: , ,

I just finished watching season two, episode three of Airport 24/7 MIA. Tonight’s episode featured a bomb threat in the rental car facility, an overbooked Lufthansa flight, and customs search.

Read more after the break for a breakdown and spoilers.

Continue reading this article ›

Tags: , , , , ,

John Pistole announced today that the TSA is the gold standard of aviation security.

http://www.usatoday.com/story/todayinthesky/2013/01/28/tsa-chief-us-is-gold-standard-of-aviation-security/1870981/

 

First go huh?

Mr. Pistole attributed this to the lack of domestic terror acts initiated from United States airports. While that number is zero, it is see to that Mr. Pistole has been drinking the kool-aid and not in a good.

First, there Israeli security at Ben Gurion International Airport, which is widely thought of as the best aviation security in the world.

Next, there are the TSA success of searching grandmas and young children. While recently these problems have abated they are well known.

Then, there are the ways around the TSA well publicized layers including ways to avoid detection on the millimeter wave scanner as well as hacking boarding pass and getting around the no-list.

Also, there was the famous list of TSA suspect countries published through a poorly redacted sensitive information document.

Finally, there is the general lack of professionalism of the line TSA members, including lack of knowledge of appropriate identification, stealing, and retaliatory actions. (see my post about Mr. Tobey’s protest of intensive body searches)

 

Mr. Pistole, your agency has to be the gold in order for you to call it the gold standard. Until then it is just like the USA Today article says, a butt of late-night TV jokes.

 

Happy Travels

Colpuck

 

Tags: , ,

http://www.wired.com/threatlevel/2013/01/4th-amendment-chest-trial/

Meet Aaron Tobey in protest of the TSA deploying advanced imaging scanners and intrusive pat downs when going through airport security stripped down to running shorts (rather tight fitting ones based on the picture) and requested a hand search. In addition Mr. Tobey had written an abbreviated version of the 4th amendment to the US Constitution on his chest. This amendment prohibits search and seizure without warrant.

In response the TSA quickly phoned local police who detained Mr. Tobey and charged him with disorderly conduct and released him. Later the District Attorney dropped those charges. Mr. Tobey proceeded to file a civil suit against the TSA, and local police for deprivations of civil rights under 42 USC 1983. 42 USC 1983 makes any agent of the government liable for deprivation of civil rights when acting outside of the agent’s authority.

The government moved to dismiss all claims under Federal Rule of Civil Procedure 12(b)(6). The government argued that even if everything Mr. Tobey said is true, he still can not claim relief under 42 USC 1983, because the agents were in there authority. The court dismissed all claims save one that the TSA and police violated Mr. Tobey’s first amendment right to free speech.

The government appealed and this week in a 2-1 decisions lost in circuit court of appeals. The opinion can be found here http://www.ca4.uscourts.gov/Opinions/Published/112230.P.pdf

What does this mean. Well it means if the government does not appeal the decisions to the 4th circuit en banc, the lawsuit will proceed. It does not mean Mr. Tobey has won anything other than he has claim against the government.

What does this mean for you? Well unless you want to get into it with the TSA nothing. If your desire is to start problems with the TSA it means a great deal. The opinion notes two things the peaceful and non-violent nature of the protest and that it was not “disruptive” to TSA operations. The TSA has a broad definition of disruptive, so far from what I have found that they consider arguing with the TSA or berating them while they are doing their job to be disruptive. Go figure you can not be insulting to them.

So according to this ruling, peaceful, non-violent, non-disruptive protests could be protected under the first amendment. While I am no fan of the TSA or their somewhat questionable regulations, I have found that is just easier to ignore them and get on with my travel experience.

Happy travels.

colpuck.

Tags: ,

I have gotten any real feedback on my blog post from last Friday, until today. What feedback I have been getting has been negative. Aviation blogging has been taking off recently. Several blogs such as “The Wandering Aramean” and “One Mile at a Time” have become rather well known in the aviation community. With the latter, the writer has gone to monetize his blog through referral links. Aviation bloggers are seen as attention seekers and that in some cases is a fair description. While I do not deny enjoying the attention I’ve been getting, I had an interview with AP and was quoted in a Washington Post piece, it is not why I write this blog. I write because I find the topic interesting and I want to improve my writing.

 

Through my conversation with AP, the TSA has declined to comment on the story. That’s in line with government policy on security matters. I would like to know why the TSA in collaboration with the Airlines couldn’t come up with an encoding system for the bar codes on airline boarding passes. The effect of such a system would be that when anyone puts their boarding pass into one of the online barcode readers, the output is just a string of characters. The airline and TSA scanners would have chip that contains the decryption key, which would turn the data into the information we see currently.

 

I don’t know, maybe the TSA will come out with something like this.

 

Happy Flying!

Colpuck.

According to IATA standards for bar codes 5.2.6 Digital Signatures (Pg 42), there can be validation mark in the PDF barcodes that prevents tampering

See, http://www.iata.org/whatwedo/stb/Documents/BCBP_Implementation_Guidev4_Jun2009.pdf

However, that doesn’t prevent a person from viewing their Pre-Check status and adapting to it. Again I ask why is this information not encrypted in some way?

I’m publishing this because I am seriously concerned with boarding pass security in the United States. The way TSA Pre-Check works is the organizations that participate transmit travel information for passengers who opt-in to the program to the TSA. Then the TSA in a way that randomizes security determines if the passenger is or is not eligible for Pre-Check and sends that information back to the Airline. The Airline then encodes that information in a barcode that is on the boarding pass it issues.

The problem is, the passenger and flight information encoded in barcode is not encrypted in any way. Using a web site I decoded my boarding pass for my upcoming trip.

M1PUCK/COLWMR YXXXXXX PHXEWRUA XXX 294RXXXFXX 11F>30B

WWXXX BUA 0E016 3

So, here you see my flight information for my United flight from PHX to EWR. It is my understanding that this is similar to digital boarding passes issued by all U.S. Airlines; so the same information is on a Delta, US Airways, American and all other boarding passes. I am just using United as an example. I have X’d out any information that you could use to change my reservation. But it’s all there, PNR, seat assignment, flight number, name, ect. But what is interesting is the bolded three on the end. This is the TSA Pre-Check information. The number means the number of beeps. 1 beep no Pre-Check, 3 beeps yes Pre-Check.  On this trip as you can see I am eligible for Pre-Check.  Also this information is not encrypted in any way.

What  terrorists  or really anyone can do is use a website to decode the barcode and get the flight information, put it into a text file, change the 1 to a 3, then use another website to re-encode it into a barcode. Finally, using a commercial photo-editing program or any program that can edit graphics replace the barcode in their boarding pass with the new one they created. Even more scary is that people can do this to change names. So if they have a fake ID they can use this method to make a valid boarding pass that matches their fake ID. The really scary part is this will get past both the TSA document checker, because the scanners the TSA use are just barcode decoders, they don’t check against the real time information. So the TSA document checker will not pick up on the alterations. This means, as long as they sub in 3 they can always use the Pre-Check line.

Pre-Check balances the need to expedite security, and keep it thorough. The TSA does by stating that Pre-Check is random even if one is enrolled in the program. However, editing or really even just viewing the data invalidates the “randomness” of the program, allowing people to chose go through the Pre-Check line any time they want.

 
So, there are two problems here. First, is the that data on the barcode is not encrypted. This allows people to alter information on the front of the boarding pass. Second, is the more serious issue of the Pre-Check information not only out there but where it is also possible to edit the Pre-Check status and place it back on the boarding pass. However, there is a solution.

Thankfully, there is a really simple solution encode the information before putting it on the boarding pass. If that happens the traveler would either have to have a huge number of boarding passes to reverse engineer the encryption algorithm or algorithm itself. Also, TSA could connect their scanners to the airline database and check the boarding pass against what the Airline has. Either one of these solutions would solve the problem, and they are not that hard to implement.

For the record, while I did validate the process I did not create a proof of concept. Actually creating a fake boarding pass even for this blog is a legally grey area and morally black one. To then actually present that board pass at the TSA checkpoint has to be come kind of crime I would think.

Happy Flying!

Colpuck.
P.S. I have reached out to United Airlines and the TSA to see if they would like to comment on this post.

If you traveled in the U.S. between 2004 and 2008 you may remember going through a “puffer” at the security checkpoint. For those that don’t know a puffer is a man-trap sized machine that you walk into, and the machine puffs air at you. Then the machine analyzes the air to see if there are explosive particles coming off you. The TSA found these machines to be unreliable at detecting explosives and unreliable in general and retired them several years ago.

Hitachi has developed a new puffer machine. This puffer system is built into boarding gate podiums. The thought is that as each person boards the plane they will walk through the machine, the puffer will do its work, and if the person is clean allow them on to the plane. http://www.geeksaresexy.net/2012/10/05/puff-of-air-could-boost-airport-security

This is a horrible idea for several reasons. First, assuming that the machine takes time to do the analysis, it will substantially delay boarding. Assuming ten seconds doing the analysis, it would add on 30 minutes on to narrow-body boarding and over an hour to wide-body boarding. Now, assuming the same error rate there are going to be false positives. The airline isn’t going to handle security, so it will inflate the ranks of the TSA or force the airport to hire additional security. All of that cost is going to get passed on to the air-traveler in the form of higher PFCs and taxes. Finally, what happens when they break, does the flight get canceled or do the gate agents just find a work-around?

While, I applaud Hitachi for trying to find technical solutions to airport security, this idea seems just a puff away from disaster.

Happy Travels!

Colpuck

The original article does a much better job explaining this.

http://arstechnica.com/tech-policy/news/2012/03/gunshy-tsa-gets-critic-booted-from-congressional-panel.ars

The TSA has acted in a way no designed to protect commercial aviation security but to line its own pockets with an ever increasing share of the federal budget.

Tags: ,

The TSA, defenders of the homeland, had reps testifying on Capital Hill this morning.  Without surprise, the TSA were brought to task over screeners that were both rude and ineffective. USA Today has the story here.

This comes at a time when President Obama has proposed increasing the security fee all air passengers pay. Right now the current fee is $2.50/segment. That means if you have a non-stop return you are paying $5.00 and if you connect $10.00 on every ticker. President Obama has proposed increasing this fee. The airlines are against it because they say it will drive passengers away.

I say increasing the already bloated budget for an agency that is more concerned with taking away water and harassing children is a horrible idea. Put it to you this way there were the exact same number of terrorist acts from U.S. airports in the 11 years preceding 9/11 as there were in the 11 years after.

zero.

Tags: , , ,

Follow

Get every new post delivered to your Inbox.

Join 2,627 other followers