October 19, 2012 Security Flaws in the TSA Pre-Check System and the Boarding Pass Check System.
I’m publishing this because I am seriously concerned with boarding pass security in the United States. The way TSA Pre-Check works is the organizations that participate transmit travel information for passengers who opt-in to the program to the TSA. Then the TSA in a way that randomizes security determines if the passenger is or is not eligible for Pre-Check and sends that information back to the Airline. The Airline then encodes that information in a barcode that is on the boarding pass it issues.
The problem is, the passenger and flight information encoded in barcode is not encrypted in any way. Using a web site I decoded my boarding pass for my upcoming trip.
M1PUCK/COLWMR YXXXXXX PHXEWRUA XXX 294RXXXFXX 11F>30B
WWXXX BUA 0E016 3
So, here you see my flight information for my United flight from PHX to EWR. It is my understanding that this is similar to digital boarding passes issued by all U.S. Airlines; so the same information is on a Delta, US Airways, American and all other boarding passes. I am just using United as an example. I have X’d out any information that you could use to change my reservation. But it’s all there, PNR, seat assignment, flight number, name, ect. But what is interesting is the bolded three on the end. This is the TSA Pre-Check information. The number means the number of beeps. 1 beep no Pre-Check, 3 beeps yes Pre-Check. On this trip as you can see I am eligible for Pre-Check. Also this information is not encrypted in any way.
What terrorists or really anyone can do is use a website to decode the barcode and get the flight information, put it into a text file, change the 1 to a 3, then use another website to re-encode it into a barcode. Finally, using a commercial photo-editing program or any program that can edit graphics replace the barcode in their boarding pass with the new one they created. Even more scary is that people can do this to change names. So if they have a fake ID they can use this method to make a valid boarding pass that matches their fake ID. The really scary part is this will get past both the TSA document checker, because the scanners the TSA use are just barcode decoders, they don’t check against the real time information. So the TSA document checker will not pick up on the alterations. This means, as long as they sub in 3 they can always use the Pre-Check line.
Pre-Check balances the need to expedite security, and keep it thorough. The TSA does by stating that Pre-Check is random even if one is enrolled in the program. However, editing or really even just viewing the data invalidates the “randomness” of the program, allowing people to chose go through the Pre-Check line any time they want.
So, there are two problems here. First, is the that data on the barcode is not encrypted. This allows people to alter information on the front of the boarding pass. Second, is the more serious issue of the Pre-Check information not only out there but where it is also possible to edit the Pre-Check status and place it back on the boarding pass. However, there is a solution.
Thankfully, there is a really simple solution encode the information before putting it on the boarding pass. If that happens the traveler would either have to have a huge number of boarding passes to reverse engineer the encryption algorithm or algorithm itself. Also, TSA could connect their scanners to the airline database and check the boarding pass against what the Airline has. Either one of these solutions would solve the problem, and they are not that hard to implement.
For the record, while I did validate the process I did not create a proof of concept. Actually creating a fake boarding pass even for this blog is a legally grey area and morally black one. To then actually present that board pass at the TSA checkpoint has to be come kind of crime I would think.
Happy Flying!
Colpuck.
P.S. I have reached out to United Airlines and the TSA to see if they would like to comment on this post.
- 110 comments
- Posted under TSA
Permalink # How to hack TSA Pre-Check - FlyerTalk Forums said
[…] to hack TSA Pre-Check document.write(''); don't do this, it may be a crime. https://puckinflight.wordpress.com/20…-check-system/ tl;dr Hack your boarding pass barcode, insert in the pre-check code, photoshop the new barcode on […]
Permalink # nope said
You’re about to be placed on the no fly list.
Permalink # jwbutler2005 said
It’s possible. However, if I can figure this all out someone who is determined to penetrate airport security probably already has. By bring the hack public, it gives the TSA an opportunity to fix it.
Permalink # Karl (@supersat) said
The only PreCheck barcode I’ve seen is one a mobile one issued by Alaska Airlines. It has a DSA digital signature that supposedly authenticates all of the data in the barcode. I assumed that all PreCheck barcodes have a DSA signature (it’s base64-encoded in the sample I saw), but if they’re not including it on printed boarding passes, that’s a huge problem.
Permalink # jwbutler2005 said
The one I used came off of a PDF barcode. If what you say is correct then there is some sort of digital signature attached to at least the mobile boarding passes. However, the fact that the information on Pre-Check is out there at least allows the passenger to make a yea or nea decision about what they are going to carry-on long before the get to the airport.
Permalink # Karl (@supersat) said
The correct thing to is put the “randomness” in the barcode reader, so even if you have the flag, you might still go through standard screening. Who knows whether they’re actually doing that, though.
Permalink # Karl (@supersat) said
BTW, the relevant standard is the IATA Resolution 792 (http://www.iata.org/whatwedo/stb/Documents/resolution792-june2010.pdf). It’s in the “selectee indicator” field.
Permalink # k said
You don’t need encryption, message authentication code would suffice.
Permalink # M said
No, it wouldn’t.
With the knowledge which “check conditions” apply a smuggler can decide whether he will smuggle this time or try another time. Or: A group of smugglers on the same flight can decide who will smuggle and who won’t.
Permalink # k said
The post was about the possibility of tampering with that information. I admit didn’t bother to check how it is really done (I don’t fly to USA), but post suggests that “check conditions” aren’t just random but depend on person being “eligible” for a pre-check or not, and then says something about “randomization”.
If it depends on person, then it doesn’t matter at all if code is legible or not, it should be only impossible to change so MAC would suffice. Hiding this information in any way would be just another kind of security through obscurity.
If it is done at random, though, then you are right. But then this information doesn’t need to be stored anywhere on the boarding pass at all.
So either way I still think that MAC is enough. If it’s not, then they are doing it wrong.
Permalink # Security Flaws in the TSA Pre-Check System and the Boarding Pass Check System. | Puckinflight « 050120.1325.011919 said
[…] https://puckinflight.wordpress.com/2012/10/19/security-flaws-in-the-tsa-pre-check-system-and-the-boar… […]
Permalink # foobar said
Why do you think that creating a fake boarding pass is a “morally black area”?
Permalink # jwbutler2005 said
Because a person about five years ago demonstrated the ability to Photoshop boarding passes. IIRC, the FBI went to his house ans seized all of his materials. I alas do not want to answer to FBI.
Permalink # Seth said
Since when has the FBI had anything to do with morality?
Permalink # Anonymous said
There’s no security flaw here, just a misunderstanding of how the system works. All the information encoded in the BP is signed by the issuing airline’s private key. This allows standalone BP readers to verify the information and the signature via the public key, without any real time database lookup. The signature provides cryptographically secure protection against forgery like altering the name or PreCheck authorization.
For more information on how systems like this work, search for public key encryption.
Permalink # tfernsle said
While the signature prevents tampering, it doesn’t hide information which still gives the astute traveller foreknowledge of their trip. And this finite set of public keys are vulnerable to leaks.
Permalink # k said
Storing private keys on every scanner (to allow decryption) would make them even more vulnerable to leaks…
Permalink # TSA PreCheck Program - Questions/Experiences for United Airlines Travellers - Page 117 - FlyerTalk Forums said
[…] https://puckinflight.wordpress.com/20…-check-system/ Quote: […]
Permalink # n00 said
sad that it is still true. but it’s so 2007.
http://media.ccc.de/browse/congress/2007/24c3-2273-en-toying_with_barcodes.html
n00
Permalink # Sven Türpe said
I’m afraid we’ve all fallen for the security state ploy. Not only we comply, we even demand they give us more of their bitter-sweet drug, security.
Suppose they did as you suggest and made it harder for technology-savy people to get into the other checkpoint line. How would this change, a) your personal risk of falling victim to a terrorist attack, b) your country’s risk of being attacked by terrorists, or, c) your, and everyone else’s, life expectancy?
Technically, you are probably right. Practically, it does not matter. Not even if what you report gets exploited by terrorists some day.
Permalink # Tom said
Sven,
i agree totally. You seem to be the only one here (yet) who can see through the smokescreen. It’s sad that so many people are falling for that fake-security theater.
And to the sheeple:
Well, if you want to give up some freedom for some security, you deserve no better than to loose both. Benjamin Franklin said it all – i can’t imagine why sane people would not heed his warnings.
Permalink # ZizZazZuz said
I don’t know… It seems like having some simple encryption on it would help, not hurt. Really, if I can put encryption on my PC, why can’t they encrypt their boarding passes? It’s not rocket science, and it’s not invasive, like some of their other security practices are.
Permalink # Sebastian said
Yeah, that’s correct, but while a message authentication code would prevent changing the information/message, it would not prevent reading whether you are going to be checked or not. The actual checking information needs to be encrypted – and with a big qr-code that’s no problem at all, the airline just needs to use the TSAs public keyto put the information there 😉
But more important: I still wonder why the airline decides who is going to be screened… oO
Permalink # Spoofed Boarding Passes Could Put Terrorists on Planes | QuestioScientia.com said
[…] July, the Washington Post reported, but the issue only gained serious attention last week when aviation blogger John Butler said he’d discovered that the information stored on the barcode was […]
Permalink # Name said
The real problem is something else entirely, as the only thing of note is yet more proof that “harassment to give a sense of security” just does not provide the real thing. That is all.
Your approach here therefore is the wrong one. Make a big enough ruckus and they’ll change something. Pick a barcode that is patented so there aren’t any free en/decoders for it, or some other cosmetic measure. Maybe add a checksum or if you’re very lucky a cryptographic hash. But none of that actually changes the real problem. And that is that we’d be much better off without all these “security measures”. Just get rid of the TSA and all the pervy scanners, the databases, the harassment, all the rigamole, and keep the few post-9/11 improvements that actually worked.
The only things that actually worked number three (dixit Schneier): Reinforced cockpit doors, matching luggage to passengers, and passengers no longer sitting still upon getting hijacked, but standing up and subduing the hijacker themselves. Because but one or a few hijackers don’t stand a chance against a mob of several hundred, as long as they do stand up and take action. And post-9/11, they do.
Note that the last one doesn’t even need help from the government, we did that ourselves. The other two, well, they’re commonplace now. All the rest are superfluous, very expensive ways to keep “Ark B” material in jobs and harass the rest of us, sometimes with devastating effect. We could do without that.
Permalink # tfernsle said
How about a security system of nothing? Seriously, I don’t get searched on the bus or train, and it is not a problem. In fact, it’s pretty great not being groped and irradiated.
Permalink # Boarding passes with unencrypted barcodes could reveal PreCheck tipoff said
[…] In his blog post, John Butler describes how the final number on a scanned boarding pass indicates the eligibility for the TSA’s PreCheck program. One beep after a scan, for instance, means there’s no PreCheck and that the passenger will have to pass through a scanner, while three beeps confirms PreCheck status. Ultimately, it’s feasible that anyone armed with the information could alter the “one” to a “three” and modify the boarding pass accordingly, especially since the TSA barcode scanners don’t check against real time information. […]
Permalink # Michael said
Thanks for the post. I would rather see a system that checks IDs and names at the gate prior to boarding the plane. I wish we could go back to meeting our families at the gate when picking someone up. If we could go through a security check and the actual check of ID and ticket was made against the flight manifest by the airline, that would be preferable to me. There are so many ways to get into the ‘secure’ area. When I fly outside of the US, there are many airports that don’t even do an ID check at the security checkpoint, they simply glance at the ticket…
Permalink # Max Allan (@metal_max) said
Surely the correct way to ensure random checks is to have nothing to do with boarding passes and simply have an analogue radio tuned to static or a simple microphone feeding a counter. Every time the counter reaches a value, it bings, the next person gets a full search. And if the bing is quiet enough that only the operative can hear it, they are able to make discretionary “random” checks on people they think look suspicious.
Permalink # You’ll Never Guess What You Can See (Modify?) On Your Boarding Pass « Dvorak News Blog said
[…] problem is, the passenger and flight information encoded in barcode is not encrypted in any way. Using a web site I decoded my boarding pass for my upcoming […]
Permalink # Boarding pass barcodes ‘can be read by smartphones’ | Today Tops said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Airline barcodes ‘unencrypted’ – Lajme Shqip – Lajmet.Us said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning « Daily news said
[…] confidence emanate was publicised by aviation blogger John Butler, though had been discussed in dilettante online forums given final […]
Permalink # Unencrypted flight code warning | Best Web Consulting company in Nashik, India with Creative and Professional Website Design, Content Management Systems, Wordpress Experts, Ecommerce SEO, and more.. said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Boarding pass barcodes ‘can be read by smartphones’ – BBC News | Daily News Pages said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Boarding pass barcodes ‘can be read by smartphones’ | said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning | PATRONIT said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Altruistic Staffing » Boarding pass barcodes ‘can be read by smartphones’ said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Maintenance Professional of South Florida » Boarding pass barcodes ‘can be read by smartphones’ said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning | BotaVIP.Com said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning - LATEST NEWS – LATEST NEWS said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning - LATEST NEWS – LATEST NEWS said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning | andybundy.com said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning | ALLABOUTINSURANCE.CO said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Justin said
So, what I’m curious about is the stage in the process that the passenger’s name is bounced off the no-fly list. If that happens based on the information contained in the barcode, then this is clearly an even more serious issue.
Permalink # The Dude said
The issue is that these bar code types being used are ‘public domain’ bar codes. What you need, and has been created by a company called CODE in Utah, is a proprietary symbology that CANNOT be read by these online or ‘phone’ decoders or an off-the-shelf bar code reader. The symbology from Code is called GoCode and its purpose is to be used in security applications. They make the imagers too to read the bar code, and the bar code can only be decoded on readers that carry a license to decode the secure bar code.
Permalink # Unencrypted flight code warning – Lajme Shqip – Lajmet.Us said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning | Technology News said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # mpl said
Actually, rather than using either a mac, signature, or encryption, the pass should have no information other than a unique identifier, perhaps a UUID.
Since you know which airport and date the boarding pass will be used (obviously), the scanners could look up the id number in the central database, a local database, or just a list on the scanner itself. The name/flight/pre-check status can be all stored elsewhere than on the pass itself, where it can be updated, kept secret, etc (admittedly, you might want to put Name/Flight info on for convenience, but the “private” information can be kept off).
Permalink # ste williams » TSA fails again with adjustable boarding passes said
[…] blogger John Butler discovered that the barcode information used for the boarding passes of Precheck fliers wasn’t encoded, […]
Permalink # Concerns raised about airline boarding pass barcodes - I Hate Paypal said
[…] Post in July this year, but the fear was escalated last week by John Butler in his aviation blog, Puckinflight, when he reported that the barcode information was not […]
Permalink # Unencrypted flight code warning said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Unencrypted flight code warning | ai:consortia said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Hacking TSA PreCheck | Varanoid.comVaranoid.com said
[…] I have a hard time getting worked up about this story: […]
Permalink # Sicherheitslücke bei US-Airlines: Barcode verrät anstehende Sicherheitschecks - GIZMODO DE - Das Gadget-Weblog said
[…] Blogger John Butler hat für ein Flugticket nun diese Informationen ausgelesen, die eigentlich nur für die […]
Permalink # Larry Villella said
There is another flaw in your concern here. It’s not as though pre-check passengers don’t get screened. They just go through “expedited” screening. Which means they don’t have to take their laptops out separately, they don’t have to take off their belt and shoes, and they can leave the liquids in their bag. The line is shorter and moves faster.
I would be concerned if you felt these measures, as done in the regular line, are truly doing anything to enhance security in the first place.
Permalink # jwbutler2005 said
I agree with you. But that begs the question, if the expedited security is just as effective as the regular security why put everybody through the expedited security?
Permalink # Unencrypted flight code warning said
[…] confidence emanate was publicised by aviation blogger John Butler, though had been discussed in dilettante online forums given final […]
Permalink # John W. O'Brien III said
“P.S. I have reached out to United Airlines and the TSA to see if they would like to comment on this post.”
send us a post card from Guantanimo
Permalink # Security scare after airline boarding passes reveal how passengers will be screened | Naked Security said
[…] news about the chatty boarding passes percolated up from aviation blogs, such as Puckinflight, where travel enthusiasts noticed that flight information encoded in barcodes printed on Pre Check […]
Permalink # Unencrypted flight code warning | Technophile said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # Justinc said
Count me in as “NOT SURPRISED.” TSA is the most dum inefficient worthless organization of former Burger King workers ever brought together to do “security.”
Permalink # James said
Worked for the DOD — If society only knew.
To bad I can’t contact you directly.
Permalink # TSA now giving tips to terrorists on using fake names, avoid screening said
[…] John Butler, of the blog PunkInflight, who discovered this, explains how it works: […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | KaXtone.com: Home.. said
[…] blogger John Butler warned about the vulnerability in a blog post on Friday. […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] « iphone said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | Digital and Mobile Technology News said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | Zipsite.net said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] « Mr Gee said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | Savvy Media Marketing said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | IPortal said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | SosMedBlog said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] - driffy.net said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # » Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] - Dynam Host ICT Solution said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | Ready Made Facebook Like Website said
[…] blogger John Butler warned about the vulnerability in a blog post on […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] « NYC Real Estate News said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks REPORT | GeoSurf said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # How To Get A Bomb On Board A Plane – Using A Barcode App | SiliconANGLE said
[…] flaw was highlighted by security expert John Butler in his aviation blog last week, where he showed that the barcodes are not […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | Welcome to My World! said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Security scare after airline boarding passes reveal how passengers will be screened » Cyber Crimes Unit | Cyber Crimes Unit said
[…] news about the chatty boarding passes percolated up from aviation blogs, such as Puckinflight, where travel enthusiasts noticed that flight information encoded in barcodes printed on Pre Check […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] - Quick Download free stuff - Quick Download said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Safety Checks [REPORT] - MobileHey said
[…] blogger John Butler warned about the vulnerability in a site publish on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | One Step To Information said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Hacking TSA PreCheck said
[…] I have a hard time getting worked up about this story: […]
Permalink # Unencrypted flight code warning | ReporterIndia.com | Online Latest Breaking News said
[…] security issue was publicised by aviation blogger John Butler, but had been discussed in specialist online forums since last […]
Permalink # איזה מידע נחשף בברקוד של נוסעי טיסות בארה"ב ? - SECi - חדשות אבטחת מידע said
[…] יעברו בדיקת אבטחה מהירה בשדה התעופה. כך מתריע הבלוגר John Butler בבלוג […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] :: iShoutLoud said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] :: Newspri said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | Garret's Geeks said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # TSA fails again with adjustable boarding passes | Technophile said
[…] blogger John Butler discovered that the barcode information used for the boarding passes of Precheck fliers wasn’t encoded, […]
Permalink # Airline Boarding Passes Can Be Hacked to Avoid Security Checks [REPORT] | iwebspider design and consulting said
[…] blogger John Butler warned about the vulnerability in a blog post on October […]
Permalink # Test said
Couldn’t they just randomly change what that number means to the reader? If the numbers are randomly assigned and randomly read and you just randomly change the weighting, the randomness is intact regardless of any tampering because they would be at best randomly guessing what your random choices are. If anything your improving the systems security by creating the perception that it isn’t random.
Permalink # 美國 TSA 登機證系統瑕疵 | visual's blog said
[…] 但是前幾天被 John Butler 爆出美國運輸安全管理局(TSA, Transportation Security […]
Permalink # What Security Vulnerability Has Been Revealed on Boarding Pass Barcodes? | News said
[…] Oct. 19, John Butler on his blog Puckinflight started his post saying ” I am seriously concerned with boarding pass security in the United […]
Permalink # Top Headlines For 10/29/2012 « Alexander Higgins Top Alternative News Headlines said
[…] Security Flaws in the TSA Pre-Check System and the Boarding Pass Check System. […]
Permalink # ATL Sky Priority Lane - FlyerTalk Forums said
[…] The barcode on your boarding pass is apparently plaintext, and the last field is either a 1 or a 3 for the number of beeps. https://puckinflight.wordpress.com/20…-check-system/ […]
Permalink # BoorGopeVok said
Concordo totalmente nonostante le idee espresse fino ad ora. Andate avanti cosi.
Permalink # ApenDiewpaice said
Требуется компьютерная помощь мякинино?
Звоните: 8-915-319-96-15
1. Мы работаем по всей Москве без выходных и праздников
2. Закончили курсы повышения квалификации Бауманского Университета, диплом
3. Опыт 7 лет
4. На все услуги компьютерной помощи гарантия
5. Выезд на дом в течение 2 часов в любой район Москвы и Московской области
6. Диагностика и выезд бесплатно.
7. Услуги: установка windows(виндовс), скайп, роутеры, программы,
антивирусы, удаление баннеров, смс вирусы и прочее.
Permalink # TheBeachBum said
Awesome post, I am going to spend more time doing a bit of research but this has helped me out. Thanks again!. Ok, back to my vacation!
Permalink # Luke said
I don’t know what this guy is talking about. I spent hours trying to find the 1 or 3 beeps. The stuff that shows up after WWXXX BUA 0E016 on both my United and American boarding passes looks like a big encoded mess of stuff. No plain text 1 or 3, nothing at all that indicates how many beeps I will get. The rest of the stuff is exactly as he says in the article. I am a software developer and pretty smart guy, but this was a big waste of time trying to figure out how many beeps are on my boarding pass. I think he’s making a stink about something that’s not real. I agree though the whole TSA is a farce and none of this is necessary anyhow.
Permalink # jwbutler2005 said
I don’t know about your situation, but the 1/3 has been confirmed across airlines and passengers.
Permalink # Josh Wand (@joshwa) said
At least on my boarding pass, after the WXXXX BAA there is a long numeric string–the last digit in the string should be 1 or 3.
Permalink # LINK: Security Flaws in the TSA Pre-Check System and the Boarding Pass Check System | Kansas City Network Professionals said
[…] https://puckinflight.wordpress.com/2012/10/19/security-flaws-in-the-tsa-pre-check-system-and-the-boar… […]
Permalink # Flaw in TSA Boarding Passes Lets You Print New Tickets to Skip Screening » | said
[…] Butler published his findings to his […]
Permalink # TSA fails again with adjustable boarding passes » | said
[…] blogger John Butler discovered that the barcode information used for the boarding passes of Precheck fliers wasn’t encoded, […]
Permalink # Lily said
Some airlines implement digital signatures on their boarding passes to prevent spoofing. Having more airlines *properly* implement the digital signatures (which then get *properly* checked by TSA), would put an end to many of the fears of modifying boarding passes.
See: http://www.usatoday.com/story/opinion/2012/12/11/tsa-pre-check-fake-boarding-passes/1762133/
Permalink # Fake boarding pass fears inflated said
http://www.usatoday.com/story/opinion/2012/12/11/tsa-pre-check-fake-boarding-passes/1762133/
Permalink # Staying Three Beeps ahead of TSA PreCheck - Hack My Trip said
[…] find a common feature that identifies a PreCheck-approved boarding pass vs. a non-approved pass. (HT to Colpuck for being the first to share this as far as I […]
Permalink # Security and the TSA PreCheck System | Puckinflight said
[…] Secuity Flaws in the TSA PreCheck System […]