October 19, 2012 Update on the TSA Security Flaw
According to IATA standards for bar codes 5.2.6 Digital Signatures (Pg 42), there can be validation mark in the PDF barcodes that prevents tampering
See, http://www.iata.org/whatwedo/stb/Documents/BCBP_Implementation_Guidev4_Jun2009.pdf
However, that doesn’t prevent a person from viewing their Pre-Check status and adapting to it. Again I ask why is this information not encrypted in some way?
- 3 comments
- Posted under TSA
Puckinflight 
Permalink #
GoBO
said
I wonder how many airlines are actually required to use the security. The end of the day, it’s not going to be a 256bit RSA cert so if you really wanted to I’m sure with a bit of time you could crack it. Then once cracked you could make as many alterations to any boarding passes you wanted to.
Permalink #
corio
said
Just because there ‘can be’ a validation mark in the PDF barcodes that prevents tampering… doesn’t mean that there is a validation mark in the PDF barcode to prevent tampering.
How many solutions are actually built to the standard?
Permalink # Security and the TSA PreCheck System | Puckinflight said
[…] Update to the TSA PreCheck Article […]