An anonymous reader of Dave Farber's Interesting People list has discovered a glaring flaw in the TSA's protocol for secondary screening:
today at newark airport i used a paperless electronic boarding pass on my cell phone (as i usually do). i got through the id check, stripped down to my skivvies (almost), and as i was about to walk through the magnetometer (they still have those at united newark), they were yelling out that they were checking boarding passes, take them along through the mag.
i said, it's on my phone, you really want i should take my phone through the mag?
they said "no, only take your paper boarding passes".
huh? sure enough, if you said you used a mobile boarding pass, they believed you (anddidn't even look at it (of course, only another scanner could really verify its authenticity.)
so after a bit of conversation, i found out that they were checking the paper boardingpasses to check for the dreaded four esses, meaning "secondary screening". if you are randomly selected for secondary screening at checkin, they currently won't issue you an electronic boarding pass, you have to do a manual check-in.
so now they have created a situation where someone selected for secondary screening can get through the id check with their paper boarding pass showing the SSSS, and then, when they reach the mag where the screening would occur, simply lie, saying they are using an electronic boarding pass to avoid secondary screening.
the latest in TSA improved stupidity equips people to avoid a secondary search
(Image: ssss.JPG, a Creative Commons Attribution (2.0) image from jcortell's photostream)
Snap a picture of a key and Key Me will turn it into a working metal key: just a reminder that locks probably aren’t as secure you imagine. (via Schneier)
Are you a security researcher planning to present at Black Hat, Defcon, B-Sides or any of this summer’s security events? Are you worried a big corporation or the government might attack you for revealing true facts about the defects in the security systems we entrust with our safety, privacy and health?
In 2012, Google introduced Certificate Transparency, an internet-wide tripwire system designed to catch cryptographic “certificate authorities” who abused their position to produce counterfeit credentials that would allow criminals, governments and police to spy on and tamper with secure internet connections.
Just because English has become the common global tongue doesn’t mean it’s the easiest language to write—even for native speakers. If you’re looking to improve your written communication skills, especially on your smartphone, take a look at Ginger Page.Ginger is a cross-platform app that offers corrections for phrasing as well as grammar. It’s powered by […]
The current web development landscape is rife with buzzwords and technology that gets abandoned almost as soon as it’s made. If you’ve never written a line of code before, it can be hard to figure out what’s coming, what’s here to stay, or how to get ahead.This Beginner Web Development Bundle is a great place […]
The Fader Stealth Quadcopter from TRNDlabs packs incredible flight performance into a package small enough to land on your phone screen, and it’s available now in the Boing Boing Store.The Fader’s six-axis gyroscope module gives it perfect balance in the air. This makes the onboard 720p HD camera all the better for shooting amazing flight […]