Security researchers buy pornoscanner, demonstrate how to sneak in guns & bombs


(Rapiscan images showing a subject carrying no weapon (left) versus a .380 ACP pistol sewn to the side of his pants leg, (right) which is practically invisible in the scan)

Researchers from UCSD, the U Michigan, and Johns Hopkins will present their work on the Rapiscan Secure 1000 at Usenix Security tomorrow; the Secure 1000 isn't used in airports anymore, but it's still in courts, jails, and government security checkpoints (researchers can't yet get their hands on the millimeter machines used at airports).

As Michigan's J Alex Halderman points out, these machines were tested in secret, and no one was allowed to know how they worked, and so we had to take the vendor's word for their security. But unless the vendor is smarter than every bad guy, and has no blind spots, there'll always be something it misses — that's the whole basis for peer review and the scientific method.

Meanwhile, it's trivial to smuggle handguns and large blobs of plastic explosive past these things, and if you can get into their software, you can even program them to dummy in a safe-looking picture whenever they detect a QR code woven into the clothes of their targets, effectively creating a secret invisibility cloak for you and your pals.

Unlike others who have made claims about vulnerabilities in full body scanner technology, the team of university researchers conducted their tests on an actual Rapiscan Secure 1000 system they purchased on eBay. They tried smuggling a variety of weapons through that scanner, and found—as Corbett did—that taping a gun to the side of a person's body or sewing it to his pant's leg hid its metal components against the scan's black background. For that trick, only fully metal guns worked; An AR-15 was spotted due to its non-metal components, the researchers report, while an .380 ACP was nearly invisible. They also taped a folding knife to a person's lower back with a thick layer of teflon tape, which they say completely masked it in the scan.

Even more disturbingly, the researchers found they could easily conceal a 200 gram pancake of putty designed to have the same X-ray deflecting properties as plastic explosives by molding it around a passenger's torso. The simulated bomb's detonator, made from a different material, was hidden in the would-be bomber's belly button.

Researchers Easily Slipped Weapons Past TSA's X-Ray Body Scanners [Andy Greenberg/Wired]