Posted on 10/27/2006 7:02:06 PM PDT by nocarrier
Oct. 27, 2006 — A 24-year-old computer security student working on his doctorate at Indiana University Bloomington has created a Web site that allows anyone with an Internet connection and a printer to create and print fake boarding passes for Northwest Airlines flights.
The passes look virtually identical to the ones printed from the airline's site, and are intended to get you past security — but not onto an airplane.
By entering your name and plugging in information about the flight — flight number, gate, seat number, departing city, destination, departure, and arrival times and class — the site generates a boarding pass the program's creator says will get you past security checkpoints, even without ID.
Christopher Soghoian, creator of "The Northwest Airlines Boarding Pass Generator," knew he would be opening up a can of worms by writing the program and creating the site, but says it's the only way to show people how deeply flawed airport and airline security are.
(Excerpt) Read more at abcnews.go.com ...
Wasn't there a report today or yesterday, also, that the screeners failed to detect guns/knives through the screening process something like 20 out of 22 times somewhere in New Jersey?
I don't see what's the big the deal here. Some punk wrote a piece of software which prints documents that look like airline tickets. You can't get on a plane with one these.
This jackass should go away for a long time.
Any competent terrorist could already do the same. Security by obscurity is no security at all.
The farce that one goes through at airports these days is mostly a dog and pony show to show that we are "fighting the war on terrorism".
It was good that he did this.
Not sure what real security weakness that exposes, though. From what I can tell, the purpose of restricting the terminal to ticketed passengers was to reduce the number of people going through the security checkpoint. Unless so many people print phony boarding passes as to flood the checkpoints, I don't see the problem.
I still say it would have been better if he contacted the company. If anything happens in the next week or so this guy gets the blame.
A high schooler could do it too, but why?
Yup. Almost everything that has been done in the wake of 9/11/01 has had one, and only one effect. It has increased government power at our expense (both in personal liberty and treasure).
The best thing they could have done in light of the method the hijackers used on that day would have been to arm the pilots, flight crew, and passengers and dared the terrorists to have another go at us. Instead they totally and completely eliminate an means we citizens might have to fight back, and herd us like sheep to the slaughter in their Constitution-Free zones that they call airports.
Last week I observed a traveller of mid-eastern extraction who was ahead of me in the security line get stopped at the head of the security line because he had liquids in his hand luggage that they would not allow on the plane.
The TSA official gave him the option to return to the checkin desk downstairs and check his liquids and then return. In doing this, he gave him a voucher to enable him to use the employee line, to get back to the head of the line, effectiviely bypassing the bomb sniffing dog that everyone in line had had to pass close to.
So, am thinking, what's to stop this guy from getting his explosives,stuffing them up his ass, and walking to the head of the line?
But, TSA officials also believe that it would do little to aid anyone looking to do harm to airline passengers.
"While you may be able to get access to the terminal's interior through the security checkpoint," said Ann Davis, a TSA spokeswoman, "TSA assures that every individual introduced to the sterile environment beyond the checkpoint and their accessible property have been thoroughly checked and screened."
Universal hacker-loser excuse.
You forgot egomaniac. The program would be easy to write. Publishing it on the web accomplishes absolutely nothing.
"Universal hacker-loser excuse."
You know, I'd be more impressed if he actually wrote a program to, say for example, infer terrorist cell groups by analyzing internet data transfers. Or analyze chatter to determine when the next attack may occur. Maybe even work on machine translation for Arabic.
To some extent, this is just an easy way out. Maybe the kid thinks he's doing something good, but he should be using his skills in smarter ways than this.
I actually applaud him on this stuff. We have to think outside the box on security...if a 24 year old kid can do it, then so can terrorists.
I have no problem with someone exploiting the system. My only problem is how it's released to the public. I'd rather it was discreetly told to the authorities.
Of course, sometimes the authorites don't act unless it's made public.
---
I actually applaud him on this stuff. We have to think outside the box on security...if a 24 year old kid can do it, then so can terrorists. I have no problem with someone exploiting the system. My only problem is how it's released to the public. I'd rather it was discreetly told to the authorities. Of course, sometimes the authorites don't act unless it's made public.
Exactly. Printed boarding passes are simple to replicate. There is a bar code on them which gets screened at the gate, not in the security line...who merely glance at the boarding pass. This kid really didn't do anything remotely remarkable.
No doubt little old housefrau me will get right to it.
I'm lucky I have figured out how to log on, check my email and find FR.
Why bash this kid? He is doing all of us a great service. Better him than Al Queda. Now the holes can be filled.
Thanks Jet Jaguar for the ping.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.