All Internet News. Center for all Internet-related news.
Menu

Advanced Search

News Home

Submit an Article

Categories
Advertising
Community
Ecommerce
Internet Crimes
Internet News
Internet Providers
Internet Resources
Internet Security
Internet Services
LASIK - laser eye surgery
Legal Internet
Online Games
Search Engines
Telecom
Web Design and Development
Web Hosting
Weblogs
Wireless

Partner Sites
Contact Us
Privacy Policy

 


Category:

Boarding Pass Prone to Fraud

Oct, 27, 2006

Security researcher Christopher Soghoian created the Northwest Airline Boarding Pass Generator in the hope of making Congress to look closely at the nation's aviation security policies.

Security researcher Christopher Soghoian created the Northwest Airline Boarding Pass

Generator in the hope of making Congress to look closely at the nation's aviation security policies.

The site lets anyone create a facsimile of a Northwest Airlines boarding pass, with whatever name they choose.

On Friday, Congress heard Soghoian's message loud and clear. But instead of promising to reform broken airport security procedures, Rep. Edward Markey (D- Massachusetts), a member of the House Homeland Security committee known for his defenses of privacy, wants the site (http://www.dubfire.net/boarding_pass/) shut down and Soghoian arrested.

"The Bush administration must immediately act to investigate, apprehend those responsible, shut down the website, and warn airlines and aviation security officials to be on the look-out for fraudsters or terrorists trying to use fake boarding passes in an attempt to cheat their way through security and onto a plane," Markey said in a statement Friday.

"There are enough loopholes at the back door of our passenger airplanes from not scanning cargo for bombs; we should not tolerate any new loopholes making it easier for terrorists to get into the front door of a plane."

Soghoian told he built the site to expose security holes, not to help terrorists.

"I want Congress to see how stupid the (Transportation Security Administration)'s watch lists are," he said. "Now even the most technically incompetent user can click and generate a boarding pass. By doing this, I'm hoping (Congress) will see how silly the security rules are. I don't want bad guys to board airplanes but I don't think the system we have right now works and I think it is giving us a false sense of security."

A fake boarding pass would be nearly impossible for airport screeners to detect, because they have no access to airline databases at the screening checkpoint and simply compare the name on the boarding pass to an ID card.

Northwest Airlines says it is cooperating with law enforcement and government, and that the company verifies boarding passes using bar scanners as passengers board planes. The company says it alerts the Transportation Security

Administration and the police when it catches anyone using a fraudulent boarding pass. Even if Soghoian's site is shut down, any boarding pass purchased over the web can still be easily edited in any browser. That means fliers can buy a legitimate ticket through an airline's website under a false name -- evading the TSA's no-fly list -- then use a fake boarding pass under their real name to get past airport metal detectors, the only spot where IDs are checked. Fliers prone to selection for additional screening could also create

Source: AIN

 
Advertisement
 
Categories: Advertising || Community || Ecommerce || Internet Crimes || Internet News || Internet Providers || Internet Resources || Internet Security || Internet Services || LASIK - laser eye surgery || Legal Internet || Online Games || Search Engines || Telecom || Web Design and Development || Web Hosting || Weblogs || Wireless

News Home || Advanced Search || Links || Contact Us || Privacy Policy