Image of Luggage with TSA Accepted Combination Lock courtesy of įollow on Twitter for the latest computer security news.Big belt buckles, clothing with studs or metal buttons, lots of jewelry, and metal in the toes or heels of some footwear can set off security checkpoint metal detectors. Your thoughts? Open your brain lock and spill them below! What are you going to do, use zip ties on your luggage rather than TSA-approved locks? Either one can be removed, and that’s nothing new.īut at least you can tell if a zip tie’s been cut. So what about your luggage, staring at you from the back of your closet? I find it’s actually quicker to pick the TSA’s locks than to look for my key sometimes. I’m not sure anyone relied on these kinds of locks for serious security purposes. Wired quotes University of Pennsylvania computer science professor and noted lock picker Matt Blaze: This isn’t a full-blown security catastrophe, mind you.Įven without a set of master keys to duplicate, lock-pickers have been able to pick the TSA-approved locks, which include models made by companies such as Master Lock, Samsonite and American Tourister. But if someone reported that my 3D models are working, well, that’s cool, and it shows… how a simple picture of a set of keys can compromise a whole system.īolduc, for his part, told Wired that Xylitol’s CAD files nailed it: I did this for fun and don’t even have a TSA-approved lock to test. Honestly I wasn’t expecting this to work, even though I tried to be as accurate as possible from the pictures. Xylitol – that’s the handle for the France-based but otherwise anonymous Github user who published the files – said in an email to Wired that it turned out better than he’d imagined: He told Wired that it took him all of 5 minutes. Anyone can use the files to 3D print a precisely measured set of the TSA’s master keys for its approved locks.Īt least one 3D printer owner – Montreal-based Unix administrator Bernard Bolduc – within hours had downloaded the files, printed one of the master keys, and published a video showing that his printed key had opened his TSA-approved luggage lock. It’s now beyond conjecture: on Wednesday, a set of CAD files was published to Github. It turns out that the photos began getting passed around online last month, after the newspaper unwittingly, and very briefly, published and then deleted a photo of the master keys in the article about the “secret life” of baggage in the hands of the TSA.Įven though it was online just briefly, there was time for lock-pickers (and thieves, of course) to copy the master keys and to thus be prepared to unobtrusively, undetectably open any luggage in the world – at least, any luggage that’s been manufactured in the past decade. You can see the original photo on various news articles about, well, that photo and the rather alarming repercussions of it having been leaked: here’s one from BoingBoing that Cory Doctorow redacted, covering the keying patterns with black boxes. Unfortunately, a photo of the master keys, in all their intricate glory, slipped out unintentionally last month when the newspaper posted the story online. Deep in the bowels of the labyrinth that is the US’s Transportation Security Administration (TSA), luggage trundling along on conveyor belts gets barcoded, weighed, sniffed for traces of explosives, 3D imaged, and, if it appears suspicious, opened.Īs The Washington Post detailed in November 2014, TSA handlers have a set of master keys to open all approved luggage locks, plus shears to snip off the unapproved ones.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |