Slashdot Mirror
Congressman Calls for Arrest of Security Researcher
Christopher Soghoian writes "Yesterday, I published a tool that allows you to Create your own boarding pass for Northwest flights. This was an attempt to document the fragile and broken state of identity/security for domestic flights in the US. Today, Congressman Markey (D-Mass) has called for my arrest." From the ABC article: "'I don't want to help terrorists or help bad guys do bad things on airplanes, but what we have now is what we in the industry call security theater. It's made to make you think you're secure without actually making you secure,' Soghoian said. 'As a member of the academic research community, I consider this to be a public service.' Soghoian admits that he hasn't actually tried to use one of the boarding passes yet."
Another politician calling for action in places without even thinking. Massachusetts has a Hillary too?
The prosecutors would never file a criminal case, because it would be quickly thrown out on First Amendment grounds? Wouldn't it?
Or, gee, the terrorists could just have someone else buy a plane ticket, or buy it themselves, or buy for a different flight, whatever.
The whole thing is ridiculous. It's ridiculous that this is thought to be some newly discovered weakness, and it's ridiculous that the powers that be are actually getting upset over it.
So, some guy said he should be arrested. Does that mean anything?
The wide spread use of e-commerce has expedited the adoption of regular printouts as tickets, receipts, passes and other situations I can't think of right now.
Are people so dumb as to not realize, how simple their official 'logos' are to create using an image processing software? Agreed, most of these 'receipts' merely provide a number, which acts as an 'index' in some internal database somewhere.
But this guy does have a point. Merely admitting a person holding a an easily reproducible printout of an 'eticket' or boarding pass is just lame.
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
Listening to the radio this morning, they said Newark airport staff failed 20 of 22 tests involving guns and bombs being smuggled past security by undercover agents. Airport "security" is a joke, and a distraction from real issues. When they stop taking away your toothpaste and maple syrup in the carry-on luggage, maybe then I'll take something about airports seriously again.
Oh You POS
It's astounding that Markey thinks that the website which prints fake boarding passes is creating a loophole. Politicians may not have a grasp of technology, but it only takes common sense to see that the loophole exists independently of any specifictool which creates the document to exploit it.
I think the correct title of the congressman is "Edward Markey (D-Ass)".
Then again, maybe ignorance of reality is a job requirement for his position - if not, how would Congress ever come up with a budget?
(airport announcer over intercom) Boarding Northwest Flight 171 has begun...
Passenger 1, with fake ticket, gets to seat 13F first. Sits down and gets comfortable.
Passenger 2, with real ticket, gets to seat 13F, finds someone else in their seat, and politely claims that it is their seat.
Passenger 3 gets to seat 13F, finds two people arguing over whos seat it is, and considers his mistake.
Flight attendant 1 arrives on scene, cannot determine who is the proper passenger, and has Air Marshall 1 escort them both off the plane, where the receive black bags over their heads and are both never heard from again.
Passenger 3, like passenger 1, forgot to change the seat number they printed for the fake ticket they heard would work 'from a friend on the internet'.
But, let's be serious for a minute. This would never work for actually getting to FLY somewhere. You would get into the seat dispute and the person with the real ticket would win every time. And you'd end up in a dark, dark room with FBI agents, then finally in prison for a long time. Gee, that was worth it.
Of course, the real threat is probably just being able to get to the plane. So, point taken. And it truly is a sad state of affairs for security. I am curious to see if this guy gets arrested and if so, convicted of a crime.
TLF
I do not respond to cowards. Especially anonymous ones.
It seems as if he's doing this to show that "Democrats are hard on terror too" to get that much needed vote from the thousands of very unsure voters. The fact is, as the article states, this isn't getting you on a plane. It will get you through the security checkpoint, but that does nothing really. This is entirely political, and pathetic. I hope this isn't an indication of how desperate Democrats are for a vote, if so, they're surely doomed. Atleast I'm used to it by now :/
Although, I've never tried to use it.
Arrest me, and I'll try to post bail with it :D
One, shouldn't they already be on the lookout for frausters and terrorist.
Two, this isn't a new loophole. It's been there a while folks.
I doubt it. It's hard to see how faking a boarding pass can be considered some kind of "political speech," which is about the only kind of speech that has near-absolute protection under the First Amendment.
Otherwise, you know, you couldn't be prosecuted for faking a bill of sale for a car, or a life insurance policy, or printing counterfeit currency, or most other forms of fraud that involve a printed document -- and you surely can.
The emperor generally does not like having his nudity pointed out. Many in government know they are bit players in a pointless security theater, but react violently when told that. I suppose they like to feel that what they do is important and useful (read TSA agents, pretty much the entire DHS, etc). After all, how would you like it if your entire job consisted of going through a dance routine designed to make the clueless public feel as though the government is doing something to keep them safe?
I suppose Congress is a bit different, I have no problem believing most of the genuinely are clueless and believe wholeheartedly that keeping lighters, tweezers, and bottles of water off airlines is critical to our national security. That also seem to really believe that torture and massive surveillance is an effective way to combat terrorism, further displaying a total lack if understanding. The Republicans (at least those loyal to the Whitehouse) are in a unique position where they have to pretend all of this fluff is important, but somehow selling the ports to Middle East companies, looking the other way on illegal aliens, and ignoring Bin Laden to focus on the mess we created in Iraq are perfectly acceptable.
Finkployd
1. Arresting the messenger doesn't help security- it makes people more afraid to point out security holes.
2. Security holes don't shrink by pretending they don't exist
3. Just before elections isn't the best time to make people in Silicon Valley rethink democrats on security. Markey has usually been thoughtful on security- he should rethink his policy of calling for arresting the messenger.
Can someone remind me why people without tickets cannot access the terminals?
This is impossible. EVERYONE knows it is only those with a R after their name that wish to take away our rights and jail those they do not like.
The 9/11 hijackers all had valid boarding passes. What do fake boarding passes have to do with security?
I live ze unknown. I love ze unknown. I am ze unknown.
Check out Edward Markey's voting record. He's one of the most liberal members of congress. His call to arrest this innocent security researcher further proves that the Democrats are authoritarians just like the Republicans. Only Greens and Libertarians appear to have any respect for free speech and other civil liberties.
------ Take away the right to say fuck and you take away the right to say fuck the government.
I've only flown twice in my life. To Italy and back in September/Oct of this year. When I hit Italy it was a cakewalk. Showed the guy my passport he stamped it and I am in the country.
On the way back into the US it took me almost 3 hours and like 3-4 checkpoints later (In Philly) to finally be allowed to go to my next flight. This caused more than half the people in the line to miss their connection which only had 00:30 to 1:30 layovers. I was astounded at how ridiculous the measure we take in the US are. It still came down to the exact same things as when I landed in Italy they just made me walk through the same type of metal detectors.. take of my shoes etc. It seems VERY redundant. Hell, they even made me fill out a paper saying that I spent X money and brought back X goods into the country. Foriegners had to fill out some other additional form while in flight.
So basically what I am getting at is this: When do we draw the line? Is all of this false sense of saftey really worth the inconvience? If they really wanted to make flights safe they are going to need to stick us in airline jumpsuits (Like prisoners wear) and not allow us to carry anything onto the plane. With all of these saftey measures the guards barely even glanced at my passport. The stupid form I filled out the guy just threw it in a big bucket with the other thousand of them to either be tossed out or parsed through at some later time. How is that making me safe?
If I was a terrorist and trying to get into the country it would be very difficult because terrorists don't have access to finances to be able to purchase anything like a fake passport and clothing. And the security guys actually look up every single passport before they stamp it. And those stupid forms are all processed before they let you through. And you know terrorists are stupid they all carry metal objects like guns in their pocket before they go through the metal detectors.
Seriously, When is this crap going to end.
Mmmm....so since your ability to be killed by a giant fireball exists independently of any specific tool (e.g. a nuclear bomb) that exploits it...you would perhaps also think it would be contrary to common sense to call for restrictions on who can possess (or publish on the Web directions for building) a nuclear bomb?
On the other hand, it isn't just "some guy", a Congressman said that he should be arrested. This means that we have semi-hysterical, technically clueless blowhards deciding national policy. I think that means something, and what it means is really bad...
It's been a while since I flew, but I did buy electronic tickets last time. When I first got inside the airport door, the first and only place I presented my ticket printouts was to a clerk right near the entrance. They took the printout, scanned it, looked over my ID along with their screens, and then printed out a 'real' ticket that was a bit less ordinary (though still possibly forgeable if you had their cardstock maybe...). The ticket readers at the actual boarding point were picky about the format and form factor of the tickets it would take, so for at least technical reasons this had to be done.
Have they relaxed things to the point where the web printout is enough to get you to the boarding area now? Do a lot of airports now have scanners at the boarding area so they don't need a more special ticket anymore?
If nothing else, if airports had to be/were concerned, I would think the approach would be to have kiosks/clerks to scan printouts and spit out 'authenticated' tickets like they had to do for me.
However, as the site says, even if it works exactly as theorized it would, it doesn't get anyone on to a plane that isn't desired to, or get anyone past checkpoints without being checked for things that aren't wanted on the planes either. The risk begins after takeoff in terms of leveraging an airplane for larger scale destruction. Until a would-be attacker actually gets there or something there in his place, it's really no worse than, for example, a busy shopping mall.
XML is like violence. If it doesn't solve the problem, use more.
So our politicians have been reduced to shooting the messenger to making us feel safer ... do you?
You've always been able to do this. You can change the A/B/C boarding for southwest flights. You can save things to print them out later. You can make your own spoofs, and even make a real barcode if you want. You can remove the "search my luggage" checkerboard pattern, too. You can do a lot of things when you have the html and images.
But what Christopher Soghoian is doing is rubbing the government's nose in it, while they're actually trying to prevent people from being asshats.
Maybe the government is doing it the wrong way. But like any responsible security researcher, you do not release a malicious tool before giving some ability to correct the problem first. You especially don't do it to make a political statement on the tool webpage. And sometimes there's not a good solution.
Christopher Soghoian is an asshat, and not what I'd call any sort of responsible security researcher.
Go back to defacing websites with political messages with the other script kiddies, and blaming microsoft for all the evils in the world.
I assumed the guy is a faculty member, but it turns out he's only a student. In that case it's true he can't rely on the university to give him legal help. Note, however, that even faculty aren't always protected -- during the SDMI Challenge bruhaha, Princeton's University Counsel was agressively defeneding Ed Felten and his team, but researchers in other universities didn't fare that well.
since law enforcement agencies should be able to figure out if there's a possibility that someone has committed a crime and 'aprehend' them, there's no real need for some pompus, self-important, know-nothing congressman to call for their arrest. To ward off the possibility that the law enforcement agencies might look like congress' lackeys, anyone who's arrest is 'called for' by a congressperson should be placed on a 'do not arrest' list. We do not live in a society where people get arrested because an individual member of the legislature publically calls for it to happen - let's not get ourselves into that situation.
FGD 135
"The Bush administration must immediately act to investigate, apprehend those responsible, shut down the website, and warn airlines and aviation security officials to be on the look-out for fraudsters or terrorists trying to use fake boarding passes in an attempt to cheat their way through security and onto a plane"
What, George Bush personally? The FBI can't handle it? What an idiot.
If you had read the article you would have seen the bold text stating that the boarding passes are not 'real' and would not get anyone aboard a flight.
In any case, your conclusions are flawed. If these faux passes could get Passenger 1 aboard a flight, he or she would simply move to another seat when Passenger 2 arrives. A more likely scenario is that Passenger 1 would probably just occupy one of the lavatories until the flight was completely seated, and then take an empty seat.
That being said, he's just earned his "oooo, I'm for security" political credit for the day, and preventing a republican from scooping that.
There is something darwinian about US politics. Any politician that speaks their mind too often gets weeded out. The survivors cameoflage themselves in the Coke vs Pepsi plank (or favorite sports team plank). Right now, if you are not 'for security', you are not electable.
As is common with closed-source software companies, they refuse to listen or reform when told they're unsecure. Once their insecurity is exposed, they are made to look like utter morons in front of their target audience. Rather than behave rationally by acknowledging a problem and working to fix it, they jump to Cover Yer Ass maneuvers:
* Deny the existence of the problem (ABC link, bottom of first page)
* Threaten the person or persons who made them look like incompetent idiots
As long as they believe that making a bluster will prevent them from being fired for thier incompetence, they will make a bluster rather than fix the problem because that's the path of least resistance. If the public or government act to make it known that the price of inaction exceeds the price of fixing the issue, the problem will go away. Consider this scenario:
Government office is created in which agents attempt to smuggle illicit items (knives, primers, explosives) onto planes. If they get past security, all flights from your airport are suspended for N days and you lose all income and federal subsidies in that time. That's all - no "inspections" or "review boards." Just a shitload of lost money and customers who hate your ass. Expect genuine improvements in security on very short order.
Unfortunately, expect the public to howl about the inconvenience because they want security without paying for actual security. Sorry, you can't have your cake and eat it too. [Note on slogan: Spin it as "your part in the war on terror?" The War Against Terror... "Do your part for TWAT?"]
If you actually look at the boarding pass generator, what it does really isn't complicated - you could do the same thing with one legitimate boarding pass, a typewriter, and a photocopier. That this is worthy of calling for someone's arrest is disturbing.
My server
Recall the scene where a (presumed) terrorist walked through metal detector with machine gun and RPG with zero intervention from security, but an old grand mother gets nailed to the wall for setting off the metal detector. Sure was funny back then. Doesn't look for funny now.
And what do you think the TSA's response to this will be? My money is that they decide to no longer allow people to print their own boarding passes. It will be paper ticket or nothing (and yes I'm aware that these can be forged too). So no more checkins at the gate -- stand in line along with those that have baggage to check. Just great.
Wanted: witty unique signature. Must be willing to relocate.
There IS brilliance behind his idea. Perhaps you didn't read it... but basically, you can fly on a fake identity without any screening of your actual identity.
1) Go to 7-Eleven and buy a pre-paid credit card with cash using a fake name. This will be the name you fly under.
2) Buy a ticket with this credit card.
3) Print out an ADDITIONAL ticket for your real identity. He gives you an HTML form to do this.
Now, show up at the airport. Go through security with the fake ticket... it will match your ID, but since it's not in any computer systems, they won't check to see if you're on the no-fly list. When at the gate, provide the ticket you actually bought. Nowadays you don't need an ID at the gates anymore -- just have your ticket scanned and hop on the plane!
Now, I'm not exactly sure if you can check bags. If you have to go to the counter before security, they ask for your ID. But if you can avoid that (and you can now, as far as I know), you can fly on a fake identity.
my blog
Maybe you could use it to flee the country...
"Waste not one watt!" - CZ
in America, one should always be ready to be arrested, and held without charge, possibly tortured and/or sent to a secret prison in a foreign country. This is what Americans call "Freedom"
The author is right in pointing out that security around an airport is a joke and is secure in name only.The Congressman should be arrested for gross stupidity and supporting the statis quo(Along with every politician in the Washington DC area)
The thinking brain is a fast dissapearing trait in professional politicians.
Do like I try to do.Re-elect no one.Throw the bastards out.
Geek Hillbilly
Mr. Soghoian's website confirms that he's a student in information security. Thus it's no longer obvious why the university shouldn't defend him if need be.
Another problem with this is, what good is a fake boarding pass? Remember, the 9-11 hijackers used real boarding passes; all this can do at best is save you a few hundred bucks -- hardly a big deal if you're willing to kill yourself on an airplane to make some kind of point. The biggest problem I see is, let's say you get your fake boarding pass and you manage to get onto the plane with it; then what? Where the hell are you going to sit? Pick an empty seat; then when the real passenger shows up, your forgery will quickly be discovered; pick a full flight and you're gonna look pretty obvious standing around in the aisle when it's time for the plane to take off.
The best part was when the little boy cried out "But the Emperor has nothing at all on!" OOPS sorry I read the wrong article! I was wondering where that Malarkey guy went too.
Apocalypse Cancelled, Sorry, No Ticket Refunds
My father forwarded this on to me and I think it's a perfect appraisal of the situation. The goal isn't necessarily to kill anyone but rather just to keep everyone riled up and unable to focus on what's important.
http://www.wondermark.com/d/220.html
A woman managed to board an international flight using only her storecard as proof of identity instead of a passport...
passenger used her costco card to get on flight
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
Individuals simply cannot point out the obvious flaws in what passes for National Security. While we as individuals are supposed to have some kind of freedom in this way, we don't.
Now, lets get to the reasons why this was the dumbest thing to do.
1. It puts egg of the face of every big federal contractor muscling their way into the "homeland security" budget.
2. We're at war with an enemy and tactical end that won't ever be defined. To maintain that heightened state of fear and social control, this individual must be criminalized. (he's helping the terrists after all.)
3. No contractor has a product ready to replace it. It will be a tough day for the contractors that have to explain this to gov't types.
4. It fires off a "something must be done" storm, that no politician really wants. They've got too much fund raising to do.
5. Whistle blowing is contrary to the nation-state's goals. An individual this smart and not working for the State must be criminalized in order to maintain the heightened state of fear and sustain a compliant population.
Never, and I mean never, should an individual take it upon themselves to publish this kind of information.
Except if you want to be known as "notorious" and probably a felon in prison for a couple of administrations at least.
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
I don't think we call that "freedom." We call that "security." We seem to prefer (perhaps false) security over freedom, safety over honor. It seems we would rather have an all-powerful state rather than personal liberty.
Oh, well. I guess that is merely the evolution of government.
Microsoft is to software what Budweiser is to beer.
Well...his arrest wouldn't be completely bad. It would give me something to cover my 'Free Kevin' bumper sticker with.
THIS MAN SHOULD BE ARRESTED IMMEDIATELY. I mean, publishing this as closed source? I'd be surprised if someone replying to me didn't call for him to be immediately thrown on death row!
Background: my last name starts with the letters "Host"
... so if your name was "Jim Hostenfeffer" it would appear on your boardingpass as "JIM southwest.comENFEFFER" ... I played with the site a little bit and found that it was a straight macro replacement bug of whatever domain name was used, so would say "JIM wWw.SOutHwesT.cOmENFEFFER" if that was the domain you typed into the URL bar.
When southwest first started offering online checking, i discovered a small bug, when you got the the "Print your boarding pass" screen, with my name in all caps, the letters "HOST" were replaced with "southwest.com"
The first time it happened i thought it was ammusing, I emailed their tech support, saved the HTML to a file and edited it so it had my name again and would match my ID when i checked in.
4 or 5 flights and at least 9 months later it was still happening and I spent a good 3 hours on the phone being transfered arround to different people trying ot get them to understand what the problem was and how fucking ridiculous it was that i had to constantly "hack" my boarding pass because of a bug they'd had for months.
-- The Hoss Man
call congressman markey, and ask why he's an ass. better yet, call congressman markey, and ask why his senate colleague from down the road, ted kennedy, has been blocked from flying on commercial airliners. northwest lets you print your own boarding pass on your own computer 24 hours before a flight. anbody can fake a hundred more once they have one.
the present security system is not airtight. you want airtight, you can have it. you will never see daylight again, however.
if this is supposed to be a new economy, how come they still want my old fashioned money?
I'm vaguely reminded of of a Wired article on lock picking. If I remember correctly, a Dutch lock pick had developed a method of breaking open a Master Lock bike lock (the kind that used a round key) using a ballpoint pen. Master Lock was really miffed over this, but the lock pick's response was that pretending that the security hole didn't exist didn't make anyone any safer. All he did was bring it into the public's eye. This is just like that case. Just revamp security, and no more issue. It's not like this guy has devoted his life to cracking the security of North West's Boarding Passes. Speaking as a former employee of North West Airlines, there are A LOT of security holes. We're pretty secure, but there are plenty of ways of making a total mess out of things, such as hiding things in an electric wheel chair. Last I checked, those things weren't scanned or anything, and they're MANDATED to be put on the same flight as the passenger. We took a 25 minute hit (the flight left 25 minutes late) shoving a gigantic wheelchair into a DC-9 that was almost too large to fit in the cargo bin, and weighed at least 200 lbs (I'm not exaggerating). With a little foresight, it wouldn't have been too hard to hide things inside of the wheelchair. Assuming it has dry cell batteries, we won't remove them, and the wheelchair will always be put upright in the bin. How's THAT for security?
Rawr
Are an idiot?? or a troll?? or both ?? go away i'm trying to read here...
*--- Sometimes a majority only means that all the fools are on the same side. ---*
I find it very odd coming from the UK:
We get passport checked, boarding pass checked and scanned by computer, at EVERY point along the way.
They even get us to remove our shoes these days.
Is it a boat?
I thought the nominal boarding pass glance TSA did was just to limit the number of people going thru security. Before they did this, you'd meet people at the gate to pick them up.. so tons more people were going thru security.
By reducing the number of people thru security, they can take more time searching each person w/o causing an increased delay.
They ought to be searching and vetting everyone who gets on a plane, whether they think they can establish identity or not.
He didn't fake a boarding pass. In fact if you RTFA he specifically says he has never printed one of these pases.
All he is doing is showing you *HOW* to make a fake pass. In this way his site is no different from the anarchists's cookbook or many other works.
Nevermind the fact that any frigging web monkey who knows how to edit a Geocities page knows how to do this anyway... its not fucking rocket science, its a bit of HTML editing.
Being a researcher, or a journalist, does not allow you to break the law. The first amendment may allow you to publish your results, but it does not shield you from illegal actions you may have taken to get to the point of publication.
There are fuzzy areas, some laws specifically cite an exemption for research, like the much hated DMCA.
...Security researcher calls for arrest of congressman?
Maybe not this one, but I'm sure one of the other 434 of them have done something.
paintball
Its the straw man shuffle
do-wop do-wop
You don't address the issue
do-wop do-wop
You just add to the confuffle
do-wop do-wop
Your post belongs in a tissue
do-wop do-wop
Nope, parody is fair use. And it's trademark, not copyright. Learn the difference...
The presentation, color, and layout of the boarding pass is covered under copyright.
Parody MAY be fair use. That's a matter to be decided in court, but it's unlikely the court would hold that this use would fall under a parody fair use exception. We're not talking about a political cartoon here, we're talking about a document used in trade. The whole point of trademarks is to prevent people from obscuring the source of goods and services, and the whole point of this program is to obscure the source of the service.
I bet you have spelling errors in your replies correcting others' spelling too, don't you?
paintball
Its just what came to mind.
"Are you questioning the Big Giant Head?"
I think you underestimate just how much I just dont care.
Looks like the site may have been taken down. I tried out the default settings and printed a boarding pass (for Osama Bin Laden). Then I started changing the name, destination, flight, etc. but when I submitted the form it was 404 and I can't get to it anymore. This was around 7:26 EDT.
How long until 20 other versions of this pop up?
"Education is not the filling of a pail, but the lighting of a fire." -- William Butler Yeats
Shooting the messenger. Our best policy yet.
Markey is a fool to call for the arrest or shutdown of an author of a tool whose work could be easily duplicated without him. The TSA is a joke, as anyone with any real security skills and honesty will tell you.
But none of the coverage, including Soghoian's own posts, indicate whether Soghoian notified anyone responsible for the security whose holes he exposed of the hole privately, before he publicly released his tools.
The well-established protocol for publishing security breaches is to privately notify the target first, giving them time to fix the problem, before increasing the risk by giving everyone the same power to break the security . In the real world, obscurity does sometimes provide some security for a while. Leaving it in place while the target works to fix the hole offers a little more protection, when any little bit counts. Of course, Soghoian should have given them a deadline for indicating either progress or completion, depending on the nature of the risk, as a way to force them to act. We don't know whether he did either.
There is little to lose by notifying the TSA or other security people responsible for these holes, and waiting some short time before forcing their hand publicly. And much to gain: the bureaucracy is now headed down the wrong direction, which takes more time to change and begin on the right one. Soghoian is not responsible for the bureaucracy, but an American adult security pro should expect that at least someone in Congress will overreact in favor of the security theater Soghoian is targeting, rather than real security fixes.
If Soghoian did indeed notify the TSA, then Markey has no excuse, and is a perfect fool. Even if he doesn't know about such a notification, he should know before shooting off his mouth in public, scaring the security pros who are working to keep him and everyone else safe.
What we need to know is the full story, as usual, before we're sure who's wrong and who's not so wrong.
--
make install -not war
If outlawing printing fake passes, is what it takes to keep terrorists from printing them, then we should do it. Terrorists wouldn't dare to break such a law, thus they won't be able to get boarding passes, thus they won't be able to fly, thus they won't be able to travel to my city, thus they won't be able to detonate a suicide bomb near me.
I'm glad Markey has the sense to systematically think this threat though, and recommend a solution that will stop it at the source.
And if anyone suggests that terrorist threats can only be countered by assuming that terrorists are willing to break TSA guidelines, then I suspect such a person of being an anarchist! This is a nation of laws!
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Aviation expert John Nance says ... "There's a free speech issue of course, but this is under the same legal categorization as screaming fire in a crowded theater."
Can people please stop using this as an excuse for any and all demands to curb freedom of speech. The only time this argument applies is if the specific speech in a place will cause panic. It's appropriate to bomb scares, and possibly false accusations, but if you think that making fraudulant boarding passes shoudl be curtailed, find a maore appropriate reason.
Dear Honorable Edward Markey,
I just read about your response to Christopher Soghoian's findings regarding online printable boarding passes being easily faked.
I have to say that I am appalled at what I am reading. Mr. Soghoian has found something that could allow terrorist to continue to harm Americans. This technique may have already been used, or plan to be used, but now we know about it and can do something about it.
Why? Because Mr. Soghoian was kind enough to expose this security flaw. Punishing someone that has put this much effort into giving us the knowledge to save more lives is asinine.
As a Quality Assurance Engineer, I know the importance of finding, and reporting, flaws. This man should be commended, not condemned.
I think it would be wise as a senior member of the Department for Homeland Security to withdraw your previous statements as you have gained "an insightful perspective" on this issue after responses such as mine.
Scaring others into not telling us where our security flaws are will only lead to more opportunities for our enemies. How can you not immediately see this?
Or should I put you on the list of government employees that pretend like they care, but would rather play political games instead?
Sincerely,
Quincunx (real name used in the real letter)
I encourage others to write as well. If we let him know his error, give him an "out", then maybe bullshit like this won't happen again. Here's hoping.
Here's the send-an-email part of Honorable Edward Markey's web page
Learn to read, dipshit. And then after you learn to read, explain how in the hell this story is comparable to the Foley story.
Who cares? As long as she's xrayed like everybody else, I don't.
Uh, so should they arrest Tom Clancy too? He wrote a book detailing how easily a single person could fly a plane into an important building (the capitol building during a presidential address to a joint session of congress, but whatever).
So, if the litmus test has become, "Using mass media to point out ways that terrorists might strike = terrorism," then Mr. Clancy, as well as any number of Whitehouse Spokespeople are terrorists and should be put in Guantanamo right now. I mean, come on, they got up there at the briefings and said that people could smuggle bomb supplies on in component form in water bottles... and we can bring water bottles on board again... so... THEY'RE WITH THE TERRORISTS!!!!!
Since this is patently absurd, maybe Mr. Windbag might want to slow his roll a bit, and consider using his brain before he opens his fucking hole.
Come read my stupid blagablog. Rants and Giggles
Its hilarious how everyone in here jumps on this guy based off of this one incident.
t ent&task=view&id=1673&Itemid=138) you'd all be praising him.
I bet you I could post an article the beginning of next week showing Ed Markey at a protest holding signs to "Save the Internet", or his FAQ on his own website about how net nuetrality is vital to the internet (http://markey.house.gov/index.php?option=com_con
This is the problem with politics- the general public forgets that politicians are people and only judge them based off of the last month or so instead of actually looking at their whole record. So then politicians end up playing up to this and are forced into grand gestures instead of real work.
Just remember that next month when you're voting- pay attention to more than just the latest news articles to show up on slashdot.
tedivm
Thats hilarious. I hope you get modded up.
I'll just use my special getting high powers one more time...
I don't know of a security researcher that doesn't feel that some, if not most, congressmen should be arrested.
Chris reports that the FBI is knocking on his door. The boarding pass generator is also (at least temporarily) down.
You are not a lawyer, you should not play one on the net. Markey on the other hand is a lawyer.
I am not a lawyer but I deal with Internet crime issues, law enforcement, prosecutors on a regular basis.
The boarding pass is arguably a document that is used to represent value. I don't see much difference between forging a boarding pass for a $5,000 dollar flight ticket and forging an Amex travellers cheque or such.
The theory you seem to be proposing here might be worth a shot if you were a defense attorney defending a case. It is not a good idea to rely on such theories if you want to stay out of prison. Much better to consider the theories that a prosecutor might use and steer clear of possibly illegal activity.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
... since you don't know which bar codes are valid for the flight you want to get on, even if you're the first person to get on the flight, your barcode won't scan as valid and you'll be stopped there.
paintball
buy a ticket. save the itenerary as html.
edit. change it to your real name. John Terrorist Ashcroft.
print.
... taking a used boarding pass (from an airport garbage can, or your own), scanning it, then manipulating it? Oh snap, extra steps.
Arrest the Congressman Ed Markey for being a idiot. Only a idiot calls for the arrest of the person who lets the know of such dangerus securty gap.
But I did use the thing to generate a pass with the defaults, and I wrote an article about it already too, because I'm just that fast. You can read it at http://www.hyperlogos.org/story/pointing_out_vulne rabilities if you care. (ObDisclaimer: Amazon referral link on sidebar and in reviews on site, no other ads.)
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
If outlawing printing fake passes, is what it takes to keep terrorists from printing them, then we should do it. Terrorists wouldn't dare to break such a law, thus they won't be able to get boarding passes, thus they won't be able to fly, thus they won't be able to travel to my city, thus they won't be able to detonate a suicide bomb near me.
This gives me a better idea! We need to make a law against buying or using a plane ticket for travel to commit a crime, particularly terrorism. So far as I am aware, it is NOT currently illegal to travel by plane to a city in which you are planning to commit a crime (such as terrorism). This is a loophole we need to fix immediately.
Atanamis
You're helping terrorists by giving out this information. I call to arrest Kichigai Mentat immediately!
Simple, Republicans are far more protective of individual property rights.
Being pro-business is an extension of this, rather than the other way around. Democrats are more willing to allow use of eminent domain in such situations for the same reason they are more willing to raise taxes. It is subtle difference in thinking: Do the rights of the state exist because they were granted by the people? Do the rights of the individual exist because they were granted by the state?
The case in question was far more narrow, of course. But justices anwsers to those questions are pretty strongly correlated to decisions like this one. For a similar reason, even though Republicans are on TV moaning about "judicial activism" their appointees are far more likely to vote to strike down acts of congress than those of Democrats.
That's called security through obscurity. Which equals no *real* security at all.
If a student figured this the odds are that the bad guys knew about such things all along, even before this publication and independently from it. And what we get then is a *sense* of public safety, nobody worrying about the security holes and fixing them because nobody has made them public and the terrorists freely using them.
And you expected what? In the climate of today's 'war on terror' and everyone's extreme paranoia, you thought you might receive a presidential freedom award for pointing out a weakness in the Bush administration's 'feel good' security procedures? Or maybe at least a pat on the back from the DHS? I happen to agree with your method, but it's hard to believe you really thought the government would not take notice, especially considering it is 10 days before the mid-term elections. Good luck (seriously!). I suspect your 15 minutes of fame has been slightly extended.
I suggest that all concerned Slashdotters contact congressman Markey and let him know what you think.
// TODO: Insert Cool Sig
There are millions of workers in the United States who have jobs based on fake paperwork. Noone prosecutes them, even when they are found out.
he set his blog so that only approved messages can get through if he approves them. Something thats difficult to do from jail.
I hope his lawyer posts there with pertinant information.
Actually I hope he posts that the whole thing leads nowhere.
The Kruger Dunning explains most post on
Security theater, indeed. Searching Granny's jogging shoes has always struck me that way. Not being able to take a bottle of water on board is equally idiotic. But it's all maximally inconvenient and we notice the hell out of it and it's supposed to feel like Somebody is Doing Something.
The sad thing is Soghoian could have pointed the facts out in fifteen scholarly papers, and the government would have blown him off. But when he figures out a way of succinctly getting the real message across, then that's a crime.
Now, I like Ed Markey. I think he's one of our best Congressmen. But on this issue, he seems to have lost his marbles. The security hole is the crime. Not pointing it out.
1) Print out a fake boarding pass at home to get through security.
2) Find some poor schmuck in a bathroom in the secure area.
3) Kill him.
4) Steal his boarding pass.
5) Pull out a notebook portable printer and make an exact, fake copy of his boarding pass.
6) Store the body and the real boarding pass in your carry on (they don't do random searches at the gate anymore).
7) Board the plane using the fake boarding pass.
8) Bring down the plane using a rubber band and a paper clip while jumping to safety using a piece of scotch tape and a set of shoe laces (ask MacGyver for pointers on how to do this).
In this way, you get away free and clear while above mentioned schmuck gets blamed---while else would he have been hiding in the overhead bin?
Freedom is soon to follow.
---- Booth was a patriot ----
1) order any airline ticket
2) perform online checkin
3) print the boarding pass
4) photocopy it and give it to friends
5) board plane!
Flashmob anyone? What better way to demonstrate the flaw than a huge crowd at JFK?
"Education is not the filling of a pail, but the lighting of a fire." -- William Butler Yeats
... (but not onto the plane).
Ask someone who's recently flown to give you their HTML boarding pass, or use one of yours from the past. Change the HTML where obvious (date/time/flight number/name). You don't even have to mess with the barcode(s) cause the people who check boarding passes don't care. Go to the airport, breeze past security, and sample the fine foods and beverages (or simply see someone off at the gate).
All this requires is a printer. No pre-paid CC, no new expenditures at all, no Internet connection required.
Of course, there might be things they DO check that you might not think to change, so this isn't a good idea, but I'm guessing that you could even get by without changing time and flight number at most airports.
--
"Extra Anus Kills Four-Legged Chick" -- Headline
and what about the check-in bomb luggage of Susan E. Terrorist? xrays mean shit. not being able to take a lighter on the plane means shit. 150 people sitting in their seats like zombies, since 90% of their carry on luggage is now an additional check-in bag, staring straight ahead thinking they're safe is NOT my idea of travel. i can still pay cash and ride a train without being hassled for id, but i have to worry about "legal" random bag searches. invasion of privacy enough to limit my method of travel? yep. fuck america, i'm out of here within the next 5 years.
-dk
today mexico's fence, tommorrows canada's fence, popular to conventional wisdom these fences will force ppl to stay in the usa. I'm getting my passport soon before it's too late.
but what we have now is what we in the industry call security theater. It's made to make you think you're secure without actually making you secure,' Soghoian said. 'As a member of the academic research community, I consider this to be a public service.'
And you're surprised that the government wants you arrested now? Hell, if I were in your shoes, I would be outright shocked if they *didn't* kick in my door and shoot me in the head the very next day. If I were to pull a stunt like that, I would ensure that I wasn't in the country.
"No problem. I have the capacity to do infinite work so long as you don't mind that my quality approaches zero."-Dilbert
Providing a means to bypass security checkpoints in an airport after 9/11, yeah, he definately should be arrested. Sure some of you will cry free speech and whatnot, but this is a national security risk. I hope all those crying also understand that it's illegal to flick your highbeams after passing a speed trap to warn other motorists of it's presence. Just cause you don't think it should be illegal doesn't mean it isn't, and just cause something might not be explicitly illegal doesn't mean it shouldn't be or that it isn't utterly wrong.
It's a good thing the Bush White House was able to bully the Congress into accepting its compromise.
This is all the evidence Bush legally needs to declare this man an enemy combatant (yes, despite the fact this he is a U.S. citizen on U.S. soil).
Whaddya say Dubya? Looks like a clear case of conspiracy to provide material support to a terrorist organization.
Declare this terrorist an enemy combatant and ship him off to Git'mo! God bless the U.S.A.!
too bad he is under threat (so much so that the thesis paper he wrote
on the "boarding pass" was removed from the site).
it is really starting to become more than just a nuisance when
orfinary folks are subjected to the threat of imprisonment for
"doing the right thing" or exercising an action "in the public trust"
I now begin to wonder when such things will result in either being
jailed without trial, or worse: being made to disappear.
Understanding is much like a 3-edged-sword. in this: there are always 2 sides and the truth.
The whole thing about terrorists needing to somehow fraudulently ninja their way past security is dumb anyway. The 9/11 hijackers all bought real tickets. They didn't hide in suitcases, they just walked on like everyone else.
Known terrorists do not carry out suicide missions. If they did they would be dead, and that would get them off the no-fly list rather efficiently. Therefore, almost by definition, the people trying to hijack and destroy planes are not going to be people who are known terrorists (generally speaking), and they aren't going to need to lie about who they are.
Relax I just want some peanuts.
Cyonide, bad for your personal security. I can prove it. Here, try one of these... They are cherry flavored this month. So, good intentions do not equal good legal behavior. There is a line in here somewhere that should not be crossed. Did this guy cross the line ? I'm just one voice, but for myself, this is a public service. But it is treading on very thin ice.
The reason the Government types are going all ape shit over this is not because it is a real threat to security but because it pulls back the curtain on the great and powerful security apparatus and shows that in reality it's all just a silly old man pushing buttons.
Now that the FBI has come calling on him he should really hire a decent lawyer as fast as he can. Dont forget that we have all these laws which allow the government to ignore traditional rights when dealing with a possible terrorist. Im normally not one to jump around fearmongering about innocent people being dragged away in the name of fighting the war on terror, but this guy might not have the traditional rights such as seeing a lawyer and so forth. (Disclaimer: IANAL but I know that accused terrorists dont have many rights in this country)
Ive always thought the "check boarding pass" scheme was a false sense of security. Ive explained it to friends of mine several times and I have usually been met with eyes being rolled. Everyone knows that boarding an airplane fraudulently isnt that hard, they just put thing like this there as a nuisance deterrent/false sense of security.
It was pretty dumb for this guy to post the php script online, but I feel badly for him. Its obvious he isnt a terrorist or anything.
"There are enough loopholes at the backdoor of our passenger airplanes from not scanning cargo for bombs"
That seems quit like making another dangerous loophole public. I think this guy should be arrested. AND lapidated, Life of Bryan's style.
... not even people with boarding passes.... great.
ummm so if none has "test" these generated passes how does anyone know that you could actually get onboard a plane with it????
you could probably get past security which is bad....i guess.... but you'd still have to go thru the screening so not sure what good that would do.... unless your not going to fly but you have a thing for paying $5 for a latte at the starbucks just past the security check?
considering the airlines are basically not letting a plane fly without almost every/every seat filled... even if you managed to get on the plane one can assume that your arrest would be happening shortly there after as the person with the real ticket for the seat showed up and wanted to know what the fuck you are doing in their seat.
on an admittedly off topic not... but related to my last point to the guy that acted all bent outta shape when I accidently sat in your seat instead of mine a row infront of you after working 20hrs the day before the flight....... HOPE YOU ENJOYED MY SEAT ALL THE WAY BACK IN YOUR FUCKING FACE THE WHOLE FLIGHT BITCH
actually I am happy to see you, however that is in fact a banana in my pocket.
Fraud is a crime of intent.
I have written a program to fake a boarding pass and published it on the web. I am now in bigger trouble than if I had been charged with fraud:
The charge might be framed as a from of criminal facilitation. The only intent required might be defined simply as a reckless disregard of the consequences of your actions.
What follows is a model statute that suggsts the possibilites:
__
1002. Criminal Facilitation.
(1) Offense. A person is guilty of criminal facilitation if he knowingly provides substantial assistance to a person intending to commit a felony, and that person, in fact, commits the crime contemplated, or a like or related felony, employing the assistance so provided. The ready lawful availability from others of the goods or services provided by a defendant is a factor to be considered in determining whether or not his assistance was substantial. This section does not apply to a person who is either expressly or by implication made not accountable by the statute defining the felony facilitated or related statutes.
(2) Defense Precluded. Except as otherwise provided, it is no defense to a prosecution under this section that the person whose conduct the defendant facilitated has been acquitted, has not been prosecuted or convicted, has been convicted of a different offense, is immune from prosecution, or is otherwise not subject to justice. (3) Grading. Facilitation of a Class A felony is a Class C felony. Facilitation of a Class B or Class C felony is a Class A misdemeanor.
(4) Jurisdiction. There is federal jurisdiction over an offense defined in this section when the felony facilitated is a federal felony Proposed New Federal Code
You've missed the point completely. If you have use a fake boarding pass to enter the "secure" area of the airport you're doing something wrong and unlikely anyone would buy that paper as free speech.
But the guy we're discussing created instructions for making your own. That's the free speech part, the instructions. A congressman wanting him arrested is just another example of clueless people in Washington killing time while sucking on the government tit. Since he made the news he'll be able to rake a little more money in "campaign contributions" now.
Its all about marketing. Everyone knows Pepsi is just selling sugar water.
When it comes to security, its much easier to sell sugar water than the real Mccoy. This is why we have so many systems with virtually no security and so many abuses by people in Authority who go running around screaming when it is pointed out they don't know what they are doing.
During the Second World War there was a real need for security in some cases. One was the Manhattin project. If anyone reads Dr. Feynman's memoirs they will find there was no real security. Generals didn't know how to set combinations on their safes. The army didn't even know how to fix the holes in the fences.
As I see it - since most people try to be politically correct we will allways find our authorities running around pointing fingers with indignation why conserned people point out that they actually do not know what they are doing. The issue is that when in comes right down to it - if the bloke in charge doesn't know what he is doing then he shouldn't be in charge.
Stories in Slashdot with this theme include the Electronic Voting mess, where ArsTechnica publishes a step by step expose. Folks in the Usa are in real trouble. There is enough political desire to fix elections that one has to expect foul play. (Of course from the ones who proclaim "Vote for me". "I'm not a crook")
Then the almost universal lack of security on the world's PC's which leave the general population open to a wealth of attacks by a truely organised and determined enemy.
Dimitry Sklyrov thrown in jail for "exposing" Adobe's pitiful mess.
The list is too long to remember. But the theme is always political correctness and lip service and innocent people being singled out when they point out there is a problem.
You might want to consider the MORON congressman who called for the arrest is actually a DEMOCRAT. That means LIBERAL SOCIALIST. Don't lump these morons with the White House. The current White House is out there defending this country (and others) against terrorists.
If you want to go after morons in the White House, how about Bill Clinton and Madeline Albright, giving nuclear materials to North Korea? THAT is the biggest BONHEAD move by anyone in the White House... ever. That's like selling Zyklon B to Adolf Hitler. They have a dictator who is starving his people, and they give him the ability to make weapons' grade plutonium.
Where is that picture of Bill and Madeline giving the that stuff to North Korea? Why don't we see that in the news media? Hmmm. Lefty news media maybe?
Anyone have a mirror of the app in question? I'm getting a 404 when clicking the link.
But the Congressman said the Security Researcher is a witch, so let's burn him.
Forget thrust, drag, lift and weight. Airplanes fly because of money.
So how many programmers should be hearded up and sent to Gitmo? I don't know many programmers that could not reproduce that application in under a hour. Now of course most of us are not going to post it an flaunt it to the world, but then again a terrorist would not either.
Got Code?
Check in, get through security, then call up airline reservations and say your trip was called off at the last minute.
And since you paid for a fully-refundable ticket, you get all your money back.
Why? For endangering America by conspiring to cover up the weak airport security. Simply put he's trying to keep a lid on how poor security is.
If he really cared about national security, he'd be storming down the isles of the congressional chamber demanding other politicians explain why it's so easy to forge.
Instead, he wants to cover it up and punish those who try to improve national security.
He can't be this dumb, so we know he understands this is a blatant hole in national security. And his instinct is to cover it up.
Get lost congressman. Let someone who cares about real security take your seat and make the country a better place.
i don't know but if i did i sure wouldn't tell!
Despite the guy requesting his arrest, I have a feeling he wont be arrested by the FBI or through conventional means, more like a 1 am visit from the CIA and him never being seen ever again. Of course, after media attention has died down.
The TSA had already been briefed about fake boarding passes.
You could of gotten your point across by making the generator, but not making it public. You then could of sent the password etc to the right people to take a look at it. Making it public was your demise. It's one thing to show business where their security lacks, and another to air their flaw and permit ANYONE access to it to exploit it. We live in a terrorist society now. I would arrest you too. I have no sympathy for you.
According to this site the material most boarding passes are printed out of, is 80 lb "cover stock."
How exactly you'd do the perforation on the tear-off piece, I'm not sure. But getting the material would be pretty simple.
There are also some airlines that are doing print-your-own boarding passes, just like Ticketmaster does for some concert tickets. You go to a website and print out a form on your home printer, on plain paper, that contains a bar code that they scan as you're boarding the plane. I've often wondered exactly how Ticketmaster's system works and how easy it would be to counterfeit a ticket that would come up as valid. I assume the bar code just contains a serial number, and the scanners that they use at the entrance to the venue contain a table that cross references serial numbers to seats. Assuming the numbers are randomly generated and not sequential, it seems like it would be hard to come up with one.
I'm not sure whether the type of boarding pass that TFA is discussing how to make, is of the first type (the 'real' kind), or a print-at-home one.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
you showed a terrible lack of judgement.
you applied your principles of the technology industry to the airline industry
you expect Northwest airlines to just whip up a patch to this?
This will cost that company millions to fix.
they will have to invent a new boarding pass system. then implement it throughout all of the airports where they fly to.
it will take them a year at least to get this resolved.
what you should have done is arranged for a private demonstration with your local congressman.
They're using their grammar skills there.
If Samuel L. Jackson walked on a Delta flight with a forged boarding pass, would it be considered a Fake on a Plane? ;)
Printing a fake boarding pass to get through security has been easy for a long time. Just save as a pdf or jpg or png or other file the boarding pass you create when you check in online. Then the next time you need to get through security, edit the boarding pass to show today's date and you can get through security to go out to the gates anytime. You won't be able to board a plane, but if you want to meet someone at the gate, it is a cinch.
The security at airports to prevent people from getting out to a gate is easy to get through. Just go to any airport and watch. There are all sorts of loopholes you can use to get through. The only people the security stops are the law abiding people.
That's the sound of sarcasm passing stealthily by...
argumentum ad fallacium: Fallacy of defining a fallacy which allows one to dismiss the argument in question.
The claim, of course, is that the Supreme Court and Congress can pretty much meddle in "activities that 'substantially affect' interstate commerce." Squint a little and have a generous idea of what "substantially" means and you can regulate anything you like. Surely Scalia would never agree to such madness. Except on the very issue you bring up Scalia voted to let the federal government regular private marijuana farming. His concurring opinion makes it clear that he firmly agrees that because private marijuana might, maybe become involved in interstate commerce, the feds are free to crack down on it.
Search 2010 Gen Con events
Passing Patriot Act without reading it, SLAMMED
Passing Tax laws that are illegal, SLAMMED
The FBI should outright arrest *ALL* congress men and IRS agents, because they are all breaking the
law and acting illegally.
SHAME!!!
Its time for a revolution, why are dumb asses voting in these criminals.
If you really want to know more truth then read freedomtofascism.com and see the dvd.
Oh and if your father or uncle or wife works for the IRS, tell them to quit because
they are breaking the law and eventually, they will go to jail for it or at the least
will never get back their illegally stolen income taxes if they are returned after the revolution.
Liberty freedom are no1, not dicks in suits.
See The Messenger,
Kill The Messenger.
All cash is fake, even the real notes, there is no such thing as a real note.
Tell me where did the 8 trillion in debt come from? Someones ass? A Rothchilds ass?
Either the law applies to ALL, or NONE, not SOME!!!!
Why do banks create money out of thin air, read federalreserve banking!! Because they have a licence? from who, they
are private corporations, NOT GOVT DEPARTMENTS. And if they can, why cannot I?
The reason why there is no mafia any more, is because the GOVERNMENT has taken over the role, and IS THE NEW MAFIA, but WORSE!!
as there is no HIGHER power above them (except perhaps russia since they have some big ass nukes they could use)
Liberty freedom are no1, not dicks in suits.
I just donated $250 to the EFF (http://www.eff.org) and told them about this story.
You can post on Slashdot. Maybe someone will read it. Probably, nobody will care. Certainly, no congresscritter is going to care about your blithering post on slashdot.
Or you can put your money where your thoughts are and help this guy by sending money to the EFF and asking them to help him in his battle.
Stop terrorism in the USA! Kick buffoons like Congr-ASS-man Markey out of office and to the unemployment line.
Oh yeah? Well, I'm calling for Congressman Markey's arrest. Who's with me?
-Grey
Silver Clipboard: Time Management Tips
It's no surprise that Kelo went the way it did. You're thinking is that "liberals are for the little guys, conservatives for business". But, in reality, having the power of central planning is crucial to the liberal agenda. Kelo was exactly what the liberals needed: the power for government officials to confiscate your personal property in the name of a "greater good" by calling it a "public purpose" (not public use, however, as the 5th Amendment says).
It's fascinating that demagogues like you want to turn even a clear fact (four conservative justices taking away private property) into a rant against liberals. In reality, totalitarianism lurks at both the very right and the very left of the political spectrum, and at this point, US Republicans and conservatives are a lot closer to the right end than US Democrats and liberals are to the left end.
This is not about your party, the Constitution gets in the way of BOTH parties, but it's not for the parties, it's for the PEOPLE. So back the Constitution, because it's just in the way of the Democrats and the Republicans. It's time for both parties to face the hard truths: you can't execute unwarranted searchs (too bad, GOP). And Democrats: stop trying to control guns, unless you want to try to pass an Amendment. The Constitution says these things, plain and simple. Oh, and when you get a chance, read the 10th Amendment, too.
The hard truth is that you're just spouting a lot of hot air and that both parties can do these things and are doing them. The US government is executing unwarranted searches and seizures, and the US government is implementing gun control.
The current meaning of the Constitution is determined by how the current US government, Congress, and courts interpret and implement it. And that's a good thing because otherwise our society would still be stuck in the 18th century.
People like you are one of the reasons this country is in so much trouble: you are so in love with your hare-brained ideology that you are intellectually incapable of participating in the day to day business of democracy.
Me Thinks they should rather arrest the people behind the booking system .... would remove some bad apples from the programmers genepool.... for some time ahead...
What they should really do is arrest congress for allowing our country's security to degenerate into such a sad state of affairs. The Republicans are the worst scumbags but the democrats aren't much better. I'm so sick and tired and fed up with this kindergarten congress, imbecilic president and looney-tunes administration that it makes me just want to puke.
I sincerely hope and pray that on election day the american public goes to the polls and that we have a blockbuster record-setting turnout, and that everyone who's eligible to vote sends one crystal-clear message: If they're in, vote 'em out.
Americans are absolutely fed up with political prevarication and pandering to greedy corporations and special interest groups. They should just round 'em all up and send 'em down to Gitmo and swallow the key. And if Bush and Cheney like waterboarding so damned much, let them be the first to volunteer when the people come looking for answers to why our country is so incredibly f*cked-up, what happened to our rights and freedoms, and where did they misplace the fricken constitution...
And dunk 'em good until they fess up that they lied to us about Saddam Hussein and weapons of mass destruction so they could invade Iraq and grab its oil fields and invaded afghanistan so they could build a pipeline. And then they can tell us about all these no-bid sweetheart deals to Halliburten and why on earth did they have to spend us into oblivion?
With this administration and congress-- frankly I can't tell anymore who the terrorists really are. I'm just sick of all of it-- vote 'em out, vote 'em out-- Vote 'em OUT!
And goddamn good riddance I say.
(And for the fuckwad that's gonna mod me down as a troll-- Trolls are supposed to have free-speech rights too. Or at least they used to have until this batch got into office.)
Vote the fuckers OUT.
Or any cab driver? You place your life in the hands of a guy who likely can't even read the street signs. Or your 80-year-old neighbor who likes to drink and drive, at night, on meds ! And SO ON. How likely are you to die in a plane crash ? Due to fucking terroists? Not very likely. You are much more likely to die from the hands of your neighbor, though. So, first, kill all the neighbors! Then worry about those got-you-running-silly-just-like-those-assholes-wan t terrorists.
This would be the same as arresting a weapon manufacturer..
"But if you've ever forgotten your ID when traveling, you know that you don't have to show ID to get through security or even to get on an airplane." (From the ABC article)
Parent post ("time0day") says you do need ID - what's the situation for internal flights in the USA? no ID required, or if you do need ID, what sort? passport, driving licence...
But it's still a good idea to require people to have them.
Requiring everyone to have a boarding pass reduces the load on security, it reduces the crowding inside the terminals. In theory less people needing to pass through security means more resources can be devoted to people getting onto the planes.
So people printing their own passes to get through security is really a non-issue, it won't become widespread enough to change the above.
Yeeee-hawww! [fires shotgun into the air several times]
It took a PhD to figure out they practice of printing boarding passes on a computer at home or work is not secure? When people are creating fake ID's, checks, etc using photo editing tools? Any regular flier with half a brain has figured this out. What's next for Congress - declaring Photoshop a controlled tool and requiring registration?
As the TSA pointed out, the boarding pass is not a security tool - all it does is lower the amount of people that must be screened.
I'm a consultant - I convert gibberish into cash-flow.
If a person can demonstrate a flaw in a system that causes risk to others, he is obligated to expose it. This is not unlike declaring the boiling temperature of water to be a state secret.
Goddamned kids! Get off my lawn!
why are the bad guys screwing with us in the first place. Oh ya, because we've been screwing with them for decades.
Interesting perspective. You know, the core problem is our inability to understand exactly why these people hate us. They hate us because their view of the world tells them that we need to be converted to their world view, or they need to kill us.
Their evidence for our need to die is the music, movies and television that we pump around the world glorifying a lifestyle that is completely objectionable to their way of thinking. They also may be upset about our past political and military interventions, but those are not the primary motivation.
It's simply not possible to negotiate with someone who demands that you become like them or die. In fact, in our "civilized society" we can't imagine that negotiation of compromise is impossible. What we fail to recognize is that you cannot negotiate with someone whose only acceptable conditions are your death or conversion. These terrorists are like the Borg, and the only thing that they understand is force.
Negotiation or withdrawal will return the exact same result as appeasement did in Eastern Europe.
They hate us because, regardless of what we've done, their view of the world says that we must die. It simply does not matter what we have done or will do. We can't make friends with them.
It's this misunderstanding that leads people down the wrong path - thinking that there is a negotiable peace, or that they are upset with us because they have been wronged by us.
Our only choice is to convert to their world view or be killed. I will choose to fight them. Today that means supporting our military actions. If their strength grows and I am needed on the battlefield, I will do what must be done to protect my children from oppression and tyranny.
If you think our government is tyrannical, you have no idea of the definition of that term. I don't defend every action of my government or leaders, but I live in the best place on earth to live, and I tire of people complaining about every little thing as if it's the end of freedom for Americans.
Respectfully,
Anomaly
But Herr Heisenberg, how does the electron know when I'm looking?
Explosive decompression only happens in movies. Essentially a bullet through the ski of an aircraft, through a window, or even blowing out an entire window won't create explosive decompression.
If you blow out the side of an aircraft with explosives, you can experience explosive decompression. (See mythbusters for the graphic demonstration of this idea.)
Interestingly, even if the a top section of an aircraft blows away, the plane can still be viable (till landing) http://en.wikipedia.org/wiki/Aloha_Flight_243
Regards,
Anomaly
But Herr Heisenberg, how does the electron know when I'm looking?
Find a better place to live and go - don't stay around here carping about how awful we are. If we're awful, don't pollute yourself any longer with our awful-ness. Get out today while you're still pure.
But Herr Heisenberg, how does the electron know when I'm looking?
That way, folks'll learn to spell right, sooner.
Or at least hit "preview"!
Wikileaks, no DNS
For anyone still reading this thread he was given a written order to take down the website which he complied with.
He is trying to get a legal defense fund together which you can contribute to via paypal now. Its difficult to tell if hes actually in real trouble or if it ended with the order to take down the boarding pass generater.
This won't work for several reasons. First, most major airports bar code scan the 10-digit IATA bar code on your boarding pass. This number is in the airline's passenger itinerary system. It is extremely unlikely that the boarding pass would authenticate. It certainly wouldn't authenticate for more than one passenger, as some posters suggest. Secondly, flight attendants are trained to count the passengers once they are seated. The old Helen Hayes trick of boarding the plane and acting like you belong from "Airport" won't work anymore.
I suggest you read this article and maybe look at the Baxter video that proves that no human could possibly alter the results (so someone trained a monkey to do it).
You don't seem to have registered that the rot is already pretty much at the root of the US system, and that the whole freedom, liberty and democracy idea has been pretty much neutralised by The Almighty Buck.
Who are you going to vote for? Well, both sides need to spend an insane amount of $$ to get their candidate in the running, and any amount of $$ wants payback. So bye bye impartial, democratic process. Nice knowing you.
Oh, before I forget - this also influences the quality of 'democracy' that is exported by means of trade embargoes, wars, data sharing 'agreements' (like SWIFT - play or we won't talk to you).
And then people wonder why the terrorist problem gets bigger.
1) I'm a Democrat from Mass. and I was glad to spank Mr. Markey for this via telephone.
2) It was very inspiring to see posts from various /.ers indicating they had contacted congress.
It helped me move my butt a little faster!
3) interestingly, ed markey's homepage currently has the headline: SHAM PORT ACT FAILS TO SCREEN 100% OF US-BOUND CARGO AT ALL PORTS
Therefore, in my message I pointed out that he should have seen this boarding pass simulator as being *on the same page as him.* But without hacktivist security experts on his board, things like this are going to be difficult for him to interpret.
Passing laws is illegal now? perhaps unconstitional, but not illegal.
Again, there's no security issue here. Move along now...
There are plenty of ways to revel this possibly gaping security hole without publishing a tool to do it. Demo it at a conference, show the media, contact the TSA, DON'T put out a tool into the wild. That was just irresponsible and naive. (and as arrestable of an offense as putting out high-quality counterfeit money producers I would guess)
People who think they know everything really piss off those of us that actually do.
I hate to agree with the parent post, but as far as I can see, the only reason for the requirements for travel documents is to keep the public out of the terminal areas. I think this is in order to reduce the load in the security checkpoints. Though in my opinion, this should have been a temporary measure, till security checks were expanded enough, so that they can handle all the public that gets to the terminal area - to pick up friends, and such. Sadly, it seems things will not go back to that state - probably mainly for economic reasons.
This is hardly news or newsworthy, but buried within TFA is a gem: if you refuse to show ID at an American airport, you get better treatment:
Not recommended for foreigners.
.. paranoid crackpot leftover from the days of Amiga.
Ed Markey? The congressman who showed up at last year's AltWheels Festival in a freakin limo? That guy's full of rhetoric. I'm not at all surprised by this.
"...today consumers have been conditioned to think of beer when they see a bullfrog..."
Wow. For the past five years all I've heard from politicians is how technically sophisticated terroists are and hwow they have the ability to create a "Digital Pearl Harbor." The politicians then convnced American citizens to give millions of dollars worth of government contracts to technology companies to fight this terrorist technological threat.
But now polticians say that terrorists can't even Photoshop an airline boarding pass without the help some guy's website?
Wow. For the past five years all I've heard from politicians is how technically sophisticated terrorists are and how they have the ability to create a "Digital Pearl Harbor."
But now terrorists can't even Photoshop an airline boarding pass without the help of some guy's website?
I guess that means we're winning the War on Terror.
Wow, and republicans are supposed to be the fasists?!
This guy said/did something I don't like! Arrest him now! He makes my vaunted "homeland security" look like a farse!
"Under the circumstances, any legal consequences for this student must take into account his intent to perform a public service, to publicize a problem as a way of getting it fixed. He picked a lousy way of doing it, but he should not go to jail for his bad judgment. Better yet, the Department of Homeland Security should put him to work showing public officials how easily our security can be compromised." http://markey.house.gov/index.php?option=content&t ask=view&id=2336&Itemid=125
Islam's war with the US has been a long-running one. Ever hear of the Barbary Pirates?
You can argue that this is a war where we have been intervening where it's none of our business and they are "paying us back" but really this is an ideological conflict that has roots far deeper than the last couple of decades.
International politics are frequently far more complex than
"You started it!"
"Did Not!"
Regardless of recent events, the actions of the terrorists are indefensible. If we say "Sorry" and then we "Butt out and mind our own business" for the rest of time, Osama's followers will continue to wage war against us until they all die or we all die.
But Herr Heisenberg, how does the electron know when I'm looking?
:
I r a kriminal?
Rawr
The last several times that the US military has been deployed it has been to help Muslims:
Iraq, Afghanistan, Kuwait, Kosovo, Somalia.... We have liberated 50 million or more Muslims, and we are hated for it?
American forced rained death on those fighting, but then brought inconceivable amounts of humanitarian aid to the people afflicted by the violence. We destroyed infrastructure - and then have engaged in a rebuilding campaign on the scale of the Marshall plan. What we are building is better and stronger than what existed when we arrived on the scene to protect liberty, freedom, and inalienable rights of mankind.
I will make no defense of the Crusades. The behavior of those participating was not in keeping with Christian teaching, and should have been rejected. It was reprehensible then and is today. Hwever deplorable the abuses of the Crusades, they cannot minimize the cruelty, oppression, slavery, and evil of the Muslim alternative.
The true test of a world view is the logical outcome of those people who adhere to its teachings carefully. The natural outworking of the Islamic world view is tyranny, oppression and murder for those who will not convert. We have no alternative other than to fight. For what it's worth, the natural outworking of a Christian world view is a country that values citizens, protects the innocent, and is tolerant of dissenting world views.
Columbus wanted to go to the far east, but wanted to avoid the Middle East because it had the same problems then that exist now. The conflict between the west and the middle east is far older than merely recent generations. They don't hate us because of what we have done to them, they hate us now for the same reason they have hated the west for centuries - because we deny the fundamental teachings of their world view - and therefore we must be destroyed.
But Herr Heisenberg, how does the electron know when I'm looking?