Slashdot Mirror

← Back to Stories (view on slashdot.org)

TSA Luggage Lock Master Keys Are Compromised

Posted by Soulskill on from the no-one-couldn't-have-seen-this-coming dept.

An anonymous reader writes: As the FBI demand encryption master keys for Apple, Microsoft and Google made devices, photographs of the master keys for the TSA Travel Sentry suitcases have now been published in multiple places online (more links in later articles). Cory Doctorow points out this makes it much easier for thieves to open luggage undetectably, without leaving any signs of lock picking. Whilst many have argued that the locks aren't designed to provide real security, the most important thing is that this shows the risk of backdoors in security systems, especially since the TSA has not given any warning about this compromise, which seems to have occurred in 2014 or earlier.

9 of 220 comments (clear)

  1. I always assumed they were by drinkypoo · · Score: 5, Insightful

    I always assumed that these keys had been figured out long, long ago. If there's people in Afghanistan who can make you an AK-47 by hand, there must be people in China who can just not assemble the locks and take the parts to a smith (where do you think TSA locks are made?) and get a key made. I'd be surprised if you can't just buy the keys on aliexpress.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    1. Re:I always assumed they were by AmiMoJo · · Score: 4, Insightful

      The most annoying part is that luggage sold outside the US often has TSA locks on it. If they put a proper lock on there it would have some value to me, but instead I get to pay for a worthless one that I'll never need or use.

      Once the warranty expires I usually fill the lock with epoxy (the main mechanism is a combination lock, the key is just for the TSA goons).

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
    2. Re:I always assumed they were by TheGratefulNet · · Score: 4, Insightful

      I used plastic zip-ties the last time I traveled to europe (well over 10 yrs ago). brand new luggage, too.

      fucking bastards used tin snips and cut THRU my zipper in order to remove the plastic wire-tie I used. expensive luggage, ruined, and there was no lock to cut, only some wire ties that I used to keep the bag 'safe' while in my posession (I could also tell if it was opened since I used a bright color of wire tie).

      did not matter, the bag was cut open, I lost a power supply for my camera storage device (PSD, back in the day we used those..) and got a note in my bad saying 'we opened it'. yeah, like I didn't know.

      no way to get them to pay for their damage either.

      I would EASILY see how a more unhinged person than me would flip his lid and go al postal on anyone who did this to them. and I would not cry a tear if any TSA or related person was harmed because they fucked with a passenger's stuff or rights. if a TSA person was bleeding and needing help, I'd step over the body while walking away.

      those people are lower than shark shit.

      --

      --
      "It is now safe to switch off your computer."
  2. if "married with children" were made today by Anonymous Coward · · Score: 5, Insightful

    al bundy would be a tsa screener...

    seriously - is there ANY job you'd be more embarrassed to say a spouse, child (they actually BREED?!?), etc had? "hey, joe, did I see your boy in a blue shirt at o'hare the other day" "naw, man, my boy cooks meth! he's the next jesse pinkman!"

  3. Wow ... by gstoddart · · Score: 4, Insightful

    So this was kind of inevitable with a master key.

    Now we have the choice between having our luggage effectively vandalized as the morons at TSA cut off locks ... or having massively insecure locks to prevent the morons at the TSA from cutting off the locks.

    Thanks a lot, assholes.

    And, now, tell us ... just how much scrutiny are the luggage handlers under while they work? Because between the opportunity for smuggling (which they've done) those guys have a better chance of putting a bomb on a plane than anybody else.

    So much security theater, so little actual benefit.

    --
    Lost at C:>. Found at C.
  4. I always figured by itsenrique · · Score: 1, Insightful

    Since the 'TSA Approved' luggage locks came out, I always assumed they had had backdoor access of some sort. I mean, what else would that seal/approval even mean? It's important to note that most luggage locks look like a good whack or the flimsiest of bolt cutters would be their end, but having a master key lets them snoop on your luggage without leaving nearly as much trail. Good that its now out in the open completely for those who couldn't read between the lines. And no I'm not some grand conspiracy theorist, I just couldn't fathom why else we suddenly needed 'TSA Approved' locks to fly with.

  5. Evidence of lockpicking by phantomfive · · Score: 4, Insightful

    I didn't know it's hard to pick a lock without leaving evidence of lock-picking.....what kind of evidence are they looking for? Scratch-marks on the pins?

    --
    "First they came for the slanderers and i said nothing."
  6. Re:Zip tie by pz · · Score: 3, Insightful

    Have you not seen the videos that show how trivial it is to get into most suitcases which have a zipper, bypassing any locks?

    --

    Put my fist through my alarm clock with its ding-dong death inside my ear. - The Blackjacks.
  7. Forget the lock by wickerprints · · Score: 4, Insightful

    I don't understand what the big deal is, considering that the failure point is not the lock, but the zipper itself. Zippers are a fastening device. They were never intended to be secure, and you cannot make one secure by attaching a lock on the pull. The problem is that people think that attaching a lock to anything makes it inherently more secure.

    The answer is to never put anything in your luggage that has any value to those who might want to steal it. No electronic devices or jewelry should go in checked luggage. Anything valuable must fit in your carry-on. If you *must* travel with something valuable that cannot fit in your carry-on, ship and insure the parcel ahead of time.