Boarding Pass Barcodes Can Reveal Personal Data, Future Flights

An anonymous reader writes: Security experts have warned that barcodes contained on airplane boarding passes could offer a detailed stream of information to malicious individuals, including data on travel habits and future flight plans. Brian Krebs explained yesterday that by using an easily available online barcode reader, attackers can retrieve a person's name, frequent flyer number, and record locator — information needed to access an individual's account and details of past and upcoming flights, phone numbers, and billing information, along with options to change seats and cancel flights.

Re:Umm

Guys, all bickering about what's in plain text vs what's in the barcode aside, the main point still holds, "The next time you’re thinking of throwing away a used boarding pass with a barcode on it, consider tossing the boarding pass into a document shredder instead."

Re:Umm

[Archangel+Michael]

Here is a novel idea, have one time IDs used for that flight that are not usable for anything else, ever. Consider it a "one time pad" that is used for doing all the needed transactions for that flight (boarding pass).

Good Security isn't hard, it is just inconvenient.