Forum Moderators: open
A vulnerability in US domestic airline boarding pass barcodes could allow travellers to bring unauthorised items on board, says a security expert.
The barcodes reveal which airport checks a passenger will face and can be read by smartphones, he says.
It could undermine the US's PreCheck system which randomly decides which frequent fliers can skip part of the pre-boarding security process.
The codes could allow passengers to work out if they had been picked.US Boarding Pass Barcode Safety Vulnerability [bbc.co.uk]
The security information on the barcodes is only meant to be decoded by Transportation Security Administration (TSA) officers, so it was not thought to be a problem that PreCheck selected which users would get a less rigorous safety check in advance.
The fact that passengers can use their handsets to find out if they have been picked poses a problem, says Christopher Soghoian, principal technologist at the American Civil Liberties Union.
"The disclosure of this information means that bad guys are not going to be kept on their toes anymore," he said.
