![]() If you put a non-TSA approved lock on the bag. ![]() In other words, you might as well not use locks at all. So the TSA agents have a set of master keys that can open any bag if they need to look inside for some reason. These consumer products are ‘peace of mind’ devices, not part of TSA’s aviation security regime.” The TSA, for their part, doesn’t care, telling The Intercept that “The reported ability to create keys for TSA-approved suitcase locks from a digital image does not create a threat to aviation security. The keys, should you be interested, are here and can be printed on a 3D printer. “What we’re doing here is literally cracking physical encryption, and I fear that metaphor isn’t going to be properly delivered to the public.” It’s a great metaphor for how weak encryption mechanisms are broken - gather enough data, find the pattern, then just ‘math’ out a universal key (or set of keys),” said Johnny Xmas. “This was done by legally procuring actual locks, comparing the inner workings, and finding the common denominator. It wasn’t long before nearly all the keys were made available for 3D printing and, last week, security researchers released the final key.Īt last week’s HOPE Conference in New York, hackers calling themselves DarkSim905, Johnny Xmas, and Nite 0wl explained how - and why - they cracked the TSA keys. In an article in The Washington Post, a reporter included a shot of all seven keys on a desk. These locks use one of seven master keys that only the TSA can use - until 2014. The TSA, as you’ll remember, offers a set of screener-friendly locks. From the disastrous Clipper chip to today, the government has always wanted a back door into encryption and security. government’s modus operandi when it comes to security. Key escrow - the process of keeping a set of keys for yourself “just in case” - has always been the U.S.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |