References (58)



Insecure Flight: Broken Boarding Passes and Ineffective Terrorist Watch Lists

Christopher Soghoian

Yale University - Yale Information Society Project

July 19, 2007

In this paper, we discuss a number of existing problems with the airport transportation security system in the United States. We discuss two separate, yet equally important issues: The ease with which a passenger can fly without any identification documents at all and the ease with which print-at-home boarding passes can be modified, tampered with, and faked. The significance of these vulnerabilities becomes clear when viewed in light of the US government's insistence on maintaining passenger watch lists, whose contents are secret and effectiveness depend upon the government being able to verify the identity of each flying passenger. We then introduce a method of determining if any particular name is on the no fly list, without ever having to step foot into an airport. We introduce a physical denial of service attack against the Transportation Security Administration (TSA) checkpoints at airports, distributed via an Internet virus. Finally, we propose technical solutions to the user modifiable boarding pass problem, which also neutralize the physical denial of service attack. The solutions have the added benefit of meshing with TSA's publicly stated wish to assume responsibility for verifying passengers names against the watch lists, as well as enabling them to collect and store real time data on passengers as they pass through checkpoints, something they are not able to do under the existing system.

Number of Pages in PDF File: 17

Keywords: airport security, identity, transportation security administration

Open PDF in Browser Download This Paper

Date posted: July 20, 2007  

Suggested Citation

Soghoian, Christopher, Insecure Flight: Broken Boarding Passes and Ineffective Terrorist Watch Lists (July 19, 2007). Available at SSRN: https://ssrn.com/abstract=1001675 or http://dx.doi.org/10.2139/ssrn.1001675

Contact Information

Christopher Soghoian (Contact Author)
Yale University - Yale Information Society Project ( email )
127 Wall Street
New Haven, CT 06511
United States
Feedback to SSRN

Paper statistics
Abstract Views: 34,460
Downloads: 1,435
Download Rank: 9,028
References:  58
People who downloaded this paper also downloaded:
1. Designating the Dangerous: From Blacklists to Watch Lists
By Daniel Steinbock