» »

Hekanje "letalske varnosti"

Hekanje "letalske varnosti"

Schneier.com - Ameriški študent Christopher Soghoian je na svoji spletni strani objavil The Northwest Airlines Boarding Pass Generator. Gre za spletno stran, ki zgenerira kontrolni kupon za vstop na letalo (boarding pass), s pomočjo katerega se potnik lahko izogne obsežnejšemu varnostnemu preverjanju. Da, celo zloglasnemu seznamu nezaželjenih letalskih potnikov (tim. no-fly list).

Podobno varnostno ranljivost v letalskem prometu so lansko leto odkrili pri Slate magazine.

Toliko o visokotehnološki varnosti v letalskem prometu...

12 komentarjev

jype ::

Poceni in zanimiva možnost za teroriste je tudi urjenje stevardes, ki komot prinesejo na letalo ostre predmete.

kuglvinkl ::

Glede stevardes je domišljija brezmejna! Kristus, mislm, še pred "pravim" tečajem...

stb ::

Še "dobro", da se pri nas kaj takega ne more zgoditi. :D

Bi pa po najnovejših varnostnih ukrepih na slovenskih letališčih bilo kar dobrodošlo. :\

M.B. ::

nekaj lažjega o Airport security.
"Have your bags been in your possession the whole time?"

"No. Usually the night before I travel---just as the internal moon is rising---I place my bags out on the street corner and leave them there, unattended, for several hours. Just for good luck.


In še nekaj o letenju.
Everyone started out as a newbie.
Sadly only a handful ever progress past that point.

MrStein ::

To s tekočinami je zanimivo.
A eksplozive v trdni obliki pa ne kontrolirajo ? :))
Kaj pa pline ?
Motiti se je človeško.
Motiti se pogosto je neumno.
Vztrajati pri zmoti je... oh, pozdravljen!

bozjak ::

hmm mene pa bl zanima ta del (citat iz zgornjega članka na delo.si):

Poleg navedenega nova pravila zahtevajo od potnikov, da na varnostno kontrolnih točkah slečejo plašče in suknjiče ter odstranijo prenosne računalnike in večje električne naprave iz ročne prtljage.


A to pomeni, da morš laptop pokazat samo na kontrolnih točkah (tako jst razumem) ali da jih morš dt iz ročne prtljage v "klasično" prtljago?

LP
http://upor.blogec.si
http://bozjak.deviantart.com

M.B. ::

Kongresnik že želi njegovo aretacijo.
Everyone started out as a newbie.
Sadly only a handful ever progress past that point.

Jeronimo ::

hehehe ... glede strani:

Not Found

The requested URL /boarding_pass/ was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
JURIŠ !!!
Preko vode do slobode!

MrM ::

I have always wished for a computer that would be as easy to use as my
telephone. My wish came true. I no longer know how to use my telephone.
--Bjarne Stroustrup

Daedalus ::

Super. Pokažeš na neumno napako v varnostnih postopkih in pristaneš v ječi. V bistvu tile kreteni sporočajo, da tud če veš za napako, je boljše biti tiho in upati, da je ne pogruntajo tapravi bad guyi. Res, človek ostane brez besed.
Man is condemned to be free; because once thrown into the world,
he is responsible for everything he does.
[J.P.Sartre]

NorK ::

mogoče bi pa lahko uporabil drugačen pristop in ga ne bi tako nadlegovali.

Daedalus ::

Resnici na ljubo je njegova skripta zgolj implementacija napake, o kateri je med drugim blogal tud en kongresnik in ki je znana že približno dve leti. Seveda je nihče ni šal odpravit. Ko pa nekdo pokaže, kaj se dejansko da naredit - ga pa pojebejo. Jupi:|

Evo, onega debila, ki je zahtevl da ga morejo zapret, je srečala pamet:


On Friday I urged the Bush Administration to ‘apprehend’ and shut down whoever had created a new website that enabled persons without a plane ticket to easily fake a boarding pass and use it to clear security, gain access to the boarding area and potentially to the cabin of a passenger plane. Subsequently I learned that the person responsible was a student at Indiana University, Christopher Soghoian, who intended no harm but, rather, intended to provide a public service by warning that this long-standing loophole could be easily exploited. The website has now apparently been shut down.

Under the circumstances, any legal consequences for this student must take into account his intent to perform a public service, to publicize a problem as a way of getting it fixed. He picked a lousy way of doing it, but he should not go to jail for his bad judgment. Better yet, the Department of Homeland Security should put him to work showing public officials how easily our security can be compromised.

It remains a fact that fake boarding passes can be easily created and the integration of terrorist watch lists with boarding security is still woefully inadequate. The best outcome of Mr. Soghoian’s ill-considered demonstration would be for the Department of Homeland Security to close these loopholes immediately.


Le kdaj se bojo naučili?
Man is condemned to be free; because once thrown into the world,
he is responsible for everything he does.
[J.P.Sartre]


Vredno ogleda ...

TemaSporočilaOglediZadnje sporočilo
TemaSporočilaOglediZadnje sporočilo
»

Hekanje "letalske varnosti"

Oddelek: Novice / Varnost
123250 (2240) Daedalus
»

Domače branje: "Schneier, Bruce. 2003. Beyond Fear. New York: Copernicus Books."

Oddelek: Novice / Domače branje
112637 (2401) para!
»

New York v boj proti terorizmu s 1000 kamerami

Oddelek: Novice / Zasebnost
172690 (2172) BigWhale
»

Obsežna kraja osebnih podatkov v ZDA

Oddelek: Novice / Zasebnost
143254 (2655) Matthai
»

Pravi teroristi pijejo Coca-Colo

Oddelek: Novice / Zasebnost
152155 (2155) Dead_Eye

Več podobnih tem