Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Hacker Makes Counterfeit Boarding Passes that Allows Him Use Airline Lounges


Chief of Polish section of Computer Emergency Readiness Team program at the international level, Przemek Jaroszewski was getting ready for demonstrating an apparently ordinary, however, scary hack at the Las Vegas Defcon conference during the present week. The hack would involve an Android application which produces counterfeit boarding passes.

Actually Jaroszewski was prohibited from enjoying the elite status of using the posh lounges of different airports. That prompted him to create his own application for solving the problem. The application helped develop one QR code that could subsequently be scanned while proceeding to enter an airport lounge's gate of his choice.

The most important aspect about the hack is that in spite of all the details, which Jaroszewski inputs to make the boarding passes, are a fake, he could use the lounge only because there is neither any manual nor mechanical arrangement for doubly checking if he is really eligible for taking the flight whose details are inside the QR program. Based on the prohibition, Jaroszewski isn't allowed to utilize that same QR code for getting the permit to board a flight alternatively satisfy security check. For that he'll really have to breach the airline for getting his name on the passenger list, something that would raise alarm bells. However, it isn't so simple for fooling any gate into allowing someone to enter it using a fake QR program produced with no matter how simple an app. Uproxx.com posted this, August 8, 2016.

Hacker Jaroszewski told Wired that within just 10 seconds one could make counterfeit boarding passes one at a time with his application. The International Air Travel Association states that airlines are supposed to only be concerned about their lounges' security, so even if anyone hacked, he must have one legitimate ticket for entering any airport or then taking a flight. That's because passengers could undergo physical inspection before entering a gate, whilst the lounges of the airlines which hacker Jaroszewski aimed at usually had automated entrances.

It is terrible realizing that airlines' security continues to be weak. Meanwhile, within USA, using TSA screening rules for backstopping digital arrangements appears profoundly optimistic.

ยป SPAMfighter News - 11-08-2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next