[yread]

I don't understand. The agents at the gate always check the boarding pass validity (with the code scanner) and check the name on it against my ID. I haven't tried it but i can imagine that the system wouldn't allow two boarding passes with the same code. Is it that here in Europe we do things properly or did I misunderstood the faking of the boarding pass?

[spolsky]

In the United States two people look at your boarding pass: the TSA (at the entrance to security screening), and the airline (while boarding the plane).

The TSA also checks your ID. In most airports, the TSA is NOT online and merely looks at the printed boarding pass to make sure the name matches what is on your ID, your flight is for today, etc. In most cases the airline does not bother checking ID again, assuming that the TSA checked it.

You would not get on a plane with a fake boarding pass, but you do get into the secure area.

Because IDs are not checked by the airline, forging a boarding pass would allow you to board a plane with any name you want on the ticket -- the name on the ticket doesn't have to be your "real" name (it doesn't have to match your photo ID). This means that the TSA's various "no fly" lists, which are just lists of names of people that they've compiled that are "too dangerous to fly", are easily defeated.

[ams6110]

You do need a photo ID matching your ticket, but that is probably not a very high bar for a dedicated person to surmount.

[gergles]

Not in the US you don't. Buy a ticket under "John Doe." Retrieve boarding pass. Print a copy. While you still have it open, photoshop it (or edit the HTML, whatever) to say "Bob McTerrorist". Show your photoshopped boarding pass and your "Bob McTerrorist" license to the TSA. Clear security. Discard your photoshopped boarding pass. Retrieve the boarding pass copy from step 3 above. Present it to the gate agent and board the plane.

[brk]

In the US they do not re-check ID's at the gates.

Your boarding pass is scanned by a barcode reader, and the computer does seem to pick up invalid passes, but I don't think that is the point.

The TSA has made some kind of a big deal about only allowing "ticketed passengers" into the gate areas. However, their check of this comes down to ensuring you have a piece of ID that matches the name on a piece of paper you bring from home.

To use an example from the story, you could have 20 people who are not travelers each smuggle a component of a bob through security (a portion of a liquid, ptex, etc.) and then give those components to a single flyer with a valid ticket (who would have presumably gone through security with NO contraband at all, so as not to burn his identity if he accidentally went through a line with an alert agent).

There is also the simple matter of basic vulnerability testing. If you have to spend $500 on a ticket to get a trip through the TSA line, it's very costly to test the edges of the system. If you can go through the line 4x per day at 3 different airport terminals, or multiple airports that are in close proximity to each other, then you can easily run 100 test scenarios in a week about how the lines are managed, processed, etc.

As an example, I travel frequently and don't like dealing with the full-body scanners. In most airports at the busy times they "randomly" select some passengers to just go through the metal detectors because the body-radiators are slow. With about 80% accuracy I can watch how the lines are being handled and time my fiddling around with items on the xray belt to be "randomly" selected to skip the full body scanner. It takes a few cycles of observation to start to see the patterns though.

[awj]

A quick how-to on bypassing the TSA no-fly list:

1. Buy a plane ticket under someone else's name. Presumably yours is blocked/flagged due to the airlines being able to check the no-fly list.

2. Use that ticket to forge a boarding pass in your name. Use this, along with your official ID, at the security checkpoint. All the TSA does is read it and validate date/time/what the know of flights off the top of their head. Nothing in their setup validates your boarding pass against airline records or the no-fly list.

3. At the gate, hand them the original boarding pass. They'll check it against computer records, but won't bother to check your ID against the pass.

4. Congratulations, you've bypassed a critical portion of American airline security.

This, honestly, is most of why the recent "advanced screening" systems piss me off. Our current security measures are woefully ineffective because of these kinds of loopholes, but instead of plugging those loopholes we simply pile on more half-assed systems.

The no-fly list could be a great tool for us, if used properly. Instead it's nearly trivial to circumvent for the bad guys and an enormous pain in the ass for any honest person who happens to wander into a name conflict.

[MichaelGG]

I think the no-fly has even more issues than just circumvention [1]. Schneier calls it "a list of people so dangerous they cannot be allowed to fly under any circumstance, yet so innocent we can't arrest them even under the Patriot Act"[2].

1: http://www.schneier.com/blog/archives/2006/10/nofly_list.htm...

2: http://www.schneier.com/blog/archives/2007/08/conversation_w...

[gergles]

Well, it isn't really about airline security, it's about revenue protection. If you're too dumb to photoshop your boarding pass, you also have no choice but to pay the $X00 "change fee" to give your tickets to somebody else.

The airlines have significant input into the TSA's processes. Why do you think they have never objected to this (especially given that it is basically a joke?)