[mariodiana]

So, the trick here would be to purchase a ticket with a major airline, pack a no-no in your carry-on, and then bypass TSA security by adding yourself to the Known Crew Member list of a small airline using the third-party FlyCASS system, via the SQL-injection. You'd then board the major airline with the no-no. Is that the vulnerability?

[asynchronous]

Pretty much, although most TsA check lines no longer require even a boarding pass- so in theory you could pack a bomb with you then bypass all the security theater with this.

[returningfory2]

My presumption was that when you give TSA your ID and they scan it, their systems check that there’s a boarding pass in your name (and DOB)?

[antimemetics]

Boarding pass checks etc are independent of the security checks. At least security never checked my boarding pass or ID, it was usually a step before and after security checks.

[asynchronous]

I don’t think so- I believe it just checks the outstanding warrant/no fly list and that’s all, but I could be wrong.

[returningfory2]

No, it checks that you have a boarding pass: https://www.tsa.gov/travel/security-screening/credential-aut...

> CAT is linked electronically to the Secure Flight database, which confirms travelers’ flight details, ensuring they are ticketed for travel that day.

[pbhjpbhj]

Sounds like you get to sit in the cockpit too?

[CYR1X]

Yes you could sit in the third seat, the jumper seat, with this. I feel like one could already sneak something malicious through TSA (this already happens and if you attempt it enough times eventually you'll get through), but being able to sit in the freaking cockpit behind the pilots who assume you're another pilot is CRAZY.

[solardev]

It'd be an entertaining sketch to watch, these two airline pilots trying to suss out if the rando weirdo behind them with the ticking suitcase and nervous glances is actually a terrorist... or maybe just afraid of flying?