The only reason I use the locks (yes, the TSA ones) is to prevent accidental zipper opening during handling, without creating a lot of waste plastic by using zip ties. Might as well publish the picture.ĭo people actually rely on those flimsy locks for security in checked luggage? The TSA is fooling themselves if they think any of their master key patterns are a secret. They had almost completed the re-mastering when one of the administrators lost his key ring, which naturally contained one of the new master keys. Reminds me of a story: At a certain organization with which I was associated, they remastered a building because too many people had master keys. The pattern that’s left over is the master key pattern.Boil down commonalities using a program–Excel might be good enough if you’re clever.Record all pin cuts in the individual locks.Get access to fifty or so bags of the type the master key is to open.So, if you want the TSA master key for a given lock: One of the things he taught me is that the pattern of a master key can be inferred from the pin settings in an assorted collection of the target locks. I hung around with a guy who was an expert in keys. Tags: air travel, backdoors, keys, locks, TSA Engadget article.ĮDITED TO ADD (9/10): Someone has published a set of CAD files so you can make your own master keys. Get your copy now, in case they disappear. It’s the third photo on this page, reproduced here. If you want to at least know your luggage has been tampered with, forget the TSA lock and use a zip-tie or tamper-evident seal instead, or attach a real lock and force the TSA to use their bolt cutters. So the TSA backdoor has failed: we must assume any adversary can open any TSA “lock”. So by simply including a pretty picture of the complete spread of TSA keys in the Washington Post’s paean to the TSA, the Washington Post enabled anyone to make their own TSA keys. All it takes to duplicate a physical key is a photograph, since it is the pattern of the teeth, not the key itself, that tells you how to open the lock. Unfortunately for everyone, a TSA agent and the Washington Post revealed the secret. All others, notably baggage handlers and hotel staff, should be unable to surreptitiously open these locks. In theory, only the Transportation Security Agency or other screeners should be able to open a TSA lock using one of their master keys. TSA “Travel Sentry” luggage locks contain a disclosed backdoor which is similar in spirit to what Director Comey desires for encrypted phones. The whole thing neatly illustrates one of the main problems with backdoors, whether in cryptographic systems or physical systems: they’re fragile. It’s now blurred out of the Washington Post story, but the image is still floating around the Internet. Someone recently noticed a Washington Post story on the TSA that originally contained a detailed photograph of all the TSA master keys.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |