Chaos Computer Club reveals massive airport security hole
By bblfish on Jan 15, 2010
The Chaos Computer Club yesterday revealed on German Television, in a program entitled "Data theft via wireless - security risks at German airports", a massive security hole, that could easily allow intelligent terrorists - if such a being is possible - to gain access to the secure parts of many airports, thereby bypassing any of the more and more restrictive and intrusive measures being introduced to scan normal citizens, and which led the pirate party to demonstrate in underpants as I reported earlier this week.
The trick is simple. Employees at many airports use badges that are read wirelessly by scanners. Using a trick similar to that described by Chris Paget's RFID cloning presentation - a massive security scandal in the US - it is possible to capture the signals emitted by these cards and use that to produce fake ones. Having created one such card, the CCC members were able to gain access to secure parts of the Hamburg airports without going through any of the security checks imposed on the passengers.
It is not surprising that such a hole and many more should be found of a similar nature. Increasing security in one part of the airport will not make anything more secure if not all parts are secured equally. But since the threat of terrorism is so minute - you are 8 times more likely to be killed by a cop in the US than by a terrorist - any security measures will end up creating more danger than that posed by the terrorists themselves. Add more police and the danger of accidental killing by the police can only go up faster than the terrorist threat itself.