On Mon, 2008-10-20 at 08:41 -0400, Perry E. Metzger wrote: > All that said, here's an interesting article that just got published, > and you will note Bruce's involvement. > > http://www.theatlantic.com/doc/200811/airport-security
americans haven't figured out when to check ID? i hadn't noticed this bug because in europe it's done differently. > To slip through > the only check against the no-fly list, the terrorist uses a stolen > credit card to buy a ticket under a fake name. “Then you print a fake > boarding pass with your real name on it and go to the airport. You > give your real ID, and the fake boarding pass with your real name on > it, to security. They’re checking the documents against each other. > They’re not checking your name against the no-fly list—that was done > on the airline’s computers. Once you’re through security, you rip up > the fake boarding pass, and use the real boarding pass that has the > name from the stolen credit card. Then you board the plane, because > they’re not checking your name against your ID at boarding.” in europe, when you check in at a counter, you must show ID. so they can check your ID against whatever lists they have. at security, they do NOT check your ID, only that you have a "valid" boarding pass. why? because it's pointless to check your ID at that point, as bruce notes. but at the gate, when you board, they always check ID against your boarding pass which is also usually checked against the computer. so if you bypassed the previous checks - using online check-in, say, and faking an online boarding pass is way easier than bruce's fake "real" boarding passes - you still get checked against both your real ID and the computer when you board. so the US hack doesn't work in europe. of course, you could always forge an ID... or do some damage before you get on the plane. -rishab
