General Discussion

Recursion

(56,582 posts) Sun Aug 23, 2015, 01:25 AM Aug 2015

TSA inadvertently shows the dangers of master baggage keys

http://www.engadget.com/2015/08/22/tsa-reveals-master-baggage-keys/

Security researchers have long warned of the dangers of using master-keyed locks -- if thieves get their hands on just one key, they compromise all of the compatible locks at the same time. And unfortunately, the US' Transportation Security Administration is learning this lesson the hard way. It briefly let the Washington Post show a photo (we've blurred the details) of the master baggage keys it uses for approved locks, giving crooks a crude guide to making duplicates. And you can't just switch to a non-standard lock to get around this, since TSA agents will rip it off if they catch it during an inspection.

This isn't to say that your belongings would be completely secure even if the TSA and the Post hadn't slipped up, or if master keys didn't exist. Bump keys, raking and other techniques could get through, depending on the intruder's skill and access to equipment. However, officials made it much easier by both embracing master keys and letting a photo of them surface in a news story -- millions of suitcases and carry-on bags could be that much more vulnerable. Let's just hope that other government bureaus learn a lesson from this and avoid relying on master keys, whether they're physical or digital.

9 replies

= new reply since forum marked as read

Highlight:

TSA inadvertently shows the dangers of master baggage keys (Original Post) Recursion Aug 2015 OP

I was watching a documentary the other day on DW and they were at a prison holding terrorists. CBGLuthier Aug 2015 #1

"Let's just hope that other government bureaus learn a lesson from this" Psephos Aug 2015 #2

My lab uses a transponder-system: DetlefK Aug 2015 #3

Do you think they do not already Duckhunter935 Aug 2015 #4

Who is "they"? Recursion Aug 2015 #5

Those evil terrorists Duckhunter935 Aug 2015 #6

True. And if they are so rare and valuable, somebody already copied the key and sold the copy. Hassin Bin Sober Aug 2015 #7

Here TSA. no need to spend billions on secret master luggage keys. a paper clip will do. Sunlei Aug 2015 #8

The primary purpose of a luggage lock is to minimize the risk of the bag opening accidently. Gormy Cuss Aug 2015 #9

CBGLuthier

(12,723 posts)

1. I was watching a documentary the other day on DW and they were at a prison holding terrorists.

Reply to Recursion (Original post)

Sun Aug 23, 2015, 01:34 AM

Aug 2015

I noticed the business end of the keys they used to lock the cell doors was blurred each time it was exposed. German efficiency.

Psephos

(8,032 posts)

2. "Let's just hope that other government bureaus learn a lesson from this"

Reply to Recursion (Original post)

Sun Aug 23, 2015, 02:07 AM

Aug 2015

rrrriiiigggghhhhttttt

cuz that's how accountable-to-no-one government bureaucracies work

DetlefK

(16,423 posts)

3. My lab uses a transponder-system:

Reply to Recursion (Original post)

Sun Aug 23, 2015, 07:28 AM

Aug 2015

Each door-lock is an electronic reader.

The key is a transponder with a rechargable battery that lasts ~24h with sparse use, ~36h without use. The whole things is encapsulated in plastic. Every transponder has a unique signal.
(The thing looks like an especially large and thick plastic-coin, with a ring to attach it to a key-ring.)

You have to activate the transponder every day: You hold it to the recharging-station, it reads out the ID and checks at a database whether the transponder is active (or inactive or has been reported as stolen). Once the ID has been confirmed, the device charges the battery wirelessly (~5 seconds).
If a transponder gets stolen/lost, it can only be misused in the time-window as long as the battery is still good. Once it's registered as stolen, you cannot recharge it anymore and it becomes useless.

Each electronic door-lock is programmed only to accept transponders of a certain group. It can be read out, who was the last person to open that lock.

Duckhunter935

(16,974 posts)

4. Do you think they do not already

Reply to Recursion (Original post)

Sun Aug 23, 2015, 08:53 AM

Aug 2015

Have those keys? I am sure they do, all you need is one of those cheap locks. Take it apart and make a key. More security theater making us less secure.

Recursion

(56,582 posts)

5. Who is "they"?

Reply to Duckhunter935 (Reply #4)

Sun Aug 23, 2015, 09:24 AM

Aug 2015

I'm assuming once TSA had it, the Russian and New York mobs had them within, say, six months.

The Japanese syndicates probably had them about 4 months later. And the Mumbai mafia took another 3 months after that.

But none of those people, to my knowledge, actually let a fucking reporter print a photo of the keys.

Personally, for a while I've assumed that checked luggage is an absolutely insecure medium. I'll send clothing and food, but not much else.

And keep in mind, I travel on a diplomatic passport 90% of the time. I'm not saying that to show off; I'm saying that to say that I'm bothered with the lack of security for me, and I'm absolutely enraged about how non-diplomats are treated.