How A Photograph & A Bad Decision Made Millions Of TSA Approved Luggage Locks Useless
A good photograph has the power to stop us in our tracks, take our breath away, inspire us, make us wish we were there, standing inside of it. It’s true, the power of photography is magnificent. Unfortunately, it’s magical powers are sometimes used in ways that are not quite so inspirational. Like last year, when a 31-year old hacker who works under the name”Starbug”, claimed he could recreate a person’s fingerprints using just a few images from a “standard photo camera”, which proved by duplicating the fingerprints of German defense minister, Ursula von der Leyen.
In the same presentation, Starbug demonstrated how embarrassingly easy it is to trick facial recognition software using printed out photographs. Strabug’s work prompted an international conversation on security and how rapidly evolving camera tech is causing new concerns about the way criminals can use photography to commit crimes.
Now, the latest security breach brought about by a photograph has created a massive problem for TSA and travelers. In September of 2014, the Washington Post ran a story titled The Secret Life of Baggage: Where Does Your Luggage Go At The Airport, which featured a photograph of set of master keys TSA uses to access luggage locks on baggage–the locks TSA requires travelers to use if they wish to lock their baggage.
In August of this year, Washington Post pulled the photo from the article as soon as reports began popping up that France based individual who calls himself Xylitol, used the image to make CAD files that would allow anyone with a 3D printer to print their own master keys. Xylitol then posted his files to Github, free for anyone to download.
Xylitol told Wired,
“Honestly I wasn’t expecting this to work, even though I tried to be as accurate as possible from the pictures. I did this for fun and don’t even have a TSA-approved lock to test. But if someone reported it that my 3D models are working, well, that’s cool, and it shows…how a simple picture of a set of keys can compromise a whole system.”
Though Xylitol hadn’t tested his work out himself, within hours of posting the CAD files, a Montreal based man by the name of Bernard Bolduc had printed out one of the keys in about 10 minutes using cheap PLA plastic and a 3D printer. When he put the key to the test on one of his own TSA approved locks, sure enough, the lock popped right open as he demonstrated in this Twitter post:
OMG, it’s actually working!!! pic.twitter.com/rotJPJqjTg
— Bernard Bolduc (@bernard) September 9, 2015
Think Before You Shoot
As far as photographers go, it can be hard–if not impossible–to always control who happens to get their hands on your work. But, you can control what you are taking photographs of. In this case, I can’t help but wonder what the photographer, the Washington Post, and TSA thought was going to happen when they chose use a photo that comes with such obvious security concerns.
[ via Wired ]