3D printers are useful devices, and I’ve seen people make some extremely cool things with them. Today, I read about a 3D printer creation that’s so incredibly awesome, I’m just bursting at the seams to share the news. But I need to give some background information first.
If you’ve done any traveling during the last few years, you’ve undoubtedly seen a TSA lock. These are standard run-of-the-mill luggage locks, with one special (anti-)feature: they’re designed to be opened with a special TSA “master key”. This is done in the name of making it easier to for TSA to mess with your luggage security. A TSA agent can pop in one of their master keys, open your lock, go through your luggage, and no one will be the wiser.
With all of the airports in the United States, one would expect there to be lots of TSA master keys floating around. A set of these keys wound up on the internet as high definition images. From there, it didn’t take long for the photographs to be turned into 3D-models, and now anyone can print their own.
That is one very cool hack!
My own luggage lock is labelled TSA007; here’s what that key looks like
From my time hanging out at the TOOOL table during security conferences, it doesn’t look like a difficult lock to pick, even without an 007 key handy. (Hopefully there’s a TOOOL member out there who’s willing to comment on the level of difficulty involved in picking a TSA-approved lock.)
There’s a very important lesson to be learned from this. A lock is a security device, and a TSA-approved lock is a security device with a backdoor. Backdoors don’t care who uses them, and it’s only a matter of time before the secret keys to the backdoor find their way into the public. This is true for locks, and it’s doubly-true for encryption.
3D printers are useful devices, and I’ve seen people make some extremely cool things with them. Today, I read about a 3D printer creation that’s so incredibly awesome, I’m just bursting at the seams to share the news. But I need to give some background information first.
If you’ve done any traveling during the last few years, you’ve undoubtedly seen a TSA lock. These are standard run-of-the-mill luggage locks, with one special (anti-)feature: they’re designed to be opened with a special TSA “master key”. This is done in the name of making it easier to for TSA to mess with your luggage security. A TSA agent can pop in one of their master keys, open your lock, go through your luggage, and no one will be the wiser.
With all of the airports in the United States, one would expect there to be lots of TSA master keys floating around. A set of these keys wound up on the internet as high definition images. From there, it didn’t take long for the photographs to be turned into 3D-models, and now anyone can print their own.
That is one very cool hack!
My own luggage lock is labelled TSA007; here’s what that key looks like
From my time hanging out at the TOOOL table during security conferences, it doesn’t look like a difficult lock to pick, even without an 007 key handy. (Hopefully there’s a TOOOL member out there who’s willing to comment on the level of difficulty involved in picking a TSA-approved lock.)
There’s a very important lesson to be learned from this. A lock is a security device, and a TSA-approved lock is a security device with a backdoor. Backdoors don’t care who uses them, and it’s only a matter of time before the secret keys to the backdoor find their way into the public. This is true for locks, and it’s doubly-true for encryption.