{"id":3930,"date":"2015-09-11T22:11:12","date_gmt":"2015-09-12T02:11:12","guid":{"rendered":"https:\/\/masspirates.org\/blog\/?p=3930"},"modified":"2015-09-12T09:14:08","modified_gmt":"2015-09-12T13:14:08","slug":"tsa-backdoors-are-still-backdoors","status":"publish","type":"post","link":"https:\/\/masspirates.org\/blog\/2015\/09\/11\/tsa-backdoors-are-still-backdoors\/","title":{"rendered":"Backdoors are backdoors, even when they belong to the TSA"},"content":{"rendered":"<p>3D printers are useful devices, and I&#8217;ve seen people make some extremely cool things with them. Today, I read about a 3D printer <a href=\"http:\/\/www.theregister.co.uk\/2015\/09\/10\/tsa_master_key_blueprints_leaked\/\">creation<\/a> that&#8217;s so incredibly awesome, I&#8217;m just bursting at the seams to share the news. But I need to give some background information first.<\/p>\n<p>If you&#8217;ve done any traveling during the last few years, you&#8217;ve undoubtedly seen a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Luggage_lock\">TSA lock<\/a>. These are standard run-of-the-mill luggage locks, with one special (anti-)feature: they&#8217;re designed to be opened with a special TSA &#8220;master key&#8221;. This is done in the name of <span style=\"text-decoration: line-through;\">making it easier to for TSA to mess with your luggage<\/span> security. A TSA agent can pop in one of their master keys, open your lock, go through your luggage, and no one will be the wiser.<\/p>\n<p>With all of the airports in the United States, one would expect there to be lots of TSA master keys floating around. A set of these keys wound up on the <a href=\"https:\/\/imgur.com\/a\/JQD7l\/noscript\">internet<\/a> as high definition images. From there, it didn&#8217;t take long for the photographs to be turned into <a href=\"https:\/\/github.com\/Xyl2k\/TSA-Travel-Sentry-master-keys\">3D-models<\/a>, and now anyone can print their own.<\/p>\n<p>That is one very cool hack!<\/p>\n<p>My own luggage lock is labelled TSA007; here&#8217;s what that key looks like<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/masspirates.org\/blog\/wp-content\/uploads\/2015\/09\/tsa007-1024x148.jpg\" alt=\"TSA007\" class=\"aligncenter size-large wp-image-3929\" width=\"600\" srcset=\"https:\/\/masspirates.org\/blog\/wp-content\/uploads\/2015\/09\/tsa007.jpg 1024w, https:\/\/masspirates.org\/blog\/wp-content\/uploads\/2015\/09\/tsa007-300x43.jpg 300w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/p>\n<p>From my time hanging out at the <a href=\"http:\/\/toool.us\/\">TOOOL<\/a> table during security conferences, it doesn&#8217;t look like a difficult lock to pick, even without an 007 key handy. (Hopefully there&#8217;s a TOOOL member out there who&#8217;s willing to comment on the level of difficulty involved in picking a TSA-approved lock.)<\/p>\n<p>There&#8217;s a very important lesson to be learned from this. A lock is a security device, and a TSA-approved lock is a security device with a backdoor. Backdoors don&#8217;t care who uses them, and it&#8217;s only a matter of time before the secret keys to the backdoor find their way into the public. This is true for locks, and it&#8217;s doubly-true for encryption.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>3D printers are useful devices, and I&#8217;ve seen people make some extremely cool things with them. Today, I read about a 3D printer&hellip;<\/p>\n","protected":false},"author":88,"featured_media":3936,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"Backdoors are backdoors, even when they belong to the #TSA","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[32,35],"tags":[],"class_list":["post-3930","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-slider","category-security"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/masspirates.org\/blog\/wp-content\/uploads\/2015\/09\/tsakeys3dprinted2.png","jetpack_shortlink":"https:\/\/wp.me\/p1W8mg-11o","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/posts\/3930","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/users\/88"}],"replies":[{"embeddable":true,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/comments?post=3930"}],"version-history":[{"count":3,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/posts\/3930\/revisions"}],"predecessor-version":[{"id":3937,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/posts\/3930\/revisions\/3937"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/media\/3936"}],"wp:attachment":[{"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/media?parent=3930"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/categories?post=3930"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/masspirates.org\/blog\/wp-json\/wp\/v2\/tags?post=3930"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}