tag:blogger.com,1999:blog-16750015.post116224690697333043..comments2024-01-24T20:01:37.600-05:00Comments on slight paranoia: No real newsChristopher Soghoianhttp://www.blogger.com/profile/08950937382104783909noreply@blogger.comBlogger48125tag:blogger.com,1999:blog-16750015.post-1163520586443900522006-11-14T11:09:00.000-05:002006-11-14T11:09:00.000-05:00The boarding pass generator is NOT a security prob...The boarding pass generator is NOT a security problem ... and so therefore it does NOT need to be closed. Therefore "exposing" that a boarding pass generator exists is NOT exposing a security problem either.<BR/><BR/>The nuts simply can't think. It's time to wake up and realize that ID and boarding pass checks are not security; they are a wasteful dog and pony show and should not be done at airports.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1163438785697149342006-11-13T12:26:00.000-05:002006-11-13T12:26:00.000-05:00Look at CLOSING the security problem, not EXPOSING...<I>Look at CLOSING the security problem, not EXPOSING the security problem!!!</I><BR/><BR/>Wow, Chris' own troll! Congrats; I think that means you're officially big-time now.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1163136021810575292006-11-10T00:20:00.000-05:002006-11-10T00:20:00.000-05:00You really made my day, knowing that we "free spee...You really made my day, knowing that we "free speech" Americans have let everyone know of another one of our security flaws. Does anyone else want to point out any of the other 1,000 ways to breach security at the airports? Perhaps we can list them all, then post more ways to get around the new security checks that the airports have to impose; all the while complaining about the increased cost of airline tickets (to cover the expensive security equipment and increased staff to run it)and wasted time getting through screenings (because they have to check everything)!<BR/><BR/>People complain about being "tracked" and how "Big Brother" is watching, to the point that our SSN isn't even safe any more, yet posts like yours just make fingerprinting, microchipping, and tracking devices all the more necessary so we can "prove" our identity. Nothing is private any more! It's too bad the airport didn't force you into the puffer-machine when you didn't have your id, but then you'd have some civil rights group claiming your rights were violated or that you were singled out because of your age, race, sex, color, or strange piercings and purple hair, rather than accepting the fact that these machines have become necessary because of people like yourself.<BR/><BR/>Thanks to people who have nothing better to do than try to cause trouble, we'll soon be boarding planes in hospitals gowns, while everything else has to get checked into the hold. Next, we'll have "cavity searches". (How about posting your thoughts on that, Christopher?!?!?!?!?) <BR/><BR/>"Click Here" to contribute to your "defense fund"? You get yourself into trouble and then expect hard-working Americans to pay to bail you out? And you want a pro-bono lawyer, too? Grow up and quit expecting others to take care of you, little boy! The homeless need my financial help. You, dear boy, need to grow up and get a life! Offer your services to the airport, free of charge, if you're so concerned about safety!!!<BR/><BR/>And by the way, the government had every right to confiscate your equipment and search your house. Just because you say your aren't a terrorist doesn't mean that you aren't. How do I know you aren't going to use that Paypal $ to fund terrorist operations? You certainly wouldn't be the first person to take advantage of the American public and play on their sympathy with false claims of "dying of cancer" or "only doing it to expose a problem with security". By the way, have you written any good worms or viruses lately? The ones who got caught claim they are only trying to expose a security breach (but they've ruined a lot of computers and bankrupted a lot of businesses along the way)! Maybe your time would be better spent helping close security risks rather than exposing how to exploit them!!! <BR/><BR/>Look at CLOSING the security problem, not EXPOSING the security problem!!!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1163107848115139922006-11-09T16:30:00.000-05:002006-11-09T16:30:00.000-05:00Keep up the good work! It's funny that you are be...Keep up the good work! It's funny that you are being punished for showing people that a vulnerability exists. Do we close the loophole? No, it's cheaper to shoot the messenger.Scotthttps://www.blogger.com/profile/17524885076674971538noreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1163002423255910022006-11-08T11:13:00.000-05:002006-11-08T11:13:00.000-05:00word to the republicans.word to the republicans.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162947922137062022006-11-07T20:05:00.000-05:002006-11-07T20:05:00.000-05:00thank god for people like you. i really admire wh...thank god for people like you. i really admire what you did. <BR/><BR/>traki, bet labi (translation: crazy, but good)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162801686917100042006-11-06T03:28:00.000-05:002006-11-06T03:28:00.000-05:001. Nothing done by Chris Soghoian has made us safe...1. Nothing done by Chris Soghoian has made us safer. <BR/><BR/>If Chris gets his way, shutting down (or overhauling) online check-in or print your own boarding passes will still do nothing to provide security, especially because boarding pass checks at the airport security checkpoint don't provide security; nor are boarding pass checks designed to provide security (except in the minds of fools); nor will boarding pass checks ever provide any form of flight safety/security.<BR/><BR/>2. Chris Soghoian's website boarding pass creator didn't make us any less safe either. <BR/><BR/>Using a fake boarding pass is not a pass to skip the airport security checkpoint, so putting up the website had 0 -- ZERO -- security implications.<BR/><BR/>Why are so many people unable to see that the airport security measures are mostly a dog and pony show, a charade? Why are so many people unable to see that boarding pass and ID checks provide no security, nor are they meant to provide security, when it comes to airplane passengers. Instead of the government and government apologists obsessing over ID and boarding pass checks, perhaps focusing on searching for explosives, weapons and improvised weapons would yield better results than the current security nonsense.<BR/><BR/>And now we even have this foolish "war on liquids" at airports. But the twits who defend the liquid and gel restrictions at airports don't realize that the screeners are still not determining what is in those mandatory plastic bags full of liquids and gels and that it's easy to circumvent anyway.<BR/><BR/>So many fools, so little understanding. That's why we've got the government we deserve.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162766452325257382006-11-05T17:40:00.000-05:002006-11-05T17:40:00.000-05:00Best of luck Chris. Your experience makes me furt...Best of luck Chris. Your experience makes me further glad that I don't live in the US. The idea that by pointing out a previously publicized flaw and publishing code to that effect makes you a criminal or terrorist is ludicrous.<BR/><BR/>The forms generated by that code are not false documents until they are printed by a site visitor for use. Publishing the means and highlighting a security failure is the act of a responsible citizen. <BR/><BR/>Only an unthinking jingoist would argue otherwise.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162762685328469012006-11-05T16:38:00.000-05:002006-11-05T16:38:00.000-05:00In the sunday(Nov.5th) Baltimore Sun News Paper, t...In the sunday(Nov.5th) Baltimore Sun News Paper, they said you aren't going to jail.I think thats great news(here's the article:<BR/>http://www.baltimoresun.com/news/opinion/ideas/bal-id.blog05nov05,0,7933516.column<BR/><BR/>I hope you continue what you are doing, because I believe you havedone a good thing(just be a little careful in the future;))Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162663332288248472006-11-04T13:02:00.000-05:002006-11-04T13:02:00.000-05:00Hey,Way to go! I hope this brings enough attention...Hey,<BR/><BR/>Way to go! I hope this brings enough attention to the issue that changes are made to the system. Your 15 minutes of fame may have made our future flying experiences safer. If it works-- THANKS!! If not... at least you've got a story to tell the grandkids 60 years from now. :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162619463168773032006-11-04T00:51:00.000-05:002006-11-04T00:51:00.000-05:00I personally would like to thank you for exposing ...I personally would like to thank you for exposing this, and I hope you don't suffer the wrath of the govt. for trying to prove a point.<BR/>I hope our skies are safer because of it. I hate all these so called goody two shoes, who if on a hijacked plane would the first ones crying, please dont hurt me, instead of trying to save their asses like the brave people on flight 93 on 9/11. If they dont have something supportive to say, then just shut up.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162558867776302352006-11-03T08:01:00.000-05:002006-11-03T08:01:00.000-05:00Yeah Chris,Become a responsible adult- find a wife...Yeah Chris,<BR/>Become a responsible adult- find a wife who needs you to take care of her (it's the responsible decision!)make babies all willy-nilly, continue to work and pay your taxes...maybe then you'll be a real human being so afraid of disrupting the status quo that you'll hush up (or maybe you're just too busy working to support your freeloading wife and kids and to pay those taxes that perpetrate a government you don't support...yikes)<BR/><BR/><BR/><BR/>You know where I stand, and I'll brace you with all the support I can.<BR/><BR/><BR/>Good luck.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162529828094646812006-11-02T23:57:00.000-05:002006-11-02T23:57:00.000-05:00This isn't a security hole.Boarding pass and ID ch...This isn't a security hole.<BR/><BR/>Boarding pass and ID checks to clear the security checkpoint could be discarded and we'd be no less safe.<BR/><BR/>Persecuting or prosecuting someone for this is idiotic. Northwest Airlines suing him would be more appropriate than government agents going berserk like this over an issue that has no security implications when it comes to flight safety.<BR/><BR/>The chicken little, nervous nelly surrender monkeys need to grow up and realize that there is no security threat to a flight posed by someone clearing a security checkpoint with a fabricated boarding pass or even fake ID available to most every college kid in America.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162519283274610242006-11-02T21:01:00.000-05:002006-11-02T21:01:00.000-05:00From spusa.org: "If you were in Soghoian’s shoes w...From spusa.org: "If you were in Soghoian’s shoes would you have published the website to expose holes in aviation security? <BR/><BR/>Answer: No, I have too much to lose and am afraid of the Government.<BR/><BR/>Was there a genuine risk associated with this site, and, if so, did the benefits of the site outweigh the risks? <BR/><BR/>Answer: Herro - Do we all think the terrorist types are dumb? Hell, I thought of printing a fake boarding pass 4 years ago so I could take my mom to the gate. Duh. I have seen a guy after 9/11 put a 3" pocket knife thru x-ray get it back. Hows that for suckurity. I would have turned him in but he was in his 70's and I didnt want to miss my flight because I knew the concourse would be evacuated. ...and I lived to tell the tale.<BR/><BR/>Should legal action be taken against Soghoian? <BR/><BR/>Answer: What did he do wrong? Embarass big brother. For that he must pay. This is a hi-tech Ruby Ridge or Waco. Go get him feds. Chris, I doubt NWA will redeem your miles. Plan on driving for awhile.<BR/><BR/>The university has informed Soghoian that they will not provide him with legal counsel. Do you think the university has an obligation to protect graduate students exercising academic freedom who run into legal trouble?"<BR/><BR/>The University should fight but they are chickensh*t. This is evidenced by the fact they fired Bobby Knight. But they won't.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162518377453422822006-11-02T20:46:00.000-05:002006-11-02T20:46:00.000-05:00I would think a grad student would have better thi...I would think a grad student would have better things to do than cause legal trouble for themself.<BR/><BR/>In some part, it is because of people like you that we get knee-jerk reactions from politicians that make things even more difficult at the airport. Grow up.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162509525773827122006-11-02T18:18:00.000-05:002006-11-02T18:18:00.000-05:00Chris --- hang in there, ok? We are thinking of yo...Chris --- hang in there, ok? We are thinking of you and hope that you will make it through this alright.<BR/><BR/>Love, <BR/>Steffi<BR/><BR/>London, UKAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162507366383562702006-11-02T17:42:00.000-05:002006-11-02T17:42:00.000-05:00Personally I hope the Gov't hires you...to expose ...Personally I hope the Gov't hires you...to expose their flaws...goodluck to ya.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162503819107560622006-11-02T16:43:00.000-05:002006-11-02T16:43:00.000-05:00It's nice to see our government, with all it's won...It's nice to see our government, with all it's wonderful resources, as managed to find this student and shut down his site.<BR/><BR/>You should have changed your name to Jimmy Hoffa. Not a chance in the world they could find you.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162462295050033952006-11-02T05:11:00.000-05:002006-11-02T05:11:00.000-05:00LMAO... And the government thought they could just...LMAO... And the government thought they could just shut down the website hosting the generator. Apparently, it is being hosted on at least another site. This will not go away until they fix the flaw.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162450712913259882006-11-02T01:58:00.000-05:002006-11-02T01:58:00.000-05:00"It is not the function of the government to keep ..."It is not the function of the government to keep the citizen from falling into error; it is the function of the citizen to keep the government from falling into error."<BR/><BR/>-- U.S. Supreme Court Justice Robert H. Jackson<BR/><BR/><BR/>I commend you for bringing attention to this gaping physical security flaw I've often wondered about myself while waiting in airport security checkpoint lines.<BR/><BR/>I don't necessarily agree with the manner used to deliver the point (akin to publishing proof of concept exploit code), though there indeed are times when a "push" is needed to gain attention.<BR/><BR/>The Feds response is yet another reminder of life post 9/11.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162432730581657812006-11-01T20:58:00.000-05:002006-11-01T20:58:00.000-05:00http://draconum.net/index.php?title=fake_boarding_...http://draconum.net/index.php?title=fake_boarding_pass_generator_mirror_d&more=1&c=1&tb=1&pb=1<BR/><BR/>Mirror for the new Javascript version. I'm hosting the tar.gz file of the new site's source code.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162404449691078272006-11-01T13:07:00.000-05:002006-11-01T13:07:00.000-05:00Chris is just paying the price for the ignorance o...Chris is just paying the price for the ignorance of our government. I contacted the TSA and Fox News via telephone back in 2003 regarding this same loophole. Their response... Yawn, we'll look into it sir. Now that it has people's attention, something may actually get done to correct the 'hole'. If the Avis Car Return agent can have a wireless scanning device to track rental car arrival, why can't a TSA agent have one for boarding pass validation?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162393406269334202006-11-01T10:03:00.000-05:002006-11-01T10:03:00.000-05:00Sad that people can't even have "fun" anymore. It'...Sad that people can't even have "fun" anymore. It's a fucking generator. There are hundreds of these on the net of all diff. kinds.<BR/><BR/>Perhaps they should pay better attention to what is going on in the airports and borders and other more important sites on the net..than this.<BR/><BR/>I bet while I sit here and type this and you sit there and read it, that someone has just illegally boarded a plane with a pair of scissors.....OMG...the horror.<BR/><BR/>This country is turning out to be a fucking joke and while "officials" are spending their time with trivial bullshit...the country is going to hell in a handbasket.<BR/><BR/>God Bless the Divided States of AmericaAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162380650078176792006-11-01T06:30:00.000-05:002006-11-01T06:30:00.000-05:00I just read about your story. While I would never ...I just read about your story. While I would never do something so bold, I agree that the TSA needs to review its security measures. I am living in London right now, and I have noticed so many differences in the treatment of security in many airports. For example, on my flight here, I left from Pittburgh. No problems there, got through security without even batting an eye. Here, I go to Dublin and Paris and get patted down both times. The most bizarre thing was that they don't check ID at the first checkpoint. They just look at the boarding pass. Once you get to the gate, then they will check the pass. So, you just proved to the world that there is a serious flaw in the system. I wish you luck, and I'm sure you will be fine in all of this.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16750015.post-1162361884786394292006-11-01T01:18:00.000-05:002006-11-01T01:18:00.000-05:00Clint,Chris is not the first one to bring this fla...Clint,<BR/>Chris is not the first one to bring this flaw to the attention of the authorities. Congress has known about this for years. A senator demonstrated how it could be done in his office a couple years ago. Mind you that he is a politician and not technically minded. So what Chris did is right. The authorities were well aware of the issue. The public was informed but not well. Chris shined a spotlight on this flaw and screamed look! He has the nations attention. What he did was to simply use the snowball effect. He did something small and let the rest of the world snowball it into something massive. Now the nation is screaming for this to be fixed. Lets see Congress and the airlines ignore the flaw now. The only reason Chris is in trouble with the government is that he pointed out to the world yet once again how inept and ineffective our government is. And mind you I am a solid Republican. Perhaps you all should go through archive media footage and relive 9/11. They stopped showing it because it was to upsetting to the American people. Well we sould be upset...in fact we should be pissed. Chris has probably just made it more difficult for those who would terrorize us to do their evil deeds. If Chris was a soldier, he would get a silver star for his actions. We should be thanking him not criticising him. He has probably saved hundreds of lives. He may have saved yours or someone you know and love. Did you consider that reality? So Clint, go back to whatever hole you crawled out of...get on the web and do some serious research before you decide to come back out and speak. Thomas Jefferson said this of free speech, "The freedom of speech is like an outstretched fist. You can wave it all around but if you hit someone it is no longer freedom of speech as you have infringed upon someone else's rights." So whose rights did Chris infringe when he posted that? He did not infringe upon any individual's rights or even a group of individuals. What he did was point out something the government was aware of and doing nothing about it. That is free speech. That is part of checks and balances. So Chris, Thank you from the bottom of my heart. You have served this nation well. I do not think the government is stupid enough to martyr you for helping the country.Anonymousnoreply@blogger.com