Connect with us

Hi, what are you looking for?

Tech News

Researchers say a bug let them add fake pilots to rosters used for TSA checks

Illustration by Carlo Cadenas / The Verge

A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport security checkpoints. The bug let anyone with a “basic knowledge of SQL injection” add themselves to airline rosters, potentially letting them breeze through security and into the cockpit of a commercial airplane, researcher Ian Carroll wrote in a blog post in August.

Carroll and his partner, Sam Curry, apparently discovered the vulnerability while probing the third-party website of a vendor called FlyCASS that provides smaller airlines access to the TSA’s Known Crewmember (KCM) system and Cockpit Access Security System (CASS). They found that…

Continue reading…

You May Also Like

Editor's Pick

In this edition of StockCharts TV‘s The Final Bar, Dave shows how breadth conditions have evolved so far in August, highlights the renewed strength in the...

Tech News

Image: Becca Farsace / The Verge Instagram is a popular place to show off your latest photos, but if you’re a real photography enthusiast,...

Tech News

Rufino Choque, from the Urus Indigenous community, stands over a boat in the middle of the extinct Poopó Lake, which disappeared in 2015. |...

Politics

When word first broke that Joe Biden would be sitting down with Howard Stern for a live interview Friday on his SiriusXM show, it...

Generated by Feedzy