The TSA’s full-body scanners never seemed like a very good idea. They’re a great way to unwittingly show your naked body to government officials, for one. They’re also insanely easy to trick. We’ve suspected as much for some time now, but a team of university researchers just confirmed some scary security flaws.
The scanner in question is none other than the Rapiscan Secure 1000. This backscatter X-ray scanner is the same device that blogger Jonathan Corbett appeared to dupe in a YouTube video a couple of years ago. But not only did the security researchers confirm Corbett’s claims, they discovered new vulnerabilities too.
Corbett showed how you could carry metallic objects in your side pocket through the TSA’s scanner undetected. These security researchers took it a step further, however, and sewed a gun into a pant leg. This strategic placement prevents the weapon from showing up in a scan. Seriously, look at the picture below. The scan to the left is of a man carrying no gun. The scan on the right is of an attacker with a gun concealed in his pants.
If the attacker prefers knives, he can simply conceal the blade along his spine with Teflon tape, and that weapon won’t show up on a scan either. Even bombs are pretty easy to sneak through a backscatter X-ray machine. The researchers successfully moulded a putty akin to plastic explosives to a potential attacker’s body and concealed the detonator in his belly button. Again, the scanner is none the wiser.
Now, there’s a pretty major caveat to the study. Due to privacy concerns, the TSA replaced all Rapiscan Secure 1000 backscatter X-ray scanners — the same type that the security researchers tricked — with millimetre wave scanners in airports. However, Corbett’s methods also appeared to work on millimetre wave scanners, so there’s reason to believe the researchers methods would as well, though they were unable to acquire a millimetre wave scanner for further testing. Regardless, Rapiscan Secure 1000 scanners are still in use in plenty of places, like government security checkpoints, courthouses, and prisons.
It’s not necessarily the flaws in the technology itself that the team wanted to highlight. The security researchers really wanted to show how the government’s methodology for testing this equipment is fundamentally flawed. “These machines were tested in secret, presumably without this kind of adversarial mindset, thinking about how an attacker would adapt to the techniques being used,” University of Michigan computer scientist J. Alex Halderman told Wired. (Halderman’s been busy lately, by the way.) “They might stop a naive attacker. But someone who applied just a bit of cleverness to the problem would be able to bypass them. And if they had access to a machine to test their attacks, they could render their ability to detect contraband virtually useless.”
All of this adds up to the confirmation that the TSA clumsily spent $US1 billion installing faulty body scanners in airports that violated people’s privacy. Then, they replaced them with potentially faulty body scanners, and other government buildings got stuck with the original faulty scanners. And now nobody is safe. Have a nice day! [Wired]
Picture: Getty / J. Alex Halderman / Wired