Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Encryption

Submission + - Ask Slashdot: Is TSA's PreCheck System Easy to Game? (wordpress.com)

OverTheGeicoE writes: TSA has had a preferred traveler program, PreCheck, for a while now. Frequent fliers and other individuals with prior approval from DHS can avoid some minor annoyances of airport security, like removing shoes and light jackets, but not all of the time. TSA likes to be random and unpredictable, so PreCheck participants don't always get the full benefits of PreCheck. Apparently the decision about PreCheck is made when the boarding pass is printed, and a traveler's PreCheck authorization is encoded, unencrypted, on the boarding pass barcode. In theory, one could use a barcode-reading Web site (like this one, perhaps) to translate a barcode into text to determine your screening level before a flight. One might even be able to modify the boarding pass using PhotoShop or the GIMP to, for example, get the screening level of your choice. I haven't been able to verify this information, but I bet Slashdot can. Is TSA's PreCheck system really that easy to game? If you have an old boarding pass lying around, can you read the barcode and verify that the information in TFA is correct?
Chrome

Submission + - Google Prepares Fix to Stop BEAST SSL/TLS Attacks (theregister.co.uk)

OverTheGeicoE writes: It was reported yesterday that researchers had found a way to break the most commonly used SSL/TLS encryption in browsers. According to the Register, Google is pushing out a patch to fix the problem. The patch doesn't involve adding support for TLS 1.1 or 1.2. FTFA: "The change introduced into Chrome would counteract these attacks by splitting a message into fragments to reduce the attacker's control over the plaintext about to be encrypted. By adding unexpected randomness to the process, the new behavior in Chrome is intended to throw BEAST off the scent of the decryption process by feeding it confusing information." The fix is supposedly in the latest developer version of Chrome.
Encryption

Submission + - Feds' radios have significant security flaws (wsj.com) 1

OverTheGeicoE writes: The Wall Street Journal has a story describing how the portable radios used by many federal law enforcement agents have major security flaws that allow for easy eavesdropping and jamming. Details are in a new study being released today. The authors of the study were able to intercept hundreds of hours of sensitive traffic inadvertently sent without encryption over the past two years. They also describe how a texting toy targeted at teenage girls can be modified to jam transmissions from the affected radios, either encrypted or not.

Slashdot Top Deals

"Well I don't see why I have to make one man miserable when I can make so many men happy." -- Ellyn Mustard, about marriage

Working...