$1.4m TSA App Built in 10 Minutes

It was recently revealed that the contract to create US Transportation Security Administration’s (TSA) randomizer app – which decides which pre-check line travellers should join prior to a flight with a giant left or right arrow on an iPad screen – cost an absurd $1.4 million.

$1.4m for this:

In an effort to expose the inordinate cost of the randomizer, Android coder Chris Pacia created his own version of the app. In 10 minutes, at an estimated labour cost of around $10:

The cost of the app was revealed via a freedom of information (FOI) request made by coder Kevin Burke. He sent the TSA the following e-mail:

“I request that a copy of documents concerning the following subject matter be provided to me:

The RFP (Request for Proposal) issued by the TSA for designing and implementing the “TSA Randomizer” iPad application, described here and currently in use by TSA agents at security checkpoints at many airports, including Terminal 2 at Oakland International Airport.

Details of any submitted bids from contractors or internal government agencies to design and construct the “TSA Randomizer” iPad app.

The final signed contract between the TSA and a contractor to implement the “TSA Randomizer” iPad app.”

In return, the TSA sent him a two documents: a covering letter, and another letter which showed a payment of $336,413.59 to IBM, the developer of the app. Further investigation, though, revealed a number of other documents, already in the public domain, which revealed the cost be closer to $1.4m.

Over one million dollars for 10 minutes work. I’m in the wrong job.

3D-Print Your Own TSA Master Keys

In a not too distant future your average person will be able to print their own door keys thanks to the technique of 3D printing. Which is great news for those who have lost there’s, not so good if some bright spark has created and uploaded the plans so that you can print your very own TSA Master Keys.

These keys were designed by the Transportation Security Administration following the 9/11 attacks to ensure the safety of travellers into and around the US by requiring any lock on bags to be branded as “travel sentry approved”. This is to enable airport security staff to carry out searches without having to break the lock or bag. These keys are meant to be kept secret; this was up until an article by The Washington Post which was uploaded in 2014 and conveyed a photograph of seven master keys. The respected news source finally took the pictures down in August 2015, but not before a security researcher by the username “Xyl2k” managed to both create and post 3D printing files of all seven master keys to code site Github.

Do they work? Yep, others have test printed them and it turns out you really can open other people’s luggage, sorry, I meant your own. below is a video which has been uploaded to Twitter concerning this.  This might be going off topic, but the source for this story is The Guardian, who decided to place an image to illustrate the story, what did they go for? see for yourself, the link is at the end of the article, let’s just say it looks to be potentially painful to a poor flyer.

“Xyl2k” has stated that the reason the plans were uploaded was to warn against the security flaws in “master keys” and the potential for them to be exploited as in this case. The laughable aspect concerns The Washington Post and their willingness to exist in a parallel universe, a month before the photos were published, the news source rallied for a so-called “Golden Key” which could be used by tech companies, this theoretical key would be then only used with a court order. The big glaring elephant in the room lies with the very fact that it could be copied and then misused by a wide variety of individuals, organisations and groups.

I do wish people would stop simplifying tech to the point of stupidity, for example, the general consensus from powerful officials is that encryption is bad, so why not simplify it and remove it. There is a philosophy term for this and it is called Occam’s Razor, the principle states that among competing hypotheses that predict equally well, the one with the fewest assumptions should be selected. Therefore, The Washington Post has simplified the many outcomes by suggesting a “Golden Key” to be stored by various tech companies. The only problem with that is the many hackers which include state sponsored virtual safe crackers are smarter than your average David Cameron.

This article has been written on September 11th 2015 but would be published on the 12th, this may seem a bit late when reading this, but I would just like to take a minute to pay respects to the near 3000 people who tragically lost their lives on that day 14 years ago to the most brutal of acts.

“I learned that courage was not the absence of fear, but the triumph over it. The brave man is not he who does not feel afraid, but he who conquers that fear.” –Nelson Mandela

Thank you The Guardian and Github for providing us with this information.

Flat Phone Battery? Time to Re-Book Your Flight!

What’s going to get you kicked off a flight faster than carrying a pair of nail clippers or a replica Katana? According to this TSA announcement, a flat phone battery is the answer. The full release reads:

“Last week, Secretary of Homeland Security Jeh Johnson directed TSA to implement enhanced security measures at certain overseas airports with direct flights to the United States.

As the traveling public knows, all electronic devices are screened by security officers. During the security examination, officers may also ask that owners power up some devices, including cell phones. Powerless devices will not be permitted onboard the aircraft. The traveler may also undergo additional screening.

TSA will continue to adjust security measures to ensure that travelers are guaranteed the highest levels of aviation security conducted as conveniently as possible.”

Unfortunately, this statement isn’t exactly direct nor points out an obvious issue, but we’ve learnt from NBCNews that this is likely due to a terrorism scare:

“The Transportation Security Administration will not allow cellphones or other electronic devices on U.S.-bound planes at some overseas airports if the devices are not charged up, the agency said on Sunday.” NBCNews

And it’s not just your phone that’s on the line either:

“A U.S. source familiar with the matter said laptop computers are among the devices security screeners may require passengers to turn on.” NBCNews

As far as targeted devices go and where the actions will be taken place are, we’ve learned:

“U.S. officials singled out smartphones including iPhones made by Apple and Galaxy phones made by Samsung Electronics for extra security checks on U.S.-bound direct flights from Europe, the Middle East and Africa.” NBCNews

Whether this is another crazy security measure, or a legitimate concern is up to you to decide – but we know those with a flat device due to too many Tumblr updates are sure to create a scene at the security checkpoint.

Image courtesy of Mobiles.co.uk