News

Flying to Defcon with no ID

Defcon attendee Sherri Davidoff travelled to the conference without ID. She spotted a few flaws in the TSA system along the way

By Robert McMillan, IDG News Service (San Francisco Bureau)

August 12, 2008 — CSO —

Before Sherri Davidoff flew out to Defcon this year, she made sure to cover up the "Global Hacking Permit 230291" sticker on her laptop with a photo of two adorable puppies.

She figured it might help things go a little more smoothly at Logan International Airport, where she eventually managed to clear her way through the Transportation Security Administration's security screening and fly out to this week's hacker convention in Las Vegas without using any ID.

The TSA changed its policy in June, barring travelers who refuse to show ID from flying, but allowing cooperative passengers who have lost or otherwise don't have their papers to pass through. Davidoff, an independent security consultant based in Boston, wanted to see how the new TSA system worked.

For her, travelling without ID wasn't just an interesting drill, it was a matter of civil liberties.

"It's not something I did out of mere curiosity," she said. "The freedom to travel anonymously is fundamentally important to our right to peaceably assemble."

So on Monday, she FedExed her wallet to her hotel in Las Vegas. On Wednesday, she showed up at Logan, nervous, and wondering if she was even going to make it out of Boston.

"I donâ¬"t have my wallet," she told TSA staffers. They were polite but "very intimidating," she said, "and they made it clear that my reasons for not having ID would be a factor."

The good news was, Logan's security team had a pretty smooth procedure for handling people in her situation.

The bad news was that the procedure had a few security problems.

For one, thing Davidoff didn't need to know much in order to establish her identity: She had to provide her name along with both a street and a state where she'd previously resided.

She said that this kind of basic information is pretty easy to dig up.

Another problem was that the TSA's first screener marked up her home-printed boarding pass with a red Sharpie pen. This was the sign for the workers at the metal detector to give here a more thorough screening.

She believes that If she had simply printed two copies of her boarding pass, she could have handed in an unmarked copy and skipped this secondary screening, which included a pad-down and a test for explosives.

All in all, she said the new policy does not improve security.

TSA representatives could not be reached immediately for comment.

Kurt Opsahl, a senior staff attorney with the Electronic Frontier Foundation, agreed with Davidoff's assessment, saying that her experience "demonstrates the theatrical nature" of airport security.