How to hack airport security with a fleece jacket

According to its own website the Transportation Security Administration “will continuously set the standard for excellence in transportation security through its people, processes, and technology. On my recent trip to Denver I was frankly alarmed at the number of vulnerabilities in airport security that I witnessed.

The following narrative is an exploration of these vulnerabilities and some simple suggestions for how to improve the security posture at Denver International Airport. Please be advised that your attempt at exploiting these vulnerabilities may result in your meeting many interesting people who wear dark suits, sunglasses, and carry firearms.

I feel that the TSA is there for our protection, but that drastic changes must be made to transform the appearance of security into something that will actually prevent exposure to threats.

10:24 AM MST I arrived at Denver International Airport anticipating that my 1:30 flight to Atlanta would be delayed due to the weather. I checked my luggage at the Delta check-in counter with no issues. As usual I was directed to the security screening area with my boarding pass in hand.

10:40 AM MST While inline I began chatting with a young lady who happened to be part of the TSA security crew. She directed me to a “special” line. I don’t really know what was special about it other than all of the people in line appeared to be traveling for business.

11:01AM MST This “special” security line moved faster than the other lines until a cadre of disabled persons were directed into it from a wheelchair accessible entrance (no ropes to navigate). The security screener appeared to be distracted because he was responsible for screening the disabled persons as well as the special line. That being said it was with minor scrutiny; if any, that he examined my boarding pass and photo id. (… This is where it gets really good…)

11:08 AM MST I am finally at the x-ray conveyer belt when suddenly out of nowhere members of a flight crew hop in line between parents and their kids. Understandably the mother was upset.

The raised voices that followed again distracted the TSA crew. The 189 year old gentlemen before me was a mere 4 and a half feet tall and looked completely out of place in his security garb. I mean the guy has no gun, no club, and not even a flashlight. An able bodied four year old could have bum rushed this guy. In any case he’s busy watching the flight attendant and angry mother exchange words, so he isn’t watching what’s going on.

Meanwhile I have, as per memorized TSA script commands, placed my beloved MacBook Pro in its very own tray, followed by shoes and briefcase in another tray. Well, I made the mistake of placing my fleece windbreaker on top of my laptop. Let me stop here and say that you should NEVER place so much as an unused facial tissue on top of your laptop. This apparently prevents the super secret x-rays that the TSA uses from being able to accurately detect anything dangerous that may be concealed within. I know this because of the tantrum thrown by the x-ray screener who proceeded to stop the entire scanning process, made people back up through the line, and a myriad of other shenanigans before rescanning my obviously threatening laptop and fleece jacket. Well, I have certainly learned my lesson.

During this fiasco the gentleman behind me had also been busted for attempting to carry a cigarette lighter onto the plane. He was appropriately scolded and his lighter was confiscated. Kudos to the TSA for finding this weapon of minimal destruction. After confiscating the lighter, the TSA screener gave the man a good scolding and placed the lighter on the monitor for the x-ray machine. Since I mentioned that fleece is impenetrable by x-rays and that I personally caused a massive hiccup in the entire US air transportation system, you may not be surprised to hear that the lighter-less man calmly grabbed his lighter off of the monitor while I was being de-fleeced.

You read correctly, he was able to simply pick up his lighter and continue on his merry way to Akron, Phoenix, or some other home to miscreants and malcontents. I feel safer already knowing that the entire air transportation security program can be “hacked” with fleece and an argument.

(WHO CARES WHAT TIME ANYMORE SINCE FLEECE IS EVIL) PM MST The fiasco is over Bob the smoker has his lighter back. I have stowed the fleece and my mac is safely tucked away in my briefcase. I’m still not to my concourse yet and I find another gaping flaw in security.

Those of you who have been through Denver International Airport will know exactly what I am referring to when I talk about the cattle stalls. The area behind the x-ray machines at DIA is corralled off by partitions similar to what you would find in a Dilbert cartoon. If I really wanted to bypass the screener’s, I wouldn’t use any high tech gadgetry like a false bottom in a Thermos or hollow heels in my shoes. I would simply hand the object over the partitions. Voila, security has been bypassed. Furthermore, the corral is below another level in the airport that happens to directly overlook the screening area. How about dropping something over the rail to an accomplice in the corral. Obviously the security guards won’t notice.

I finally made it home, fleece and all. This frankly surprises me given the holes in the security program at the airport. Though this is a hopefully humorous recollection, it is nonetheless true and highlights what I find to be common in many security programs whether in the public or private sector. Most organizations want the appearance of security rather than a security program that actually works. It’s like having a heavy-duty lock on a cardboard door. What’s the point?

In my mind, and you are certainly welcome to disagree, TSA needs a massive overhaul of its security posture. What is the true intent of the security program? If what the government wants is window dressing then they have it in place now. If instead the government wants to prevent repeats of the September 11th tragedy, then they should scrutinize each point of potential attack.

In the case of DIA, money is not the problem. TSA screeners should be trained to prevent them from failing at their duties when distracted. In network terms, they should fail closed. If there is a problem, perceived problem, or major distraction, halt the screening process. As for the corral, create a wide barrier between the public and those being scanned. Passing over objects would be much more difficult. On the upper level, add floor to ceiling glass to prevent people from dropping objects inside the screening area. These recommendations are minimally expensive and would significantly improve the security at DIA. I’m sure other airports have similar problems, but at what point does the façade need to fall? How many more innocents will be lost before we move to enacting real security at our airports?