Tuesday, August 12, 2014

TSA checkpoints have a terrifying 'backdoor'

From Komando.com (Aug. 9):

Two tools used by the TSA to protect flights and passengers have dangerous security flaws. Security researcher Billy Rios found the problems and shared the details at Black Hat last Wednesday. This is scary stuff because it could help terrorists sneak weapons onto planes.

The Morpho Detection Itemiser 3 trace-explosives and residue system and the Kronos 4500 time clock system both have major issues. Both come with default backdoor passwords from the manufacturers. That makes them vulnerable because if a hacker figures out the default password, it's no longer safe.

Rios says the Itemiser he tested also came with a backdoor password. Exploiting that,   he was able to alter the configuration of the Itemiser system, which could allow an attacker to prevent the system from detecting explosive residue, for example.

"Once you have access to the software, it's game over," he says.

If hackers crack the password, they could change the machines to stop detecting bomb residue. Morpho says the TSA now uses an upgraded Inemiser DX, but Rios said it could still have backdoor password problems.  [read more]

Yea, that is kind of unnerving. Backdoor passwords are used for testing purposes. The password in this case either needs to be changed to a long random password or removed all together.

No comments: