Is it possible to hack your way into a lounge? Of course it is, when access to an airline’s elite frequent-flyer lounges is controlled via barcode. One traveler couldn’t get into the lounge when he had gold status, and wondered whether he could encode a barcode with fake information that would gain him access that he didn’t deserve.
The barcode readers, it turns out, aren’t as smart as you might think. They aren’t connected to the ticketing system or anything that actually verifies a passenger’s status. That means all he needs to encode in each fake boarding pass is a flight number and a name, and a seat number in first or business class.
As long as the system recognizes these things, it understands the fake boarding pass and lets him in. Only people holding (cheaper) tickets for a real flight or airport employees who have access past the security line would be able to use this app, which he has no plans to release to the public.
He does, however, plan to present the project at Defcon this weekend. Presumably he’s hanging out in a first-class airport lounge on his way to Las Vegas right now. Here’s a motion sickness-inducing video that shows the process, then him gaining access to the super-fancy Turkish Airlines lounge in Istanbul based on the a number of a flight he wasn’t taking.
Fake Boarding Pass App Gets Hacker Into Fancy Airline Lounges [Wired] (via Gizmodo)
by Laura Northrup via Consumerist
No comments:
Post a Comment