52 comments

[ 3.0 ms ] story [ 76.8 ms ] thread
Because everyone knows it is security theater.

Plus stealing from luggage is a major source of income for TSA employees, they are caught every few months but they keep doing it - so for every one caught you know there are hundreds not caught and management knows this.

https://google.com/search?q=tsa+stealing

Remember how corrupt TSA employees are the next time you see a story on the news about how corrupt officials in another country are...

I agree with you that the TSA is a joke, but as someone who worked as a TSA agent before, I never stole anything, nor to the best of my knowledge did anyone I worked with steal anything. Stealing, in fact, would be kind of difficult, even in the baggage rooms. I think "a major source of income for TSA employees" is a pretty gross exaggeration of the truth. For the most part, TSA employees are just a bunch of regular people trying to make a living, just like everyone else.
There are a few unfortunate truths here:

1. The TSA is invasive security theater operated on the principle that the most effective placebos are those with tangible side effects, namely body scanners and palpable tension at ultra-vulnerable (targets in and of themselves) security checkpoints.

2. The TSA is a country-scale jobs program for poor, unskilled, and unemployable people who might otherwise join disruptive political groups that promise more resource redistribution.

I think the first two points are reasonable if not explicitly provable, but my third point goes off the reservation a bit:

3. The TSA-friendly luggage locks are one of many overt acts of submission that the members of the public undertake in order to travel with speed; there is no incentive for the locks to actually work or be secure, as their primary purpose is to symbolize obeisance. I imagine this may be the case because the TSA-friendly luggage locks are jokes to begin with, as anyone with a common file, rudimentary lockpicking skill, or bolt cutter could pop them open in mere moments... not to mention the misbegotten troglodytes who actually have the master keys and help themselves whenever it suits them.

> 2. The TSA is a country-scale jobs program for poor, unskilled, and unemployable people who might otherwise join disruptive political groups that promise more resource redistribution.

This is a pretty mind blowing perspective.

From a historical perspective, it's not that mind-blowing. Most of FDR's work programs were designed not just to get people working, but to prevent open revolt.

What is mind-blowing, to me, is that the program provides no service. FDR's programs did, and we still benefit from those programs today (exhibit A: national parks).

I've often wondered if the rural location of many of these programs (the CCC, many of the WPA projects) was chosen specifically to get men out of the cities so they would be unable to participate in riots.
OP doesn't go far enough, it's all he mentioned and an insider contract to move product manufactured by businesses owned by Bush's skull society buddies.

Research who Michael Chertoff is and his role in the Bush administration. Who do you suppose conveniently owns the corporations that manufacture the rapey scanners and other equipment that had to be procured for the security matinee?

What's mind blowing about it? It's a millennia old trick: create unnecessary government bureaucracy that soaks up a lot of unemployed people and pays them a low but comfortable wage. The ancient Chinese dynasties were well known for this, and in modern terms, the Arab oil-states are the most prolific, to the point where civil service wages are raised in times of instability in an attempt to appease people. I guess that this redistribution technique is not traditionally marketed as "jobs programs" because they produce nothing, but the purpose is served.
It's also a pretty good summary of the role that the military fill.
The TSA employs less than 50k people across the country. Around 40 million Americans live at or below the poverty line.

If it was some work program to prevent revolt, it fails at that just as hard as it does at securing the skies.

Look, I get how it's an amusing and poignant metaphor for what a bad idea key escrow is, but we all know that (unlike strong encryption) dinky luggage locks never provided any meaningful security in the first place. I pulled one apart with my hands once when I lost the key. You definitely don't need bolt cutters.

The outrage at this "spectacular failure" feels a little insincere. You want to convince me the government can't keep sensitive data secure, the OPM hack is closer to the mark.

The outrage isn't that your luggage can be stolen now. The outrage is that a) the government felt that it needed to invade the privacy of our luggage for security; so they made these master keys (yes, you can pull them apart with your hands, but provided the TSA doesn't regularly go through luggages, a broken lock is a quick way of telling someone's been through your stuff and you can take action appropriately) and b) it's been revealed that these keys can easily be obtained and the government does not care--showing the broader problem of what happens when you compromise privacy for "security".
We could have locks with seals. So the TSA could open them, but you could always tell that someone had opened them. Bonus points for re-sealing with a verifiable tag of some kind.

Ultimately it's pretty pointless, since your luggage can simply be stolen, or hacked open with a knife.

I've always treated the locks as part of the security theatre. Utter nonsense that probably got someone promoted because it sounded good. If someone at TSA said, "Hey we need to do something, anything, just so we look like we're doing something," then pointless toy locks are not all that damaging compared to other possible "somethings" they could have stuck us with.

The TSA truly needs to go.

One thing I always wondered: why inclined people couldn't buy the four locks and mechanically reverse engineer them? Could someone not disassemble the lock and see where all the tumblers fit and iterate on a solution until they get it?

I feel that the people that would exploit the 3D key files now floating around the Internet could achieve almost the same thing anyways.

I don't think any sufficiently logical person ever thought that a TSA lock was secure.

yea you could just go shopping and buy the range the locks which you can see the lock key ID through the packaging. just purchase all variations... likely people did this in past.

i never use luggage locks, i also keep my most valuable items in my carryon rather than my checked bags.

the locks are useless. easily cut, easily opened using tools, TSA still had access, now other people have access by copying the TSA keys.

if someone wanted to break into your luggage, they would have with or without the key.

i have had hard shell luggage cracked open by just terrible handling, i once had a lock/zipper got ripped off when it snagged somewhere.

i pack my luggage in a certain way and utilize tape in certain areas to know if someone was rummaging through it at the airport.

there is no security/privacy for your luggage at the airport

The security theater of the TSA is indefensible.

However, I found the article dubious. The only source for Mike England's alleged response is an email to _The Intercept_. While I am not calling the author a liar, I am skeptical that the response was placed in context.

> Clarification: An earlier version of this story incorrectly reported that hackers had broken into Travel Sentry’s internal website.

This is a particularly egregious error in reporting and suggests, to me, very sloppy reporting. So, without seeing the actual content and context of the email, including perhaps, the email which prompted the response, I am reserving judgment as to whether or not what has been reported is true to what the TSA actually meant.

It certainly wouldn't surprise me to hear the TSA responded in that way, but that doesn't mean that's what's actually happened.

I think its fantastic. Now when people bring up the fact that the government needs backdoor access to encryption to fight "terrorism" I can just point to how well they manage these things in practice.
I thought that the key's images were posted online by a TSA employee that didn't know any better...
The most secure way to transport goods in checked bags is to fly with a checked firearm. You are required to lock a firearm in a hard-sided case with locks that only you have the keys to -- TSA approved locks are not allowed. You are allowed to lock whatever else you want in these cases too. They are screened more closely and if they can't determine contents with an x-ray they will ask you to open the locks in their presence. It's a tradeoff for convenience, for sure, but it's the only way to travel with securely locked baggage.
You don't even really need a firearm; a starter pistol, or probably even a flare launcher, would suffice.
Be careful with this advice - If the TSA considers an item a firearm, local law enforcement may as well. If you are traveling to a place where firearms are restricted, you could end up facing penalties for possesion that don't discrimenate between "starter pistol" and "real pistol"
Yeah, I seem to recall a few stories of people getting in trouble traveling through states where this is an issue(I think the state in question was New York) via a connecting flight.
It happens in New Jersey too. What typically happens is there is an unexpected layover (say, due to weather), so the victims take possession of their luggage (with firearm) without malicious intent when they go to a hotel, and get arrested the following morning when checking in. In that situation, the proper (only?) course of action is to refuse to take possession of your checked luggage.

While traveling through a state, one is supposed to be protected by FOPA [0]. An uncharitable (technically correct but against the spirit) reading of the law is used by New Jersey and New York to harass gun owners, as in this case and in other more egregious cases.

[0] https://en.wikipedia.org/wiki/Firearm_Owners_Protection_Act

Is a gun that has been permanently made inoperatible considered a firearm in NJ and NY? Could you travel with something that looked like a gun by X-ray, but in fact was harmless?
I can't speak to the ultimate legality of your idea, but I would guess that one would be arrested and it would be up to your lawyer to demonstrate that you were acting within the bounds of the law (if you were).

To your first question, I think it's fair to say that both NJ and NYC (and because of NYC, NY to a lesser extent) are generally perceived as being hostile towards firearms and general weapons ownership. If I were to predict states that restricted possession of an inoperable or antique firearm, NJ and NY would be at the top of my list, in that order.

To your second question, the appearance of the object has no bearing on it's legal status as a firearm (laws prohibiting look-alike objects notwithstanding). A pistol frame or lower receiver, incapable of being anything but a paperweight without all the other parts, is a firearm for legal purposes and would get one busted in the same manner as if it were a completely operational firearm.

Weapons laws are nuanced, pedantic, and frustrating. Frequently, they make no rational sense.

The cop is going to err on the side of public safety and arrest you. And let someone else sort out whether it was a real gun or not.
Traveling with unloaded firearms through states is federally protected.

A few years ago, Greg Revell had a layover in New Jersey and bad weather caused his flight to be delayed. He stayed in a hotel, and New Jersey wound up arresting him and confiscating his firearm which was illegal in the state.

He argued that he was still traveling; New Jersey said he wasn't. He took it to court and won.

tl;dr Traveling through a state with a firearm is legal, but law enforcement can (apparently) still harress you even if you are obeying the law.

Legal in principle, yes. And yet, this person got arrested and harassed, and had to go to court to prove his point, where he was at non-zero risk of being convicted and sent to prison depending upon a reading of the law. Needless to say, his day, and his trip, were ruined.
You can actually use a credit card if you have (I think) a trust.

I was watching a podcast a while back on some guys about securing baggage, it also may have been a gunnit podcast where one of the guys did this, and he registered his credit card as a firearm with the trust. All of the requirements for a firearm can also apply to a credit card (basically it has a serial), so he was able to register his "firearm" with his trust and take it through using the process for checking an actual firearm.

I'd love to hear more about that, any more details or links to share?
Took me a bit to find, but I tracked it down at the end of the day when I made that post: https://youtu.be/nMBwM32wTfs?t=22m35s

This is the Gunnit Live podcast from some of the mods and others that are regulars on /r/guns

(comment deleted)
You are allowed to lock whatever else you want in these cases too.

If enough people abuse this, I expect they'll start requiring those items to be firearm-related too.

The article seems to me an admission that the locks were never intended to secure anything and just there to make people feel better. At least the TSA understands that not only are the locks unsecure now, they never were.
The best advice I've seen is to secure your bag with a cable tie, then you tell whether anyone's been through it.
This is what I do for my tool bag. I also leave a note inside with a couple more zip ties taped to it, asking whoever is going through my stuff to please zip it again. Somewhere near 80,000 miles traveled this year and it seems like a decent solution.
These can be quickly opened with a narrow flat screwdriver. But they probably wouldn't bother with it in practice.
The goal is not to secure the luggage; its used as tamper evidence.
The point being, once opened non-destructively (with a screwdriver), cable ties are easily re-closed, leaving no trace of tampering.
I used to have a bit of an interest in recreational lock picking. I had a few TSA-approved locks that I liked to use as demonstrations to friends, because they were so trivially easy to open. They would pop open after just a few seconds of jiggling anything at all around in there, so they were great at building people's confidence that they could learn to pick locks, and that locks are just puzzles, not magic.

This is the only time that I've ever considered the TSA locks to be useful for anything at all.

Who cares? These locks could be cut with tweezers. Manual baggage inspection notices could be faked regardless. Pure noise.
If you REALLY, REEEALLLY need the things with you, you could always do something like UPS with signature and insurance. Make the insurance level something like 3x the value of our items and you should be good.
> In a spectacular failure of a “back door” designed to give law enforcement exclusive access to private places, hackers have made the “master keys” for Transportation Security Administration-recognized luggage locks available to anyone with a 3D printer.

Surely this doesn't require a 3D printer. The right key blank and a set of needle files should do the trick, or should be able modify an off the shelf key.

I suppose saying it can be done with a 3D printer makes it all seem more dramatic.