
TSA Master Keys - privong
https://www.schneier.com/blog/archives/2015/09/tsa_master_keys.html
======
tempodox
Not only is this another impressive demonstration of incompetence, but by
disseminating the idea that people's luggage could be “secure” and
“backdoored” at the same time, they're actually destroying what security has
existed before. They should pivot to be the “Transport Endangerment Agency”.

~~~
flavor8
Most luggage isn't really secure in the first place. It takes less time to
open up a suitcase with a good knife than it does to unzip many suitcases. The
idea that a little padlock will protect your suitcase from thieves is
laughable. Like physical mail, the system is based on trust, and trying to
patch security onto it is difficult.

~~~
aneidon
Sure, but if someone cuts your suitcase open with a knife it'll be much more
obvious than if they used the master key to open it and then zipped it shut
again.

~~~
piquadrat
Maybe if you cut it, but that's not even necessary

[https://youtu.be/zMTXzQ0Vqn8?t=106](https://youtu.be/zMTXzQ0Vqn8?t=106)

~~~
k33l0r
I've been through the training for airport security officers (not in the US,
though) and that's one of the techniques they taught us. Also most baggage
locks are ridiculously easy to pick with basic tools (literally a 15-30 minute
lesson) even if you don't have the master keys available.

------
brk
I doubt these images really did all that much for people who wanted a set of
TSA keys. The locks themselves are widely available and it's easy to reverse
engineer a key if you have the lock (especially multiple copies of the lock to
destroy and test on).

If anything, this just made it easier for casual lazy people to get a set of
images for keys they'll never make :)

~~~
kitd
Can you reverse engineer a _master_ key from one sample lock though? Genuine
question, IDK.

~~~
gmaslov
The way I understand master keys work is that the lock has two "breaks" in
each pin, instead of just one. So each pin has two positions that allow the
lock to open, and you don't know which one belongs to the master key.

I think at least two locks would be required, and depending on how many pins
and possible positions there are, more might be needed in case of a collision.

~~~
brianwawok
I mean a lock comes with 1 key right? If you make a second key that opens it,
but shares nothing with the default key - you may have a winner.

------
harkyns_castle
Seems to still be a lot being done in the name of security theater in the US,
and just wasting dollars on the TSA, for what appears to be very little
effect.

Who's really profiting there? Is it just for the employment of people that
otherwise wouldn't have a job? Or are the majority of citizens there really
made to feel more secure by having them? I'd have to say some defense
contractor is getting a bit fatter off this.

Seems like a ridiculous waste of money.

~~~
coldpie
> Seems like a ridiculous waste of money.

The people paying for it (US citizens and those who travel into or through the
US) would surely see it as a waste. But the people profiting don't, and the
people profiting are the same people who make the laws mandating them.

I opt out of the naked scanners every time I fly. Just tell the TSA clown
trying to herd you into the naked scanner the magic phrase "I'm opting out."
After a 5 minute wait, some other clown will come over and molest you, and
then you're free to go.

I do this as a little protest against a system I see as stupid and illegal. If
everybody opted out, the system would get so backed up that they would have to
change their policies. I'm doing my part, and I encourage you to do yours next
time you fly. (Unless you're not white, in which case you should probably just
keep your head down :-/ )

~~~
harkyns_castle
I'd do it if I have cause to fly into the States again, but I can't help but
think its not really going to help much. From my youthful experiences at being
a knob, I'd say don't piss off food makers/deliverers, or airline staff. I
once annoyed a Qantas security lady, and I noticed it for a fair few trips
afterwards. Then again, with wealthy interests controlling the US, I can't
really see what will help at this stage. Its a descent into corruption and
mess, but I can't judge how quickly it'll crumble.

~~~
pcl
You can opt out politely; I do it all the time. Recently, it's been
interesting, since I dislocated my shoulder and can't yet lift my arm as high
as they want me to. But it still seems to work out.

------
tptacek
Was it ever possible to have a secure lock held by tens of thousands of people
with a secure master key, even if the authentic master keys were never
revealed?

~~~
kabdib
This. One thing that kills escrow systems dead is the complacent spread of
authority.

You start with critical keys that are closely held. Over time other parties
express the need for access ("Okay, if you _promise_ to be good"). Nothing bad
happens (that anyone can prove...) so over time more entities are brought into
the circle of trust. Eventually the dog-catcher has access to your stuff.

There's no way these keys haven't already broadly leaked (I mean, before these
pictures).

~~~
tptacek
I'm asking a different question.

Forget about leaks for a second.

If a mechanical engineer can get their hands on 1,000 sample locks and keys
(for instance: by simply buying them) and then imaging them, is it that
difficult to reverse engineer the skeleton key system?

~~~
Vexs
It's very easy to do actually, you just need one lock actually. It's called
key impressioning, and basically you put a blank in a lock, look for the
scratches on it, file it down a bit, rinse/repeat.

~~~
tptacek
It shouldn't be quite that easy, because the engineer has locks A, B, and C,
and needs to discern from them the skeleton key that unlocks X, which they do
not have.

------
rogeryu
So luggage handlers can open my suitcase, put in some drugs, and at the other
end I can get caught for having drugs in my luggage?

They should setup a service where you checkin your luggage, they check it for
drugs or illegal stuff, they seal it, and at arrival you get your suitcase
with the guarantee that it had no drugs at checkin.

~~~
SyneRyder
You've just described the conspiracy theory behind the Schapelle Corby drugs
case in Australia, who claimed the drugs she'd been caught with in Indonesia
must have been planted by a baggage handler:

[http://www.theage.com.au/news/National/Bag-handler-theory-
ov...](http://www.theage.com.au/news/National/Bag-handler-theory-over-Corby-
case/2005/03/07/1110160746484.html)

At the time, the case & defence theory was so high profile that Australian
airports had a service to seal your luggage in layers of shrink-wrap before
your overseas flight, so you could know if your luggage had been tampered with
by baggage handlers and prevent it being "Schapelle'd":

[https://www.choice.com.au/travel/on-
holidays/luggage/article...](https://www.choice.com.au/travel/on-
holidays/luggage/articles/luggage-security)

As for the TSA locks, the Prestolock TSA Search Alert locks come with a
green/red indicator to show if the lock has been opened by a TSA key. Though
the TSA tend to leave a notice in your bag as well saying it was opened for
inspection.

~~~
FireBeyond
Yeah, I can't say I had much sympathy for Schapelle:

It was claimed that she was the unwitting victim of a domestic airport
transshipping smuggling ring, who would stuff drugs in unwitting passengers
bags and pick them up at the other end. Her lawyer later admitted that this
theory and the 'evidence' the defense presented around it was his invention,
to the point where he was disbarred.

She claimed that she had never been involved with marijuana nor had anyone in
her family. Photos and other evidence surfaced showing her smoking, and before
and after her trial, family members including her mother were charged with
drug offenses, including 'supply' offenses, not just possession.

Photos of her surfaced with known drug dealers and smugglers. The most
damaging of these was with a drug smuggler. Schapelle claimed that the photo
was from 'years ago' and that she had disavowed contact after learning of his
involvement. The Indonesian prosecution showed that the photo was taken at the
jail where she was being held pre-trial.

I'm not a smoker, but definitely pro-legalization. But her case was exactly
that, full of conspiracy theories that had little to no backing in reality.

------
Vexs
I'm kinda surprised that key number 2 on the imgur mirror is a dimple lock.
Those are generally used for more high security things than crap tsa travel
locks; they're expensive too. Key 4 doesn't surprise me though.

[https://imgur.com/a/JQD7l](https://imgur.com/a/JQD7l)

~~~
explorigin
Dimple locks are not at all for high-security, they are less common though.

They can easily be defeated with a deep-drilled blank wrapped in aluminum
foil.

~~~
AUmrysh
Many dimple locks can be picked with just some tension on the cylinder and a
ball pick. The common cheap Bell brand lock at wal-mart or amazon [1] is
easily picked like this. All you do is stick the ball pick in the back of the
keyway, apply your tension, and wiggle the pick around the keyway as you pull
it out. You might have to insert it a few times, but I've been able to
reliably open one of those in about 10 seconds.

1: [http://www.amazon.com/Bell-Sports-7015777-CATALYST-U-
Lock/dp...](http://www.amazon.com/Bell-Sports-7015777-CATALYST-U-
Lock/dp/B000AAYBKA)

------
Spooky23
The whole proposition here is ridiculous. "we must assume any adversary can
open any TSA "lock""

No shit.

We're not talking about a bank vault here -- it's luggage. Does anyone,
anywhere, have any expectation whatsoever that a luggage lock provides
meaningful security? I think I opened my mom's luggage lock with my sister's
hairpin when I was 6 years old, and I have zero lock picking skills.

~~~
coldpie
The article isn't about the usefulness of TSA's locks, it's an allegory about
backdoors, and another humorous take on the TSA's utter incompetence.

------
ksherlock
[http://www.heraldnet.com/article/20141130/NEWS02/141139966](http://www.heraldnet.com/article/20141130/NEWS02/141139966)
\-- third picture in the slide show.

~~~
GordonS
Much higher quality images here:
[https://imgur.com/a/JQD7l](https://imgur.com/a/JQD7l)

------
stewartbutler
Workaround:
[https://www.schneier.com/blog/archives/2006/09/expensive_cam...](https://www.schneier.com/blog/archives/2006/09/expensive_camer.html)

------
davrosthedalek
It's sad that so many comments concentrate on whether luggage is secure in the
first place. Of course it is not. The real issue is that having a backdoor
makes a new class of attacks possible. A wilful or accidental leak, for
example. Or you can reverse engineer the master key if you have enough locks.

The big impact is that one leak kills the security of all locks (of that
type).

I don't think this would necessarily be the case when looking at (publicly)
backdoored encryption. Here, you could have an individual backdoor key for
each "lock". Of course, the mass storage of backdoor keys make a mass-leak
also more probable.

------
hellbanner
My google-fu is lacking, but recently (last year?) an inmate escaped thanks to
their cellmate who was a master jeweler & had a full kit in his cell. A
photograph of the guard's keys was smuggled in and the jeweler cut a key for
the inmate to escape.

~~~
stingraycharles
I think this is the story you are talking about:
[http://www.news.com.au/national/killer-escaped-prison-
after-...](http://www.news.com.au/national/killer-escaped-prison-after-being-
issued-picture-of-master-key-to-all-locks/story-fncynjr2-1226629878591)

~~~
Vexs
> THE design for a key that allowed a convicted killer to escape from a
> Territory prison was printed on the cover of a booklet given to all inmates,
> it has been revealed.

Pahahaha. That sounds like something you'd find in an ARG puzzle, but this was
a prison. Kinda curious how the other prisoner had jeweler's equipment in his
cell, it seems like that could be pretty dangerous. Good behavior?

~~~
kuschku
Most prisons don’t look like it’s shown in movies, but more like
[http://static.businessinsider.com/image/53862b38ecad041f184e...](http://static.businessinsider.com/image/53862b38ecad041f184e37de/image.jpg)

It’s also not uncommon for many criminals to be allowed to leave the prison
and walk around in the surrounding area to go to stores, etc, unless they are
a direct threat.

So, having this equip in the cell is not unusual.

~~~
morsch
That photo's probably from some German-speaking country. Is it representative
of US prison cells?

------
edward
Reminds me of this story:

Jail keys changed after TV lapse
[http://news.bbc.co.uk/1/hi/england/london/5145026.stm](http://news.bbc.co.uk/1/hi/england/london/5145026.stm)

------
MCRed
The TSA has resulted in millions in stolen items, and not caught a single
"terrorist". Its procedures are a joke, it is irradiating everyone, or if they
opt out, molesting them, which is a crime in all 50 states... not to mention
every single TSA search is a violation of USC 18-242.

The existence of this organization proves that both Bush and Obama and the
Democrats and Republican parties are corrupt and irrational... and more
interested in their own power than in benefiting the country.

------
jonknee
I had a TSA lock and it lasted exactly one trip. They searched the bag (found
a note inside) and didn't lock the case back up, I never saw the lock again.
Ridiculous.

------
darksim905
Hey everyone :)

If someone happens to have questions about these keys, we don't physically
have them. But we plan on making our own versions & finding the right blanks.
If you think you can help, or want to know more, you can always reach out to
myself or @Irongeek_ADC.

If you happen to know Solidworks & how to trace objects, I'd like to really
get to know you.

Cheers :)

------
pmontra
I usually pay to wrap my luggage with plastic, see
www.cnbc.com/2014/04/02/travelers-pay-to-protect-luggage-with-plastic-
wrap.html I do it more to protect the suitcase than its content. I think it
defeats the purpose of a TSA lock. Is it still allowed in the USA?

------
rdl
I generally use either a pelican case with abloy protec 2 321 or 330 padlocks
(essentially the least pickable), or a pacsafe anti theft suitcase with tsa
lock and seals. Not perfect, but beyond casual or even local LEO surreptitious
entry.

------
abhv
Schneier's post is a re-blog of Nicholas Weaver's original story here:

[https://www.lawfareblog.com/tale-three-
backdoors](https://www.lawfareblog.com/tale-three-backdoors)

------
scurvy
There's a comment in the original post about bags with firearms requiring a
non-TSA lock. Has anyone travelled with a firearm as a maneuver to secure
their luggage? Seems lengthy, but probably works. I'd imagine you need to
check-in in a different area and not the front desk?

Edit: I just watched the YouTube video posted below. Looks like we're just
dealing with a flawed system.

~~~
15155
I do not fly anywhere without a firearm (save for non-free cities such as SF
and NYC).

This method absolutely works.

My luggage is a very large pelican case.

> I'd imagine you need to check-in in a different area and not the front desk?

Yes, and at some airports you get your very own line (which is almost never
busy). I've saved multiple hours at certain major airports because of the
separate screening procedures/lines.

Most of the time, though, you'll just go to a normal desk, say "I need a
firearms declaration," and they'll check you in as-normal, until your bag
needs to be screened. At that point, you'll go to another area, unlock the bag
for the TSA (if it alarms) and receive a hand-screening.

------
mzs
For luggage it's usually on a zipper with two sliders, which you just pull on
the tape to separate, look inside, do whatever you like while in there, and
then move the sliders back and forth twice to re-close, so it never really
mattered.

------
nsxwolf
I used to buy those TSA approved locks with the master lock. They would just
cut them off anyway.

------
nsajko
OT but, I wonder what would happen if i had items in my luggage encased in a
block of plastic?

------
whaaaaaaat
spoiler alert: don't check your luggage

------
adultSwim
Oops

------
happyscrappy
The worst damage an individual can do to the environment, short of starting a
tire fire at the dump, is to fly. Save the environment and avoid the TSA,
don't fly.

~~~
krastanov
I am pretty sure that in terms of person-miles per gallon flying is comparable
to automobiles. Are you referring to some secondary damage that flying causes?

~~~
kuschku
Actually, flying is better than almost all cars sold in the US (except for the
VW Up!, which comes close).

An Airbus A380 uses the equivalent energy of 3l gasoline per passenger per
100km. This is a mileage of 80mpg.

Only rail is more efficient.

~~~
ufmace
I remember reading somewhere that rail, and most other mass transit, isn't
actually that efficient. The idea being that sure, a bus or train full of
people is really efficient, but in order to get all of those people to want to
ride it, you have to run a lot of empty or almost-empty vehicles around all
the time. Sum up all the trips for the whole system, and it's about the same
as an average-ish car.

~~~
kuschku
It obviously depends – in Tokyo, or NYC, you’ll have almost-full trains 24/7\.
As you obviously use smaller trains at night, and only full trains during rush
hour.

Even with busses, most transit authorities have lots of different sizes – from
10 people busses in rural areas at night, to bi-articulated busses for 300
people at rush hour in downtown areas.

If you always try to use the same vehicle, though, yes, you get the same
mileage as an average car. You still save space on the roads, though.

