Hackers of NY founder Dani Grant has discovered (via Engadget) a security flaw that enables Delta passengers to access the boarding passes of others, even those flying with different airlines like Southwest. Grant realized that she could share a link allowing anyone to download her boarding pass, and then change one digit in the URL and be presented with a completely different boarding pass belonging to someone else.
But in case you were planning on ditching your family party in Maine to lay on the beach in Malibu these holidays, don’t get too excited. While this security flaw is a serious privacy concern that should promptly be addressed, it won’t allow for a stranger to take your seat on a plane anytime soon. Without a legitimate boarding pass in your own name, good luck getting past the TSA without being detained for committing a crime.
“Travel document checking is just one layer of TSA’s defense for aviation security,” said TSA’s press secretary Ross Feinstein in a statement. “Officers are trained to detect and potentially deter individuals who may attempt to board an aircraft with fraudulent documents.”
A stranger could, however, check you into your flight and even change your seat on the plane.
Delta did not respond to immediate request for comment.
FTC: We use income earning auto affiliate links. More.
Yikes.
“Hackers” …
The qr codes need to be censored. I can read complete names using qr code scanner, example: a****n
These are not QR codes; they’re two-dimensional codes though. ;-)
Yeah, you’re right. Thank you.