August 22, 2014
Airport Body Scanner Bought On EBay Raises Security Alarm
Eric Hopton for redOrbit.com - Your Universe Online
Investigations have revealed that airport security may have been flawed for several years and the online shop eBay has played a surprising part in the discovery. Among the many strange items available on eBay, one in particular has kicked up a storm of controversy over the efficiency and effectiveness of those airport security procedures.
When a US government surplus “Rapiscan Secure 1000 DP (Dual Pose) Backscatter Body Scanner (Never Installed)” was on offer for the price of $49,500, with a $2,000 shipping fee, it was snapped up by unlikely buyers. According to PCWorld, the seller acquired the machine in Europe at a 2012 auction of surplus equipment from a US facility.
A team of researchers from the University of California, San Diego, the University of Michigan, and John Hopkins University bought the scanner and began to run it through a series of tests. In a blow to the credibility of airport safety, they found that they were “able to conceal firearms and plastic explosive simulants” and get them past the scanner. “Frankly, we were shocked by what we found,” said one of the team, J. Alex Halderman, professor of computer science at University of Michigan.
One of the most worrying aspects of the team's findings was the relatively low technology needed to fool the scanner. Some of the ways in which this could be done are shown in the study’s gallery including masking the scanned image of a metal object with commonly available plastic PTFE Teflon, covering it with a body-colored plastic block, and disguising the shape of a knife by tapering the block edges. Another image demonstrates how more than 200 g of “C-4 plastic explosive radiological simulant” was hidden by being molded to the stomach with the detonator placed over the stomach.
The scanner used in the test was also found to be vulnerable to attacks on its built in software which could be modified to present an “all clear” signal to the operator even though the person passing through the machine was carrying contraband.
Is the act of publishing this material tantamount to providing a terrorist’s manual? On an FAQ page the team responds to this by claiming they have removed some details of the simulated attacks to “avoid providing recipes that would allow an attacker to reliably defeat the screening process without having access to a machine for testing.”
The researchers suggest that the failings result from a flawed process of design and evaluation. They believe that the manufacturers of the Secure 1000 and the authorities that approved its use “assumed that attackers would not have access to a Secure 1000 to test and refine their attacks.” The fact that the team was able to grab one from eBay blows any such assumption out of the water. This machine and many other similar physical security systems are, say the team, “evaluated in secret without input from the public or independent experts” and this process needs to be “replaced or augmented by rigorous, public, independent testing.”
Although this model was withdrawn from use in airports in 2013 due to concerns over privacy, they have been redeployed to other government facilities including courtrooms and prisons. The results of the tests were given to the Department of Homeland Security as well as the Rapiscan’s makers in May this year along with recommendations for improving the security.
The team presented their findings publicly at the USENIX Security conference on Thursday Aug. 21. Full information set is available here.
Shop Amazon - Hot New Releases - Updated Every Hour