Security researchers have long warned of the dangers of using master-keyed locks -- if thieves get their hands on just one key, they compromise all of the compatible locks at the same time. And unfortunately, the US' Transportation Security Administration is learning this lesson the hard way. It briefly let the Washington Post show a photo (we've blurred the details) of the master baggage keys it uses for approved locks, giving crooks a crude guide to making duplicates. And you can't just switch to a non-standard lock to get around this, since TSA agents will rip it off if they catch it during an inspection.
This isn't to say that your belongings would be completely secure even if the TSA and the Post hadn't slipped up, or if master keys didn't exist. Bump keys, raking and other techniques could get through, depending on the intruder's skill and access to equipment. However, officials made it much easier by both embracing master keys and letting a photo of them surface in a news story -- millions of suitcases and carry-on bags could be that much more vulnerable. Let's just hope that other government bureaus learn a lesson from this and avoid relying on master keys, whether they're physical or digital.
Via: Luke Rudkowski (Twitter)
Source: Washington Post
More Coverage: Matt Blaze (Crypto.com)
Tags: baggage, flight, key, keys, masterkey, privacy, security, transportation, travel, tsa