Some of the locks have special indicators which flag that a TSA key has opened 
it, which marginally improves the idea, but not
by much.  Whether those flags could represent a defence in the case of a 
corrupt official in possession of TSA keys I do not

Without such flags, it's an INCREDIBLY unwise idea, as if you keep the bag 
unlocked, at least you have a defence that handlers
could have added items to the luggage in transit.

Some readers will have heard the case of Schapelle Corby, who is serving a 20 
year sentence in Indonesia for trafficing
marijuana.  In the ensuing investigation, a significant amount of evidence was 
uncovered suggesting that corrupt baggage
handlers were trafficing drugs between Australian airports, using unlocked 
baggage.  Corby's laywers claimed that she was the
victim of this, and that the destination baggage handler failed to intercept 
the drugs which were planted in her luggage.

I won't make a comment on the conduct of the agencies, the media and 
governments involved in the Corby case.  However, I will
say that any government (or other) program which assumes the honesty of 
employees and contractors is fundamentally flawed, and
any associated risk analysis is either incompetent, or in failing to identify 
risk to travellers, seriously incomplete.


-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Hadmut Danisch
Sent: Tuesday, 27 February 2007 7:20 AM
Subject: padlocks with backdoors - TSA approved


has this been mentioned here before?

I just had my crypto mightmare experience. 

I was in a (german!) outdoor shop to complete my equipment for my next trip, 
when I came to the rack with luggage padlocks (used
to lock the zippers). 

While the german brand locks were as usual, all the US brand locks had a 

   "Can be opened and re-locked by US luggage inspectors". 

Each of these (three digit code) locks had a small keyhole for the master key 
to open. Obviously there are different key types
(different size, shape, brand) as the locks had numbers like "TSA005" 
tell the officer which key to use to open that lock.

Never seen anything in real world which is such a precise analogon of a crypto 
backdoor for governmental access.

Ironically, they advertise it as a big advantage and important feature, since 
it allows to arrive with the lock intact and in
place instead of cut off. 

This is the point where I decided to have nightmares from now on.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to