zzdcar
Home
/
Reviews
/
Beyond Cars
/
How a Hacker Unearthed the TSA No-Fly List
How a Hacker Unearthed the TSA No-Fly List-July 2024
2024-02-19 EST 22:13:51

Image for article titled How a Hacker Unearthed the TSA No-Fly List

We’ve all been bored on the internet, right? Aimlessly or , eyes glazing over as we spend hours doing the online equivalent of re-checking an empty fridge. But some people, it seems, use their boredom-induced internet browsing for more than just re-reading . Some use it to shine a light on the American surveillance state.

At least, that’s what Swiss hacker does. Through her hacking endeavors, she’s gotten her paws on all sorts of auto-adjacent information — everything from to . But her latest get may be her biggest yet: . Holy fucking bingle indeed.

Image for article titled How a Hacker Unearthed the TSA No-Fly List

For a hack of this scale, was relatively simple. She began with a site called Zoomeye — an international version of the search engine Shodan, which indexes internet-connected devices (like servers and routers) that have ports open for access from the broader web. In particular, crimew was looking for servers running , software that automates some of the more tedious tasks of developing and testing new code. You see, when automating processes, lazier developers will often leave default credentials in place — credentials that hackers like crimew can use to gain unauthorized access.

Upon finding a server full of vaguely aeronautical-sounding words, crimew’s curiosity was piqued. So, like a of old discovering a new BBS, she started poking around its files and folders. Quickly, she stumbled upon all manner of sensitive information: crew manifests, communications between planes and ground crews, and some projects that made reference to something called “nofly” — as well as a link where the software looked for that list.

And, clicking through that link, she found it: A spreadsheet with 1.5 million rows of data, each one a person (or alias, or suspected alias) deemed unworthy to fly by the FBI. Its contents are unsurprising — a list primarily comprised of “” names, picked out by .

With each hack and data leak, crimew has pointed out how our personal information is rarely as secure as we think. Whether it’s Nissan sales data or actual, live surveillance footage, private companies often make our info far more broadly accessible than we expect through their poor security. Now, it seems, we have proof of government agencies doing the same.

Comments
Welcome to zzdcar comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
Beyond Cars
Deadliest Train In America Kills 3 People In 2 Separate Collisions At The Same Crossing
Deadliest Train In America Kills 3 People In 2 Separate Collisions At The Same Crossing
operate between Orlando and Miami and hold the unwelcome distinction of being both the first intra-city high speed rail in the U.S. and the , by far. After three people died at a single grade crossing in two separate incidents last week it seems the feds are finally perking...
Jul 10, 2025
String Of Boeing Failures Continues With 737-800 Flight Turning Back With Cracked Cockpit Windshield
String Of Boeing Failures Continues With 737-800 Flight Turning Back With Cracked Cockpit Windshield
In the wake of recent major , including , , and the debacle that was , it isn’t a good time for further failures by the company. that would , an unrelated 737-800 with a cracked windshield, became international news this weekend. The flight took off from Sapporo-New Chitose...
Jul 10, 2025
2023 Zero DSR/X: The Bike Of The Future, But Not Our Future
2023 Zero DSR/X: The Bike Of The Future, But Not Our Future
The world, in 2023, is cyberpunk. We’ve got the , the , and the that keeps the and the . But in cyberpunk media, people are always riding . Why are we stuck with the same bikes we’ve always had? , it seems, wants to address this grievous wrong....
Jul 10, 2025
Marshmallow Treats Ended Up On The Royal Air Force's No-Fly List
Marshmallow Treats Ended Up On The Royal Air Force's No-Fly List
Over in the United Kingdom, there’s a certain dessert known as a “teacake” — or, as a British friend kindly informed me, it’s more accurately known as a “Tunnock” in Scotland. Basically, the food in question for this particular story are actually a cookie base topped with marshmallow, coated...
Jul 10, 2025
Aircraft Touch Tips During Blizzard At Japanese Airport
Aircraft Touch Tips During Blizzard At Japanese Airport
As at , its port side wing the starboard vertical stabilizer of bound for Hong Kong. This comes at Tokyo’s Haneda Airport, and . “Our aircraft, which was stationary at the time with no customers nor crew onboard, was struck by a Korean Air A330 which was taxiing past,”...
Jul 10, 2025
Crystal Chunks Are Bursting Through The Road In China
Crystal Chunks Are Bursting Through The Road In China
A video of what looks like quartz breaking through the surface of a is making the rounds on . I don’t get over there much, being suspicious of the Chinese over concerns of it spying on its users, as the reports. OK, fine. Actually, I just don’t get the humor...
Jul 10, 2025
Copyright 2023-2025 - www.zzdcar.com All Rights Reserved