iPhone Hack Grants Free Flights, Student Claims

Status
Not open for further replies.

COLGeek

Cybernaut
Moderator
Go to jail! Do not pass "Go". Do not collect $200.This sounds like a bold claim that fails to account for the entire confirmation process. No way this can work with all of the checks and balances in the current travel systems.
 

Dr-Emmerich

Estimable
Mar 27, 2014
6
0
4,510
This is more "social engineering and a few more tactics" then any hacking. All he did was manipulate the aztec code and probably used photoshop making the boarding pass match the aztec code. There would be no record of his boarding pass in the system so he basically just had to talk his way on...probably by complaining.
 

f-14

Distinguished
Apr 2, 2010
774
0
18,940
"Tom's Guide remains skeptical, however. Falsifying a boarding pass requires creating a very specific barcode and usually ties your name to a seat. Without knowing which seats on a flight are empty, your odds of choosing an unoccupied spot are low." THAT MADE ME LAUGH SO HARD RIGHT THERE!!i once had a flight where my seat was sold 3 times and 2 other people who had bought other seats as others had also bought, were shuffled to my seat. 5 people vying for one seat, mine, which i had booked 3 months in advance. they tried to bump me 3 times until i called over a cop and asked him who goes to jail for committing fraud.... i got my seat and my return flight became free so long as i didn't press charges against the air line.alot of times my seat has been double booked and i took free miles or upgraded to 1st class or 1/2 priced fare on a later flight an hour or 5 after. i still have enough miles to fly around the world 8 times.
 

genz

Honorable
Oct 8, 2012
20
0
10,570
This is more "social engineering and a few more tactics" then any hacking. All he did was manipulate the aztec code and probably used photoshop making the boarding pass match the aztec code. There would be no record of his boarding pass in the system so he basically just had to talk his way on...probably by complaining.
Do your research, just about every interesting hack in the last 20 years required social engineering too. Also I very much doubt that the checks and balances are as intense as you think. Much like boarding a train in other countries, the ticket and it's reader would not be connected via the net to a database of purchases because that would ground the plane in event of a network failure.
Tom's Guide remains skeptical, however. Falsifying a boarding pass requires creating a very specific barcode and usually ties your name to a seat. Without knowing which seats on a flight are empty, your odds of choosing an unoccupied spot are low.
When opting for first class, many airlines will actually allow you to select a seat, a quick phone call to find out seat availability - under the guise of wanting to make a last minute purchase - could quite easily get you the needed info.
 

Darkk

Distinguished
Oct 6, 2003
253
0
18,930
I find this very hard to believe that it could actually have worked since the barcodes are very specific and tied to the traveler's account with the airline or booking agent and the flights. It's very possible he may have obtained other bits of info need to spoof the barcodes. He took a big risk to see if it worked.
 

quantum mask

Distinguished
Aug 24, 2009
121
0
18,630
I know it won't work at the airport I worked in last year. You have to check in first or the person at the gate will not see you come up on their system. You can check in at the gate but if your name doesn't already come up as being in the system as someone who bought a ticket it will be flagged. Then the flight attendant has a list that she will also check once everyone is on the plane. We've had flight attendants actually pull people off the plane that made it through the gate but were not on her list.
 

okibrian

Distinguished
Apr 3, 2009
221
0
18,830
"Tom's Guide remains skeptical, however. Falsifying a boarding pass requires creating a very specific barcode and usually ties your name to a seat. Without knowing which seats on a flight are empty, your odds of choosing an unoccupied spot are low." THAT MADE ME LAUGH SO HARD RIGHT THERE!!i once had a flight where my seat was sold 3 times and 2 other people who had bought other seats as others had also bought, were shuffled to my seat. 5 people vying for one seat, mine, which i had booked 3 months in advance. they tried to bump me 3 times until i called over a cop and asked him who goes to jail for committing fraud.... i got my seat and my return flight became free so long as i didn't press charges against the air line.alot of times my seat has been double booked and i took free miles or upgraded to 1st class or 1/2 priced fare on a later flight an hour or 5 after. i still have enough miles to fly around the world 8 times.
Just to let you know, I'm excepting mileage donations. Thanks!
 

Luigi Castiglione

Estimable
Apr 9, 2014
2
0
4,510
Either a fake or big misunderstanding.
Generating the fake boarding pass is the easy part.
Try it your self:
?http://www.ipassme.com/demo/boardingpass/pass/

Good luck with passing any check at the airport!
And, of course, please don't try! ;)

The "string" in the barcode is pretty easy to hack. It's not different from the one used "until yesterday" on the printed boarding pass. Just a short collection of info such as name, flight number, confirmation code, seat, etc.
I'm pretty sure at the gate they verify the info with their DB's. I'm refusing to think otherwise. Besides, Apple is pretty clear about that: "it's a retailer responsibility to verify the data in the pass".

:)
 
Status
Not open for further replies.