Flying Without an ID

Since I just got through flying a bunch, here’s a funny story that lightened my mood. It turns out the TSA has been creating a database of some who have flown without an ID and “adding them to a database of people who violated security laws or were questioned for suspicious behavior”.

You actually can fly without an ID, thanks to Gilmore v. Gonzales. This is a boon to those whose wallets are stolen while they’re traveling, and supports the ability to travel anonymously without being tracked. But according to the USA Today article, TSA chief Kip Hawley confirmed the database, then later told the paper that they were changing their policy and would no longer be keeping records of ID-less people if the TSA screener can determine their identity.

The TSA blog dances happily around the issue. They don’t deny the story, but they are happy to invoke the image of 9/11.

This USA Today story perpetuates exactly the type of misperceptions that damage the credibility of a system designed to protect the traveling public in a post 9/11 world.

Funny thing: their system as it stands has a big gaping hole in it. As any number of people have pointed out, their system of ID checking is an open triangle.

When you buy a ticket and it’s issued to you, your ID is checked against the no-fly list. When you go through security, your ID is checked against the printed ticket. But your ID and printed ticket aren’t checked against the actual records of who’s supposed to be on the flight. And since the airlines and security accept tickets printed out at home, you can create your own fake boarding pass.

Let’s say I’m Phil the Terrorist, and I’m on the no-fly list. The government’s watching me. How can I ever get on a plane again?

I get an accomplice who’s clean to buy a ticket. Then I create a fake boarding pass that matches my actual Phil the Terrorist ID. I go through security with my fake boarding pass, and then swap that for the real ticket my accomplice bought.

So, yeah, tell me again how you’re protecting me in this post-9/11 world while you’re leaving open a security hole that’s been identified for at least three years.