A new study has exposed some shocking facts about the airport security scanners that allow Transportation Safety Administration (TSA) agents to scan through clothes of the travelers. According to top researchers, the controversial security system can be easily breached as these scanners can be fairly obstructed from detecting concealed items including bombs or weapons.
The controversial Rapiscan Secure 1000 Single Pose full-body ‘backscatter’ scanner was discarded last year by the TSA after four years of use.
ProVision (LLL) L3, other main scanner brand used at airports, was reconfigured so that the privacy invasion could be minimized.
The researchers said that the security system can be easily contravened by covering contraband under simple plastic shields or clothing. They say the clothes or plastic shields can obscure it from appearing in the monitors.
Adding to the woe, the software of the scanners can be easily hacked to present faulty images at certain angles or to covering up certain parts of the body, making them undetectable.
It is noteworthy, the TSA has not discontinued the Rapiscan Secure 1000 use following security reasons but due to public outcry over the naked images of the passengers that the machine gave to the security agents while scanning.
According to the researchers, TSA had discarded the Rapiscan Secure 1000 but it had sold them at deep discounts to government facilities including prisons and courthouses. They remain in use in jails of Grand Traverse County, Mich. and Wilkes, N.C. and also at airports around the world, including Kenya, Rwanda and Tanzania.
J. Alex Halderman, study co-author and Computer science professor from the University of Michigan, said, “What does this say about how these scanners were tested and acquired in the first place? It says there’s something wrong with the government’s process. The process is secret and not independent. Those are problems.”
TSA spokesman Ross Feinstein, however, did not directly address the findings, but said that the technology deployed by them undergoes “a rigorous testing and evaluation process, along with certification and accreditation. This process ensures information technology security risks are identified and mitigation plans put in place, as necessary.”
The researchers from several top US universities will present the study at the Usenix security conference in San Diego on Thursday morning.