Friday, December 14, 2007

HOWTO defeat the shoe-scanner at Heathrow - Boing Boing:

Bruce Schneier just passed through Heathrow Airport and noticed that they're speeding up the shoe-scanning process by having you go through a metal detector first and then have your shoes scanned at a second system. Being a security guru, he gave it ten seconds' thought and figured out how to defeat it.

Here's how the attack works. Assume that you have two pairs of shoes: a clean pair that passes all levels of screening, and a dangerous pair that doesn't. (Ignore for a moment the ridiculousness of screening shoes in the first place, and assume that an X-ray machine can detect the dangerous pair.) Put the dangerous shoes on your feet and the clean shoes in your carry-on bag. Walk through the metal detector. Then, at the shoe X-ray machine, take the dangerous shoes off and put them in your bag, and take the clean shoes out of your bag and place them on the X-ray machine. You've now managed to get through security without having your shoes screened.

