A flaw in e-ticket systems could mean a hacker can print your boarding pass

best flight tracking apps
Trevor Mogg

Security researchers at the firm Wandera have exposed a vulnerability in the e-ticking system used by several popular global airlines. The vulnerability was discovered in December and involves unsecured check-in emails that can put the personal information of passengers at risk or even allow a hacker to print boarding passes.

Though there is no evidence that currently supports a major data breach, eight airlines including Southwest, Air France, KLM, Vueling, Jetstar, Thomas Cook, Transavia, and Air Europa are impacted by this vulnerability. According to Wandera, these airliners are sending unencrypted check-in links, which otherwise automatically log passengers into a website to check flight status and print boarding passes. That can allow a hacker who is sharing the same Wi-Fi network as a passenger to intercept the link and gain access to the same information.

Several types of personally identifiable information can be accessed through this vulnerability, including passport information, seat assignments, first and last names and baggage selections. However, the type of information that can be stolen depends on each airline e-ticking system. In some cases, hackers can still leverage this information to their advantage to change an itinerary. That includes the ability to add or remove extra bags, change seating arrangements, or alter both the mobile phone number or email associated with a booking.

“Our threat research team observed that travel-related passenger details were being sent without encryption as one of our secured customers accessed the e-ticketing system of one of the airlines mentioned above. It was at that time that Wandera notified the airline and began further research,” Wandera said.

The vulnerability was shared the appropriate government agencies as well as with the airlines. A period of four weeks is given for the vulnerability to be fixed before it was made public. As a solution, Wandera recommends for airlines to adopt strong encryption methods, require user authentication, and use one-time tokens for links in emails.

This would not be the first time that airliners have faced scrutiny relating to its cybersecurity practices. Though more severe, a British Airways data hack in 2018 impacted more than 380,000 passengers after its computer systems were breached. A separate instance with Cathay Pacific also impacted up to 10 million of its customers in 2018.

Business

Singapore Airlines passengers unsettled by cameras in seat-back displays

A number of passengers flying with Singapore Airlines recently expressed concern over cameras embedded in seat-back displays on some of its aircraft, though the carrier insists the devices have been disabled.
Computing

Protecting your PDF with a password isn't difficult. Just follow these steps

If you need to learn how to password protect a PDF, you have come to the right place. This guide will walk you through the process of protecting your documents step-by-step, whether you're running a MacOS or Windows machine.
Smart Home

After camera hacks, Nest locks customers out until they change their password

Nest is locking people out of their accounts if it believes there may have been a breach. Users will have to set up a new, secure password before they are able to regain access to their account.
Business

Marriott asking guests for data to see if they were victims of the Starwood hack

Marriott has created an online form to help you find out if your data was stolen in the massive Starwood hack that came to light toward the end of 2018. But take note, it requires you to submit a bunch of personal details.
Computing

Intel expects Apple to transition Macs to ARM processors in 2020, report says

It has been rumored for some time that Apple could transition away from Intel to ARM processors, but a new report now claims that Intel is aware of the decision and that it could happen in 2020.
Computing

Still miss Windows 7? Here's how to make Windows 10 look more like it

There's no simple way of switching on a Windows 7 mode in Windows 10. Instead, you can install third-party software, manually tweak settings, and edit the registry. We provide instructions for using these tweaks and tools.
Computing

The rumors were true. Nvidia’s 1660 Ti GPU, a $280 powerhouse, has arrived

Nvidia has officially launched the GTX 1660 Ti, its next-generation, Turing-based GPU. It promises to deliver all the performance and efficiency for all modern games, but without stepping into the high price range of the RTX series. 
Computing

Dodge the biggest laptop-buying mistakes with these handy tips

Buying a new laptop is exciting, but you need to watch your footing. There are a number of pitfalls you need to avoid and we're here to help. Check out these top-10 laptop buying mistakes and how to avoid them.
Computing

Great PC speakers don't need to break the bank. These are our favorites

Not sure which PC speakers work best with your computer? Here are the best computer speakers on the market, whether you're working with a tight budget or looking to rattle your workstation with top-of-the-line audio components.
Computing

Confused about RSS? Don't be. Here's what it is and how to use it

What is an RSS feed, anyway? This traditional method of following online news is still plenty useful. Let's take a look at what RSS means, and what advantages it has in today's busy world.
Computing

Everything you need to know about routers, modems, combos, and mesh networks

Modem vs. router: what's the difference? We explain their functions so you can better diagnose any issues prior to contacting technical support. We also talk about a few variants you'll see offered by ISPs and retailers.
Computing

Metro Exodus update brings DLSS improvements to Nvidia RTX 20-series PCs

Having issues in Metro Exodus? A February 21 update for the title recently delivered enhancements to Nvidia’s deep learning supersampling feature and other fixes for low-specced PCs. 
Computing

Limited-time sale knocks $500 off the price of the Razer Blade Pro 17

Looking for an ultra-powerful laptop for yourself or someone else? You're in for some luck. Razer is running a sale on some of its best gaming laptops, cutting down pricing on the Razer Blade 15 and the Razer Blade Pro 17. 
Emerging Tech

Engineer turns his old Apple lle into an wheeled robot, and even gives it a sword

How do you give new life to a 30-year-old computer? Software engineer Mike Kohn found a way by transforming his old Apple IIe into a wheeled robot. Check it out in all its 1980s glory.