(Forged) ticket to ride: Hacker claims he can fly for free using Passbook exploit

Apple Passbook exploit

A Greek hacker claims that he has found a way to generate free boarding passes that bypass airport security for any flight departing from a European airport using Apple’s virtual wallet app, Passbook. According to iTNews, 18-year-old Andrew Hariton plans to open up about the exploit in a presentation at the upcoming Hack in the Box security convention in Amsterdam on May 29.

“A computer and a smartphone is all that’s required for a method that puts to the test both physical and digital security,” Hariton writes in his Hack in the Box presentation abstract. “We will be using tools available to everyone to forge passes and look into methods of getting in the Security Restricted Area and even more importantly into the flight we desire.”

The alleged exploit lets users bypass the security protocols of ticket scanners used by airport staff before passengers board a flight. Normally those scanners check each boarding pass against the list of registered fliers. According to Hariton, however, the “malfunctioning” scanner software for EU airports does not have “direct access to the airliner database.”

Once he found a way in, Hariton said he could create boarding passes using Java and CSS in a web browser, which he could add to Passbook using the same interface developers use to send coupons and tickets to the app.

Hariton would not confirm or deny whether he has tested the exploit himself, though we’re willing to bet that he hasn’t, considering that an attempt to board a flight using a false ticket would likely result in his arrest.

Emerging Tech

A.I.-generated text is supercharging fake news. This is how we fight back

A new A.I. tool is reportedly able to spot passages of text written by algorithm. Here's why similar systems might prove essential in a world of fake news created by smart machines.
Computing

After fourth attack, hacker puts personal records of 26M people up for sale

A serial hacker going by the name of Gnosticplayers is selling the personal data of 26 million people who have been using the services of six different companies from across the world.
Mobile

Most Android antivirus apps fail to provide malware protection, study shows

A study by AV-Comparatives analyzed the effectiveness of Android antivirus apps in protecting against the 2,000 most common malware threats. Alarmingly, only 23 of the apps were able to detect 100 percent of the malware samples.
Deals

Here are the 5 of the best antivirus solutions for your small business

Getting your business off the ground is hard enough, and dealing with viruses, hackers, and security breaches only makes it harder. These 5 antivirus solutions can help keep you protected.
Cars

The 2020 Ford Explorer fights flat tires with self-sealing tech from Michelin

The 2020 Ford Explorer will be the first SUV equipped with Michelin Selfseal tires, which Ford and Michelin claim can seal 90 percent of tread puncture up to a quarter of an inch in diameter.
Computing

Teens using Google Docs as the modern version of passing notes in class

Google Docs is reportedly being used by teens as a secret communications app. Instead of passing notes, students are now using the software's live chat function or comment boxes to talk with their friends while in the middle of classes.
Computing

HP’s Omen Mindframe headset keeps your ears chill, but might leave you lukewarm

The Omen Mindframe headset uses HP's FrostCap technology to keep ears cool during long gaming sections. While it delivers on keeping ears cool, it forgets some of the essentials of a quality gaming headset.
Computing

Windows updates shouldn't cause problems, but if they do, here's how to fix them

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.
Computing

Here’s how you can watch today’s Nvidia GTC 2019 keynote live

Nvidia's rumored 7nm Ampere graphics could debut soon. The company will be kicking off its GPU Technology conference at 2 p.m. PT today, Monday, March 18, and you can watch the opening keynote here.
Computing

There’s more space on MySpace after ‘accidental’ wipe of 50 million songs

MySpace is no longer a safe refuge for music and media produced in the 2000s. It said that almost any artistic content uploaded to the site between 2003 and 2015 may have been lost as part of a server migration last year.
Computing

HP’s spring sale cuts prices on the 15-inch Spectre x360 by $270

Looking for a new laptop to start off the spring season? HP has you covered and is currently running a sale that is cutting $270 off the price of the 15-inch touchscreen variant of its Spectre X360 Windows 10 convertible laptop. 
Computing

Intel and Facebook team up to give Cooper Lake an artificial intelligence boost

Intel's upcoming Cooper Lake microarchitecture will be getting a boost when it comes to artificial intelligence processes, thanks to a partnership with Facebook. The results are CPUs that are able to work faster.
Computing

Dodge the cryptojackers with the best torrent clients available today

Looking for the best torrent clients to help you share all of that wonderful legal content you own? Here's a list of our favorite torrent clients, all packed with great features while dodging malware and adverts.
Computing

The Unevn One is a portable desk that brings PC gaming on the road

Bringing a gaming PC outside your usual setup can be a challenge, but the Unevn One is the first all-in-one, portable gaming desk complete with a computer chassis and integrated monitor mount.