TSA Scanners That Saw You Naked Can Be Tricked to Miss Guns, Bombs

On Thursday morning, at the Usenix security conference in San Diego, researchers from several top U.S. universities will present a study revealing that the controversial airport scanners that let TSA agents see through travelers’ clothes can be fairly easily obstructed from detecting concealed weapons or bombs.

In the study, the researchers report (PDF) that the Rapiscan Secure 1000 Single Pose full-body “backscatter” scanner—which the Transportation Safety Administration discarded last year, after four years of use—can be breached by covering contraband beneath simple plastic shields and under clothing that obscures it from monitors. In addition, the scanner’s software can be hacked to present images at certain angles or to cover up certain sections of the body in ways that would be undetectable, the research scientists said.

The TSA has discontinued the use of the Rapiscan Secure 1000, not because of  security issues, but because of public outcry that the machines gave agents what amounted to naked images of passengers. The other main scanner brand used at airports, ProVision L3, was reconfigured to minimize that privacy invasion.

Given that the scanner in question is no longer in use, a reasonable person might wonder if the study’s results are moot. The conference presenters point out that when the TSA discarded the Rapiscan Secure 1000, it sold them at deep discounts to government facilities such as courthouses and prisons. Jails in Grand Traverse County, Mich., and Wilkes, N.C., for instance, use them. They remain in use in airports around the world, including—according to a press release on the website of Hawthorne (Calif.)-based Rapiscan Systems—in Rwanda, Tanzania, and Kenya.

Moreover, the study’s authors say, the original approval of the scanners casts doubt on the TSA’s process for evaluating the technology it currently uses. Many airports still use other devices by Rapiscan, including machines that scan carry-on luggage.

“What does this say about how these scanners were tested and acquired in the first place?” asks computer science professor J. Alex Halderman of the University of Michigan, one of the study’s co-authors. “It says there’s something wrong with the government’s process.” Halderman adds that the process “is secret and not independent. Those are problems.”

The researchers, led by computer security experts at the University of California at San Diego, purchased a Rapiscan Secure 1000 on EBay for $49,500 in 2012 while the machines were still being used in airports around the nation. The seller, Germany-based Ive Agne Surplus Remarketing, put two that had never been used up for sale at that time. The report states that the company operates out of a “U.S. Government facility” but does not describe it.

“You see the gun? No? It’s taped above the knee,” Halderman asks during a preview of Thursday’s presentation for Bloomberg Businessweek. Clicking to a further image from the report showing what the Rapiscan displayed, he continues: “See a difference between these two guys? No? Well, the guy on left has nothing on him. The guy on the right has almost enough C-4 [explosive] to bring down a plane. The detonator is on his belly button. It turns out that C-4 and flesh have the misfortune of having about the same color on backscatter scanners.

TSA spokesman Ross Feinstein, while not directly addressing the findings of the research team, insists the technology it deploys undergoes “a rigorous testing and evaluation process, along with certification and accreditation. This process ensures information technology security risks are identified and mitigation plans put in place, as necessary.” Feinstein adds that most of its equipment is not available for sale “commercially or to any other entity” and that the TSA uses its own proprietary software rather than that which comes with the machines. Rapiscan officials did not reply to a request for comment.  

Halderman said that both Rapiscan and the TSA received copies of the researchers’  findings in May. The report is scheduled to be presented by its lead authors, UCSD computer science professor Hovav Schacham and his student, doctoral candidate Keaton Mowery. The study was a joint effort of UCSD, the University of Michigan, and Johns Hopkins University. The Usenix symposium is funded by the National Science Foundation.

Among the findings, the scientists said they were able to find several ways to beat the machine, including how they positioned such items as guns or knives and by concealing C-4 explosives or knives behind slips of Teflon in such a way that they appeared to be the same color as skin.

The report concedes that some of the team’s means of attacking the system required access testing and practice.

“The security of the Secure 1000, then, rests strongly on the adversary’s inability to acquire access to the device for testing,” the authors wrote. “However, since we were able to purchase a Secure 1000, it is reasonable to assume that determined attackers and well-financed terrorist groups can do so as well.”

Mowery expresses empathy for the TSA. “Going into the project, we weren’t sure what we would find,” he says. “We think, having looked at it very closely, these machines might have been the TSA’s best option in 2009. We can’t rule out that they were the best option.”

Halderman is less charitable, bemoaning what little is known of how the Department of Energy’s Sandia National Laboratories and the Department of Homeland Security have vetted Rapiscan. In both instances, testers said they could spot C-4 explosives on subjects. That, Halderman says, is “because their test was using whole blocks of it” and not smaller portions strategically laid under clothes to conceal their edges.

“They weren’t actually trying to think like an attacker who would modify their techniques based on how the machine was developed,” he says. “That’s what we learn in computer security. We always think about not what a naive attacker would do but what would an attacker who is thinking about the technology and responding and adjusting their techniques do.”

Cybersecurity experts at the conference said the TSA must alter its practices for vetting such equipment and make the process more transparent. The challenge of airport security is “a very difficult problem,” says Ed Felten of Princeton University, because it is a challenge to detect what’s on the body without “completely invading people’s privacy.”

“In some respects, here you got the worst of both worlds,” Felten says. “They either made the decision to go ahead with use of the machine despite these problems, or they didn’t do the due diligence to find it out. Either way, it’s problematic.”