Information Security Blog

TSA screener plants powder baggie in flier’s luggage
Not everyone gets the joke

By Dan Goodin • Get more from this author

Posted in Security, 22nd January 2010 18:17 GMT

A screener for the US Transportation Security Administration lost his job after pretending to plant a plastic bag of white powder in the carry-on luggage of a passenger at the Philadelphia International Airport.

Rebecca Solomon was flying to Detroit on Northwest Airlines, the same city and carrier involved in the attempted underwear bombing on Christmas, according to The Philadelphia Inquirer’s Philly.com. After passing through a detector, the unidentified TSA worker motioned the 22-year-old passenger toward him, presented the plastic baggie and asked “Where did you get it?”

After about 20 seconds, the screener smiled and admitted that it was all a joke. But supervisors aren’t laughing. A TSA spokeswoman called the behavior “highly inappropriate and unprofessional” and said the man is no longer employed with the agency.

http://www.theregister.co.uk/2010/01/22/tsa_screener_joke/

And the most popular password is…
It is “123456,” based on the analysis of 32 million breached passwords, obtained from last month’s RockYou.com server breach, from which researchers from Imperva were able to analyze the insecure practices used by millions of users when choosing their passwords.

What did their analysis conclude? Short passwords, lack of lower-capital-numeric characters mix, and trivial dictionary words, which every decent brute forcing/password recovery application can find out in a matter of minutes.

Key findings include:

* In just 110 attempts, a hacker will typically gain access to one new account on every second or a mere 17 minutes to break into 1000 accounts
* About 30% of users chose passwords whose length is equal or below six characters
* Moreover, almost 60% of users chose their passwords from a limited set of alpha-numeric characters
* Nearly 50% of users used names, slang words, dictionary words or trivial passwords (consecutive digits, adjacent keyboard keys, and so on). The most common password among Rockyou.com account owners is “123456”

http://blogs.zdnet.com/security/?p=5325&tag=content;col2