I’ve finally reached gold status on an airline in the U.S., which is pretty pathetic compared to some colleagues in the industry who hit diamond status almost every year. It can be useful – I get to pick better seats, have a chance at class upgrades and can sometimes weasel my way into a nice airport lounge. Lounges are often nice a quiet and provide an escape from the crowded terminals. One guy who didn’t get a status upgrade recently decided to break the rules and hack his way into airport lounges.
Wired recently published a story on the man in question, Przemek Jaroszewski, who reportedly works for Poland on emergency responses related to cyber events. He uses an Android application that lets him spoof QR codes that are scanned at the entrance to airline lounges around Europe.
“Based on his experiments with the spoofed QR codes, almost none of the airline lounges he’s tested actually check those details against the airline’s ticket database – only that the flight number included in the QR code exists,” Wired explained, noting that Jaroszewski usually makes sure the name, destination and class are also inside the QR code. The video below shows it in action, and it seems pretty simple. Jaroszewski is set to discuss it at Defcom in Las Vegas this weekend.
I’d be scared to get caught with something like this, especially since it would probably look like you’re trying to spoof your way onto a flight, not just into a lounge.