The internet is chockfull of travel hack listicles. They are very much the low-hanging fruit of content. Most involve packing your suitcase more efficiently, or just, like, not checking a bag. Maybe take two Ambiens instead of one. Don’t forget to clear your cookies before booking your flights! And… that’s it, ad nauseum. These things are useful, sure, but not very exciting.
Security researcher Przemek Jaroszewski, however, has found the travel hack to end all travel hacks. Through a small Javascript program, Jaraszewski found a way into almost any airline lounge he wants.
From Cory Doctorow on BoingBoing: When Jaroszewski “found that he couldn’t enter an airline lounge in Warsaw because the automated reader mistakenly rejected his boarding card, he wrote a 600-line Javascript program that generated a QR code for ‘Batholemew Simpson,’ a business-class traveller on a flight departing that day.”
Here’s a video of the program in action.
The QR code works because airline lounges aren’t connected to the companies’ passenger manifests. While it will get legit, ticketed passengers into lounges, it won’t let people who haven’t paid for a flight into the airport.
Jaroszewski, who gave a talk on his findings at hacker convention DEFCON 24, hasn’t released his source code because he is worried about negative attention from US law enforcement. But if you know what you’re doing, he says, it should be totally easy to recreate. Totally.