Security researcher Christopher Soghoian, a Ph.D. student at Indiana University, published a web application that would generate a realistic-looking Northwest Airlines boarding pass with information that you supply. He said it would probably be possible use the boarding pass to get past security, but that it most likely would not work for getting on the airplane itself. He also stated that he had never actually used the program to bypass security. The purpose was to expose a flaw in airport security and try to shame the TSA into doing something about it. Note that this flaw is not new and has previously been “exposed” multiple times—but Soghoian is the first one to openly publish a boarding pass generator on the web.
It turns out that what he did is illegal, and he got in trouble. First, a Congressman called for his arrest. Then he got a visit from the FBI, with an order to take down the site. Then he got another visit from the FBI, but this time they confiscated his computer equipment. As one slashdot user states in his signature: “Civil Disobedience, it’s not just a good idea, it’s illegal.”
Soghoian has a blog, slight paranoia, where posts the latest news about his situation. He’s also taking donations for his legal defense fund.
UPDATE #2: Okay, all is not well. The Transportation Safety Administration has opened an investigation into the matter. They could levy a big fine, but not criminal charges.