Air France-KLM 6-char short code (37c3-meta)
Chaos Computer Club - archive feed · Benjamin W. Broersma
December 28, 20235m 15s
Audio is streamed directly from the publisher (cdn.media.ccc.de) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
Air France-KLM 6-char short code
What could go wrong?
What did go wrong more...
Air France-KLM was vulnerable because they used 6-char short codes in links for text messages. No security question was needed to read detailed trip data, including names, ticket prices, and sometimes passport data and visa data.
How large was the breach?
What more was 'interesting'?
Is it now fixed?
List of failures and questions.
about this event: https://pretalx.c3voc.de/37c3-lightningtalks/talk/YWW3XY/
Topics
37c3580272023Security