Researcher found US ‘No Fly List’ on an unsecured server


Researchers Maia Arson Crimew discovered a U.S. No Fly List hosted on an unsecured server run by US carrier CommuteAir. The TSC’s No Fly List is a list of people who are prohibited from boarding commercial aircraft for travel within, into, or out of the United States.

The Swiss researcher claims to have discovered the server while searching for Jenkins servers using the Zoomeye search engine.

While analyzing 20 exposed servers she noticed familiar words such as “ACARS,” “crew” and so on, which are associated with the aviation industry.

Read more…