Via iArarat, news that 24-year-old Armenian-American computer science student Christopher Soghoian has had a run-in with the FBI for highlighting an airline security flaw. Soghoian was responsible for creating a web site that generated fake boarding passes for Northwest Airlines.

BoingBoing reports that Soghoian stopped responding to instant messages after 3.50pm on 27 October when the FBI paid a visit to his home. The visit followed calls for Soghoian’s arrest by U.S. Congressman Edward Markey.

The Bush Administration must immediately act to investigate, apprehend those responsible, shut down the website, and warn airlines and aviation security officials to be on the look-out for fraudsters or terrorists trying to use fake boarding passes in an attempt to cheat their way through security and onto a plane,” Markey said in a statement. “There are enough loopholes at the backdoor of our passenger airplanes from not scanning cargo for bombs; we should not tolerate any new loopholes making it easier for terrorists to get into the front door of a plane.

However, Soghoian hasn’t been the only one to highlight this potentially dangerous security hole in North Western’s booking system. Slate has already highlighted this flaw, and on his blog Soghoian refers to others who have done so as well.

In addition to calling for my arrest, the congressman may want to call for the arrest of Senator Schumer (D-NY). In April of this year, he posted rather detailed instructions for the exact same attack. Sure, he didn’t produce a php script that’d do it for you, but he provided detailed enough instructions that a terrorist or evil-doer with basic computer skills could do it.

Perhaps he’ll be my cell-mate.

[…]

Also - just for the record: I have not flown, or even attempted to enter the airport with one of these fake boarding passes. I haven’t even printed one out. All I have done is create a php script, which highlights a security hole made public by others before me.

Soghoian’s personal blog says that the FBI visited him at that time. The next blog entry posted at 7.12 p.m. confirms that Soghoian had been questioned by the FBI. Yesterday, however, his blog says that the FBI raided his home. Soghoian was not there at the time.

I didn’t sleep at home last night. It’s fair to say I was rather shaken up.

I came back today, to find the glass on the front door smashed.

Inside, is a rather ransacked home, a search warrant taped to my kitchen table, a total absence of computers - and various other important things. I have no idea what time they actually performed the search, but the warrant was approved at 2AM. I’m sincerely glad I wasn’t in bed when they raided the house. That would have been even more scary.

Anyway, Soghoian has now set up a legal defense fund so perhaps it’s worth leaving the last word with the man himself who says that he did what he did to highlight a huge flaw in airline security at a time when the U.S. says it is worried about further terrorist attacks at home in the aftermath of 9/11.

The only way for these kind of problems to get fixed, are through through public full disclosure,” Soghoian wrote when releasing the Fake Boarding Pass Generator. “TSA/DHS cannot be expected to fix anything unless they are publicly shamed into doing so.

For further updates in this case access BoingBoing and Soghoian’s blog, Slight Paranoia.