In a spectacular failure of a “back door” designed to give law enforcement exclusive access to private places, hackers have made the “master keys” for Transportation Security Administration-recognized luggage locks available to anyone with a 3D printer.

The TSA-recognized luggage locks were a much-vaunted solution to a post-9/11 conundrum: how to let people lock their luggage, on the one hand, but let the TSA inspect it without resorting to bolt cutters, on the other.

When the locks were first introduced in 2003, TSA official Ken Lauterstein described them as part of the agency’s efforts to develop “practical solutions that contribute toward our goal of providing world-class security and world-class customer service.”

Now that they’ve been hacked, however, TSA says it doesn’t really care one way or another.

“The reported ability to create keys for TSA-approved suitcase locks from a digital image does not create a threat to aviation security,” wrote TSA spokesperson Mike England in an email to The Intercept.

“These consumer products are ‘peace of mind’ devices, not part of TSA’s aviation security regime,” England wrote.

“Carried and checked bags are subject to the TSA’s electronic screening and manual inspection. In addition, the reported availability of keys to unauthorized persons causes no loss of physical security to bags while they are under TSA control. In fact, the vast majority of bags are not locked when checked in prior to flight.”

In other words: not our problem.

How the Keys Were Hacked

Last month, security enthusiasts and members of a lockpicking forum on Reddit began circulating a nearly year-old Washington Post story about “the secret life of baggage,” and how the TSA handles and inspects airport luggage.

What no one had previously noticed was that the article included close-up photos of the “master keys” to TSA-approved luggage locks — which it turns out, are really easy to copy, as long as you can see the pattern of the teeth and have access to a 3D printer.

The photos were removed from the Post’s website, but not before privacy devotees spread the images far and wide.

Then, according to his self-published timeline, Shahab Shawn Sheikhzadeh, a system administrator and lockpicker, obtained an official-looking document with even more detailed imagery. Sheikhzadeh told The Intercept that anonymous hackers inspired by the Washington Post photos found a 2008 “Guide to Travel Sentry Passkeys” posted on Travel Sentry’s website.

Travel Sentry is the organization responsible for generating and enforcing security guidelines for TSA-approved locks, working with both the government and private manufacturers to guarantee its standards are being met. It does not sell or manufacture locks itself.

Steven Knuchel, a hacker/security researcher who goes by Xylitol or Xyl2k, used the detailed images obtained from the Travel Sentry website to create the kind of files that 3D printers use to produce models.

Since the files were first published, several people have demonstrated that they work, using inexpensive 3D printing plastic called PLA.