New independent analysis from a computer security team reveals the billion-dollar body scanner investment by the Transportation Security Administration failed to catch numerous weapons.

The type of body scanners in wide use across U.S. airports through last year failed to spot well-concealed weapons including guns and knives, researchers said in a new study unveiled Thursday, according to PC World.

Screen Shot 2014-08-21 at 9.17.47 AM

The researchers showed the scanner technology could easily be fooled with the right kind of materials covering the weapons (Image source: RadSec.org)

“It is possible to conceal knives, guns and explosives from detection by exploiting properties of the device’s backscatter X-ray technology,” the researchers said.

The research team obtained a since-retired Rapiscan Secure 1000 full-body scanner— one of two types of “advanced imaging technologies” widely deployed by the TSA — and performed a detailed security evaluation of its hardware and software to see if the gadgets actually catch objects that shouldn’t be there.

According to their findings,the Rapiscan Secure 1000 provides only “weak protection against adaptive adversaries.”

The group investigated these attacks by trying to hide knives and firearms, ranging from a .380 ACP pistol to an AR-15 semi-automatic rifle.

Screen Shot 2014-08-21 at 9.18.00 AM

Image source: RadSec.org

“We performed several trials to test different placement and attachment strategies … (and) achieved excellent results with two approaches: carefully affixing the pistol to the outside of the leg just above the knee using tape, and sewing it inside the pant leg near the same location… in each case, the pistol is invisible against the dark background, and the attachment method leaves no other indication of the weapon’s presence,” the researchers said in their paper.

They were able to pull this off because the Rapiscan technology is roughly 30 years old.

The Secure 1000 scanner uses ionizing radiation to find objects underneath clothing. It has some inherent flaws, such as the inability to differentiate between an absence of matter and items with a high iron and lead content, resulting in black pixels on the screen, according to PC World.

Some say the new report’s findings are too little, too late, since the scanners are no longer used in U.S. airports. But, as Business Week points out, when the TSA discarded the Rapiscan Secure 1000 versions, it sold them at deep discounts to government facilities such as courthouses and prisons. Jails in Grand Traverse County, Michigan, and Wilkes, North Carolina, for instance, use them.

These Rapiscan versions also remain in use in airports around the world, in places like Rwanda, Tanzania and Kenya.

But the researchers insist their presentation is “the first experimental analysis of an AIT conducted independently of the manufacturer and its customers,” meaning their findings may be the first glimpse of unbiased feedback about the TSA’s headache-inducing program for airport travelers.

“Our analysis provides both retrospective insights into the adequacy of the testing and evaluation procedures that led up to TSA use of the system, and prospective lessons about broader security concerns, including cyberphysical threats, that apply to both current and future AITs,” the researchers said.

(H/T: PC World)

Follow Elizabeth Kreft (@elizabethakreft) on Twitter.