Recently an Indiana University Bloomington computer security student, Christopher Soghoian, posted a custom boarding pass creator for Northwest Airlines on the internet. It was taken down almost immediately by the FBI. According to an article by Robert Vamosi, this points out flaws in airport authentication. The fact that the airlines and security rely on paper tickets (or boarding passes) with an id. But there is no way of knowing that the ticket is valid.
According to another article by Joris Evers, Chris has not been charged but there is an investigation whether he violated any federal laws. He never actually tried to use a fake boarding pass or even print one. All he did was write a PHP script.
Read Chris's blog about the situation here. There is also a link there to donate to his legal defence fund.
There are many issues in this situation and I have only touched the surface. I found many links to other articles about this security issue, and it is a big one too.