Don't confuse a short signature with insecure cryptography or weak keys. SHA-1 is still considered an effective hashing algorithm and produces a 160-bit output. For message authentication purposes, even half that would be more than sufficient for this lifetime. I'm not saying the TSA/airlines are secure against hacking, just that a short signature is not an indicator of a security weakness.

[A cryptographically secure algorithm and key yielding an 80-bit signature could be brute-forced... if you had a million computers that tried a million combinations a second, you could find the correct signature for a single boarding pass in just shy of 40,000 years. Good luck with that.]