Hackers Clone E-Passport 185
mrops writes "I guess the skeptical Slashdot community always knew that e-passports are a big waste of time and money; now German security consultants have been able to successfully clone e-passports, even onto building access cards. FTA: 'The whole passport design is totally brain damaged,' Grunwald says. 'From my point of view all of these RFID passports are a huge waste of money. They're not increasing security at all.'"
"No Shit," ollectively the masses said. (Score:5, Insightful)
What's more... (Score:5, Insightful)
Our money.
Re:What's more... (Score:2, Insightful)
Money is a representation of wealth, the goverment owns the physical you own the wealth it represents. The government takes its tithe in taxes. You are free to do what you want with YOUR share of your earnings, the government will do what it wants with ITS share of your earnings. Fact of life, and nothing new.
Re:What's more... (Score:3, Insightful)
Wake up -- government is the organization holding the unique "right" to employ coercion as their means (anyone else who does so is a criminal). That is the only universal, unambigous definition of government that holds true for ev
Re:This has a familiar ring (Score:2)
Crap. Diebold is offering e-passports too?
I've got one (Score:5, Interesting)
The booklet that comes with it helpfully suggests ways to damage the chip, such as microwaving it, but doing so will render the passport useless, unfortunately. Anyone know where I can get a good tinfoil wallet from?
Re:I've got one (Score:3, Insightful)
It both scares and infuriates me that my government wants to roll out a vastly more insecure (and expensive!) system than that which already exists, while proclaiming the opposite. Seriously, how the hell is this allowed to happen??
Re:I've got one (Score:3, Insightful)
Re:I've got one (Score:3, Informative)
Re:I've got one (Score:4, Funny)
Wait for the ID Theft (Score:3, Insightful)
Re:Wait for the ID Theft (Score:2)
Hell, I've not needed one in a long, long time...wasn't needed to travel to the Caribbean or Mexico...or Canada I don't think...
Re:Wait for the ID Theft (Score:3, Informative)
--jeffk++
Re:I've got one (Score:2)
How to get a non-RFID UK passport (Score:3, Informative)
Renew your passport at a consulate overseas. Incidentally, this is also much quicker than renewing it in the UK (typically takes 2 weeks). The only snags are the obvious ones that you need to stay out of the UK for long enough to get your new passport, and you need an overseas address (maybe a friend's).
I would not advise trying the obvious trick of just mailing your old passport to a friend in country X with all the forms, and asking them to post them to the consulate as though you were in X, then post th
Re:I've got one (Score:5, Informative)
(What, you don't have any old computer parts in their original anti-static bags?!? That's it, no
Re:I've got one (Score:2)
Re:I've got one (Score:5, Informative)
Re:I've got one (Score:4, Informative)
I checked online with my state issuing authority (Maryland, US) for my toll-paying RFID tag, and I was able to request online that they send me 4 (the limit) free "read-prevention bags". This may only be of use to those in the northeastern US, but if any toll collector in your area uses a similar device, you might be able to find a bag easily.
Re:I've got one (Score:2)
No, of course I don't - I have old computer parts in the anti-static bags of the new parts that replaced them!
Re:I've got one (Score:3, Funny)
It's actually better designed than the passport itself!
Re:I've got one - need a foil wallet? (Score:2)
Re:I've got one (Score:5, Informative)
Re:I've got one (Score:5, Informative)
The RFID chip is only the first step.
The current chip contains a scanned photo. Future passports will be issued with an ID card which means going to an enrolment centre to get your iris and finger prints scanned and entering all your details into the national identity register. The iris scan may or may not be included in the passport RFID chip and the fingerprints won't be at first.
The price of passports will go up [theregister.co.uk] from 51 pounds to 66 pounds in october (they were only 42 pounds last year!) to cover the costs and may rise again when ID card start being issued.
Anyone who wants to avoid the National Identity Register should join the renew for freedom [renewforfreedom.org] campaign and renew their passport early. It is too late to avoid the biometric passport with RFID, but you will stay off of the NIR and will not have to provide fingerprints and iris scans in person. It will cost you 51 pounds but may well be worth it to avoid having to tell the Identity and Passport service every time you move house.
Re:I've got one (Score:2)
Re:FUCK (Score:2)
Where do you live that you HAVE to use a passport to open a bank acct, pay a lawyer..etc?
I've never heard of a passport being needed for anything but travelling outside your own country.....
At least it won't work for a drive-by cloning (Score:5, Interesting)
Of course, that won't stop the mad bombers with their IEDs from detonating their bombs in the presense of an ePassport. The video [youtube.com] from TFA shows yet another weakness in this crappily designed (i.e. vendor driven) system.
Re:At least it won't work for a drive-by cloning (Score:2)
Well that's fucking secure - chalk up another one for security through stupidity.
Re:At least it won't work for a drive-by cloning (Score:5, Insightful)
Ya know, there is not a thing that Homeland Security has done that has made us more secure. Even the one or two instances where they actually tracked down a terrorist cell instead of wasting government money on vacations and useless Katrina relief trailers could easily have been done by the individual agencies themselves.
It's almost difficult to fathom what anyone that requires this shit is thinking. There is no evaulation of technology, and a complete lack of understanding of security. Unfortunately, those that make the decisions often disregard for political reasons the constant cries of the actual technology folks in those agencies that actually point out these flaws. Unfortunately, their cries fall on deaf ears (although, a big thanks for not giving up the good fight). But politics outweighs information, and RFID gets put into passports, despite the overwhelming evidence that they are a very bad idea.
Almost all of this is politically motivated now, in one of two avenues - to "appear" to be taking some action to protect security, or in an effort to more easily collect information on anyone that steps foot one into this country - be ye citizen or visitor.
Checks and balances, being the glory of the past but just about dead now, make sure that these unilateral decisions can be made without any oversite. And with Bush just giving himself more power [theonion.com] (a parody, but eerily poignant) there is no end in site to this stupidity.
Re:Rant Rant Rant! (Score:4, Insightful)
Your next couple of points should be reconsidered carefully:
There is no evaulation of technology
On the contrary, there is quite a bit of evaluation of technology. Only the U.S. gov't can afford to pay people to spend the time to come up with these torture tests. My current employer was very briefly involved early on in the process for the new U.S. passport and I can tell you the tests the Feds came up with are very high quality tests that have improved the technology and force companies to better comply with ISO standards.
Please consider RFID passports as a response to the demand for *much* more international travel in even larger planes. In order to more accurately process many more people through customs at airports around the world, this is a good way to do it more efficiently.
Finally, I believe no one is claiming they are "secure" as in magically impenetrable. They are not. And like most security systems, the critical control points of entry are probably not staffed by the "brightest and best" so the usual systemic failures will occur. Only, the wait at customs will be a little shorter and govt's will have more data (not necessarily better or higher quality!) as to who is entering when.
Re:Rant Rant Rant! (Score:2)
Yes, we have a winner! What do you get when you combine the desire to make border security easier, better, CYA compatible but with less annoying hassles and without tedious requirements for extensive training? A system with fewer forms of "approv
Re:At least it won't work for a drive-by cloning: (Score:4, Informative)
Re:At least it won't work for a drive-by cloning: (Score:2)
I've been at hotels in Ireland, France and England and never once gave them my passport. I might use it as ID e.g. to prove I'm me. But they don't keep it.
Most of the time they don't care. They just swipe your credit card and are glad to take your money....
Tom
Re:At least it won't work for a drive-by cloning: (Score:2)
I can't think of which ones off the top of my head, but I know there are places where you are expected to surrender the passport to the hotel. I was surprised to read about it, too. I think I may have run across it at some point in my t
Re:At least it won't work for a drive-by cloning: (Score:2)
I've stayed in hotels in Dijon, Rennes, Saclay and Paris. Not once did they ask to see it for more than just the photo ID (I kept the passport). I've stayed in two different hotels in Dublin, same story, e
Re:At least it won't work for a drive-by cloning: (Score:2)
Why would you have to show ID just to register at a hotel...especially if you have cash?
Re:At least it won't work for a drive-by cloning (Score:3, Interesting)
So I can't simply read the information and then brute force the key? One presumes that all somebody needs is to get their hands on one or more of these passports, figure out the key schema, and then write a program to try to crack the RFID informati
Re:At least it won't work for a drive-by cloning (Score:3, Insightful)
Effectively getting you what? Finger prints and photos of you that they can't use? I'm sure the governments realize this isn't the safest technology, it's not crack proof. I'm fairly certain these changes are just meant to speed up l
Re:At least it won't work for a drive-by cloning (Score:2)
Because, unlike barcodes or contact-based smart chips, RFID allows for an invisible distant reader.
Customs is a perfect example of a place that does NOT benefit from RFID. A traditional smart card (with electrical contacts) would suffice. The electrical contacts ensure that only the customs agent I'm standing in front of will have access to the data. Connecting the passport's chip to th
RFID is the latest buzz. (Score:5, Funny)
Worse. (Score:2)
Re:Worse. (Score:2)
Re:RFID is the latest buzz. (Score:2)
It's a good thing (Score:3, Funny)
This isn't news. (Score:5, Informative)
Re:This isn't news. (Score:5, Insightful)
Probably the better question is "will the bad guys be willing to risk trying this?" No doubt there'll be an endless stream of stolen passport data available on line from crooked hotel clerks -- skimmed e-passport RFID data will be the next hot hacker item for sale.
How to make a passport somewhat secure (Score:2)
2.When the passport data is written to the RFID chip, the data is encrypted using an RSA (or similar) key that only the government has which will prevent "drive by data dumping" as long as the other half of the key is only embedded in passport machines and is kept tightly controled. Also (and more importantly), it is digitally signed using the sa
Re:This isn't news. (Score:2)
Do hotel clerks in Europe still bother checking? I know some countries supposedly did in the 50s, but do they still do it, what with the relaxation of border controls due to the EU coming into existence?
-b.
Re:This isn't news. (Score:2)
Oh, wait, this is slashdot, where terrorists are all Lex Luthor geniuses instead of the morons they are in real life.
Re:This isn't news. (Score:2)
Bad guys are not more stupid than the average person. There is a reason they hijack for example Securitas money transports at strategic sections of the road where law enforcement will
Re:Probably not (Score:2)
Well, besides what another poster mentioned, along the lines of steal and clone a passport of someone that looks very similar to you....I'd suggest there are quite a few makeup artists out there that could augment your looks to closely match the picture that comes up off that passport RFID chip.
Re:This isn't news. (Score:3, Insightful)
Photos are anything but secure. I wouldn't even trust fingerprints for anything serious.
Re:This isn't news. (Score:3, Funny)
e-passports (Score:2)
The key point of the technology was to have the issuing government digitally sign the information contained in the passport. This means that a forger cannot simply tip-ex out the name and and put in a new one ;-) The article did not mention if the German passport contains bio-metric data. i.e. a digital copy of the photo. This combined with a digital signature of the photo would make the system very secure indeed.
Ah, but a forger can do just that. Unless whoever scans the passport, customs agent for ins
And this helps... how? (Score:3, Informative)
So his grand achievement is... what? That that a fellow called John Smith could thus make a fake passport that still says John Smith?
Ah yes, so he could clone someone else's chip, if he can steal their passport, and place it on his own passport. Except now he has a passport that says John Smith and a chip that says Jane Doe. As he himself acknowledges it, it will work only if someone at the border/airport/whatever would just swipe the thing over a reader, but not bother actually reading it. And, oh, if also their scanner is broken and doesn't also read the "John Smith" printed in OCR letters on the real pass.
It sounds like some clever hack, but frankly, then what's the improvement over just stealing a passport and using it as it is? If the condition of passing for Jane Doe instead of John Smith is hoping that they'll just swipe it over the reader and not actually look at it, then simply a stolen passport would work just as well and with far less of a hassle.
So, basically, this is just someone's verbal masturbation, rather than some clever hack.
Re:And this helps... how? (Score:2)
Step 2: Figure out how to alter clone
Step 3: ???
Step 4: Profit!
Bingo. And it's step 2 that's the problem (Score:3, Insightful)
Let's just say that the same applies then to forging a digitally signed document:
1. copy the document
2. figure out how to change it while hashing to the same digital signature
3. ???
4. profit
Yes, but see, step 1 is a non-achievement there. Step 2 is the real issue. _That_ what digital signatures really prevent. Seeing some idiot come up and say "ha ha, digital signatures are useless, because I just copied a
Re:And this helps... how? (Score:2)
Should theoretically be impossible if the passport contains just an electronic ID number which indexes to an record in a database. Hashing the actual data on the RFID is stupid since the data's already there, in print, and if someone figures out the hashing algorithm, the passport becomes alterable.
-b.
Re:And this helps... how? (Score:5, Informative)
How about a pickpocket at the airport, they can even turn it in to the lost and found afterwards. Suddenly being John smith isnt that bad now...
and secondly, gee I really wonder if the people at the border are gonna be lazy and not bother to check but simply swipe it.... oh wait they are lazy and will do exactly that!
As for the need to steal a passport right now to do this...wait a week, im sure someone will figure out how to take this one step further.
Duplicate and sell them to people who look similar (Score:2)
2) Duplicate and sell them to people who look similar.
3)
4) Profit!
Re:And this helps... how? (Score:4, Insightful)
Allow me to explain it to you. The move to e-passports was so as you couldn't counterfeited them like the paper ones. One of the measures required, if not the primary one is the ability to not be cloned. Thats why they call them e-passports
"his grand achievement is... what? That that a fellow called John Smith could thus make a fake passport that still says John Smith?", Moraelin
No, that a follow called Osama could pass through an airport if it used electronic scanning. Or as the article mentions an electronic device could be activated when 'John Smith' opened his passport.
The same lack of thought seems to have gone into fingerprint scanning. As this article [diva-portal.org] demonstrates it is possible to forge these as you leave your prints all over the place.
Re:And this helps... how? (Score:4, Insightful)
Let me explain this as simple as possible so that I'm sure that we're all on the same page:
Someone can duplicate the DATA on a passport and NOT edit it, and you say 'OMFGZ OSAMA BIN LADEN ROFLOL'.
Give the Osama argument a rest.
Let us play out this scenario of yours:
Osama Bin Laden finds himself in possession of a stolen/cloned passport for one 'John Smith' of the USA.
This passport, while stolen and cloned, is still digitally signed -- meaning that the information on it cannot be changed.
Osama Bin Laden attempts to enter the USA with this passport.
The electronic scanner reads 'John Smith' and provides a picture of 'John Smith'.
Osama Bin Laden is NOT 'John Smith'.
Osama Bin Laden is taken into custody.
The only way that "Osama could pass through an airport if it used electronic scanning" is if he found a way to re-digitally sign the contents of the passport, OR if he could do enough facial modification that he looked like 'John Smith'.
So, what we're saying is, if he's willing to do the plastic surgery or to spend the time to crack the RSA encryption on the contents of the RFID chip and is able to RE-digitally sign it after he edits it, he can get into the country. Gee. Sounds a lot less secure than our current method of
Or, the more likely scenario, he'll just waltz across the Mexican border because the USA doesn't seem to give a crap about the fact that thousands of people illegally cross it daily. Without passports. Or extensive facial modification.
On to your second mention that someone could have an electronic device that activates when an RFID chip is within range:
YIPPEE. Anyone could make an electronic device that would activate when your Chase Blink card or your FastPass or your Building Key Card is within range. THIS IS NOT NEW, NOR IS IT EXCITING OR DANGEROUS.
Quit with the FUD posts and actually take a step back to find out that, YES, RFID passports are not perfect. YES, the concept has its inherent flaws. NO, they really aren't (yet) worse than the standard passport flaws. NO, this does not mean that you can just drop a FUD post about Osama getting into the airport because of it without any factual basis behind it, whatsoever.
Re:And this helps... how? (Score:3, Funny)
Oh, crap! Look! In the line above this one! Osama! There it is again! OK, that's it. I'm not coming out. Where's my blankie?
Re:And this helps... how? (Score:2)
They are worse than standard passport, since the biggest flaw they have is the belief that if it is electronic it is infallible. We both know that someone will use the belief that passports are a perfect secure system as a way to generate alibi.
Do you really look like the person in your passport photo?
Get your passport photo taken when you have some facial hair, pass it to your friend who has the same build as you minus the beard and see if
Re:And this helps... how? (Score:2)
Personally if my country issue an official document that identify myself I expect it to be a little more harder to copy than using a simple copier. There are tons of places where checks will be weaker than at airports (at least in Europe where a lot of countries uses an ID
Re:And this helps... how? (Score:2)
Re:And this helps... how? (Score:5, Interesting)
Except that 2 major stated purposes of RFID in passports is nullified by his actions.
IE:
RFID passports are more secure/no the digital portion can be copied easier than the paper.
RFID passports will speed customs/no the RFID download can't be trusted, without thourgh comparison to the paper.
also Identity theft occurs within families. So if I were 18 year old George W Bush Jr, I snag W Bush Sr's passport, make a copy of the chip, return it. Unless a photo is on the RFID chip, their are only 3 differences in our passports, 1) Age, 2) a additional roman numeral (ie III instead of II) 3) SSN
not to mention their are 3 unrelatead Jim Jones within 5 miles of my house, all within 5 years of age to me, likely at least 2 have the first 3 digits of their SSN the same as me (most SSN's issued in my home state, of simular issue dates started with number in the range of 478 to 480)
So if I were to become a felon on Parol with a travel ban,
1) have my name legaly changed to Jim Jones
2) Break into Jim Jones' houses, cloan digital chip, Jim never knows.
3) I now have 4 passable unique ID's to use anywhere I want, 1 piece of paper, 3 chips to swap.
Re:And this helps... how? (Score:3, Informative)
The type of brute force cracking you mention would take years and years of CPU power. The following blurb is an excerpt about this type of encryption and the amount of time required to crack it:
Doing the math, you can see that using the same method that was used to break 40-bit encryption in a week, it would take about 72 million weeks (about 1.4 million years) to even break '56-bit medium' encryption and significantly longer than the age of the universe
Re:And this helps... how? (Score:2)
Gov't employees in various places are inherently bribable. How long before a private keyset is "leaked"?
-b.
Well... (Score:2)
Of course there's the "I told you so" factor, just to prove that he could do it, but anyways we all knew that this E-passport thing wouldn't take much time to be proved wrong, i guess we just didn't know that it would be that fast!
Well... Viva Mexic
Re:Well... (Score:2)
Out of curiosity, how many US tourists have been killed by terrorists? I can't recall a single case.
Re:Well... (Score:2)
Next you'll know ... (Score:2)
Wait wait wait... (Score:3, Insightful)
Re:Wait wait wait... (Score:2)
If someone breaks your really expensive lock on your front door and steals your belongings, then what is the difference between it and the cheap lock you had up there last week. Sure it might have hassled the thief a bit more, but if the lock still fails its purpose the end result is still the same... You know... Lose all your belongings to the thief and with the passport, get a terrorist slipping past the border guards.
Not so bad really... (Score:5, Insightful)
1) They aren't eliminating the physical passports. So all the physical protections (watermarking) still apply.
2) They are shielding the passports so they can't be remotely read.
3) You need to send a cryptographic key which makes it even more difficult to read remotely (although I don't understand how this works).
4) They are hard to tamper with because of the hashes (assuming they are good hashes, this is comparable to watermarks).
Having said that, I'm not sure why the RFID thing is even useful. A bar code would be simpler, although no more or less tamper proof. And there are existing machines which can read passports by scanning them and OCRing. They are very reliable since passports use high-quality printed text with the characters in known fonts and positions.
The "rationale" for RFID passports (Score:3, Insightful)
Specs here (Score:5, Insightful)
It doesn't give away a lot, it doesn't have to. A passport must be inspectable by anyone so the spec on how to read it must be pretty much public. There is an (optional) electronic signature mechanism, but this predicates an international public key infrastructure. The bank where I work has enough problems getting one of those together, let alone an international organisation. PKI is very hard. Google for references on this.
Key compromise means that all issues documents are then compromised. Can you imagine a country recalling all its passports?
Secure Documents don't need RFID (Score:5, Insightful)
1) Have an digital signature of all the data, or at least a signature of a strong one-way hash.
2) Have a means to verify the signature, and that the signer's key hasn't been repudiated.
3) Have a means to verify the hash is legit, i.e. rehash the data on the spot.
4) Have a means to verify the data in question matches the printed version of the document, e.g. a computer screen that shows the digitized picture and the other data that should be on the printed document. A human, or perhaps a computer, can then compare that with the actual document.
Steps 1, 2, and 3 are at the heart of any digitally-signature-validation scheme. Step #4 will detect misuse, as someone using a cloned passport will "look" the same as someone using a stolen-but-legitimate one to the checker.
An alternative, where bandwidth is available, is to have the document-issuing authority validate the document: Upload the document to the authority, and have it send back a "valid" or "not valid" response. This is essentially what happens with credit cards: the name, card #, and expiration date are passed on to the bank or the bank's agent, and the merchant gets back a code saying "card is valid," "card not valid," or one of several other codes such as "card reported stolen/missing."
There are still 2 problems with this approach:
1) The identical twin or look-alike problem.
2) Privacy issues if passport data is compromised.
The twin problem is mitigated by the digitized version of the handwritten signature, a fingerprint, notation of scars, or other items which look-alikes are less likely to share. Privacy issues are in principle no more than they are today with stolen passports, ASSUMING no information that is not on the printed passport finds its way to the embedded electronic data. However, electronic data is much easier to deliver to fraudsters than paper data, and passport theives aren't likely to spend the time typing or scanning in data from a paper passport. The best cure for this is to encrypt the data.
RFID is not required for a secure document. All RFID does is make the data easier to read, which is good for those who want to read the passports without contact them, be they freind or foe. Hmm, maybe someone should invent an RFID tag with an "on" switch.
RFID tag with an "on" switch (Score:5, Insightful)
Re:RFID tag with an "on" switch (Score:2)
This is being done. The cover of the new passports acts as a Faraday cage when closed. This is simpler than an on-off switch and less prone to mechanical failure.
-b.
I really should RTFA before commenting (Score:2, Informative)
Still, is RFID that's activatable without human intervention really necessary? I say no.
Is lack of encryption irresponsible? I say yes.
Comment removed (Score:5, Insightful)
Re:They don't want Americans traveling abroad (Score:5, Funny)
Re:They don't want Americans traveling abroad (Score:2)
Bollocks. An RFID passport, when properly implemented, cannot be sniffed.
A secure RFID tag will NOT respond to a reader unless a spec
challenge-response? (Score:3, Interesting)
Why is it so hard to implement a challange-response mechanism to avoid airing the entire passport data?
Especially when they are going to store fingerprints /images/iris scans on the chips, I would expect the passport chip to do the matching up. (Of course, it has to legitimate itself, too.) Just imagine having to change your fingerprints because of identity theft. Americans already have a taste of this with social security numbers.
BTW, if all you'd like to broadcast is your name and number, just print a barcode. That works perfectly fine in Chile (or Colombia? sorry).
Re:challenge-response? (Score:2)
You overestimate the capabilities of the RFID chips used. Basically, they're dumb devices that broadcast a string of bits when queried. That's it.
Far better would be to just broadcast an ID # - no data - and have the ID # match with records in a database elsewhere.
-b.
Security, shmecurity. (Score:4, Interesting)
I'll conceed that x-ray'ing baggage would highlight obvious weapons like knives or guns. However, as we've seen from the likes of Yousef Josef and other terrorists, people can smuggle bomb components on plains using items, such as watches, which would not be picked up by the usual airport screening proceedures. Add to that the ever so effective comparison of the name and date on my boarding pass with the name on whatever casually inspected ID I provide. Please don't even get me started on how rediculous making me take off my shoes is.
If governments were really serious about airport security, they would adapt a model similar to the one used in Israel. Roving groups of heavily armed, well trained commandos that stop "interesting" individuals and select them for additional screening. However, this method would be too inconvienent and intrusive for travelers (Americans).
This is the state of governmental security. To the not very determined to violate it, lay individual, it appears that there is SOME kind of security in place. With a slight bit more investigation, someone with a bit of desire can easily violate it, thereby rendering the "security" utterly useless. But hey, they have to have some way to spend our tax dollars, right?
-Runz
Active Authentication (Score:3, Informative)
Nobody seems bothered to even *look* at the ICAO specifications, including 100% of the previous responses on e-Passports on slashdot. Why the hell should politicians even bother with citizens if not even the technological top 1% takes an interest?
http://www.icao.int/mrtd/download/documents/TR-PK
Check out chapter 2.3.2, 3.2.2, Annex D, Annex G.1.2
Terrorist activity (Score:2)
Yes, that means you!
Not new, unexpected, or problematic. (Score:2, Interesting)
"What this person has done is neither unexpected nor really all that remarkable," Moss says. "(T)he chip is not in and of itself a silver bullet.... It's an additional means of verifying that the person who is carrying the passport is the person to whom that passport was issued by the relevant government."
Moss also said that the United States has no plans to use fully automated inspection systems; therefore, a physical inspection of the passport against the data stored on the RFID chip would catch
So they can copy the encrypted data, so what? (Score:4, Interesting)
In the USA the passport jacket will have a metal lining so that the RFID cannot be read when the passport is closed.
RFID Blocking Passport Cases (Score:2, Interesting)
Stylish RFID blocking passport cases and wallets
http://www.difrwear.com/ [difrwear.com]
That nice RFID-shielding-device (Score:2, Interesting)
I found it here https://shop.foebud.org/product_info.php/cPath/30
Speaking of RFID (Score:2, Interesting)
Has Grunwald been arrested yet? (Score:3, Interesting)
Seriously, I'm waiting for word that he cancelled his presentation "voluntarily" or has been arrested.
Re:German consultants (Score:4, Informative)
And now they've compromised the future US passport as well?
3 words to describe this -
state sponsored terrorism.
I know you are humorous. But you are insightful in your humor. See how easy it is to put something against anyone in the "war on terror" ? Now in three sentences, that is far-fetching, but if it was released day after day in news report, I am confident you could turn the majority of US opinion against any country in the world.
Re:German consultants (Score:3, Insightful)
Too late. The majority of US opinion is already against every country in the world, "Freedom" fries anyone? The only exceptions to this are a few countries like England and Australia, which most Americans think of a funny sidekicks to Uncle Sam, as long as they know their place and don't start getting uppity. Or c
Re:German consultants (Score:2)
Lets not forget Canada.
And we Americans do think of Sweden and Norway, they have bikini teams and tall blonde people and saunas and reindeer and snow and s
Re:And yet again... (Score:3, Interesting)
You can be reasonably sure that the most dangerous entities have access to these skillsets anyway.
To create a full passport it would therefore be necessary to clone the passport itself, physically alter the appearance of the picture to match yours a