RFID-Reading Passport Scanners Installed

Kozar_The_Malignant writes, "Electronic passport scanners have been installed at SFO. Ten of the scanners were received last week and have now been put in service. Various creative responses have been discussed here before."

Faraday Cage Suit

[corroncho]

I knew that farady cage suit would come in handy some day!!!
___________________________
Free iPods? Its legit [wired.com]. 5 of my friends got theirs. Get yours here! [freepay.com]

Do passports already have RFID's in them?

[chroot_james]

Do they? I haven't exactly kept track of this...

Re:Do passports already have RFID's in them?

[in2mind]

from the prev Slashdot article :

State Department spokeswoman Janelle Hironimus said existing passports will remain valid until they expire but, eventually, all U.S. passports -- about 13 million will be issued in 2006 -- will contain such chips

Re:

[erroneus]

Yeah until you try to go somewhere and they take your address location down and send you a new passport voiding your old one. It'll come in the form of a convenient service to you.

Re:

[Firehed]

You own a microwave, right? Obviously you didn't want the thing to get cold during those long winters in wherever you're headed, so you decided to warm it up for a few seconds first. Draw your own conclusions about what will happen, since me posting them is probably a violation of the DMCA or something.

Re:

[cayenne8]

"This makes me happy that I got my passport renewed last year. No RFID until 2015 baby!"

Well, like most people in the US, I don't see I'll need to get a passport for any reason...at least not for the foreseeable future.

Plenty for me to see here in this country, and the current atmosphere in much of the world doesn't seem to be too friendly towards Americans....

Re:

[Znork]

"I don't see I'll need to get a passport for any reason"

With the rate things are deteriorating, you'll probably need it to avoid spending a week or two on ice when the goons go 'papieren bitte! schnell!'...

Re:Do passports already have RFID's in them?

[malsdavis]

My mate got a new British passport a couple of weeks ago. The 2nd last page or so has a chip and a large rectangular loop of wire shaped in it. From what I remember, the rectangular loop of wire measured about 8cm long by 2cm high or so.

Here's a smallish picture of what the RFID bit looks like: http://www.telegraph.co.uk/news/graphics/2005/11/1 8/npassport18.jpg [telegraph.co.uk]

Re:

[TubeSteak]

The 2nd last page or so has a chip and a large rectangular loop of wire shaped in it. From what I remember, the rectangular loop of wire measured about 8cm long by 2cm high or so.

Is that something that can be resolved using a hammer?

Even though I'm normally a fan of Opt-In systems, I'll mute my complaints if a hammer allows me to Opt-Out.

Re:

[955301]

No, a rock won't do, nor will paper. Scissors wins!

Re:

[HTH NE1]

Even though I'm normally a fan of Opt-In systems, I'll mute my complaints if a hammer allows me to Opt-Out.

Don't be surprised if doing that may opt you into a special gated community in Guantanamo Bay.

Re:

[lcsjk]

I did some initial design for an RFID system last year. The credit card size unit has a microchip with memory and a coil of wire around the edge of the card (about 7cm x 5cm). THe coil is the secondary side of an air-core transformer and the reader (receiver) has the primary side. Note that it is not RF as in radio or telephone. It is a magnetic field. The reader has to send enough AC power through the air to the RFID coil so that a capacitor can be charged to give an operating voltage. When the volta

Re:

[sarabiz]

Yes, they began putting them in as of at least Summer 2005. I know this because I got married and needed to change my name on my passport. This used to require a simple addendum to the back and was free. However, since I had the old non-RFID passport, I was required to pay ~$70 for a new one. Suck.

This is only an interim measure...

[$RANDOMLUSER]

...until they can implant the RFID chips in your head.

Re:

[garcia]

I wouldn't put it past them and I'm sure no one would care...

I just recently took a trip to Winnipeg so that I could get around any passport requirements they might put up in the near future. I *refuse* to travel abroad with a passport that has RFID technology inside. Just like I will not give my SSN out to anyone, I will not allow my passport to be read via RFID.

The individuals I was with on this trip told me I was paranoid and shouldn't let something as little as an RFID tag stop me from traveling where

Re:

[hcob$]

Well, lets go through the usual arguments...

RFID tag is stored in the passport(which is a faraday cage when closed.

The data is a hash value that is used to look up information to verify that you are who you say you are.

And yes, you are paranoid about it.

Re:

[NDPTAL85]

Your friends were right. You are in fact paranoid. The overwhelming majority of people will suffer no ill consequences from having their passports read by an RFID reader.

The burden is on you to show what bad things will happen.

Re:

[twistedsymphony]

well, tinfoil hats are soooo much cooler then tinfoil passport protectors.

can they be opened with a Diebold key or bar key?

[speculatrix]

anyone tried to open them their hotel mini-bar key?

Various Creative Responses

[Tackhead]

> New U.S. e-Passports contain a 64 kbit RFID chip with personal information about the passport holder.

After reading last night's [slashdot.org] thread, I suppose encoding ~250 copies of the string "Kip Hawley is an idiot. Michael Chertoff is also an idiot" into an off-the-shelf 64kbit chip, putting the chip in a small wad of gum, and then swallowing the gum, is no longer an option.

Well, so much for my weekend.

Re:

[in2mind]

After reading last night's [slashdot.org] thread, I suppose encoding ~250 copies of the string "Kip Hawley is an idiot. Michael Chertoff is also an idiot" into an off-the-shelf 64kbit chip, putting the chip in a small wad of gum, and then swallowing the gum, is no longer an option.

First of all,why would you want to do that?
Two,the passport RFID reader needs to be within 10 cms from the chip to be able to read. So sont worry.You can swallow whatver you want to. :p

Range can be increased

[Bruce Perens]

There is a time-honored tradition of making RF signals go as far as possible. It's the first thing any kid tries with a walkie-talkie: how far can it go? It's possible to make RFID devices read from farther than designed by using higher power to energize the RFID and a higher-gain antenna to read its response. Certainly it will be practical to read these things as people walk through a door frame, with the proper equipment.

Bruce

Range is a function of the reader

[everphilski]

In this case, the readers are rather limited. 10cm, give or take.

Re:

[mrchaotica]

The reader at the airport is limited. The reader being surreptitiously carried by the American-tourist-targeting mugger/kidnapper/whatever in whatever foreign country you're going to won't be.

Re:

[StikyPad]

The reader being surreptitiously carried by the American-tourist-targeting mugger/kidnapper/whatever in whatever foreign country you're going to won't be.

I was as shocked as you will probably be when you read this, when I found out that Florida is not, in fact, a foreign country.

Re:

[jrumney]

Its not just a function of the reader. The standard RFID tags are passive, powered off the signal from the reader. If you make them active (amplify the signal using onboard batteries) and use a bigger aerial, then the range can be increased considerably.

Re:

[megaditto]

How about the ones that the terr'ists stow away?

1) Paint an RFID bullseye on all the 'card-carrying Americans abroad.
2)
3) Profit?

Re:

[SatanicPuppy]

The antenna part is obvious to me...I remember a while back an article about some people snooping those RFID gas cards using a high gain antenna, and it only makes sense that you're going to be able to pick up a radio signal with a sensitive antenna, once that signal is in the open.

I'm not as clear on the "energizing" process. I understand that you get a stronger signal based on the amount of energy imparted to the chip, same as you would with any other radio transmitter. But what kind of upper limit exists

Re:

[hcob$]

Is there any way to energize an unshielded card from more than, say, 5 feet away, or is the danger primarily from people with readers brushing up against you for a reading?

Sure, all that possible. If you leave your passport open(closing it completes the faraday cage in the cover). Of course, people can also read all the data on your passport whenever they open it using this ancient technology called "eyes". And if you want to extend their range, you just have to get a few "lenses" and you can see it a

Re:

[Em Adespoton]

Is there any way to energize an unshielded card from more than, say, 5 feet away, or is the danger primarily from people with readers brushing up against you for a reading?

The issues seem to be the following:
1) RFID chips are activated by the EM energy delivered from the reader.
2) When closed, the passports in question are contained in a complete farraday cage, blocking any EM radiation from passing between the inside and outside of the passport.
3) When open, the regular rules of electromagnetic radiat

Re:

[Em Adespoton]

Sorry; in my parent post, mV should be MV - mega, not milli. That shows what not hitting the preview button can do. Oh well. It should be obvious from context.

Re:

[swillden]

When open, the regular rules of electromagnetic radiation hold true (inverse square law?)

In this case, the power delivered to the chip drops off according to an inverse cube law. The strength of the return signal attenuates by the inverse square of distance. Both effects come into play in limiting range. You'd think that the inverse cube side would dominate, but the attacker has the option of boosting the power almost without limit (though the result may be very unhealthy to anyone in the path). The

Re:

[swillden]

Certainly it will be practical to read these things as people walk through a door frame, with the proper equipment.

Hasn't been so far, not even given considerable commercial application for ISO 14443 chips that can be read at that distance. I'm not saying it's impossible, but smart people (i.e. the sort who design these things for a living) have been trying for the better part of a decade, without much success. That argues, at least, that it's not easy. The long-range reading that has been successfull

Wrapping your passport in Tinfoil?

[Yahma]

There is the ever present theory that wrapping something in tinfoil will prevent RFID communications from working. Does anyone know if this is true or has been tested? If it works, just wrap your passports in tinfoil.

Yahma -- BLASTProxy.com [blastproxy.com] - A public anonymous proxy server that allows you to bypass firewall restrictions at home and work and surf safely.

Re:

[kdawgud]

It definitely works. Simply try it with your cell phone. Instant reception of zero.

Re:

[Bruce Perens]

Look up "Faraday Shield". It works, but I can think of some approaches to get through it, although I doubt that any current RFID device uses them. Testing is always a good idea. And aluminum foil is not the most attenuating material, just the cheapest and by far the most easily available one.

Bruce

Re:

[hcob$]

There is the ever present theory that wrapping something in tinfoil will prevent RFID communications from working. Does anyone know if this is true or has been tested? If it works, just wrap your passports in tinfoil. I guess I'm going to be saying this often today. All you have to do is close the passport, there is a faraday cage in the cover that is completed when the cover is closed.

Re:

[It'sYerMam]

Everyone knows that tinfoil AMPLIFIES the signals, not reduces them!

Why?

[Lauritz]

Are there any arguments in favor of RFID as opposed to chip-cards? I mean, conventional chip-cards that need physical contact with the reader would be safer in that the can not be wirelessly read and could contain processors to do crypto-calculations on card (since they have better power supply). The extra time it perhaps would take to read the card shouldn't be a bottleneck since airport checks are plenty slow as they are.

Re:

[voice_of_all_reason]

Are there any arguments in favor of RFID as opposed to chip-cards? Yes, it makes (some group) (rich/powerful).

Re:

[twistedsymphony]

but... but... RFID is a buzzword!!!

Re:

[Shaper_pmp]

1. Airport checking is still abominably slow, so saving ten seconds when you've just queued for two hours isn't going to make much difference to anyone.

2. We're already agreeing on frequency and cryptography standards. What makes a "hardware" standard any more onerous? Especially if, as a previous poster pointed out, you just ensured the chip was a set distance from a specific corner of the medium.

3. RF is the most covenient, but also the most insecure. Unless you wrap your passport in multiple layers of

Passport Cases Now Become Important

[Bruce Perens]

I have a passport case and will be sure to line it with mu-metal (not just aluminum foil) when I get a new passport in a few years. I'm sure that similar things will be up for sale. Indeed, if there's a manufacturer out there who wants to work on this, and knows sewing better than technology, write to bruce at perens dot com.

Bruce

Re:

[in2mind]

I have a passport case and will be sure to line it with mu-metal (not just aluminum foil) when I get a new passport in a few years.

I think thats dumb thing to do.When the security guys at the airport read your mu-metal'ed passport with their reader,it wont work & they would think its not a valid passport & you will be in trouble.

Re:Passport Cases Now Become Important

[Bruce Perens]

I guess this is something that not everybody understands yet. Of course you'd take the passport out of the case when there's a legitimate occassion to read it, like going through immigration security at some country (which I do a few times a month). The problem is that people can read it while it's in your pocket, with the right equipment, wherever you go, all the time, hundreds of times per day. And having it in a mu-metal case when you do not expect it to be read would be a good security practice. Is that more clear?

Thanks

Bruce

Still ....

[wsanders]

- I mean it doesn't have personal information, even if decoded, so what use is it to anyone, except that it identifies you with a big random number like a cookie does.

Although I do hear there were plans to put this into the data in clear text:

"YOU'LL BE SORY THAT YOU MESSED WITH THE U.S.of A.
'CAUSE WE'LL PUT A BOOT IN YOUR ASS IT'S THE AMERICAN WAY"

OK, maybe the case isn't such a bad idea after all.

Re:

[SydShamino]

I mean it doesn't have personal information, even if decoded, so what use is it to anyone, except that it identifies you with a big random number like a cookie does.

Wherever you go, anywhere in the world, anyone who gets within a few feet of you can conclusively identify you as a U.S. citizen if they so wish to. (I assume there is some common code that identifies it as a U.S. passport.)

I've never seen the state department do anything that jeopardizes the safety of American travelers as much as this will.

Re:

[Muad'Dave]

I mean it doesn't have personal information, even if decoded, so what use is it to anyone, except that it identifies you with a big random number like a cookie does.

Huh? You mean all of this personal info [icao.int] (PDF, see page 16) ??? You'll note that encryption is optional, but data integrity via a 1-way hash is mandatory.

Re:

[SydShamino]

That was a quote from the GP. Did you intend to reply to them instead of me?

Your post proved my point - encryption is optional, and the data in the MRZ section isn't encrypted anyway. That includes issuing country.

Re:

[Curmudgeonlyoldbloke]

Wherever you go, anywhere in the world, anyone who gets within a few feet of you can conclusively identify you as a U.S. citizen if they so wish to.

They pretty much can now, even before you've opened your mouth - from a combination of dress, mannerisms, etc. Once you start speaking, the accent confirms it. Social norms in different (Western) countries are often very different and the game of "guess the country of origin of your fellow travellers" at an airport is surprisingly easy.

Re:

[SydShamino]

And you are assuming that I'm as stupid as the standard American traveler. I know how to dress for the countries I visit, I know when to keep my mouth shut, and can get by in German well enough disguise my accent, especially German isn't the native language of the person I'm talking to, either.

The other reply has a very good point, too. IEDs that explode when an American walks by can now be standardized and mass produced.

Why would you assume that?

[wsanders]

What would be in the passport besides a long random number? Most other countries (not counting failed states) will be doing this exact same thing in a few years.

Re:

[SydShamino]

Well, because I assume that countries will want to be able to read each other's RFID codes. Great Britain now has RFID codes in their passports; of course they'll make it so our readers can read their passports, and vice versa.

Then all of Europe shares in the system, then parts of Asia, then so many readers are out there that can at least decode the country (if nothing else) that it becomes likely the data will leak out to third parties.

Re:

[oyenstikker]

But you don't show your cookies to anyone other than the one who gave it to you. Else you would be trackable.

You don't understand the PKI

[wsanders]

Any country using the chip will instantly see that the chip has been tampered with, just like you know an SSL web site has been tampered with then the certificate you get doesn't match the signature at the CA. The face in the chip won't match the face on the passport, and you'll have some splainin' to do, hopefully in a country with due process.

If they don't read the chip, then yes they can forge your picture just like they do now.

Like Bruce Parens said, the only risk is that that guy walking by you on the

Re:

[kbielefe]

Any RFID chip that broadcasts a particular signal is indistinguishable from any other RFID chip that broadcasts the same signal.

This is not a chip that broadcasts the exact same signal over and over. Under this type of authentication, at least part of the signal changes every time in a way that appears completely random. You'd require physical access to the passport, some pretty sophisticated equipment, and (depending on the implementation) possibly quite a bit of time in order to clone it -- eavesdroppi

Re:

[hcob$]

The problem is that people can read it while it's in your pocket, with the right equipment, wherever you go, all the time, hundreds of times per day. And having it in a mu-metal case when you do not expect it to be read would be a good security practice. Is that more clear?

I guess I'm going to be saying this often today. All you have to do is close the passport, there is a faraday cage in the cover that is completed when the cover is closed.

Re:

[nacturation]

On the other hand, it is enough to read the RFID when the cover is only slightly open. What prevents reading the data from 10 metres while the imigration officer is looking at the open passport?

Hopefully all countries around the world will erect large walls and ban binoculars around immigration facilities.
 

This will guarantee you an anal probe

[wsanders]

I know everyone understands PKI, right, but isn't this is equivalent to someone trying to spoof any random SSL-enabled web site with a CA_signed cert? (assuming the gov't doesn't screw up.) OF COURSE you can break it or spoof it, if you break the CA.

It isn't designed to guarantee that the photo and the chip match, we can look at your face for that. It's to weed out the paranoid asshats who've tinkered with them, or, worse, have fake passports. Just like your browser throws up a warning if it can't figure ou

Re:Passport Cases Now Become Important

[kevin_conaway]

It already has a cover [state.gov]

Metallic anti-skimming material incorporated into the front cover and spine of the e-passport book prevents the chip from being skimmed, or read, when the book is fully closed;

Re:

[Raistlin77]

And you trust Government-supplied security?

Re:

[Bruce Perens]

Uh-huh.

I think I am going to trust the cover that I provide.

Bruce

Re:

[Jherek Carnelian]

I think I am going to trust the cover that I provide.

It's already been reported here on slashdot that the cover has to be tightly closed in order to make a functional faraday cage. I believe that the experimental results were that leaving it open just 5-10mm was enough to negate the shielding effects.

So, make sure whatever cover you go with has a clasp.

Re:

[flanksteak]

Why use RFID if it only works when the passport is open? What makes it better than barcodes?

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[owlstead]

Where on the data page would you place a 64KB bar-code? This thing is used to store (biometric) data, not just a number. Barcodes are easy to fake as well. If the chip uses Active Authentication, it will be pretty hard to fake the chip. Besides that, 14443 communication is well understood and widely used. If it is well protected, there is little against it.

shielded cases for 18 dollars

[fantomas]

http://www.difrwear.com/products.shtml [difrwear.com]

looks like somebody's already selling them Bruce!

Moo

[Chacham]

I wonder if all they read will be one's passport.

To the conspiracy wonks - entertain me

[Quiet_Desperation]

Oh, please do try and foil (pun intended) the RFID readers. Please. And bring a friend with a video camera so we can watch the resulting hilarity on YouTube.

Re:

[jb.hl.com]

"Hilarity" and "YouTube" do not belong in the same sentence.

TravelTags

[EssTiDee]

This really isn't all that horribly different from the TollTags, EasyPasses, and basically every other scannable devices that identifies the device-holder. Your passport is the property of the government -- has been, and will continue to be. If they want to make it easier to check / scan / whatever, so be it. While I worry about the security of their online database, it's not really any less secure than it has been in the past. I say there's no real change taking place here, except maybe if not too many

Re:

[TubeSteak]

This really isn't all that horribly different from the TollTags, EasyPasses, and basically every other scannable devices that identifies the device-holder.

Ummm... The Government doesn't require me to have a "TollTags, EasyPasses" if I want to leave the country.

Until "basically every other scannable devices that identifies the device-holder" is required by the gov't, then it really is horribly different.

If you haven't gotten/renewed your passport, I told you so. Mine is good for another 10 years and doesn't

Re:

[hcob$]

This really isn't all that horribly different from the TollTags, EasyPasses, and basically every other scannable devices that identifies the device-holder.

Yeah, but those dont' have built in faraday cages...

Re:

[cayenne8]

" This really isn't all that horribly different from the TollTags, EasyPasses, and basically every other scannable devices..."

And I don't use those either!!

As another poster said, the govt. doesn't require you to have one for travel either...

Fine by me

[lawpoop]

I have no problem with RFID in the passport, as long as it is implemented in an intelligent manner. I don't see it as any more of an invasion of privacy than the personal photo and address information, and also the log of my recent travels.

I plan on having an aluminum foil carrying case for my RFID passport, when I get one, so it can't be read without being opened. Recently I saw a link to a company that makes wallets with a metal foil already embedded in the leather, so RFID chips can't be scanned remotely. The also sell a foil insert that goes in the bill area. I acn't remember the name though -- I thought it was a wordplay with 'wallet' and 'magnet', perhaps the word 'envelope'?

The only thing I don't want is an RFID implant. You might wear a farraday armband, but the whole idea reminds me too much of Jews getting serial numbers tatooed shortly before they were shipped into the death camps.

Re:

[Clever7Devil]

Revelations 13: 16-17

And he causeth all, both small and great, rich and poor, free and bond, to receive a mark in their right hand, or in their foreheads:

and that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his name.

Yikes! The sky is falling!

Already foil'd

[everphilski]

Metallic anti-skimming material incorporated into the front cover and spine of the e-passport book prevents the chip from being skimmed, or read, when the book is fully closed [state.gov]

Re:

[Em Adespoton]

Hmm... here's a freebie name for someone to use if it's not the one you were thinking of:
MagneCarte

My main issues:

[mitchell_pgh]

- I wonder how long it will take to break the security? [it's going to happen]
- I wonder from what distances the RDIF card will be able to be read? [I hear a few inches to a few yards and beyond]
- I wonder what interesting ways people will use this information. [I'm in marketing and can already think of a few]

aluminum cases through security anyhow?

[192939495969798999]

Has anyone actually tried to take an aluminum foil wrapped anything through airport security? I assume that would look suspicious to anyone, i.e. why the hell is it in foil, is it a bomb, etc. Did you get harassed at all? I actually just got a passport and am travelling far, far away, so I *could* try it...

Re:

[myowntrueself]

Has anyone actually tried to take an aluminum foil wrapped anything through airport security?

Sure, you should see the hassle that Metal bands like Spinal Tap have to go through trying to get aluminum foil covered cucumbers through airport security!

Its really humiliating to have to pull it out of your pants, makes the crotch look all saggy.

Re:

[cayenne8]

"as anyone actually tried to take an aluminum foil wrapped anything through airport security?"

Yes I have....I was bringing some andouille sausage with me to cook at a friend's house...I did the usual to keep it fresh for travel. I froze it solid, wrapped in paper towels, and then wrapped in aluminum foil.

I've done this in checked baggage and in carry on...no big deal.

I could see they had checked the checked baggage, but, had not unwrapped it....and nothing done with the carry on, which was my backpack.

Yes! HD's in anti-static bags look like drugs

[SomethingOrOther]

Comming back into the UK, Stanstead Airport customs.

I get asked to open my bag containing 6 Hard Drives in anti-static bags.
Customs raise an eybrow. Only then do I realise each drive looks exactly like a brick of hash wraped in foil.

Dressing like a typical stoner probably didn't help either.

Schneier says "rewew NOW"

[MrAtoz]

For what it's worth, Bruce Schneier [schneier.com] is recommending that everyone renew their passports now so that you can avoid having a chipped one for another 10 years:

The security mechanisms on your passport chip have to last the lifetime of your passport. It is as ridiculous to think that passport security will remain secure for that long as it would be to think that you won't see another security update for Microsoft Windows in that time. Improvements in antenna technology will certainly increase the distance a

Typical Response without knowing the facts

[unPlugged-2.0]

Come on slashdot-folks I expected better than all these comments about tin-foil hats.

It's bad enought that I have to put up with this any time I talk to any non-techie about the fact that I work for an RFID company and no I am not evil and do not wish to track their every move and alert someone that they are using the bathroom too much.

--Now for the Facts--

There are two main categories for RFID systems on the market today. These are near field systems that
employ **inductive coupling** of the transponder tag or Smart Label to the reactive energy circulating around the reader antenna, and far field systems that couple to the real power contained in free space propagating electromagnetic plane waves.

The passports are (repeat after me) *inductive* which means that they are activated by a magnetic field which is amplified by that metal loop you see to provide power to read the memory on the chip. The claims that someone could build a reader to read your tag from even 10 or 20 feet away is ridiculous. It would require the creation of such a big magnetic field that it would probably zap all magnetic material (such as hard drives, floppy discs, usb keys) that I am sure someone would notice. Also in order to read the reflection of the magnetic field which is what determines the response (RFID works like an echo you yell at something and wait for the echo to figure out what the id is) you would need such a big receiver (note this is still for 10 - 20 feet only) that you would literally look like someone out of the verizon commercial.

I know us techies are generally oblivious to the outside world but I think if you saw someone like this within 10 feet you should generally notice. Also you should run because that magnetic energy will probably fry your nads among with other crucial body parts you may never use (sorry couldn't resist).

The only real danger is that some hot woman with an rfid reader decides to bump into you and just happen to place her hand where your passport is. If you foresee that happening a lot then I suggest you get a tin-foil cover. However if that happens to you a lot then you are probably not on slashdot and reading this anyways.

Sorry but I am a little sick and tired of hearing about all these security concerns by people who don't know how these systems actually work. Can you tell?

Re:

[Ludedude]

"Sorry but I am a little sick and tired of hearing about all these security concerns by people who don't know how these systems actually work. Can you tell?"

Sorry, but I am a little sick and tired about hearing about how there are no security concerns from the people who don't care about anything but selling their products to a government that wants more control over its people. Do you care?

Re:

[AK Marc]

a government that wants more control over its people.

Please explain how RFIDs are going to increase the control the government holds over passport holders. RFIDs may be a bad idea, but there is nothing that will help the government control people here.

Re:

[AK Marc]

So, how is RFID in my passport (expires in 8 years, so I have a while before I have to worry about it anyway) sitting in my dresser drawer at home helping the government track me? For the few times a year when I travel internationally, my name is on passenger manifests, tracked through immigration/customs, and such anyway. So how is the RFID going to change this at all? It doesn't help the government track me at all, other than changing a 3 second swipe of a magnetic card to a 1 second RFID read, saving

Re:

[MisterBlue]

Most of the the comments in this forum are uninformed...

The passport case already has protection so the RFID cannot be read when the passport is closed. No need for tin-foil cases. (http://www.state.gov/r/pa/prs/ps/2006/70433.htm)

The contents of the RFID is your identifying information signed by a government key. The encryption has already been broken, but until the signing keys are compromised, new contents cannot be put into the RFID (refer to the many docuements on hashing and signing technologies).

There

Re:

[MountainLogic]

As a guess as to why RFID? THey were sold a bill of goods that this will make counterfiting harder.

Re:

[NeutronCowboy]

Good points. However, there are two issues with electronic passports:
1) Someone can still read it remotely, and get access to all kinds of personally identifying information. Yes, you have to get close, but it still is quite possible. Ever seen pickpockets at work? They manage to *remove* your wallet without you noticing it. Considering the potential damage that can result from someone getting their hands on your passport, I'd rather not make it easier for people to access them.

2) You don't know what's on y

Re:

[NeutronCowboy]

You're right, the points I raised are not fundamentally new issues that are strictly tied to RFID chips. However, it is much easier to exploit these existing issues with RFID chips. Want to get the passport information from 100 people in an hour? Stand in the subway next to people arriving at any international terminal. Same thing with data on the passport. Yes, there's plenty of correlation out there already (though nothing on credit cards - at least not the dumb magnetic stripe ones). But that doesn't mea

Re:

[jrumney]

The only real danger is that some hot woman with an rfid reader decides to bump into you and just happen to place her hand where your passport is.

I'm gonna start keeping my passport down my pants. Just in case.

Renew Now

[jay2003]

I sent in my passport in for renewal about a month ago since it expires next year and it came back without RFID. I suspect if you send in a renewal the next 2 weeks to the National Passport Center, you'll get a new one sans-RFID. I now have 10 years before I have to worry about passport RFID and tin foil hats for my passport. Hopefully by the next time I have to renew, the State Department will have realized their stupidity and gone to contact chip rather than RFID.

13 million seems awfully high

[notyou2]

U.S. passports -- about 13 million will be issued in 2006

Is this really correct? That would mean that over the course of a decade, roughly 130 million passports are issued? So there are 100-something million active passports... 1 in 3 americans (of all ages). That seems high.

Re:

[robogun]

The number has spiked due to the new requirement that all people crossing the border hold passports. Next time you're in the post office, take note of all the people applying for passports.

There are a lot of people who cross the border every day on business. Previously, only a drivers license was required for readmittance from Canada and Mexico.

Re:

[Kozar_The_Malignant]

>the new requirement that all people crossing the border hold passports

If you are a US citizen, you still don't need a passport to go to Mexico, but you sure as hell need one to come back.

it's election time...bug your candidate!

[JimBobJoe]

How about this as a creative solution--bother your incumbent congressman or congressional candidate, ask them if they support unjustifiable technology that can prove to be a risk to US citizens abroad.

I'm telling both the guys running for my district (which, fortunately, is a competitive one) that I'll vote for the guy who votes to repeal the REAL ID Act and, at the very least, makes the RFID chip optional in new passports.

Where to buy/how to make an RFID reader? (writer?)

[lpq]

How does one get a hold of an RFID reader? Are there writable RFID's? Like can I create my own RFID's and put them on things in my house (with my own numbering system, I'm not sure it would be a privacy issue (?)), so I can constantly find things like my keys, the remotes...etc...?

I'd like to know when something has an RFID in it as well...I bought a pair of leather work gloves at Home Despot the other day. There was no obvious tag -- but she deactivated them anyway and they beeped. I find out later the

Re:

[kbielefe]

Although this example may not be as dangerous as those involving forgery, it sure could provide an advantage to an unscrupulous business competitor.

That's what's so amusing about conspiracy theories: common sense not required. You get hold of your enemy's passport, and what do you use it for? Inconveniencing him at the airport one time.