The latest in digital travel documents, known as electronic passports, may not be much harder to forge than the current versions, a security expert told attendees at the Black Hat Briefings conference.

Using hardware capable of reading data from the radio frequency identification (RFID) chip embedded in the cover of an e-passport, Lukas Grunwald, a security researcher with DN-Systems in Germany, showed that he could copy the data from a European passport and write the data back to a smart card. The threat: A forged passport could embedded a smart chip that mimicked the RFID chip in the latest e-passports.

“We have programmed the smart computer on the chip to behave like a passport.”

Since the Feds were nice enough to publish the specs for the security standard and the RFID chip — it only took Grunwald about two weeks to hack it.

I guess this is why the NSA doesn’t want you to read stuff online or at libraries.



  1. ECA says:

    so you want to use something that Has a radio sender, reciever, or is sensitive to radio freq…
    Think about it.
    If it sends a signal, What do you need to recieve it??
    A Radio, a device to pick up the signal…Thats ALL.

    If its designed to recieve a signal??
    Fine, the signal is being SENT from some place. And it can be from Anyone Anyplace and can be Fugged up by interference.

    Affected by a readio transmission??
    Dont want it. Look at Credit cards, and that magnetic strip, as it weakens with USE, it DIES, or gets rubbed off, or is Rubbed on other cards and looses its magnetic field.

    Security:
    as the person found out, after buying a car with Finger print ID…All a crook wants is YOUR HAND.
    As the person found out after buying a Coded Car. They will BEAT you until you tell them the code.

    Get a LOJACK GPS system, and Hide it WELL.. THEn a code inside. If the cars moves, with out the Code, it sends signal to be traced. It dont LOCK down the car, it dont stop the crooks. It lets you TRACK them. Include an indash camera system and HAVE even more fun.

  2. Mike Voice says:

    All a crook wants is YOUR HAND.

    Fond memories of Westley Snipes in Demolition Man – eyeball impaled on a pencil…

    I thought it funny that Iris scan might work, but retinal scan sure wouldn’t… [grin]

  3. Olo Baggins of Bywater says:

    “RF” and “secure” are mutually exclusive.

    Anyone in the RFID industry will tell you that RFID is wholly inappropriate for passports. It solves no problem that cannot be solved in secure ways.

  4. ECA says:

    But even Chipped ID, can be hacked. All you need is to get into contact with the chip.

    For international airports, we NEED an international Passport system that is available and linkable to ALL countries.

    for cars and vehicles, it would be cool to have a lojack system, to track the FOOL stealing my car. Forget using a finger print, or those funny sencors.


0

Bad Behavior has blocked 4659 access attempts in the last 7 days.