To protect against skimming and eavesdropping attacks, federal and state officials recommend that Americans keep their e-passports tightly shut and store their RFID-tagged passport cards and enhanced driver’s licenses in “radio-opaque” sleeves.
That’s because experiments have shown that the e-passport begins transmitting some data when opened even a half inch, and chipped passport cards and EDLs can be read from varying distances depending on reader technology.
[…]
Gigi Zenk, a spokeswoman for the Washington state Department of Licensing, says the envelope her state offers with the enhanced driver’s license “ensures that nothing can scan it at all.” But that wasn’t what researchers from the University of Washington and RSA Laboratories, a data security company in Bedford, Mass., found last year while testing the data security of the cards. The PASS card “is readable under certain circumstances in a crumpled sleeve,” though not in a well maintained sleeve, the researchers wrote in a report. Another test on the enhanced driver’s license demonstrated that even when the sleeve was in pristine condition, a clandestine reader could skim data from the license at a distance of a half yard.Will Americans consistently keep their enhanced driver’s licenses in the protective sleeves and maintain those sleeves in perfect shape – even as driver’s licenses are pulled out for countless tasks, from registering in hotels to buying alcohol? The report’s answer: “It is uncertain … ”
And when the sleeves come off, “you’re essentially saying to the world, ‘Come and read what’s in my wallet,'” says Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, D.C. By obliging Americans to use these sleeves, he says, the government has, in effect, shifted the burden of privacy protection to the citizen.
RFID is a stupid choice for this application. Smartcards are a FAR better option in all respects.
Seems like it would be simple enough to put a pressure sensitive area in the design so that it could only be read while you were pressing the button rendering all these privacy concerns obsolete. Hold it over the reader, press the button, reader beeps happily that it has been read, all done.
These passports have been issued by the US since July 2007. My Family has these, mine however is not. (Isued June 2007) Nothing new here… When will we get the RFID chip in the Arm?…
That is why man invented the HAMMER!
And #1…the US has been issuing these passports since ’07…so…that’d be in Bush you can trust (nothing too)…
Chipped passports are better than nothing !
Yes, privacy protection is also a responsibility of individuals.
Here is something to REALLY worry about –
Cheney managed a corrupt government from an undisclosed bunker while ensuring through his personal gestapo at the CIA that Congress was not informed.
NOW THAT IS A STORY.
Just ordered a set of passport sleeves for the family…
If you pay close attention when using the pedestrian crossing into Mexico at the San Ysidro port of entry, you might be able to catch sight of persons attempting collection your information.
On the south side of the boarder that is.
So, I can see a small metal box replacing my wallet in the coming years?
Yes, our overlords need feedback. I like the button idea.
Change is a process, not a conclusion.
Whats all the Fuss about? It started in 2007. Like it or not, the Chip in your arm (or other place) is coming soon to a body part near you. Some of my family members have this in July 2007, I however got my most recent passport in Jun 2007, so I get another 8 years without the Chip. I like th hammer idea, but i can assume that if you did this, it would be a crime?
This was one reason I got a passport in 2006, just before the chip was put in them. I didn’t have any travel plans, though I knew it would eventually be required for my travels to Canada. RFID is a wonderful technology, but it is best suited to identify things, not people.
#7 Lame Repubipuke sweeping real issues under the rug by criticizing stupid shit.
Now Pedro==YOU started the political analysis of a technical issue by blaming Obama for a Bush program.
Whats the matter? Can’t stand the heat?
Man Up.
#12 There is change with Obama – just ask all the Repubipukes and “New Repubipukes” complaining.
My complaint with Obama is he does not apply the same Bush smugness to get things done. ie. “I’m president and fuck you I’ll invade Iraq if I want to”.
#14:
“I’m president and fuck you I’ll invade Iraq if I want to”
Yeah, but this is pretty much how Congress operates these days.
#14 should listen to the Youtube videos of unequivocal support of the Iraq war by democrats.
To name a few:
Bill Clinton, Joe Biden, Sandy Berger, Nancy Pelosi, Jay Rockefeller, Harry Reid, Madeline Albright, Hillary Clinton, John Edwards, Evan Bayh, John (I served in Viet Nam) Kerry, Chris Dodd, Al Gore, and Ted Kennedy.
One party comes up with idea, the other party can’t fix it….it’s just a piece of paper AND neither party can get the job done.
So some of ya still think that government (either party) can do a better job with the medical system than they do with passports?
Why do we need RFID in documents anyway? And who gets to read, store, analyze and use the data contained in these devices? Do we really need hotel employees having access to all that info.
So every time you go into a bar, you will have to have your data collected? You check into a hotel room, and the driver’s license is transmitted to who knows how many databases?
These types of ID should be required to be plug-in only, where the chip has to be physically attached to a reader for it to work. There is absolutely no need or justification for remote data collection. And reading that chip should be allowed only during specific high-level law enforcement duties, such as border control or AFTER an arrest has been declared, not just casual snooping by the officer that pulls you over.
Pretty soon, as part of ‘crowd control’, if we allow this thing to proceed, you will have to have your ID scanned if you want to be in any type of political rally. So much for freedom of expression and congregation.
This is exactly why we ‘fought’ the cold war… individual freedoms. And now ‘conservatives’ in their treasonous cowardice want to destroy the most basic of Anerican values by imposing mandatory government ID check for most basic activities, such as purchases, travel, congregation.
Yes, this is still a remainder of the cowardice that the country has fallen into after 911 and the Bush polices thereafter.. fortunately there are some signs that we are starting to become Americans again, instead of just some cowering fearful masses willing to just give away everything that our parents and grandparents fought for.
Like Mr Pinkerton, I was able to renew my passport before the RFID fiasco in 2006. So, I have a few years before I need to enclose it in a Faraday cage.
The best part of this is: We get to pay for being screwed. Higher fees for the passport and (I just checked one website – Magellan’s) $40 for the RFID blocking cover. Ain’t we got a great Gov?
When the State Department adopted the RFID standard used in our current passports (it was probably in 2004 or some time around there), they were warned by security experts that the passports were going to be readable from a distance so the data enclosed on them should be encrypted. No matter how much evidence was given to them, they “stayed the course” and stuck with the plain text passports we have today.
I think a card edge connector would be better.
NO batteries and transmitter required.
Or even a inductive connection..It has to touch the surface to transfer information.
ANY signal, has at least a 16′ range.
I could put a small wireless reader on those EXIT RF security stands, and read everyones ID as they went thru. I could install a reader, JUST under the edge of a counter in a store, and read your ID.
decoding?? not much of a problem, get your OWN Passport and read it, then see if you can make it match. Would be encouraging if the DATA was only a checksum, variant, insted of DATA.
Put all of the above in a “Mu Metal” box so none of it radiates out.
#12, ‘dro,
You miss the point continually.
Even if they wanted to, the State Department can’t change their system overnight even if they wanted to. There is a process they must follow in order to change the regulations.
I know this is quite unlike Cuba where you guys just do what you want. In the US we have what is called the Rule of Law. For well over 200 years this concept has served us well. Maybe you could convince Raul to try it.
So, what would a 10 second spin in a microwave do to the thing I wonder…
Short of that, a little hammer percussion isn’t going to go amiss.
There were better choices. The government bleeped again. A tradition I can believe in.
Nothing 2 seconds in the microwave wont fix 🙂
The microwave will fix that chip nicely, and there’s no way to prove you ever tampered with it.
Nuking your passport will just result in you being required to get it replaced, at around a hundred beanos.
Remember, they hate us for our freedom.
America, land of the surveilled, home of the afraid. Twas not always so. R.I.P., Walter.
#31,
Don’t most passports say they are the property of the US government? (mine’s in my safe deposit box, so I can’t look at it to be sure)
Well in that case it should be the GOVERNMENT’s responsibility to maintain them or fix them if something goes wrong, shouldn’t it?
So essentially the only people not at risk to have their identity stolen are terrorists using fake passports.
Stop bitch’n. The idea of a passport is not to protect ones identity.
The republican idea of carrying no identification has already been tried.