Wired News: No Encryption for E-Passports — Baffling. A disaster wating to happen.

The lack of encryption baffles privacy advocates and security researchers, who say the new passports are vulnerable to “skimming,” an attack that uses an unauthorized reader to gather information from the RFID chip without the passport owner’s knowledge.

The State Department concedes that skimming is a legitimate threat, but says the chips will have a read range of inches, that eavesdropping at border stations would be very conspicuous and that the passports will have a shielding mechanism — perhaps a foil case or a weave in the cover that will cloak the chip when the passport is closed.

via M. Cuthbertson



  1. We All Must Die says:

    Aluminum foil hats will block the signals emitted by the radio tags. You need to watch for geeks with Pringle can antennas trying to hack your RFID. Don’t get rid of all your pens and ink yet. Have your computer verified by a certified verification expert. Get a Microsoft Passport now, it is totally secure with a supercalifragilistic encryption algorithm from Egypt. The same code was used for securing King Tuts tomb. This should help users with security concerns. http://www.microsoft.com/egypt/
    Check with the Killer Application Group for more on this and other imported and breaking security news. Our passion is your poison. Just forget about dollars, all you need is our software. We promise, we really do. It will all work out, it will we promise. Buy our stock, it is better than cash, it is better than paper. You don’t need paper, we don’t use paper. Live the digital lifestyle, give us all of your money, it is worthless. Buy our software and stocks. We put our customers in the drivers seat. The crash test dummies use our software, they do we promise. They are shareholders too. We are smarter than Google, we really are. You don’t need Google, we can find anything. You don’t need a mind, we have software that can think now. We will protect you. We have passion, we love our software. We hate U.S. currency, our stock is better than having money. It is better than chicken soup. Buy an ad from us, we will sell all your stuff cheap. We will make you software, because you don’t need money. We have Iranian programmers who love software and helicopters. Crap, I lost my keys! You don’t need keys. You only need software.

  2. Michael Cuthbertson says:

    “Security mechanism….weave…foil…cloak”
    That venerable old expression Shit For Brains comes to mind.
    What if you lose it or it’s stolen? It can be opened and scanned.
    For top-notch close in security, it will have a security “mechanism” – “perhaps a foil case or a weave that will cloak..”.
    Is that a hair weave or a tinfoil hat? Those aren’t “cloaks”.
    Do they mean a fashionably knee-length Heavy Duty aluminum foil cloak with hair weaved on the back?
    Wouldn’t that be awfully noisy to walk around in?
    Anyway, what in the Sam Hell is a “security mechanism” ? Is that like a bear trap or a portable Faraday cage?
    Let’s say I’m walking along in the crowd at the airport with my RFID HandiKit in my pocket and my giant-size tuned RFID antenna stuffed down my pants leg or strapped to my back, like Bush. I might walk funny, but I doubt that the hair weave or the tinfoil hat will stop me.
    Perhaps they’ve thought of this – maybe they can profile people with funny things poking up their britches.
    Or suspiciously well-dressed hunchbacks.
    Folks, this is the outfit that brought us the TSA and the Patriot Act.
    They’ve got Shit For Brains.

  3. James says:

    In the movies, they always have to hand over the passport at the hotel for safekeeping until they leave.

  4. roborob says:

    What are they thinking? They say “eavesdropping at border stations would be very conspicuous”. Hey, morons, we regularly surrender passports to hotel desk clerks overseas, any one of whom could have a reader “within inches” of the passport. What about all the passports handed in to keep “in their safe” while you’re checked in. Lots of people hold my passport overseas, bank tellers, currency exchange places, rental car clerks, etc. Any one of these people could be recruited to skim details of hundreds of passports a day. Our administration is both negligently inept and pathologically uncaring about our security and privacy. And with that, they undermine the security of their system and lose whatever “anti-terror” advantage they might have gained by having a digital photo on that passsport.

  5. site admin says:

    It’s apparent to me that these people have never actually left the country with a passport. You’re correct. The passport is constantly being grabbed and held for “safekeeping.” I’m sure they’d be hacked too.

  6. Hank says:

    >> In the movies, they always have to hand over the passport at the hotel for safekeeping until they leave.

    For my safekeeping? I always assume they keep it so I’ll pay the bill.

    I always complain loudly when they ask for it and often keep it.

    I travel in some pretty dodgy countries and don’t want to walk around without proof of my identity.

  7. Jim says:

    Keep complaining Hank. I wouldn’t leave the United States. You can do what you want to do.

  8. david says:

    100% honesty by 100% of all, 100% of the times.

    Anything other, and we need security inversely proportional to honesty.


0

Bad Behavior has blocked 5648 access attempts in the last 7 days.