The Privacy BlogPrivacy, Security, Cryptography, and Anonymity

Feb/09

8

Video: Hacker war drives San Francisco cloning RFID passports – Engadget

Video: Hacker war drives San Francisco cloning RFID passports – Engadget

The law of unintended consequences strikes again. In an attempt to improve national security, the U.S. Government has been pushing hard for the widespread adoption of RFID tags in passports around the world. They are already in U.S. passports. The problem is that they are easily scanned from a distance (as shown in the video), and can be cloned. If the RFID chip in the passport is trusted by the authorities, then the security situation is actually worse, not better. Getting real passport information from someone used to be hard. It generally involved actually stealing the passport. With the scanner, one could produce large numbers of clones while simply standing around the airport with the antenna in ones roller luggage (staying out side of security).

The long range readable RFID tags also make possible all kinds of other tracking and identification. The video talks about correlating personal information from RFID enabled credit cards with the passport number to produce even better fakes.

Distribution of such devices around a city would provide much better and more accurate and automated tracking of a population than cameras with their resolution, and facial recognition issues.

6 comments

  • Brian B · February 8, 2009 at 6:51 pm

    I recently went on a trip out of the country and picked up a couple of RFID blocking passport wallets for me and my wife since we both have new RFID enabled passports. They can be picked up from thinkgeek.com or difrwear.com.

  • Author comment by lance · February 9, 2009 at 7:09 pm

    Very nice, but few people know such things exist. My credit card company was shocked when I rejected an RFID enabled card and requested a conventional card. They did provide one.

  • Scott from Texas · April 16, 2009 at 3:51 am

    Altoid mint tins work excellent for RFID
    credit cards. It defeated turnstile activation at a local facility.

    RFID is the most anti-privacy tool on the
    planet.

    Whoever designed it should be imprisoned
    for life.

  • Author comment by lance · April 18, 2009 at 9:27 am

    Good tip on the Altoid tin.

    I don’t know about imprisoning the inventor of RFID. It is a very powerful and useful technology when used appropriately. Like many technologies, the problem is with how we use it, rather than the technology itself.

    Tracking inventory = good
    Tracking me = bad

    In my opinion.

  • Taylor Johnston · April 1, 2010 at 9:14 am

    You think this is bad? Please Remove Your Shoes is a revealing documentary about Broken Government; The TSA. Please check it out here: http://www.facebook.com/home.php?#!/pages/Please-Remove-Your-Shoes/106678037093?ref=ts

  • M. Beasley · November 18, 2014 at 7:31 am

    The US Gov’t employees’ (civilian and military) PIV badges contain chips encoding much private personal & medical info, and employees are not told it’s there or what they’re carrying around.

    So far as I can tell, Congress did not authorize this. Someone, likely in Homeland Security or OPM felt empowered to require it.

    Stores near military bases carry the blocking wallets and they sell well, but civil servants are told to wear their ID badges in the open dangling from lanyards.

Leave a Reply

<<

>>