Want to bet the proposed national ID cards won't be either?
A week or so ago the Telegraph had an article by Tony Blair listing why he insisted there needs to be a national ID card for every Briton. All to fight terrorism and crime, of course; not being able to see a doctor or write a check or whatever without the card is just a side bonus.
Well, Ace today pointed to this article on how a guy broke into the chip in the new 'ultra-secure' passports:
Fatally, however, the ICAO suggested that the key needed to access the data on the chips should be comprised of, in the following order, the passport number, the holder's date of birth and the passport expiry date, all of which are contained on the printed page of the passport on a "machine readable zone." When an immigration official swipes the passport through a reader, this feeds in the key, which allows a microchip reader to communicate with the RFID chip. The data this contains, including the holder's picture, is then displayed on the official's screen. The assumption at this stage is that this document is as authentic as it is super-secure. And, as we shall see later, this could be highly significant.
Problem, right?
The Home Office thinks not. It correctly points out that the information sucked out of the chip is only the same as that which appears on the page, readable with the human eye. And to obtain the key in the first place, you would need to have access to the passport to read (with the naked eye) its number, expiry date and the date of birth of its holder.
"This doesn't matter," says a Home Office spokesman. "By the time you have accessed the information on the chip, you have already seen it on the passport. What use would my biometric image be to you? And even if you had the information, you would still have to counterfeit the new passport - and it has lots of new security features. If you were a criminal, you might as well just steal a passport."
So no problem then?
"If you can read the chip, then you can clone it," he says. "You could use this to clone a passport that would exploit the system to illegally enter another country." (We did not clone any of our passport chips on the assumption that to do so would be illegal.)
Grunwald adds: "The problems could get worse when they put fingerprint biometrics on to the passports. There are established ways of making forged fingerprints. In the future, the authorities would like to have automated border controls, and such forged fingerprints [stuck on to fingers] would probably fool them."
Ain't this just wonderful? And a bunch of people in Congress and other places are just drooling at the thought of making us carry Certified Chromium-Plated Illuminated Gen-u-wine National ID cards* here, too. Think they'll be any better?
*apologies to C.W. McCall
No comments:
Post a Comment