Dutch "Secure" biometric passport cracked -- from 10 meters!

Post #242,975 by jb4 1/30/06 1:49:05 PM Reply	Dutch "Secure" biometric passport cracked -- from 10 meters! From [link\|http://www.theregister.co.uk/2006/01/30/dutch_biometric_passport_crack/\|The Reg] Dutch TV programme Nieuwslicht (Newslight) is claiming that the security of the Dutch biometric passport has already been cracked. As the programme reports here,[link intentional left out] the passport was read remotely and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read. [...] The crack is attributed to Delft smartcard security specialist Riscure, which here {link left out] explains that an attack can be executed from around 10 metres and the security broken, revealing date of birth, facial image and fingerprint, in around two hours. Elided links can be found in the original article. Of course, this won't affect either the US or UK's lemming-like drive to change identity theft from a crime to a spectator sport. Just though you (and, of course, Peter and warmachine Matt) would like to know. jb4 "Every Repbulican who wants to defend Bush on [the expansion of Presidential powers], should be forced to say, 'I wouldn't hesitate to see President Hillary Rodham Clinton have the same authority'." &mdash an unidentified letter writer to Newsweek on the expansion of executive powers under the Bush administration
Post #243,343 by scoenye 2/3/06 7:13:27 AM Reply	These are the passports the US mandated Without prejudice towards the sillyness the UK is marching towards, but that really is a totally different kettle of fish. The cracked passport is what was mandated on the rest of the planet by the US, at least if they want to be able to let their citizens visit there. The ID card schemes in circulation (our digital Big Brother is already in the roll-out phase) don't use contactless chips so it'll remain just a little harder to steal the data (but not that hard if ATM technology is taken as an example).
Post #243,353 by jb4 2/3/06 11:34:12 AM Reply	Mebbe you need to look again: Try [link\|http://www.theregister.co.uk/2006/01/30/burnham_rfid_evasions/\|here]: For over six months now Burnham, pursued doggedly by MP and ID card opponent Lynne Jones, has been peddling the bizarre conceit that RFID and 'contactless' or 'proximity' chips are entirely different beasts. So, in July, he confirmed that for the UK ID card to be used as a travel document in Europe, "the card will need to meet standards established by the International Civil Aviation Organisation (ICAO), which require the card to be contactless".* Presuming the information will not be moving across the air gap between the card and the reader using, say, smell, it's pretty obvious how that works, isn't it? The contactless chips that will be used in ID cards and passports are amazingly like RFID tags. Place an RFID tag in the vicinity of a reader, and the reader can read data from it. Place an ID card or a passport in the vicinity of a reader and... you get the idea. [emphasis added] Sounds like Big Brother is a bit bigger than you realize.... jb4 "Every Repbulican who wants to defend Bush on [the expansion of Presidential powers], should be forced to say, 'I wouldn't hesitate to see President Hillary Rodham Clinton have the same authority'." &mdash an unidentified letter writer to Newsweek on the expansion of executive powers under the Bush administration
Post #243,423 by scoenye 2/4/06 12:13:41 PM Reply	I think deceit is the key word there Passports will always remain in use, so there is no need to make the ID cards contactless. This is muddying the water so the ID cards can be sold as "inevitable" (a bit like IE became an inevitable part of Windows).

Welcome to IWETHEY!