The Risk of ePassports and RFID

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
If you ever wondered how secure those ePassports were, this is your answer. While I want to believe The King is alive and well as much as the next guy, I think it is far more likely that ePassport security sucks.
 
I'm sure if you got caught doing that in the States you'd be someone's girlfriend for quite some time...
 
So....................the problem was that Elvis didn't have a recent photo of himself????

(Your tax dollars at work, if you think it would be different here; think again.):eek:
 
I had school project on this kind of stuff, and the chip implant and risks, and demonstrated somethings.
got an A

I would def not get that stuff in my arm, only if it had my bloodtype, and saying(No allergies no known whatever) that my body can take everything cause it can, so no harm for me.

But if a guy like mb you, got an serious sick allergy against syntetic modified amfetamin just to take something as an example.
an idiot wants you dead.

You go and find a HOWTO online to hack it.
ohh, he got a very strong allergy against that, lets give him that..
makes murder more easy for smart people too, and not just the sick, n gangsters with guns(which isnt normal in other countries either.


ID theft more easy.

Give us some security that works before even trying it in the realworld goverment, or anyone!
Gps tracking is also a question... i dont like the idea.
For criminals, yeaah, they kind of gave away their right to full private life.

True big question and discussion this is,bigger than i thought it was before i did some investigation for my presentation n stuff.

what do you guys think ?
 
I can see pros and cons of it, but frankly the security just isn't there in these things to implement them safely, as the above poster stated, hack it, find out he is allergic to peanuts, and whack the mf'er.

I like the idea of gps in kids or senile old peoples shoes, and gps for my motorcycle in case it gets got, but I am not about to wear gps, that's all I need is my gf finding out that I am not at the gym but in the garage playing WoW.
 
Is it technically a "Passport" if the spelling is "Paspoort"? I'm sure some lawyer would enjoy arguing that it wasn't really a Passport . . . . .
 
Pretty disturbing. Anyone could use a fake RFID passport for terrorism or other crimes.
 
Maybe they just want intelligent criminals, not all those morons out committing crimes?
 
Voluntary RFID is all good but they day they make RFID mandatory is the day go down in the sewers like in demolition man, but without the guns, cars, and Snipes.
 
paspoort is german, holland, belgium or something down there.

in norway its just called pass :p

Obviously not taken in US ?

we had a discussion in class, and i was like one of the few who voted for maybe.

but i was for bloodtype, no known allergies so if i'm unable to talk. BUT thats the onlything they're gonna get out "if" i had a implant.

E-security, tech security in general IS underestimated, while traffic issues in Norway is just MAAD.

I could sell pirated windows copies, and get less fine than driving without a seatbelt(500usd).
or not stopping on a stop sign ( 1200 usd in fine!)
 
And just when we thought all the conspiracy theories about Elvis being alive were finally losing steam, now we find out that he is alive and well, and filming his daily mundane activities as he lives out his life in anonimity in Holland.
 
Also if its any thing like the Chips in the Chicago Cards (transit cards) they are going to fail at the worse possible time! I have Bank/Debit cards, food club saving cards that are regular magnetic strip that have yet to fail me in years but have had a stupid RFID chip Chicago Card fail within months, nope didn't register it, yep lost all my money. Hell I didn't even have to take it out my wallet.
 
Until you create an ePassport with a scrambling technique to ignore unwanting intrusions backed by a known cryptologist, I will be against using RFID credentials on anything.
 
RFID is not the way to go with "paspoorts" or any other type of human identification method. I don't care if it's only to tell my blood type, I don't want it. I don't want it in children or old people or people with alzheimers either. First you start out giving RFID to babies or people that are confused. It makes sense. Then before you know it we all have one. Fuck that.

Atkins, name a country where gansters don't have guns.
 
Correct me if I'm wrong, but no passport granting country is going to authorize a photo of Elvis. This obviously leads me to believe the image and data are embedded onto the chip and read by the kiosk. If that's the case, I don’t think it matters how much encryption or how complex they make those chips, eventually somebody is going to figure out how to modify it.

In my opinion, for the system to be truly secure, all the data (including photo) should be kept on a secure server. Each chip would have an ID, and really nothing more. The kiosks would have to be online in order to retrieve the data linking to the corresponding ID. But to make it secure, additional information from the user (not the chip) would have to be supplied. A PIN code is the obvious choice, but even better would be fingerprint or retina scan.
 
MBursill said:
Correct me if I'm wrong, but no passport granting country is going to authorize a photo of Elvis. This obviously leads me to believe the image and data are embedded onto the chip and read by the kiosk. If that's the case, I don’t think it matters how much encryption or how complex they make those chips, eventually somebody is going to figure out how to modify it.

In my opinion, for the system to be truly secure, all the data (including photo) should be kept on a secure server. Each chip would have an ID, and really nothing more. The kiosks would have to be online in order to retrieve the data linking to the corresponding ID. But to make it secure, additional information from the user (not the chip) would have to be supplied. A PIN code is the obvious choice, but even better would be fingerprint or retina scan.
Click to expand...

That is true and a very valid idea. I am just more concerned with having someone copy my passport or RFID credit card and using it themselves, rather than having them create their own. Especially those swipe cards as they require no verifiable form of identification. Although I agree if they can make their own it certainly goes against the reasons behind RFID.
 
You must log in or register to reply here.
Back
Top