Slashdot Mirror
Estonia Tests "Contactless" ID-Cards
borkee writes "Estonian MEAC and CMB start testing a new version of a national ID card containing what they call 'contactless' extensions. Although they do not specifically disclose to us, taxpayers, what technology is used there, it must be quite obvious that it's nothing less than RFID. Add to this, they'll have person's biometrics in memory. (Security gurus of course know: biometrics just don't work.) Soon you can track us poor Estonians by our GSM phones and by our ID cards too!"
like someone wants to track you ?
and as always when new technology is introduced, it will probably take a long time (let's say 2 years or so) until every department (communal house, police department, hospital,..) which needs to get information from your id card, will have the correct reader installed, so until then it's used the old fashoned way.
btw are you guys required to have your id card with you all the time ?
Learn about pinball machines on www.flippers.be
I'm sure they are protective. This was probably put to them in A Good Way. It's doing THEM a favor. No point in carrying cash, when you have credit cards which are protected even if stolen.
Take it to your own level of whether this is good or bad. I'm sure the comment arguments have already started.
riding round the world on an old motorcycle
They do? There are plenty of viable biometric measurements out there. They are not 100% reliable, but when compared to wetware trying to remember passwords they stack up pretty well.
I for instance have a finger print reader on both my palmtop and my desktop. In the limited environment I have, they identify and authorize perfectly well.
That's very interesting, and I've never heard about it before. I mean surely the pattern in your eyes and your fingerprints are unique and does not change, no ?
Right. it's like a password that cannot change.
Then, as soon as someone knows your password, you're fucked. The only thing is at the moment it's a very difficult thing to copy all of someone's biometrics. Some already can be, and many others will in time.
Thats the point, your eyes don't change, your fingerprints don't change.
So as soon as someone has your fingerprint they can just make a fake thumb and be you anywhere they go.
Yes well by the time u r able to copy sum1's biometrics then the technology will b able 2 tell which is the real 1 and which is the fake 1 so no it doesen't matter in the end it will still b secure.
When I think of Biometric ident usually fingerprints and iris's come to mind. The former is quite simple to fake as shown by gummy bears. The latters complications are discussed here, with methods ranging from simple to replacing an eye or digging one out. It seems the most secure form of ident would be through DNA, however we all know the dangers and benefits associated with cradle to grave tracking.
A good ID verifying-device (card, token, whatever):
* Does not contain or rely on biometrics. Generally can change, and once copied/forged one can never change the identifying information.
* Is capable of doing public-key encryption on-card. The information that identifies the person never leaks to the device. (Technically, this can be done with symmetric encryption as well in conjunction with a trusted centralized server, but this has some drawbacks.)
* Has a PIN, so that stealing the card is not sufficient to impersonate a person.
* Has a PIN entry keypad *on-card*, so that false readers and bogus ATMs cannot steal PINs.
* If any data must go back to the card owner, has a rudimentary display *on-card* (say, a calculator-style LCD display), so that a false reader or bogus ATM cannot say that someone is paying "$10.00 to WalMart" for something and actually having them pay "$14.00 to Joe Hacker".
* Should support a scheme where personal identity is not disclosed, but a persona is (my "persona" at the moment is "0x0d0a"). This is because any national ID card will naturally be used by other systems as well, and without this step, severe privacy abuses will occur. This requires use of a trusted, centralized server or of a card that can natively store multiple identities.
* Allows one to disable the trusted nature of the the card quickly and easily if it is lost, and in a manner that cannot be easily done by others (which would allow a denial-of-service attack against the card owner).
* Can handle water, crushing force, and high temperature.
* Can fit in a wallet.
* Should have the ability to log identity verification usage, so that the user can sync his card up with a computer or similar and check to see what he actually signed off on two days ago.
This certainly isn't a complete list of desireable characteristics, but it's a start.
May we never see th
I can't read the article, but are you sure it's talking about RFID? Contactless smartcards are different to RFID tags. Maybe the paranoia's well founded, but there is a very important difference between an application card which can be pressed to a reader rather than inserted, and a tag which is designed to be tracked from several feet away.
Which is this?
Estonia has a large non citizen population, mostly resettled Russian nationals. There are serious questions about who is a citizen and who isn't.
This, and other problems that arose from the long term Soviet occupation make a secure method on identification necessary.
Under their circumstances, the Estonian Government believes security is more important than privacy.
Yeah, the technology may be able to change to deal with a new way of fooling the existing tech.
Let's step back a bit and look at the two things needed for an authentication system...
1. Input device - the means to input the credentials into the system. These include fingerprint scanners, and keyboards for passwords etc.
2. Credentials - Fingerprints, passwords, one-time codes etc.
Traditionally, every outhentication credential can be copied or stolen eventually. So, if someone learns your password or steals your smartcard, then the sysadmin can disable it and issue a new one.
Who wants to be the first volunteer to be issued with new fingerprints?
Oh yes, the technology will evolve to be able to detect a new method of faking 'prints, but this will involve replacing or upgrading every authentication terminal in use, a hugely expensive task - a sign of a fundamentally broken idea if you ask me.
I mean surely the pattern in your eyes and your fingerprints are unique and does not change, no ?
That's the problem, if an attacker can bypass the sensor and feed data directly into the recognition engine (which can be as simple as splicing a few cables) all he needs is a copy of your biometric data (which he can get from doing the same thing to any sensor you use) and he can present your authentication credentials anywhere that biometrics are used.
If your credit card or passport is stolen, it can be blocked and a new one issued. If you lose your PIN number, you can have it reset. If an identity thief obtains scans of your fingerprints, retina, etc, then you're stuck - no way to replace 'em, see.
And THAT is why biometrics are stupid - once compromised, they're compromised for good. Present-day systems are based on matching something you have (your card) with something you know (the PIN) to prove you are who you say you are. You can also have a system based on something you are (say your fingerprint) and something you know (a PIN). But relying on a system that is wholly something you are is so stupid it's just embarassing.
...Faraday-cage id card wallets
-- Even if a god did exist, why the fsck should I worship it?
Once you detect fraud being done with your biometric identity,
where can you revoke your fingerprint and have a new one issued?
Before this gets labeled flamebait, this kind of intrusion really pisses me off.
The problem with this technology is it not only tracks you, it will allow tracking of your activities. What you buy. Where you go. The ability to, for good or bad, compile a docier on your life.
The only thing preventing this from happening before was the sheer logistics of it. Now that its real, I would like to wake people out of slumber.
I mentioned the ability to do good. I might even call them selling point excuses:
Tailored ads. Stand in front of a Coke machine with reader-"Mr. Jones, you like Cherry Coke! It's been a while since you've had one! Go ahead-we won't tell the Other cola co.!" This ad is beamed into your head(REAL technology-trial balloon tested in Japan!)-another distraction. If they are powerful enough readers, billboards changes to emphasize something in area based on your personal tastes.
Use for convenience. Make it a feature before it becomes mandatory.
For inventory/shipping control. Box 'a' has XXX going to YYY. You don't even need to scan for it directly.
Look folks, Walmart is forcing the use of tags on all their products. If the reader can read your RFID, it can read those too. Instant knowledge base of all the things you do, what you buy, or don't. Become a nonprofitable customer not well dealt with. Ack.
The potential for abuse is way to great. I have heard of no laws about the use of RFID tags. Right now they are being used on Gillette razors, being very expensive and easily stolen. Problem is, these chips are being made by the billion. You tryin' to tell me they sell BILLIONS of razors? Bah! There are 'plastic watch' chips for military use, used in Haiti for the refugee crisis.
Some tech specs-they are supposed to be burnt out at time of purchase, but they aren't, possible shielding on metal products(cans, etc.) Current readers have up to 20' read range. To deactivate them, microwave for a few secs, but set item on fire. Some are embedded in sandals. That would come in handy for tracking you. Unless you are an anti 1984ist(wow!, created a newspeak!), this should start to sound nasty. Someone with a scanner with devious intent could know all about you by scanning your curbed Hefty Cinchsack. Take an item, plant at a scene of a crime. *knock knock* "Mr. Jones, we have evidence that links you to...."
Like I said, there are ZERO laws concerning the use of these buggers. No search warrants, just scanning.
I try to be well informed, but biometrics seems better, because you know when they are being accessed, but still intrusive. With this junk(RFID), you will have the Law of Unintended consequences knocking on your door.
There are way too many possible abuses to go into, thx for patiently reading rant.
This mind intentionally left blank.
The KKK a bunch of sheetheads? You decide!
It has pretty much always been possible to track any given persons GSM mobile phone. You wouldnt believe the amount of crimes this has helped solve and prevent as well as the amount of people who get lost and get found only thanks to their phone signal. Everyone I know owns a mobile phone. Everyone I know KNOWS that you can be tracked through your cellphone. I am yet to hear ANYBODY complain.
Isn't that what this is?? If a secure way can be found to implement RFID isn't that a good thing?? Small losses of personal liberty when we have a global threat to non-muslims seems imsignificant. Chose your priority, life and security vs. political correctness. Oh Nancy, I'm afraid!!!! If want to improve RFID technology, be part of the solution, dont just be a group of frikking whiners like usual.
A passport is not the same as a national ID card. No one is required to hold a passport, so can refuse to show it, or pretend that they do not have one. The same goes for driving licenses.
A compulsory national ID card is very different. You cannot claim not to have it, and hence can be required to produce it - even if that requirement is not immediate.
I _AM_ me, not only do I know this for an ABSOLUTE FACT, but those people that I know (family, friends, lovers, ect) also know it (and vice versa of course)
Outside of a body-snatcher type science fiction film I am my own walking talking biometric identifier, even a 20-seconds-to-complete perfect genetic clone still won't fool anyone unless you can ALSO fill that perfect genetic clone with a perfect copy of my brain and memories, attitudes, experiences, dreams, fears, etc etc etc.
The idea that ANY subset of that data can be used to identify me with a usefully high positive degree of accuracy and a usefully low negative degree of accuracy is patently retarded.
Biometric ID was essentially instroduced by the police, in the form of fingerprints, eg on a murder weapon, as a method of tying one unique individual amongst many to a specific event at a specific time and place via a specific identifier, eg the fingerprint.
Fact is the fingerprint, far from foolproof and not that hard to fake (and getting easier as time passes) is still the best, in that it is fairly unique, but it still takes significant human detective effort to match a print to a suspect.
The advent of DNA testing has NOT improved accuracy (english law is already littered with example of overturned convictions that were based on flawed DNA evidence), it has lowered it (the billions to one stuff is bullshit, DNA tests do not match you entire genome, just a few (literally) nodes, most of whom you will share anyway with genetically similar humans, eg people from your area, especially distant relatives.
Adding extra bits of data, eg iris pattern, blood type, known allergies, pantone skin colour, proportion of mercury or other heavy metals in the body, can ONLY EVER INCREASE ACCURACY is the police detective / forensic sense, when trying to match a specific individual to a particular event at a particular place and time.
IT WILL BE NO BENEFIT WHATSOEVER as a general everyday method of identifying "me" from "you", and using that ID for the purposes of granting or restricting access to something, eg my bank account or workplace computer.
ON THE CONTRARY, since there is no instant method of verification of the ID card data against the individual holding it, the very fact that there is a wealth of data on the card will make it easier for me to withdraw cash from your ATM, and then slit the next passer by's throat, thus not only tying YOU in with this crime, but creating a good alibi for myself, since MY ID card doesn't match the data left at the scene of the crime by YOUR card.
We will then be in the ludicrous situation, which happens today in courts up and down the land, where the absolutely MOST reliably form of ID verification, friends and family, are dismissed, ignored or worse still branded as liars and conspirators, for contradicting the Identity "EVIDENCE" which states that you were not at home with them, you were drawing money from an ATM 30 feet from the murder scence within 60 seconds of the murder.
This is a parallel with the "smashed mechanical analogue watch or timepiece" showing the time of death, or at least the time the person was struck by the car of fell from the roof, the modern more accurate with calculator bluetooth and god know what digital timepiece gives more information to the coroner, but ZERO USEFUL INFORMATION.
No, ID exists only for the same purposes as the original fingerprint checks, to tie a specific person to a specific place.
ID as a method of general identification is a whole different game, and the only systems that have EVER been accepted as having ANY worth are those that were based on the original public / private key verification / signing thing, and which still apply today if I want to sit a driving test in the UK and do NOT have one of the new photcoard driving licences, but an older no picture type, I must bring a photograph of me, SIGNED BY PEOPLE OF STANDING IN THE COMMUNITY (my doctor, local policeman, bank manager, etc) WHO K
http://slashdot.org/~GuyFawkes/journal