Slashdot Mirror
Passport Chip Could Attract High-Tech Muggers
Orangez writes "Wired.com reports that 'business travel groups, security experts and privacy advocates are looking to derail a government plan to insert remotely readable chips in American passports, calling the chips homing devices for high-tech muggers, identity thieves and even terrorists.' and that 'The 64-KB chips will include the information from the photo page of the passport, including name, date of birth and a digitized form of the passport picture.'"
...means just that?
If they government can read it for legitimate purposes, other people can read it for illegitimate purposes.
DBA? Software Engineer? My company is hiring! Click
I don't get it. I mean, they State Dept. could easily have a reader connected to a network which passes along some hash which is stored on the card, to a server which would verify what passport they should be looking at. Slow? Wtf kind of technology are they using where 64K of stuff would take any time?
"Only contractors who sign up to our foreign policy will be allowed to bid -- We welcome your bid, Halliburton Vacuum Tube Company!"
A feeling of having made the same mistake before: Deja Foobar
Burglar goes down to airport and watches family get on a plane to Europe. He grabs your name, and from that gets your home address. Then he can go rob your house while you and family are out of town. Certainly makes scoping out houses much easier; your house could be cleaned out before you even reach your destination.
I Am My Own Worst Enemy
How comes that everyone trying to make a point has to include terrorist threat? Am I the only one who thinks it's a bit cheap?
"It's too bad that stupidity isn't painful." - Anton LaVey
"All you have to do is be fragile and grateful. So stay the underdog." Chuck Palahniuk, Choke
You've missed the point. The concern isn't that "big brother" is going to be watching our every move (after all, that's inevitable, and why worry about the inevitable?) the concern is that a terrorist could get your passport information simply by walking close to you with an RFID reader. It's a security nightmare to have your information freely available to anyone with the hardware to read it.
If they're not terrorists, and have nothing to hide, why are they so worried about being tracked? If anything, if your passport is stolen, wouldn't you rather have the chip in there to track it?
Because terrorists/kidnappers can set up a remote reader to look specifically for people carrying this type or passport. Kidnapers can use it to find people from specific other contries that they think are richer than they are and ransom them off for big bucks. Terrorists can use it to find people from specific nationalities. Bin Laden said to kill all americans everywhere, not just americans in the US. This gives them a leg up in finding people carrying around their passports when overseas.
That said, if they go through with this, they definitely need to build in a faraday cage into the passport case.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
It should be combined with a biometric measurement. I understand the privacy people don't like it but identity is becoming increasingly important and a "peice of paper" just isn't going to cut it for much longer.
However, all of the legitimate uses of the passport involve a human being handling the passport anyway - and using a non-RFID smart chip will suffice.
Tinfoil hats aside, the primary response of the RFID proponents to the question of why RFID tags are needed is "Why not?". This is a preposterous approach to implementing a system that handles sensitive personal data that could cause severe distress to the owners of that data, if compromised. Sensitive data belonging to thousands or even millions of people! Assuming the government still considers an individual as the rightful owner of their own personal data.
Some of the conspiracy theories regarding RFID in passports are a little over the top. But there is no denying the fact that the potential for abuse is definitely enhanced by using this technology in this way. Today the scope is for Americans to be targeted using this - either by their own government, or by criminals, or by other governments, or by terrorists. Tomorrow, when more countries follow suit, that scope expands, giving birth to a rich and varied mix of uses - all of which with the legitimate exception of border control are extra-legal or downright criminal. I hate to sound like a troll but the RFID chip in your little blue book could well become the new star of david sewn into your shirt.
See that long UID - that's what you get for lurking too long
Can you imagine debating with foreign officials whether your CD is fake or it's just scratched?
-insert a witty something-
Keeping people from stealing your identity is important. The governments of the world being able to track you and being able to verify your identity is not as important as your right to not be tracked or identified.
There are plenty of legitimate reasons to not want people to be able to identify you. There are plenty of legitimate reasons to circumvent the system as well.
At what point did the unwilling martyrs at the twin towers win the balance against the millions of lives willing sacrificed so that we could taste freedom? It wouldn't matter if planes were crashed into building every day, it is no reason to take away freedom.
If the government can read it for legitimate purposes, then the government and other people can read it for illegitimate purposes.
I make a reasonable middle-class wage by going to work and not spamming blogs with scams.
The passport sniffer needn't hide the gear under a bulky coat. Any shoulder strap carry on type bag will do. They will blend in perfectly in the air port. They can then stand next to you in line, or perhaps brush past you walking in the hallways.
In 60 minutes of sniffing they could easily collect a dozen or more candidate "known gone" families, then use that as a short list of houses to check.
Maybe the regular readers will have a range in inches, and 802.11 has a range of 100ft. With the right antenna 802.11 can be extended by a factor of 50. I would not count on tags being unreadable from 24", a nice polite personal space distance.
I'm not saying this will ever happen, but it certainly is a lot easier than your deliberately ridiculous example.
What it really comes down to is...
If the passport issuing officials want a system that keeps a secondary reference copy of your information in a difficult to forge format, that is only readable with a special reader and is encrypted to prevent unauthorized use, then there is no reason to use a remotely readable device. A high resolution two dimensional barcode of encrypted data will do a nice job of it without exposing people's data to risk additional risk.
They are also, supposedly "designed only to be readable from 8 centimeters (about 3 inches) away when the passport is open."
My question at that point is: why not use another technology?
Because they want to be able to read them from more then 8cm. They know perfectly well that, with the right equipment, these 8cm devices can be read up to 10m away and they intend to use that feature themselves - they even talk about the ease of tracking people in airports and such as part of the justification for this implementation.
So, you have what basically amounts to spin control. Enough of the general public has latched onto the meme that RFID is a danger to their privacy. So instead of working to eliminate the entirely valid risks that RFID brings to this particular application, they are just trying to cover them up - literally and figuratively.
Your tax dollar at work...
I know, a mag stripe can have its data changed. But wait! So can an RFID tag! So you're going to end up doing public key crypto signing of the data anyway. Why not use technology that is proven to be cheap, safe, and reliable instead of something that is potentially expensive, dangerous, and has no real history of reliability that requires additional expensive hacks to prevent abuse?
Check out my sci-fi/humor trilogy at PatriotsBooks.
Why would a terrorist want your passport information? They have perfectly reliable ways to get entirely legitimate papers of their own. If they want to kill you, they will, and pick up your passport from your body later as a souvenir, whether it has RFID or not. On the other hand, thieves, swindlers, identity thieves could very well take an interest in your vital statistics. Why do TERRORISTS!!!! have to be part of every security discussion?
Authorized custom agents could then pass a reader over that chip, which would take the number, connect to a US government's computer, input the number which would return photo, fingerprints, etc. etc.
There seems NO need to put all the sensitive information on a chip, when all you need is a number. Keep the sensitive information on more secure computers, accesible only by valid custom agents.
excitingthingstodo.blogspot.com
In WWII, Nazi's required jews to wear armbands distinctly identifying themselves as jewish at a distance.
This system worked very well. It insured that second class citizens could properly receive the proper treatment as such. i.e.: forced to walk in the gutter, rather than a side walk etc. Attend at labour and death camps etc.
Now the american government wants americans to only travel abroad on the condition that they effectively wear electronic armbands identifying them as "AMERICAN" to anyone with a simple detector.
America is at war, and the American government wants its citizens to be required to advertize their status to all possible enemies.
At least the NAZI's were fairly transparent about their desire to oppress and harm jews.
How is electronically broadcasting american citizenship for all to see, going to help americans be safer.
Why not just make a law requiring all american citizens to wear armbands with the Star of David.
Would that be obvious enough for the morons in the whitehouse to wake the fuck up!
No one has a right to their *own* opinion. They have a right to the TRUTH.