Slashdot Mirror

← Back to Stories (view on slashdot.org)

RFID Passports Raise Safety Concerns

Posted by ryuzaki0 on from the what's-this-all-aboot-ay dept.

CurtMonash writes "CNNMoney.com features a skeptical article about the US State Department's plans to soon issue RFID passports (currently being tested on State Department employees). One fear is that they can be hacked for information about you. And even if they can't, carrying around a little transmitter saying 'I'm an American! I'm an American!' isn't a fun and safe thing to do in all parts of the world." From the article: "Basically, you've given everybody a little radio-frequency doodad that silently declares 'Hey, I'm a foreigner,' says author and futurist Bruce Sterling, who lectures on the future of RFID technology. 'If nobody bothers to listen, great. If people figure out they can listen to passport IDs, there will be a lot of strange and inventive ways to exploit that for criminal purposes.'"

20 of 459 comments (clear)

  1. yeah by dolson · · Score: 5, Funny

    Yeah, that is important because I know when Americans visit say, China or India, they can blend right in with everyone else if they don't have that transmitter.

    1. Re:yeah by Anonymous Coward · · Score: 5, Insightful

      Americans aren't the only caucasians out there. RFID nicely allows somebody to identify the hated Americans from the nice Canadians (and most Europeans).

    2. Re:yeah by MrShaggy · · Score: 5, Funny

      And being said Canadian, I am all for making it much easier to spot the difference. GO BUSH GO!

      --
      I have mod points and I am not afraid to use them.
    3. Re:yeah by Otter · · Score: 5, Insightful
      As cherished as this notion is among Canadians in particular (after all traveling the world with an enormous maple leaf on your pack and every article of clothing is just the epitome of class and good taste), I've been to four continents in the last year and a half, and have never encountered a shred of anti-Americanism. This whole issue is nonsense driven by 1) idiot Americans who have never left the country, 2) idiot Americans projecting their own disdain for their neighbors onto foreigners and 3) Canadians. Anyway, even if you're concerned about this stuff, why not travel, make a good impression and improve the US's image.

      Meanwhile I see some guy here (you'll never guess from what country!) spinning a story of Americans pretending to be Canadian ON A CARIBBEAN FREAKING CRUISE! I'm sorry, if you're that stupid, don't leave home.

      --
      What I'm listening to now on Pandora...
    4. Re:yeah by aclark · · Score: 5, Insightful
      In that case you either didn't go to Europe, or else you did and walked around with your eyes, ears and mouth shut.

      I'd have to say that walking around with your mouth shut, or at least under control, is a pretty good way to avoid looking like an idiot anywhere you go. It saves you from making yourself (and the country you represent) look like an ass.

      Having just come back from Europe (Rome, Nice, Paris & London), as an American (from Texas no less), I had nothing but good experiences with everyone I met. I can't say the same about the other idiot Americans who also happened to be staying at my hotel. In typical movie fashion they got louder and louder as the unfortunate hotel clerk tried to help them find a restaurant to eat at late at night. The more she had trouble understanding them they just got more irritated, annoying and bigoted. Standing there at the counter I felt so ashamed.

      This isn't to say that Americans don't have a negative image in the world, but overall, people are smart and realize that not everyone conforms to the stereotype. My advice is to remember that you're not at home when you travel. Things don't go according to plan. Understand that you will have a hard time making yourself understood, but be polite. Don't leave the country if you're a rude, pompous, arrogant asshole (or leave and don't come back).

      --
      Ashley Clark
    5. Re:yeah by call+-151 · · Score: 5, Insightful

      Two things:

      1) Most people in Europe, Austalia, NZ and Asia that I have met realize that the Americans that they are likely to meet are not the ones who voted for Bush. The coasts have a much higher density of passport holders than the "Heartland," for example. (Active passport holders favored Kerry to Bush 58% to 35%.)

      2) The "obnoxious American" stereotype is partly a result of biased sampling. If there are two Americans somewhere, and one is a fat, obnoxious, non-local-language speaking lout with a Hawaiian shirt and a camcorder and the other is a quiet, sensible, local-language speaker, the locals may not even notice that the second is an American, let alone remember the encounter. I am an American, and when I am in Europe, I am frequently mistaken as being Dutch, perhaps because I have a beard, a bicycle and can communicate passibly in any one of about five standard European languages, even if I don't happen to speak the local language. I also usually do not go out of my way to correct this misconception...

      --
      It's psychosomatic. You need a lobotomy. I'll get a saw.
    6. Re:yeah by afidel · · Score: 5, Informative

      According to Schneier the State Department already plans (and has since sometime last year) to include a RF shield so the chip can only be read while the passport is open and they are encrypting the data on the RFID.

      --
      There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.
    7. Re:yeah by feepness · · Score: 4, Insightful

      Of course the Estadounidenses dont know that because they are happy drinking Tequila and dancing until they fall in their expensive (not a lot for them of course) hotels and "Planet Hollywod" and "Hard Rock Cafe" (I have always wondered *why* do they bother to travel to Cancun if they are going to get into the same places they have in the USA).

      Plus I hear they constantly stereotype people from other countries! Stupid Americans!

      Sorry, but you don't sound like someone it's particularly worthwhile being "real" friends with. Tell me, how do you treat your "fake" friends? What if I'm one of them and don't know it? Guess I don't need to worry about either, being born in the wrong country and all.

  2. Save tinfoil hat for passport by f0dder · · Score: 5, Funny

    So if I wrap my RFID laden passport in tinfoil I am safe right? right?

    1. Re:Save tinfoil hat for passport by alanxyzzy · · Score: 4, Informative
      Bruce Schneier thinks that it will be OK

      ...

      The new design also includes a thin radio shield in the cover, protecting the chip when the passport is closed. More good security.

      Assuming that the RFID passport works as advertised (a big "if," I grant you), then I am no longer opposed to the idea.

      ...

  3. Even if it can be hacked? by blindbug · · Score: 5, Insightful
    One fear is that they can be hacked for information about you. And even if they can't...
    It can... and it will be... period.
  4. RFID security by joe+155 · · Score: 4, Interesting

    I know that having your personal data stolen isn't any fun, it'll be worse if they put biometric data in there as well (I don't know what data the US passports currently have, in the UK we'll be having that put in soon). but for me a bigger concern is that they can be infected with a virus, which could quite easily be used to cause havok with the computers at airports and possibly bring the whole system down... the register reported on the proof of concept here: http://www.theregister.co.uk/2006/03/15/rfid_tags_ infected_by_virus/

    --
    *''I can't believe it's not a hyperlink.''
  5. I am a free man by LiquidCoooled · · Score: 5, Insightful

    Barring the bloody obvious target painted on you, they say in the article:

    They'll have radio frequency identification (RFID) tags and are meant to cut down on human error of immigration officials, speed the processing of visitors and safeguard against counterfeit passports.

    Human error will still occur in whichever system a human is involved in.

    Couldn't they get all the same benefits with a simple barcode?
    Does the RFID hold just your ID number for lookup on the database or is the RFID part now full identification?

    I hope this doesn't go ahead (like the UK now isn't going ahead with its ID scheme) because whilst RFID might make tracking warehouse stock easy, its not great for humans.
    Just because the technology exists doesn't mean we should use it for everything.

    --
    liqbase :: faster than paper
  6. Is This Madness? by blueZhift · · Score: 4, Insightful

    Surely they cannot be unaware of how this could be exploited by those wishing to do harm to Americans, therefore I can only reach the conclusion that rfid passports are being pushed as a way for the government to ultimately track people in general. It would begin with being able to track foreigners and later as rfid makes its way into things like driver's licenses and auto plates, it could be used to track citizens. This is probably a goal of governments everywhere these days. First they'll tell you it's to stop terrorists, but with a flick of the switch, tracking citizens will be a breeze. I know the effective range is pretty short, but I can imagine that it would not be too hard for the government to build out an effective network, certainly in the most densely populated cities. It might even be able to piggy back on cell phone tower locations, so ordinary people wouldn't even know it was there. Ironically, true terrorists will be able to easily defeat this kind of tracking.

    --
    To the making of books there is no end, so let's get started
  7. Good Business Opportunity by Dr_LHA · · Score: 4, Funny

    This gives me a great idea for a new business opportunity! Sell RFID tags to American tourists that broadcast to the world "I AM A CANADIAN".

  8. Re:Confused? by Mayhem178 · · Score: 4, Informative

    As I understand it, RFID cards don't do anything until they're exposed to an electromagnetic field, which gives them just enough juice to fire off a message, usually an identity code. Unless I've been completely misinformed, you'd have to generate quite the field to even have a chance of reading one of these things at a distance. I know that my RFID card doesn't work until it's within a coupla inches of the appropriate reader.

    The whole "it's broadcasting all of your personal information!!!!" hype is a bunch of FUD. The only way it could really be a security risk is if the card itself was stolen, and then it's really no different than having your S.S. card or driver's license stolen.

    --

    "You will pay for your lack of vision..." - Emperor Palpatine to Ray Charles

  9. Get yours now! by Chris+Pimlott · · Score: 4, Insightful

    US passports are good for 10 years from the date of issue. Get or renew yours now, before RFID becomes required.

  10. Re:Confused? by Bastian · · Score: 4, Insightful

    You have it right. I used to go to a school which used RFID keycards to open doors. In that particular case, it wasn't even a matter of inches - the card had to be within about two centimeters of the reader.

    It would take a heck of a lot more juice than what those readers put out to make something that's actually useful for reading these passport chips remotely. Assuming the effective range on the readers I've used was exactly 2cm, the inverse square law tells us that doubling the power my chip out (and keepin the reader's receiver at the same power) would increase the range to 2.83cm, quadrupling it would get us to 4cm, octupling it would get us up to 5.66cm. . . and by the time you get to the point where a potential passport snooper isn't making himself *really* suspicious by running around an airport waving his briefcase next to everyone's baggage, you've got yourself quite an RFID reader. And then you throw on the shielding that's being put into these RFID passports and it's back to square one.

    Not saying it's impossible to make a device that effectively identifies Americans by their passports, just saying that everyone should probably put their tinfoil hats on now because a device like that would probably give you one heck of a headache.

  11. Re:Confused? by katsiris · · Score: 4, Insightful

    Since RFID tags use the transmitting signal to send a reply, the strength and therefore distance that it will transmit or echo is dependant largely on the signal of the detector. Obviously the tags themselves can't rebroadcast an infinitely large signal, but the fact that you needed to get close to the doors at your school is a design feature of the doors and not a limitation of the technology. After all, they don't want doors unlocking just because someone is walking by...

  12. Re:endangering civilians by MCraigW · · Score: 4, Informative
    Using RFID for passports is not only stupid but completely irresponsible. It would put anyone in danger, especially traveling abroad. It doesn't take alot of brains to imagine the worst how this can be exploited by terrorists and rogue forces. Hopefully our government will recognize and stop this crazy proposal in time.

    As I stated in an earlier post, Austrailia, New Zealand and Singapore already have RFID passports. The information that can be obtained from the chip is encrypted, and will only be readable using the public-key which is encoded in a machine readable format inside the passport http://www.dfat.gov.au/dept/passports/. The plan in the U.S. is the to do the same thing, as well as putting a metal lining in the cover of the passport so that the RFID cannot be read when the passport is closed. See http://www.aimglobal.org/members/news/anmviewer.as p?a=394&print=no