Slashdot Mirror

← Back to Stories (view on slashdot.org)

Chipped Passport Cloned In Minutes

Posted by samzenpus on from the unsafe-at-any-customs-counter dept.

Death Metal Maniac writes "New microchip passports designed to be foolproof against identity theft failed the test when a researcher was able to manipulate one in minutes. The cloned passports were accepted as genuine by the computer software recommended for use at international airports. According to the article: 'A computer researcher cloned the chips on two British passports and implanted digital images of Osama bin Laden and a suicide bomber. The altered chips were then passed as genuine by passport reader software used by the UN agency that sets standards for e-passports.'"

8 of 326 comments (clear)

  1. I want one! by PC+and+Sony+Fanboy · · Score: 5, Funny

    I'd like one, preferably with a large memory chip added, so I can combine all my fake passports into one.

    Oh, and I'd like some fake passports.

  2. Re:Um, well... by Anonymous Coward · · Score: 5, Funny

    Well, they didn't make him take his shoes off - so no, I am not surprised.

  3. Don't worry... by rarel · · Score: 5, Funny

    Captain Hammer will save us.

  4. Authentication requires ... um... authentication by gavron · · Score: 5, Funny
    If the passport authorities of the world want to authenticate a passport they *MUST* check its signature to ensure it is valid.

    Their outright failure to do so for at least a year for the UK and perhaps many more for other countries means that the digital information is less valid than the information imprinted on the card. Less valid because it's far easier to change, and shows no signs of alteration.

    In other words, countries that don't authenticate, and rely on the digital information alone are *MORE* insecure and open to falsification than those who do authenticate.

    Security: Not a tradeoff of civil liberties, but an intelligent application of a variety of techniques.

    Authentication: When available USE IT, don't just put it off and trust easily-modifiable data. When in doubt look at the printed picture and the text. *THAT* is harder to change without showing signs of alternation.

    Encryption: I guess if they can't get the key database working for simple authentication (or even a #$&*(#$ hash) they're not going to figure out the encryption stuff either.

    Hi Bruce.

    Ehud

  5. Re:Yesterday's News Today! by gEvil+(beta) · · Score: 5, Funny

    This was all over the BBC News yesterday. What took so long?

    Hey now! This is Slashdot. Taco and Neal and the gang were busy confirming every aspect of the story before they posted it to the front page.

    --
    This guy's the limit!
  6. Watch what you're doing by ivothamdrup · · Score: 5, Funny

    The tests were conducted by Jeroen van Beek, a security researcher at the University of Amsterdam

    ... and now a no-fly list nominee for engaging in terrorist activities.

  7. Re:Yesterday's News Today! by lilomar · · Score: 5, Funny

    Don't forget the painstaking grammar and spelling checking.

    Plus they had to go through all the archives to make sure it wasn't a dupe.

    --
    The creator of this post (Jacob Smith) hereby releases it, and all of his other posts, into the public domain.
  8. Re:Um, well... by Dog-Cow · · Score: 5, Funny

    -1, Unintelligible.