Slashdot Mirror

← Back to Stories (view on slashdot.org)

WarCloning, the New WarDriving?

Posted by ScuttleMonkey on from the now-everyone-with-a-laptop-in-their-car-is-gonna-get-searched dept.

ChrisPaget writes "After my legal skirmishes with HID a while back, The Register has coverage of my latest RFID work — cloning Passport Cards and Electronic Drivers Licenses from a moving vehicle. Full details will be released at Shmoocon this weekend, but in the meantime there's video of the equipment and articles all over the place."

9 of 154 comments (clear)

  1. Re:Where are the FUNCTIONAL RF-blocking covers? by Anonymous Coward · · Score: 4, Informative

    For your driver's license, just use what I have for many years: an "Altoids" tin (or similar item). Perfectly sized for drivers licenses, credit cards, and other such things, and completely impervious to RF scanning technologies. I use one for my "wallet".

    For a passport, well, they *did* have those jumbo tins a while back... ;)

  2. RFID Gathering by CaptCovert · · Score: 5, Informative

    What worries me about all of this is not that the RFIDs can be picked up while driving around. A little consumer education (you are supposed to worry about who you give your SSN to, and you don't just leave your other PII laying around in plain sight usually) in the form of RF-blocking wallet linings will fix that. What I'm worried about is what happens in 5 years, when advances in RF technology (it is the new form of governmental ID, after all. Technology WILL follow suit) allow for hardware that I can hide on my person (antenna down the back of a coat lining, wired to a recorder in my pocket, or hell, dropped in the lining somewhere). At that point, all it takes is one man sitting in a train station or airport. You pull your ID out for scanning, and I harvest it. You may as well walk around with your SSN printed on your shirt.

  3. I saw the video and it is inaccurate at best by anand78 · · Score: 3, Informative

    The XR400 used in the drive through was a UHF reader. Reading a UHF tag is not as easy as the author described. All you have to do is put it against your body, and the salt water attenuates the signal, thus making the tag unreadable. Making such broad statements as scrap the whole real ID or national id, will be valid, if the author showed some substance.

  4. Re:Why? by commodore64_love · · Score: 4, Informative

    >>>Right now the police can pull you over and ask for your license. Don't show it and you see the inside of a cell.

    Perhaps in other countries, but not the U.S. The Supreme Court decided (v. Prouse) that a discretionary, suspicionless stop for a spot check of a motorist's driver's license and vehicle registration was invalid. The officer's conduct in that case was unconstitutional primarily on account of his exercise of "standardless and unconstrained discretion." A generalized roadblock that stopped all drivers would be allowed, but only in cases of border security or sobriety checks, not other tasks such as narcotics search.

    --
    "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
  5. Re:Why? by _Sprocket_ · · Score: 4, Informative

    Right now the police can pull you over and ask for your license. Don't show it and you see the inside of a cell.

    And while you're driving around your car has license plates on it which can be scanned from far further than RFID.

    Asking to see the license still requires asking. It also requires driving for one to be (legally) provided. RFID allows for scanning a crowd and (potentially) getting a crowd of identities in less than a second.

    OCR on license plates are very doable if you control the conditions. Make sure the vehicle is going the desired location and mount the camera in the perfect position. Back that up with occasional human to try and work out those cases where OCR fails. With RFID you put up antennas in a few strategic locations and you cover blocks of traffic without worrying about angles, lighting, and other bothersome conditions.

    The potential for abuse is already there. RFID makes it more efficient.

  6. Re:My hat ain't enough by kaatochacha · · Score: 3, Informative

    I just received a new US passport. The passport itself has a blurb about being shielded when closed. Don't know if this is true or not, as I haven't checked it myself, but the covers feel like there's something in them.

  7. Re:Why? by Anonymous Coward · · Score: 3, Informative

    The U.S. you refer to has ceased to exist: http://epic.org/privacy/hiibel/. The officer still has to have "suspicion" but who isn't suspicious to a cop?

  8. Re:Why? by RiotingPacifist · · Score: 3, Informative

    I suspect your laws are similar to what we have in the UK, in theory to pull you over / search you they need reasonable suspicion, in practice they can just make shit up.

    --
    IranAir Flight 655 never forget!
  9. Re:My hat ain't enough by Jherek+Carnelian · · Score: 4, Informative

    I just received a new US passport. The passport itself has a blurb about being shielded when closed. Don't know if this is true or not, as I haven't checked it myself, but the covers feel like there's something in them.

    It is true and it is not. Building a faraday cage into the cover was one of the "concessions" they made in response to all the complaints about privacy issues. But... it only really works if the covers are tightly pressed together. Leaving it open a quarter inch or so may be enough to prevent official readers from picking up the RFID, but not enough to protect against someone with a reader with more juice - like anyone who is up to no good will certainly have.