Hackers Clone Passports In Driveby RFID Heist

pnorth writes "A hacker has shown how easy it is to clone US passport cards that use RFID by conducting a drive-by test on the streets of San Francisco. Chris Paget, director of research and development at Seattle-based IOActive, used a $250 Motorola RFID reader and an antenna mounted in a car's side window and drove for 20 minutes around San Francisco, with a colleague videoing the demonstration. During the demonstration he picked up the details of two US passport cards. Using the data gleaned it would be relatively simple to make cloned passport cards he said. Paget is best known for having to abandon presenting a paper at the Black Hat security conference in Washington in 2007 after an RFID company threatened him with legal action." Apparently this is a little unfair — he sniffed the data, he didn't actually make a fake passport.

Re:Why is this unfair?

[jlarocco]

... yet. Pretty soon it will be mandatory, and destroying the RFID chip in your passport will invalidate the passport and earn you a full body cavity search for your trouble no doubt.

LOL! Tinfoil hat on a little tight today? You don't even even seem to know what the passport card is or you would realize why it will never be mandatory. It's a passport replacement for people who live near the border, who frequently need to travel accross the border. It allows you to get into/out of Canada, Mexico, Bermuda, and a couple of Carribean countries. Making it required would just be silly. Get a clue.

And about regular passports... Do you have any evidence at all to support the "destroying the RFID chip will invalidate the passport" claim? I think you're just making shit up to scare people.

Re:How's it unfair?

[Khyber]

See, that's the problem with just about every 7-digit UID here on Slashdot, total lack of reading comprehension PLUS total lack of knowledge about the technology being discussed.