New German Government ID Hacked By CCC

Posted by timothy on Thursday September 2, 2010 @05:53AM from the danke-sehr-fuer-die-papieren dept.

wiedzmin writes "Public broadcaster ARD's show 'Plusminus' teamed up with the known hacker organization 'Chaos Computer Club' (CCC) to find out how secure the controversial new radio-frequency (RFID) chips were. The report shows how they used the basic new home scanners that will go along with the cards (for use with home computers to process the personal data for official government business) to demonstrate that scammers would have few problems extracting personal information. This includes two fingerprint scans and a new six-digit PIN meant to be used as a digital signature for official government business and beyond." That was quick. Earlier this year, CCC hackers demonstrated vulnerabilities in German airport IDs, too.

1 of 86 comments (clear)

Min score:

Reason:

Sort:

Re:OpenPGP by LordKronos · 2010-09-02 06:41 · Score: 4, Interesting

And once someone else gets access to your private key, you're royally screwed.
Royally screwed? I thought that's what key revocation was for. With PGP, you just revoke the old, generate a new key, and you are good to go from there on out. But how exactly do you revoke and reissue fingerprints?