You'd be surprised how little people can hear.....
I always thought that everyone can hear everyone's conversations, just because I can.
After today (I'm at high school), and a conversation I had within 2 METERS of people without them hearing, I now know better.
The biometric is NOT secure in this case, because it is being compared to data on the chip.
To fake it, you need only to change the data on-chip to match your own scan.
Also, biometrics in this case ARE authentication, because the identification is done by the name on the passport. The biometrics are just used to verify the identity. And how suspicious can a customs offical be about someone who has passed a biometrics scan? If you can easily fake it, it wouldn't do any damage unless it was trusted. It is this false trust that is dangerous.
Signing it with a public key algorithm is a good idea, but it only takes one official to sell the private key to a forger.
There's more to it than that, you also have to remember that it will be slower than light in a vacuum because there is a big, thick piece of U-238 around it.
The solution to this would be to trigger the explosive spheres from all the warheads with one electronics package.
Little Boy (Hiroshima, Gun Triggered) had a 1.7% efficiency, and Fat Man (Nagasaki, Implosion) had a 17% yield, IIRC.
Technology since then has gotten better, of course (Multi-stage fission warheads, thermonuclear, etc, etc) so I don't know what the efficiency of current warheads are now.
Magstripes are too easy to damage with magnetic fields and such.
Also, a smart card used for shopping doesn't need the reliability that a passport that you want if it's required to enter the country. Also, The cost of RFID readers is approximately zero compared with the other things that you find at an airport (i.e. planes).
RFID chips don't need to be readable from that far away, some will only work from a few centimeters away, which would be enough.
people are too dumb to stick a card in a hole
Passports over here last for ten years. If you actually GO overseas a lot, then you don't want the guy at customs in whatever country to accidently break the card when it get pushed into the slot.
And if you're so smart, what do you think happens if the card gets bent?
There is no other reason than ease of use and lifetime, as well as reliability. RFID is immune to dust and water. You don't want your passport to stop working if it gets dusty or you get water on it.
You wouldn't be any worse off, since you still need physical access to the passport to be able to read it off. And with the current system, if someone has access to the passport they can just steal it anyway.
Until some guy steals a machine and reverse-engineers it. And, odds are, if/when quantum computing becomes feasible, that will probably break it, too.
And biometric IS too easy to fake. Just look at how reliable fingerprint readers are. Also, if someone makes a replica which they use to fake your ID, you have to have that replica destroyed. And tracking down some guy with a picture/mask will be alot harder than changing your passphrase, I can tell you that.
that only your government can decode/encode
The point of a passport isn't just to be able to track who has been leaving the country, but to see who is coming into the country. Therefore, other governments will need to be able to decrypt the chip. No doubt it would get leaked somewhere along the line.
An RFID chip doesn't need any contacts, so all the machines involved (passports, readers, etc) last longer, and you only need to hold the chip near a reader, and not line it up and touch it.
This is NOT a secure system, since you could put in a fake picture of a face into a passport.
Biometric systems are not secure as a means of authentication, they are too easy to fake.
The three ways you can authenticate a person are:
What they are
What they have
What they know
A good security system combines at least two of these. This one does, but since it only authenticates against what you have, it is not very good. If each passport had a key encrypted with a passphrase (like in PGP), and you needed the passphrase to use it, you would have good protection against stolen passports.
Slashdot Mirror
Over here in Australia, MSN is much more popular than AIM, or at least with kids, anyway.
Not that I want to use MSN, but all my friends use it, so the only way I have to make myself feel better about it is to get Gaim.
I'm here.......and at 95%.
;)
If you have one....please, anyone....I'm at 95% here.
Please give generously to the guys with limited email space
Any .exe not installed by the MS Installer should be marked as "dirty", and windows should refuse to run it.
I guess not EVERYONE does development work...
You couldn't use anything compiled from source, though...
You'd be surprised how little people can hear.....
I always thought that everyone can hear everyone's conversations, just because I can.
After today (I'm at high school), and a conversation I had within 2 METERS of people without them hearing, I now know better.
You all suck....;)
3.141592653589793284626433832795.......
The biometric is NOT secure in this case, because it is being compared to data on the chip.
To fake it, you need only to change the data on-chip to match your own scan.
Also, biometrics in this case ARE authentication, because the identification is done by the name on the passport. The biometrics are just used to verify the identity. And how suspicious can a customs offical be about someone who has passed a biometrics scan? If you can easily fake it, it wouldn't do any damage unless it was trusted. It is this false trust that is dangerous.
Signing it with a public key algorithm is a good idea, but it only takes one official to sell the private key to a forger.
I know nothing about this, but wouldn't a lot of the dust come from the meteor?
There's more to it than that, you also have to remember that it will be slower than light in a vacuum because there is a big, thick piece of U-238 around it.
The solution to this would be to trigger the explosive spheres from all the warheads with one electronics package.
Little Boy (Hiroshima, Gun Triggered) had a 1.7% efficiency, and Fat Man (Nagasaki, Implosion) had a 17% yield, IIRC.
Technology since then has gotten better, of course (Multi-stage fission warheads, thermonuclear, etc, etc) so I don't know what the efficiency of current warheads are now.
Magstripes are too easy to damage with magnetic fields and such.
Also, a smart card used for shopping doesn't need the reliability that a passport that you want if it's required to enter the country. Also, The cost of RFID readers is approximately zero compared with the other things that you find at an airport (i.e. planes).
Yes, all passports expire eventually.
This is not an excuse to use a less reliable method of digital ID when a more reliable one is available.
And do you WANT to have to get a new passport in the middle of a foreign country?
I haven't tried this, but it wouldn't surprise me if there was a barcode visible under UV light.
Just because you can't see it doesn't mean it's not there.
RFID chips don't need to be readable from that far away, some will only work from a few centimeters away, which would be enough.
people are too dumb to stick a card in a hole
Passports over here last for ten years. If you actually GO overseas a lot, then you don't want the guy at customs in whatever country to accidently break the card when it get pushed into the slot.
And if you're so smart, what do you think happens if the card gets bent?
There is no other reason than ease of use and lifetime, as well as reliability. RFID is immune to dust and water. You don't want your passport to stop working if it gets dusty or you get water on it.
You wouldn't be any worse off, since you still need physical access to the passport to be able to read it off. And with the current system, if someone has access to the passport they can just steal it anyway.
Until some guy steals a machine and reverse-engineers it. And, odds are, if/when quantum computing becomes feasible, that will probably break it, too.
And biometric IS too easy to fake. Just look at how reliable fingerprint readers are. Also, if someone makes a replica which they use to fake your ID, you have to have that replica destroyed. And tracking down some guy with a picture/mask will be alot harder than changing your passphrase, I can tell you that.
that only your government can decode/encode
The point of a passport isn't just to be able to track who has been leaving the country, but to see who is coming into the country. Therefore, other governments will need to be able to decrypt the chip. No doubt it would get leaked somewhere along the line.
An RFID chip doesn't need any contacts, so all the machines involved (passports, readers, etc) last longer, and you only need to hold the chip near a reader, and not line it up and touch it.
Or put the encrypted private key onto an RFID chip along with a normal passport, so that we need to match the photo as well.
Biometric systems are not secure as a means of authentication, they are too easy to fake.
The three ways you can authenticate a person are:
-
What they are
-
What they have
-
What they know
A good security system combines at least two of these. This one does, but since it only authenticates against what you have, it is not very good. If each passport had a key encrypted with a passphrase (like in PGP), and you needed the passphrase to use it, you would have good protection against stolen passports.But these don't do that.
Are pirate's days numbered?
The pirates will just make copies of the web app and distribute that. The only difference is now they don't need to pirate the front-end.
But you have to do it on every computer you work on.
Or send it here.
A scramjet could take it most of the way, drop off, and for the last X km it could be powered by conventional rockets.
The important thing is whether it's worth the effort to go and pick up missile engines from a hostile nation. I think not.
Hate to break it to you, but you're the biggest combating country out there.
;)
We should have invaded you while you were out invading the Middle East
It says they can't release photos/videos even after the event. That is something to complain about.