Hammer Time

Wired has some advice for fixing the leaky RFID in passports issued by the U.S. State Department after Jan. 1.

I really wish I had replaced my passport this year, so I could avoid the RFID peril for a decade, by which time maybe they’ll have moved on to the next privacy-invasion scheme instead.  As it is, though, I think I’ll hold off on the hammer approach and maybe consider this in the short term.  Or I’ll just wrap the new passport in tinfoil.

Here’s a Guardian article on how insecure RFID passports already in use in Britain have proven to be.  Proponents of the RFID passport like to say that sense the key that reads the passport’s data is printed on the passport itself, it’s secure.  Well, a key is just an alphanumeric sequence — in the British case, one composed of “the passport number, the holder’s date of birth and the passport expiry date,” all of which is hackable, even by sheer guesswork, given enough time and computing power.


2 thoughts on “Hammer Time

  1. Tim December 28, 2006 / 7:23 am

    I wonder if this might be considered illegal. In the UK at least it is illegal to destroy or deface a passport, even one for horses. I kid not. See here. MY guess is the US authorities would have similar controls in place.

    Security expert Bruce Schneier recommends everyone renew their passports a.s.a.p. so as to avoid RFID. See here. Schneier is one of the most common sensical security writers around, and he seems to genuinely care about both liberty and public security. He doesn’t see a trade off. Security measures that reduce personal liberty are usually poor security measures.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s