Security breakdown: E-passport chip easily hacked, cloned

Friday, August 04, 2006 by: NaturalNews
Tags: airport security, e-passports, RFID

eTrust Pro Certified

Most Viewed Articles
Popular on Facebook
BACK INTO THE CLOSET: Why U.S. reporters are not allowed to write about rainbow events in nations where being gay is still condemned
Depopulation test run? 75% of children who received vaccines in Mexican town now dead or hospitalized
A family destroyed: Six-month-old dies after clinic injects baby with 13 vaccines at once without mother's informed consent
INVESTIGATION: Three days before Dr. Bradstreet was found dead in a river, U.S. govt. agents raided his research facility to seize a breakthrough cancer treatment called GcMAF
BAM! Chipotle goes 100% non-GMO; flatly rejecting the biotech industry and its toxic food ingredients
BOMBSHELL: China and America already at war: Tianjin explosion carried out by Pentagon space weapon in retaliation for Yuan currency devaluation... Military helicopters now patrolling Beijing
ECONOMIC SLAVERY FOR ALL: While we were distracted with the Confederate flag flap, Congress quietly forfeited our entire economic future via fast-track trade authority
March Against Monsanto explodes globally... World citizens stage massive protests across 38 countries, 428 cities... mainstream media pretends it never happened
GMO crops totally banned in Russia... powerful nation blocks Monsanto's agricultural imperialism and mass poisoning of the population
SCOTUS same-sex marriage decision may have just legalized the concealed carry of loaded firearms across all 50 states, nullifying gun laws everywhere
Nearly every mass shooting in the last 20 years shares one surprising thing? and it's not guns
Vicious attack on Dr. Oz actually waged by biotech mafia; plot to destroy Oz launched after episode on glyphosate toxicity went viral
Holistic cancer treatment pioneer Dr. Nicholas Gonzalez dies suddenly; patients mourn the loss of a compassionate, innovative doctor who helped thousands heal from cancer
Pepsi drops aspartame from diet soda as consumers reject toxic sweetener
Bride of Frankenfood: Hillary Clinton pushes GMO agenda... hires Monsanto lobbyist... takes huge dollars from Monsanto
STATINS RED ALERT: Widely prescribed drugs act as cellular poisons that accelerate aging... deactivate DNA repair... promote diabetes, muscle fatigue and memory loss
Wild eyes and bowl cuts: Why do mass shooters always share the same hair styles and crazed zombie stares?
Mind control through emotional domination: How we're all being manipulated by the "crisis of the NOW"
(NaturalNews) The United States and other countries are going to begin distributing electronic passports this year, but a computer security consultant says he can clone the passports easily.

"The whole passport design is totally brain damaged," said Lukas Grunwald. "From my point of view all of these RFID passports are a huge waste of money. They're not increasing security at all."

Because encrypting the data on the e-passport's RFID chip would involve building a complicated infrastructure, countries have opted not to do so, but "if you can read the data, you can clone the data and put it in a new tag," Grunwald said.

Grunwald's ability to clone the e-passports has added to controversy already stirred up by their potential to invade privacy and their similarity to the methods of Big Brother of "1984" fame.

"Either this guy is incredible or this technology is unbelievably stupid," said Gus Hosein, a senior fellow at Privacy International, which officially stands in opposition of the e-passport technology. "I think it's a combination of the two."

"Is this what the best and the brightest of the world could come up with? Or is this what happens when you do policy laundering and you get a bunch of bureaucrats making decisions about technologies they don't understand?"

By spending time reading e-passport standards posted on the U.N.'s International Civil Aviation Organization website, Grunwald said he figured out how to clone the chips in about two weeks. Since all countries' e-passports would be designed using the same ICAO standard, Grunwald says his cloning method would work regardless of country of origin, although he admits the cryptographic hashes used to authenticate data mean people cannot inconspicuously change things like birth date or names on the chips.

Even so, through the cloning process, a known terrorist could carry a passport with his real name and photo, equipped with a cloned RFID chip that identifies someone else. This means that while any human screening the passports would be able to identify the person from his physical passport, a fully electronic system would check the wrong name. Grunwald said that, luckily, the machine-readable OCR at the bottom of the passport would still fail to match the RFID data.

Frank Moss, deputy assistant secretary of state for passport services at the State Department, said that the United States does not intend to use a totally electronic passport-inspection system. However, other countries such as Australia are considering completely automating the process.

According to Moss, Grunwald's accomplishment is no surprise. He said that the e-passport's designers have known about the issue for some time, and added that things like the digital photograph of the passport holder -- embedded in the data page -- could still prevent someone from entering countries through use of a forged or modified e-passport.

"What (Grunwald) has done is neither unexpected nor really all that remarkable," Moss said. "The chip is not in and of itself a silver bullet ... It's an additional means of verifying that the person who is carrying the passport is the person to whom that passport was issued by the relevant government."

Grunwald noted, however, that false identification was not the only danger from cloning e-passports. Someone could introduce malicious code to border-screening computers through the RFID tag or write corrupt data to it, which could crash an electronic inspection system not pre-protected from such an attack.

"I want to say to people that if you're using RFID passports, then please make it secure," Grunwald said. "This is in your own interest and it's also in my interest. If you think about cyberterrorists and nasty, black-hat type of guys, it's a high risk ... From my point of view, it should not be possible to clone the passport at all."


Follow real-time breaking news headlines on
Airport security at FETCH.news
Join over four million monthly readers. Your privacy is protected. Unsubscribe at any time.
comments powered by Disqus
Take Action: Support NaturalNews.com by linking back to this article from your website

Permalink to this article:

Embed article link: (copy HTML code below):

Reprinting this article:
Non-commercial use OK, cite NaturalNews.com with clickable link.

Follow Natural News on Facebook, Twitter, Google Plus, and Pinterest

Colloidal Silver

Advertise with NaturalNews...

Support NaturalNews Sponsors:

Advertise with NaturalNews...


Sign up for the FREE Natural News Email Newsletter

Receive breaking news on GMOs, vaccines, fluoride, radiation protection, natural cures, food safety alerts and interviews with the world's top experts on natural health and more.

Join over 7 million monthly readers of NaturalNews.com, the internet's No. 1 natural health news site. (Source: Alexa.com)

Your email address *

Please enter the code you see above*

No Thanks

Already have it and love it!

Natural News supports and helps fund these organizations:

* Required. Once you click submit, we will send you an email asking you to confirm your free registration. Your privacy is assured and your information is kept confidential. You may unsubscribe at anytime.