[IP] more on RFID passport data won't be encrypted
Begin forwarded message:
From: Russell Nelson <nelson@xxxxxxxxxx>
Date: October 16, 2004 4:30:34 PM GMT+01:00
To: dave@xxxxxxxxxx
Cc: Donna Wentworth <donna@xxxxxxx>, Bruce Schneier
<schneier@xxxxxxxxxxxxxxx>, Edward Hasbrouck <edward@xxxxxxxxxxxxx>
Subject: Re: [IP] RFID passport data won't be encrypted
Channelling Bruce Schneier here, I'd also point out that security
officials will come to rely on the RFID. They'll spend less time
scrutinizing the passport itself. The net effect will be to make
forgeries easier, not harder. (Thank you, Bruce; see, some of us
*are* paying attention to you.)
On a security and privacy level, I would rather have the evil US
government look me up in an Orwellian database, than have me
publishing the same information to everyone within RFID range.
Better, instead, to publish a database id. Still not very secure
given that many people will have access to that database, but we must
be clear: it's more secure than an unencrypted RFID chip.
I think there will be an alarmingly high failure rate of the RFID
chips in passports if it functions as described.
http://hasbrouck.org/blog/archives/000434.html
-----------------------------------------------------------------------
-
create either (1) an RFID passport with a bitwise copy of the chip
(organized criminals already use similar techniques to clone mobile
phone SIM cards),
--
--My blog is at angry-economist.russnelson.com | Violence never solves
Crynwr sells support for free software | PGPok | problems, it just
changes
521 Pleasant Valley Rd. | +1 212-202-2318 voice | them into more subtle
Potsdam, NY 13676-3213 | FWD# 404529 via VOIP | problems.
-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
http://v2.listbox.com/member/?listname=ip
Archives at: http://www.interesting-people.org/archives/interesting-people/