US passport RFID flaws

The RFID chip on US passports can be read when the passport is even slightly open, a design flaw that needs to be fixed. Why? Watch the proof of concept. A dummy with a barely open passport on a moving clothesline is scanned, then a bomb is triggered automatically. An outlandish example? Sure. But still…

In probable response to such critics, the State Department has added new levels of security to passports, but flaws still exist.

Given how insecure passport information appears to be, the ACLU says, imagine what could happen if Homeland Security builds that giant database with our personal and sensitive data on it.

From security expert Bruce Schneier writing in 2005.

The State Department downplayed these risks by insisting that the RFID chips only work at short distances. In fact, last week’s publication claims: “The proximity chip technology utilized in the electronic passport is designed to be read with chip readers at ports of entry only when the document is placed within inches of such readers.” The issue is that they’re confusing three things: the designed range at which the chip is specified to be read, the maximum range at which the chip could be read and the eavesdropping range or the maximum range the chip could be read with specialized equipment. The first is indeed inches, but the second was demonstrated earlier this year to be 69 feet. The third is significantly longer.

And remember, technology always gets better — it never gets worse. It’s simply folly to believe that these ranges won’t get longer over time.