"Nearly every country issuing this passport has a few security experts who are yelling at the top of their lungs and trying to shout out: 'This is not secure. This is not a good idea to use this technology'"...
"There are lots of technical flaws in it and there are things that have just been forgotten, so it is basically not doing what it is supposed to do. It is supposed to get a higher security level. It is not," he said.
...
A European Union funded network of IT security experts has also come out against the ePassport scheme.
...Researchers working within the Future of Identity in the Information Society (FIDIS) network say European governments have forced a document on its citizens that dramatically decreases security and increases the risk of identity theft.
RFID chips can be read at a short distance and tracked without their owner's knowledge, while the key to unlocking the passport's chip consists of details actually printed on the passport itself.
It is almost like writing your pin number on the back of your cashpoint card.
"The basic access control mechanism works based on information like the number of the passport, the name of the passport holder, the date of birth and then other data which are simply readable by anyone who looks on the passport," said Professor Kai Rannenberg of Frankfurt University.
"If you have that information and put the respective software into the reader, the reader can overcome the basic access control of the passport."
The experts say it is not too late to roll back and rethink the ePassport.
If not, the danger is obvious - that a scheme, the declared aim of which is to increase our security, could well do the exact opposite.
No comments:
Post a Comment