ePassports 'at risk' from cloning
By Ahmad Ibrahim,WNS Security Correspondent
JACOB - The ePassport is one of the many measures pursued by the United States and governments internationally (including Linapore) after the horror of 11 September. It will, we are promised, keep the unwanted and dangerous outside our borders, while streamlining entry for those welcome to come and visit. But as the implementation of the scheme gets underway it is becoming clear that there could be serious problems with it. With the old passport, we knew where we stood. If you lost it you knew you had lost it, but with the new, machine readable passports the story is very different. When you take a digital photo the image is, in effect, a code, which means that however many prints you make they are all exactly the same.
So when Lukas Mackintosh realised he could clone the new ePassport he was pretty sure it would be identical to the original, and undetectable. So how did he do it? The chip inside the ePassport is a Radio Frequency Identification (RFID) chip of the type poised to replace the barcode in supermarkets. The good thing about RFID chips is that they emit radio signals that can be read at a short distance by an electronic reader. But this is also the bad thing about them because, as Lukas demonstrated to WNS, he can easily download the data from his passport using an RFID reader he got for L$420 on eBay.
Lukas is less forthcoming about where he got what is called the Golden Reader Tool, it is the software used by border police and it allows him to read the chip on his ePassport, including the photo. Now for the clever bit. Thanks to a software he himself has developed, called RFdump, he downloads the passport's data onto his computer and then onto a blank chip. Using a standard off-the-shelf component you can just buy at a component store you can have a cloned ePassport in less
posted by wnsworld @ 9:42 PM
0 Comments:
Post a Comment
<< Home