Comments

AnonymousDecember 20, 2006 6:36 AM

"The UK Home Office however dismissed the ability to get hold of the information on the chip."

Just because they cannot imagine a threat vector all is well in the biometric passport world? Failure of imagination is a fundemental cause of security failures.

BTW, http://news.bbc.co.uk/1/hi/uk_politics/...
just proves that there are many people without a clue in goverment building complex security services.

Full Disk EncryptionDecember 20, 2006 6:59 AM

It is the TITLE of the article that is the cause of the mainstream attention. As the artikle points out that it is NOT possible clone the passport, but just read the information from the passport. So I think the title is incorrect.

bobDecember 20, 2006 7:01 AM

"He said: "Being able to copy this does not mean that the passport can be forged or imitated for illegal or unauthorised use. "

Possibly. But it does mean that a half-assed inkjet-printed fake passport with a cloned valid chip will whiz through an electronic scanner and not attract the attention of the guard; whereas WITHOUT RFID it would have to pass a human screener.

ElliottDecember 20, 2006 9:34 AM

It makes me angry that our governments force these biometrics and rfid vulnerabilities down our throats, making sure we cannot even protect ourselves.

The stupid (or malicious?) rule over the smart, and the damage they cause is an externality (or profit?) to them. Scary.

Is it really necessary that each new technology causes large-scale damage before the masses finally understand?

IngoDecember 20, 2006 9:39 AM

The most dangerous id thefts don't even need to forge passports. The german government issues REAL passports with the names of unknowing german citizens to mossad agents. Imagine you fly to another country and get arrested because someone with your name on their REAL passport blew something up or murdered someone...

aikimarkDecember 20, 2006 10:01 AM

I can just imagine the merry pranksters dropping cloned RFID tags in/around the passport scanners. That would seem to throw a wrench into the works and back up the lines.

Gets me thinking...What would happen if you held up a passenger long enough to slip through customs with their cloned passport? Would the system detect that they had already passed through security and flag them?

ZwackDecember 20, 2006 10:52 AM

Full DIsk Encryption - From the Article...
"Now for the clever bit. Thanks to a software he himself has developed, called RFdump, he downloads the passport's data onto his computer and then onto a blank chip.

Using a standard off-the-shelf component you can just buy at a component store you can have a cloned ePassport in less than five minutes. "

So, it is quite clear from the article that it is possible to clone the RFID portion. Frankly, I suspect you could make a good enough fake fairly easily.

I just received one of these passports and the exterior cover is red flexible material. The interior consists of several pages that are reminiscent of bank notes with lots of fine lines all over them and bird prints embedded... The page designs repeat every few pages though... And then there is a final, thicker page with the personal details on one side and the RFID token on the other.

The only page that you really need to fake is that thick page. The rest you can just reuse from a stolen passport. Sure you will have to match the passport number printed on it to the one punched through the pages, but the RFID chip could have a different one and it would pass a cursory inspection. It's only if someone compared that RFID passport number to the one printed/punched in the passport that it would become obvious.

And now for a question. Does anyone know of an easy way to temporarily block the RFID chip? I don't want to damage it, but if (for example) storing it in a lead pouch as used for film would be sufficient then that works for me. That way I would have more control over who could read the RFID.

Z.

tobias robisonDecember 20, 2006 11:39 AM

The official's comment that he does not see why anyone would do this is particularly infuriating. Other than the many possibilities for stealing an identity without detection, consider this:

There are many cases where a person is asked to turn over his passport for awhile and get it back later. Wouldn't you rather turn over a clone and keep the original? Plenty of people would!

- tobias robison

Matthew X. EconomouDecember 20, 2006 12:08 PM

I'm not a physicist or electrical engineer, so I am curious about how well would an ungrounded metal sleeve reflect or redirect that RFID pulse, especially if the chip is in close proximity to the sides of the sleeve.

Clive RobinsonDecember 20, 2006 12:08 PM

@ tobias robison

"Wouldn't you rather turn over a clone and keep the original?"

If it was likley I would gat away with it yes but in reality peope are going to notice a cloned passport is not their real one because it does not have the crease in the cover in just the right place and 1001 other little details that would be to much like trouble to fake.

For the countries that don't actualy punch holes through their pasport pages you simply steal a passport from one person for the country you want (any person will do).

You then photograph the ID page (and any with visas) and dump the chip of the pasport you wish to Clone.

You then upload the chip dump into the stolen passport, produce a photograph of the ID page on thin matt paper and fake the photo. Then the (almost) hard part get hold of the hologram plastic coating for the top and affix it all onto the existing ID page (after removing the existing photo and other problem parts).

Then fake in anv visa stamps and signitures from the photos of the other pages.

Apart from the "cloning the chip" details all of the above is done currently by people producing high end "fake passports" in reality the passport is real the contents are what is fake. From the info I have been told they cost upto about 5000USD...

If you think the holo-plastic cover is difficult to fake think how many copies of the microsoft holo-plastic logo have been made. Criminals do this sort of thing on an almost industrial scale.

So no change to the current "faking system" then, other than cloning the chip with real details skimed from another passport (that has not gone missing so no flags about it).

The only hard part is getting a real passport with details sufficiently like your own to clone the passport ID from, which is where ID Shopping comes in....

Clive RobinsonDecember 20, 2006 12:15 PM

@Bruce

Your title,

"Cloning RFID Passports in Five Minutes"

is wrong the BBC artical is about the UK National ID card which is altogether a different animal. The proposed UK system is to use smart cards to be compatable with bank card readers.

Clive RobinsonDecember 20, 2006 12:44 PM

Hmm sorry Bruce,

Not sure what's going on with me but (it is the day after the Xmas lunch) I clicked on the link from the first comment (opps :( Which is about the UK ID card central DB being dropped.

So sorry you title is right.

ZwackDecember 20, 2006 1:46 PM

@Clive Robinson... The new UK passport doesn't have a photo attached to the ID page. It's printed on the page. Then the holographic film is attached over the top. The RFID chip and a loop antenna is attached on the back of the page (clearly visible) and another holographic film is placed over the top of that.

Faking the ID page is easier than faking the whole passport, but given that bank notes are faked I would imagine that the whole passport can be too.

Z.

AnonymousDecember 20, 2006 4:22 PM

Ever thought about the possibility that the government / the major Think Tanks controling the government (UK, US - the same people) _want_ these IDs to be insecure? Who says their agenda matches the citizen's agenda in this respect!? (Am I paranoid?)
Same question applies to the debate on the election proces.

averrosDecember 20, 2006 7:48 PM

Anonymous - the idea that the interests of the ruling political class are somehow the same as the interests of the population is the greatest delusion of modern times. It is called belief in democracy. Trying to apply reason to prove that this is, indeed, the case, immediately makes obvious the irrational nature of this belief.

AnonymousDecember 20, 2006 7:48 PM

Airport terrain is far simpler, but still. Imagine what you could do with $10 million for real security measures. And for something completely freakonomical, what if you spent that $10 million on causal issues rather than symptoms? Was that guy just kicked out of a treatment center due to lack of funds http://www.cnwenmi.com http://www.haogouw.com

Blocking RFIDDecember 20, 2006 9:59 PM

To those that asked, enclosing the passport fully, in any metal, will stop the RFID signal.
There must not be any gaps.

Wrapping it in aluminum foil, with folded edges/seams is a cheap and easy way to "waterproof" (if the man asks) the passport.

Erik NDecember 21, 2006 5:45 AM

Honestly, I get a little fed up with all these stories about how unsafe RFID is. This article says nothing new from the previous articles.

In the current RFID based passports the chip contains only information printed on the passport and you need information printed on the passport in order to access that data.

Clearly, access is not too difficult, but information is not too private either. And it does make it more difficult to forge a passport because you cannot replace the photo with an arbitrary photo.

Of course the fear goes, that in future more information will be stored, fingerprints, iris scannings etc. and it appears that people assume the data protection will remain the same. This is NOT the case.

An interesting read is the document "Advanced Security Mechanism for Machine Readable Travel Documents - Extended Access Control" published by the German Federal Office for Information Security (you can download it), which defines the mechanisms for securing access to data on the RFID chip.

It actually addresses problems of identifying devices authorized to access information on the chip - the chip will authenticate the reader! So not all can get access to all data. You will have to clone an authorized reader to get access. And, reader's access can be revoked, pretty much like revoking certificates in common PKI.

Also, the chip is authenticated by the reader. This means that it is far easier to revoke a passport.

There are two problems that remain:

1) The chip has no internal clock so expiration of certificates is difficult to handle. A time stamp is updated every time the passport is used.

2) The chip is communicates with a possibly untrusted device which may block updates of revocation lists or time stamp.

I am not convinced about the current solution proposed. I think one should introduce trusted devices on embasies and boader points you leave your home country, where you can get trusted updates of revokation lists and time stamp.

ElliottDecember 21, 2006 7:33 AM

"Honestly, I get a little fed up with all these stories about how unsafe RFID is."

Honestly, I get a little fed up with all these governments forcing rfids on us while they are insecure. You are not forced to read these stories. But I am forced to carry a bug with me. So who has more reason to be fed up?

"In the current RFID based passports the chip contains only information printed on the passport and you need information printed on the passport in order to access that data."

1) not all rfid passports are created equal.
2) On those with a key, you need only 1 information to get all information.
3) If the communication is not WELL encrypted then communication can be eavesdropped, even from much larger distances than advertised.
4) For some passports, the keys follow a simple system so they can be guessed, or brute-force tried in pretty short time. Remember how SSL in early netscape browsers was cracked.
5) Even if you cannot read personal information, you can still detect the presence of the rfid (e.g. to detonate a bomb or claymore).
6) One can often recognize and track one rfid because it behaves in a unique way. 7) At least the government of each country I visit, and the people with access to that data, will learn the key, and can then use the rfid to identify me anywhere without me knowing, unless I destroy or shield the rfid.

"Clearly, access is not too difficult, but information is not too private either."

I don't think I entitled you to judge which of my personal data is "too private".

"Of course the fear goes, that in future more information will be stored, fingerprints, iris scannings etc. and it appears that people assume the data protection will remain the same. This is NOT the case."

Yes, that fear goes. And most fears I had about what my government could do in future have already come true. Please prove or guarantee with your personal assets that it will be different this time.

"An interesting read is the document "Advanced Security Mechanism for Machine Readable Travel Documents - Extended Access Control" published by the German Federal Office for Information Security ..." The BSI is not in a position to decide about standards. It can only publish recommendations, and those are seldom followed.

Also, that is for germany only. But ven if those recommendations of the BSI would be wollowed by all governments, there is still room for problems:

"reader's access can be revoked, pretty much like revoking certificates in common PKI. ... a possibly untrusted device ... may block updates of revocation lists or time stamp."

Please don't suppress that the memory capacity of rfids is extremely limited due to cost and power constraints, hence one day it will be too small to hold the ever growing revocation list.

Also, revocation lists are never really up to date.

Now, please explain what advantages rfids have over a contact-only non-rf chip solution, and over the even better and chaper alternative machine-and-human-readable printed text with a digital signature? The only ones I can come up with are exactly threats from my personal viewpoint:
1) I can be identified and tracked without knowing,
2) The rfid or contact-readable chip might store much more data, and different data than I think it does.

Your post sounds as if you want an rfid in your passport. Why?

ElliottDecember 21, 2006 7:53 AM

"In the current RFID based passports the chip contains only information printed on the passport and you need information printed on the passport in order to access that data."

If this is so, why buy rfids in the first place? Why not simply read that data from the printed text on the passport? Machines can do that since many years.

And the passports would probably cost only a fraction (1/10 or so) of what they cost now. Say there are 1 billion people to receive a passport, and each must pay 200 USD taxed money for that PISSING rfid bug that can be used to hurt them. That makes 200 billion USD, right? Do you have better numbers?

"And it does make it more difficult to forge a passport because you cannot replace the photo with an arbitrary photo."

Physical security measures like those applied to money bills (special paper, print patterns, metal fibers, holograms etc) are probably more expensive to fake than some bits.

And if you still believe cryprography is a perfect solution because there are no side channels or ways to crack, hack, steal or buy keys, then why not use contact-readable non-rf chips, or print a digital signature below the human- and machine-readable text printed on the passport?

Are you employed by an rfid manufacturer or a federal agency?

Erik NDecember 21, 2006 8:37 AM

@Elliott

The previous 3 (I think) posts on this page regarding RFID flaws all mention regard the same flaw, the discussion is the same and nothing new is added.

Now:

1) All RFID passports need to comply with the same standard. Lack of international standard would render the RFID passport useless.

2) Only on current passports, can you read all data having the one key, and these does not contain a lot of information.

True the key is printed on the passport, but the argument is, that the information on the chip is the same as that printed on the passport. The chip only provides a way to ensure integrity of the passport.

The argument that this information is not very private is that it is printed in clear - also in old passports. If you have physical access to the passport, you gain no extra information on the chip.

3) Read the document and you will see what encryption is used.

4) Brute force is pretty slow, the chip is not very fast and data transfer is not very fast. I think the main problem is if passport numbers are issued sequentially rather than at random, but that is not a problem of the RFID chip but rather the management and issuing of passports.

5) Yes, and you can detect a cellphone, blackberry, smart phone, bluetooth enabbled PDA, body heat, movement, whatever.

6) Yes, they can try to track you. But doing so accurately requieres an awful lot of stations. It's much easier to track your cellphone - and while it is likely that you leave your passport on the hotel or at home, you almost always bring your cellphone with you.

The mentioned document is not only for Germany: You need to have passports work in all countries, so no country can go solo. While BSI is a national institution, they are involved directly in the work setting the international standard for RFID passports, they are in the ePassport working group under ICAO.

Sure RFID memory is a constraint, it is likely to be reduced with time. However, if certificates expire after a reasonably short time the revokation list can be kept short. The problem is to maintain validity reasonably short yet be able to manage millions of devices.

If you implement my suggestion, people can update their revokation lists from the government they (should) trust, namely their own, before leaving a country. Most travels are short so this would reduce the risk significantly in most cases. Embassies could be alternative trusted points.

The advantage of RFID over contact based chips is durability and ease of use. And over the text-only passport the fact that you add integrity check. This does make passports more dificult to forge - while people may be able to clone a passport cheaply, they need an original from someone who looks like the target person. And the passport can be revoked.

How do you verify a digital signature of a printed photo? It will be very difficult to read data correctly. With the ePassport you can store and sign the digital version of the photo and verify the signature. The printed and digital photo can be compared visually.

Regarding your two problems:

1) Your cellphone or bluetooth device is much better for tracking you if someone is after you: Better range and it's more certain that you carry it on you.

2) Yes, they might - but why would they store secret information on your passport and have you carry it arround? It would be much better for governments to keep it in secret databases linked with your ID and dig it out when needed.

I am as concerned about RFID passports as anybody else, but the discussion so far has been redundant.

I mentioned two weaknesses which noone seems to pay attention to: The lack of internal clock and the problem of trusted input. It would be constructive to discuss these problems.

Erik NDecember 21, 2006 8:46 AM

@Elliott(2)

1) Integrity check reduces the posibility of forged passports.

2) The RFID chip cost around $2.

3) You can't revoke physical security meassures like metal strips.

4) See previous post

Last: No, I do not work for government or RFID manufacturing firm.

I just like discussion to be productive and based on facts about how things actually work rather than add to the FUD. I am just as concerned as anybody else.

AnonymousDecember 21, 2006 12:21 PM

Once you realize that:
- the data is simply a digital copy of the printed data
- this data is digitally signed so it can't be modified

the problems don't seem quite as critical as the BBC try to make out:

- if you find someone who looks like you, social engineer their data, narrow down their passport number sufficiently, AND get 30 mins+ quality time next to their passport, you can make a clone without their knowledge
- passport officials may then be more trusting of your fake passport than if you hadn't bothered with the RFID

Still an issue I agree, but it is irritating when people blow this out of proportion.

AndrewDecember 21, 2006 12:31 PM

Being fairly well versed in the ins and outs of the new ePassport I cannot see why a serious blog such as this is deliberately misunderstanding what the researcher claims he has 'discovered' (and yes this is exactly the same 'flaw' that has been reported about a dozen times each one claiming and exclusive). Bruce - are you seriously saying that making a colour photocopy of the passport is a security flaw, because this is what the cloning of the chip amounts to.

In order to read the data from the passport you need to be able to open the passport and read the non-sequential (in the UK at least) key from the book, you then can get the data off the RFID tag and the transaction between the tag and reader is encrypted. So there goes all of the people shrieking about evesdropping! Yes it could have been a contact chip, however this would have required a fundmental redesign of the passport book and the ICAO felt that RFID tags would be less likely to break than a contact chip over repeated uses.

Of course having gone to the trouble of getting the data from the chip all you have is a digitally signed version of the data page, it is there as an integrety check and is pretty useless to a would be forger or ID thief since they cannot change any of the details including the photo (a known current attack). Future biometric data will be additionally encrypted and will only be accessible to readers authorised by the UK government through PKI.

So Bruce and the others if you are such critics about enhancing the passport with an encrypted, digitally signed chip containing the details on the data page to allow them to be verified offline anywhere in the world, how would you do it?

ZwackDecember 21, 2006 1:39 PM

@Erik N and Andrew

Firstly, I think Bruce was trying to make a point about this flaw getting more mainstream coverage... "It's getting mainstream attention" might have been a subtle clue in this regard...

"In the current RFID based passports the chip contains only information printed on the passport and you need information printed on the passport in order to access that data.

Clearly, access is not too difficult, but information is not too private either. And it does make it more difficult to forge a passport because you cannot replace the photo with an arbitrary photo."

Actually, I don't like the fact that someone can read that information instantaneously AND without my knowledge. Not having the tools to read the card myself I don't know that there is a key printed in the passport required to read the passport. Sure, I've been told that there is, but I'm just having to take someone else's word. The information in there might be "no big deal" to you, but I don't like the fact that someone can get my name, age, place of birth, photo, and any other information that might be included in the RFID chip (anything that was on my application form could be in there at a minimum) without asking me, or even any physical contact.

Yes the information is also (allegedly) in the passport in plain text format, as well as a machine readable text format. But in order to get that information someone has to be handed my passport and actually open it.

To get the information from the RFID chip all they need to do is be close enough with a reader. Given the size of antenna (about 4" x 3" at a guess) I suspect that the distance under ideal circumstances is more than six inches. Which means whenever I pass through a doorway, close to another person, near an object, I could have my passport read.

It might be excessive to imagine that readers will be ubiquitous, but they might include them in many public places, and introduce them slowly over a period of time. Given that the UK has approximately one CCTV camera for every 14 people, a gradual introduction of remote readers at population "choke points" might be considered as a "sensible" anti-terrorism move. For example the entrance to every tube station might be covered.

"Of course having gone to the trouble of getting the data from the chip all you have is a digitally signed version of the data page"

And that data page contains information that I don't broadcast to everyone. You might walk around wearing a t-shirt that says "My full name is... I was born in ... on ... my passport number is ..." and so on, but I don't.

Z.

Erik NDecember 22, 2006 3:44 AM

@Zwack:

The problem that a passport can be read while closed has been discussed previously. Ofcourse it is a blunder that the passport cover is not made of a protective material, but you can buy that - any metalic cover will protect your passport.

You need the printed data on the passport to access the data on the chip, which pretty much means that reading in an instant without your knowledge is not possible or not of much use:

a) They can read it in an instant because you have previously given the data - in which case it is of no use. Or,

b) They can't read it in an instant because the have not access to the code - which requires physical access to the passport, you have to open it.

The data you don't want to share is not "broadcast". If you know it, then you can use the RFID to verify it.

This leaves the posibility of brute force but that is not done in an instant. A previous article on this issue speculated that a postman delivering your new passport could clone it by brute force in 24 hours because he knows when your birth day is (he delivers your card) and he knows aproximately when the passport expires - 10 years from being issued. That would reduce the number of codes to be tried, and if passport number is assigned sequentially then it would become easier. But most people do not have that information, the drive by hacker will not be able to clone your passport in 5 minutes - or in 24 hours.

The cloning problem becomes an issue if you use your passport as a general ID: When you check into hotels, don't let them photo copy the passport. This was recommended by FIDIS (I think).

There is a number of reasons that RFID passports are not useful for tracking you:

1) Passports don't advertice themselves, you can't make mass surveilance because you'd have to check every access code to determine who that person is - essentially bruteforcing the code, not done in an instant. It would be possible only if you where trying to track a selected few.

2) Your mobile phone is much better: Infrastructure is there, data is there and it advertices itself all the time. Further, it is likely with you all the time while you leave your passport at home.

And, 2) is being used! I know that police request information from mobile providers to determine where people where at the time a criminial offence was commited. And if they have you on a watch list, they can follow you as you walk around. Cellphones can locate people with about 10 m accuracy, enough for most investigation.

I also have an example of mobile providers offering to use your mobile at home at landline rate - because they know where you are.

ZwackDecember 22, 2006 11:31 AM

I'm still not comforted Erik...

When I travel abroad I don't take a cell phone so that can't be used to track me. However when I enter a country my passport is available to the authorities to look at. At that point they can copy the information off of the passport instantaneously. No walking to the photocopier... Given a totalitarian state they could track all RFID passports as the owners wander through public places. Yes, this is a big effort, but they may deem it worthwhile to track all visitors. There would be no need to brute force the code as they know that from the airport. They could also reduce the amount of tracking needed by following passports. You know that a given passport entered the London Underground system at Heathrow. You just need to watch the London Underground for that passport to emerge again. You could even track where it could come out given train movements until it surfaces again.

I'm not so bothered about whether it is being done as the fact that it is possible. Given the resources of a Government the possible can be done no matter how difficult or expensive it is likely to be.

Frankly, given the tracking via mobile providers, and the tracking via passports and the tracking via... I don't see why they wouldn't want as many of those as possible.

I would also be interested in how you know that Passports don't advertise themselves, or that they only contain the data that we are told is on them. Do you know for a fact that there isn't an additional key that will cause all passports to broadcast? Or that a particular government hasn't extended the data on their passports?

Z.

Erik NDecember 23, 2006 5:03 AM

@Zwack:

You are the first person I have heard of who don't bring the mobile on international travels - then you just have one problem less to worry about.

First, the RFID get's it's power from the radio transmitter of the reader, there is no internal power so it can't announce it self in case somebody is around who might listen. Thus, it is not possible to passively track chips.

Second, the RFID works as the server in a typical client-server scenario. The reader sends a request and the RFID responds. You can check through the API of the chips and see what commands are supported.

In order to identify the ePassport the reader sends the authentication code which must be known beforehand. The ePassport responds with a failure if it is incorrect.

Now, assume your mass surveillance scenario.

First, the "official" range is abut 20cm, assume that this is expanded hundred fold to 20m. That means that you could cover entry points of say the London Tube and other points of interest, but covering an entire country is not feasible. But, the RFID is not very advanced - I doubt, although I don't know, that the RFID can modulate frequencies to avoid interference with all the other RFID chips. As range increases, so do problems of interference.

Just assume anyway that all the technical problems of communicating with the RFID are solved. In mass your surveillance scenario, the reader would have to try all the codes it has been told to track - thousands, or millions - one by one, getting an error on all the incorrect codes.

It doesn't matter that it knows your code, because it doesn't know if it is you or somebody else, if it did - why ask? So, the reader has to go through all codes - just as in a brute force attack. This is simply not possible in the few seconds it takes you to pass the gates to enter the Tube.

Your surveillance could work if you have a selected few suspects you want to track, because the limited number of codes you'd need to verify. But then, you might want to track them more closely and have some person actually follow behind.

In comparison: Mobile phones continuously report themselves to the antennas to get the best signal as the user moves around. Coverage extends to entire countries, even continents - I think one of the London suspects was tracked to Milan by his cell phone - and it's almost as accurate as GPS. It is far more reliable for domestic tracking and abroad because most people bring their cellphones with them - always. In Europe cellphones sell also on their world wide coverage, dualband, triband, cuatriband etc. And while you can shield your passport, shielding your phone or turning it off will render it much less useful.

This, and the fact that there is no additional investment for such tracking means that I seriously doubt RFID passports or IDs are ever going to be used for tracking individuals.

Your worries about "additional keys", back doors, special commands etc. are simply paranoid. I know that it is possible, but at some point you have to assume trust and get on with your life:

Do you trust your software vendor not to install a back door in your OS? In your encryption software? Do you trust your telecommunication provider not to allow illegal wiretapping? Do you trust your ISP not to log your traffic? Do you trust the mobile manufacturer not to install a back door? Do you trust the men at the CCD cams not to share data illegally? Not to spy on a particular person? Do you trust all of the above to destroy data they may have about you?

I won't discuss hypothetical worries because we have no basis for a discussion, any such discussion only contributes FUD. And the list of such worries is endless. I just cross my fingers and hope that I can trust my government...?!

ZwackDecember 27, 2006 10:40 AM

"Do you trust your software vendor not to install a back door in your OS? In your encryption software? Do you trust your telecommunication provider not to allow illegal wiretapping? Do you trust your ISP not to log your traffic? Do you trust the mobile manufacturer not to install a back door? Do you trust the men at the CCD cams not to share data illegally? Not to spy on a particular person? Do you trust all of the above to destroy data they may have about you?"

No, No, No, No, No, No, No, No. I don't trust any of them...

Software vendors may or may not have put back doors into software. I don't worry about it because I don't do anything wrong with my OS or Encryption software. But if I was planning on doing anything I would build as much of the software from trusted sources as I could.

Telecomms providers have been accused of illegal wiretapping (The cases are pending if I recall correctly) so No, I don't trust them. In addition a friend of mine back in the early 90's had a conversation long distance in the UK from Edinburgh to Manchester. They are both role players and spent part of the call discussing characteristics of various weapons. The following day he had a visit from Special Branch wanting to know why they were talking about guns. There was no reason for either of them to be under surveillance, so an automated wire tap would seem a likely candidate.

I know some ISPs automatically route all web traffic through their proxy servers. There is no reason that the Proxy couldn't log it. See my comments above about OS/Encryption.

I only just got a mobile phone again (after six years without one). The convenience of being able to call my wife when I need to outweighs the disadvantages of being tracked to work and back. But again, if I was going to do anything dodgy do you think I would carry my phone with me?

I don't trust closed circuit cameras not to be used to track someone whether they are publically or privately owned. I know that my stepson, who is hispanic, frequently gets watched as he walks around stores. He was banned from Home Depot last time he went there with some friends because he kept pulling a token from his pocket, running it through his fingers, and putting it back. He was bored, and they viewed this as suspicious. They wanted to search him, he asked them to call the police. In the end they banned him even though he had done nothing wrong.

I don't trust any commercial or Governmental entity to destroy any data about me.

Sorry. But I don't think that this makes me paranoid.

Given that the claimed reading distance on RFID passports is 20cm, assuming that this is similar to RFID identity badges that I've used at work, alternative readers are available that can extend the reading distance to closer to two metres. one metre would be enough for most normal doorways. Given that a doorway of that size is a choke point, they could be used. The antenna on the RFID chip on my passport is significantly larger than any of the Identity cards I've had for work.

Can you see any real reason why a passport could not have been designed to use a contact based mechanism instead? Somebody, possibly even you, claimed that the contacts would get dirty too quickly. But given that they are used in banking applications where the usage rates could be very similar, I can't see that is a valid argument.

Z.

TinkerbellFebruary 2, 2008 3:07 PM

Zwack"Software vendors may or may not have put back doors into software. I don't worry about it because I don't do anything wrong with my OS or Encryption software. But if I was planning on doing anything I would build as much of the software from trusted sources as I could."

I don't trust vendors so I only use open GPL software that I build myself for anything of importance.

In any case, the idea behind the quoted statement above is dead WRONG. This is the nonsense behind the statement, "If you haven't done anything wrong you don't need to worry that the government is spying on you". Yes. You DO need to worry. First of all, it is none of ANY government's business what you are doing, with whom, or when without a legitimate reason. Second, what is legal today can easily become illegal tomorrow. Speaking out against one's government or some policies may be OK today, having sex out of wedlock may be accepted today, but it only takes one change of government in an "election", or after a terrorist attack, etc, for your formerly legal act to become magically illegal. For "security" and "for your own good" you understand.

To borrow from V for Vendetta: people shouldn't fear their government, government should fear its people. They SERVE us, not the other way around. Legal, illegal is irrelevant when it comes to surveillance. It is an assumption on the part of government that everyone is a suspect and a likely criminal that must be watched over, and that people need to prove their innocence that drives pervasive surveillance. One word: BULLSHIT!

Governments are criminal organizations first and foremost and it is government that must constantly prove it is innocent of wrongdoing against its people, NOT the other way around.

Clive RobinsonOctober 29, 2012 5:02 AM

@ Moderator

The above,

Posted by: Angelaiwf at October 29, 2012 2:04 AM

Appears to be someone copying other peoples comments word for word to get link spam onto the blog.

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..