Nice secure system we have here. THe US is next since they are adopting the passport RFID tags.

-S

http://www.theregister.co.uk/2006/01/30/dutch_biometric_passport_crack/print.html

Face and fingerprints swiped in Dutch biometric passport crack
By John Lettice
Published Monday 30th January 2006 12:38 GMT

Dutch TV programme Nieuwslicht (Newslight) is claiming that the security of the Dutch biometric passport has already been cracked. As the programme reports here, (http://omroep.vara.nl/tvradiointernet_detail.jsp?maintopic=424&subtopic=38690) the passport was read remotely and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read.

The crack is attributed to Delft smartcard security specialist Riscure, which here explains (http://www.riscure.com/news/passport.html) that an attack can be executed from around 10 metres and the security broken, revealing date of birth, facial image and fingerprint, in around two hours. Riscure notes that that the speed of the crack is aided by the Dutch passport numbering scheme being sequential.

The process is explained in greater detail by Bart Jacobs, Research Director of the Institute for Computing and Information Sciences, University of Nijmegen, in presentations to be found here. (http://wwwes.cs.utwente.nl/safe-nl/meetings/24-6-2005.html) These make it clear that a skimming exercise could potentially yield all biometric data from a passport (or indeed a biometric ID card), giving ID thieves and would-be forgers a considerable leg up in the construction of fakes.

According to the Dutch Interior Ministry ways to improve the security of the passport are being looked at. But note that they say "improve", not "fix". (Thanks to Robin for the tip) ®

I bet the passports are protected by Starforce.

I bet the passports are protected by Starforce.

:up: +20 POINTS!

Comparable issues are known for the new German passport as well, I posted on that one year ago or so. Interior ministry still insists that they are safe. German TV magazine was able to demonstrate that there are even internet sites with easy instruction on how to built such technical devices needed in 30 minutes and with not much more knowledge that a schoolboy has in physics class. With it the data from the chip can be outred (? I mean: extracted) from the chip and received by the hidden transmitter if he passes the person carrying the passport at a distance of one meter or less. By that device you can gather the chip'S data even if it is not scanned by an official control - the thief can make it send the information with a pressing of a button in his pocket. The needed material costed - I am not sure anymore, the report is some time ago, but it was less than 100 Euros and could be bought in any electronics store.

And it worked.

That broadcast was 12 or more months ago.

Producing those passports is a great business, someone has a nice profit from producing this crap - and that's why his political aide (in this case ex-ministre Schilly) is labelling it to be "safe" and improving security and fighting terrorism.

As a matter of fact these new passports are WORSTENING the security situation, as proven above. It's more easdy with them to gather their information than with the old, conventional passports.

I remember seeing an ad ages ago on TV here about an all in on ID card. That's sure a great idea, it's rather annoying having my health card, driver's license, etc, etc in my wallet all the time.

Just go biometric with everything, that would be so much easier. I'm constantly losing my important cards. Especially my health card. Ugh. heh. :damn:

Comparable issues are known for the new German passport as well, I posted on that one year ago or so. Interior ministry still insists that they are safe. German TV magazine was able to demonstrate that there are even internet sites with easy instruction on how to built such technical devices needed in 30 minutes and with not much more knowledge that a schoolboy has in physics class. With it the data from the chip can be outred (? I mean: extracted) from the chip and received by the hidden transmitter if he passes the person carrying the passport at a distance of one meter or less. By that device you can gather the chip'S data even if it is not scanned by an official control - the thief can make it send the information with a pressing of a button in his pocket. The needed material costed - I am not sure anymore, the report is some time ago, but it was less than 100 Euros and could be bought in any electronics store.

And it worked.

That broadcast was 12 or more months ago.

Producing those passports is a great business, someone has a nice profit from producing this crap - and that's why his political aide (in this case ex-ministre Schilly) is labelling it to be "safe" and improving security and fighting terrorism.

As a matter of fact these new passports are WORSTENING the security situation, as proven above. It's more easdy with them to gather their information than with the old, conventional passports.

Electronics should stay out of this kind of crap. RFID's are going to be in the clothes you wear too soon. Major privacy issue I think.

-S

Implant a chip in everybodys shoulder bone with just an ID. The needed Data can be stored centrally, no need to put it on chip, really. The scanner sensor asks tzhe chip who are you, the chip answers "citizen xyz", the scanner checks the central DB and so on, much safer provided the central DB is safe.
Some benifits in it: You find a persons after a car crash, for example. Check for blood type and give plasma until then? Not necessary, just read his blood type from the DB and give him/her the right stuff. As long as the accident victim still has his arm attached to the body, all is well.

Some orwellian phantasy: Insert a GPS/Gallileo component to the chip...

That is a horror vision for me. some months ago in some fareastern state, Malaysiya or Indonesia, a car manufacturer equipped his cars with fingerprint-scanners ( to be used during starting the engine), so that a thief cannot use these cars if he steals them. In the followng months the polics registrated an increase in assaults on cars at red traffic lights, where the drivers were pulled out and got their finger cut off. the attacker took it with him, took the car, and escaped. The scanner now is "under consideration".

chips in your shoulder-bone? go figure. There is no limit to human's ruthlessnes and brutality.

Just another reminder that there's no such thing as a foolproof technolegy. No matter how secure you make a security technolegy, someone, eventually will always find a way to crack it. I remember back when they started using magnetic strips on credit cards, drivers licences etc, and these strips were touted as being able to finally put an end to credit card forgery. We all know how that panned out.

That part about cutting of fingers is not working today anymore. Back when the first fingerprint scanners where installed, you could fool them with this method (or a simple reproduction of a fingerprint from a waterglass. All you needed is some fast working adhesive and a sheet of plastic plus some powder).
Today all fingerprint scanners should be measuring a variety of factors, amongst them thermal and capacitive data. And if you cut a finger of its electrical resistance and temperature pattern (amongst other things) change pretty dramatically. :know:

That said i´d like to add that my last posting was somewhat sarcastic, just for those who are prone to ignoring such things.

:hmm:
The Dutch have a proud history of develloping worthless passports. As Skybird says, it's big business (you need them, don't you?) and civil servants and politicians have to trust the specialists who are selling their toys.

Already two years ago there was a news item on TV about the - then future - biometric passport and experts showed how a fingerprint could be electronicly lifted from the passport and been 're-used'.
Nice idea that fingerprints are considered absolute proof in court.

The RFID is a lie it has come about to protect us from Terrorists this is rubbish, it's real purpose is to brand you so you can be bought and sold at will and who by THE NEW WORLD ORDER. What dose this mean to you?

You will have to surrender your Freedom for a false sense of security, I say fight for your rights Freedom not tyranny, some of you may laugh now will you still be laughing in ten years time? Even the UN in the last two weeks sent out a message we have ($7 Trillion Dollars) to save the world from it's problems, all you have to do is sign up for the new world order, which is control and that control is the RFID.

I bet the passports are protected by Starforce.

:up: +20 POINTS!

:down: -8 POINTS. Cliché.

Someone wanted a better deal for developing those, hence the 'scandal'? :)

The RFID is a lie it has come about to protect us from Terrorists this is rubbish, it's real purpose is to brand you so you can be bought and sold at will and who by THE NEW WORLD ORDER. What dose this mean to you?

You will have to surrender your Freedom for a false sense of security, I say fight for your rights Freedom not tyranny, some of you may laugh now will you still be laughing in ten years time? Even the UN in the last two weeks sent out a message we have ($7 Trillion Dollars) to save the world from it's problems, all you have to do is sign up for the new world order, which is control and that control is the RFID.

Oh my god!

Where did I leave the tinfoil at?

The RFID is a lie it has come about to protect us from Terrorists this is rubbish, it's real purpose is to brand you so you can be bought and sold at will and who by THE NEW WORLD ORDER. What dose this mean to you?

You will have to surrender your Freedom for a false sense of security, I say fight for your rights Freedom not tyranny, some of you may laugh now will you still be laughing in ten years time? Even the UN in the last two weeks sent out a message we have ($7 Trillion Dollars) to save the world from it's problems, all you have to do is sign up for the new world order, which is control and that control is the RFID.

Oh my god!

Where did I leave the tinfoil at?


:huh: Try the Kitchen