RFID Passports… Close, But Not Quite

from the one-more-step-please dept

Last week, we wrote about the new plans by the State Department to put RFID chips in passports, noting that the precautions they took this time around looked much better, and hoped that they would do an adequate job protecting peoples’ information. Bruce Schneier has chimed in to say that, indeed, the two big steps they took (shielding and access control) are absolutely steps in the right direction that others should follow, but there’s still one more problem they need to fix. The chips broadcast unique IDs to help readers isolate the signal of a single chip, and it’s not clear how these unique IDs are implemented. Schneier is afraid that the implementation can lead to vulnerabilities. But, more importantly, seeing that this point was missed, it points out how hard it really is to make things like this truly secure. There’s always “something else” that opens you up to security holes, especially when the details of how something is implemented aren’t made clear. The worst case scenario is finding out about yet another security vulnerability, well after these passports are out there.

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “RFID Passports… Close, But Not Quite”

Subscribe: RSS Leave a comment
1 Comment

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...