related Articles: New hi-tech RFID passports hacked and cloned | New RFID Passport Scare -- Does it Matter? | Scaremongers dub RFID passports as potential bomb trigger

Sure, we have just as many concerns over RFID-related security technology as anybody, but a new report by mobile security experts Flexilis seems to take things a bit too far.


In their report on the lacking shielding of the new e-passports, allowing the passport to be read by a high-powered reader if the book is slightly open, they go on to illustrate the "dangers" of such a security lapse by calling it a potential bomb trigger. Their demonstration involves a passport-toting dummy brushing by a trash can, which explodes once the dummy gets too close.
The Flexilis guys even conjecture that a country ID code could eventually be identified in passports, allowing for targeted bombing of citizens from specific countries. The problem with all this, is that any radio-transmitting device could potentially trigger a bomb (phone, Bluetooth device, etc.), nobody has hacked an RFID country code yet, and the situations that would call for this sort of bomb are even more far-fetched than the concept.


There's nothing much special about RFID in this regard, other than some security "experts" trying to cash in on the hysteria. Check the video and judge for yourself whether or not RFID is going to be the hip-cool new detonation system of the decade. We're thinking no.



related Articles: New hi-tech RFID passports hacked and cloned | New RFID Passport Scare -- Does it Matter? | Epassports with RFID-chips now a reality

A number of countries around the world are introducing technology-enhanced passports designed to prevent or greatly inhibit forgery and counterfeiting. One of the key components is the Radio Frequency Identification (RFID) memory chip. Residence visas and national identity cards are also beginning to include the chips.


The reason is that the chips are supposed to be nearly impossible to forge or tamper with. They are intended to store coded data, including biometric data such as fingerprints, face and iris scans, as well as all other necessary details to prove who the holder of the document is.


This week a German computer security consultant has demonstrated how to "clone," or duplicate, a specific RFID chip. Lukas Grunwald, a security consultant with DN-Systems in Germany and an RFID expert, says the data in the chips is easy to copy, and he demonstrated the technique at the Black Hat Security Conference in Las Vegas on 03 August.


The hack was tested on a new European Union German passport, but the method would work on any country's "e-passport," since all of them will be adhering to the same ICAO standard. He obtained an RFID reader by ordering it from the maker - Walluf, Germany-based ACG Identification Technologies - but also explained that someone could easily make their own for about $200 just by adding an antenna to a standard RFID reader.


A program that border patrol stations use to read the passports (Golden Reader Tool, made by secunet Security Networks) and, within four seconds, the data from the passport chip was displayed in the Golden Reader template.


He then prepared a sample blank passport page embedded with an RFID tag by placing it on the reader. The reader can also act as a writer, and the information is transferred in the ICAO layout. The basic structure of the chip now matches that of an official passport.


Finally, Grunwald used a program that he and a partner designed two years ago to program the new chip with the copied information.


The result was a blank document that looks, to electronic passport readers, like the original passport.

Read more »