To protect against skimming and eavesdropping attacks, federal and state officials recommend that Americans keep their e-passports tightly shut and store their RFID-tagged passport cards and enhanced driver’s licenses in “radio-opaque” sleeves.
That’s because experiments have shown that the e-passport begins transmitting some data when opened even a half inch, and chipped passport cards and EDLs can be read from varying distances depending on reader technology.
[...]
Gigi Zenk, a spokeswoman for the Washington state Department of Licensing, says the envelope her state offers with the enhanced driver’s license “ensures that nothing can scan it at all.” But that wasn’t what researchers from the University of Washington and RSA Laboratories, a data security company in Bedford, Mass., found last year while testing the data security of the cards. The PASS card “is readable under certain circumstances in a crumpled sleeve,” though not in a well maintained sleeve, the researchers wrote in a report. Another test on the enhanced driver’s license demonstrated that even when the sleeve was in pristine condition, a clandestine reader could skim data from the license at a distance of a half yard.Will Americans consistently keep their enhanced driver’s licenses in the protective sleeves and maintain those sleeves in perfect shape – even as driver’s licenses are pulled out for countless tasks, from registering in hotels to buying alcohol? The report’s answer: “It is uncertain … ”
And when the sleeves come off, “you’re essentially saying to the world, ‘Come and read what’s in my wallet,’” says Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, D.C. By obliging Americans to use these sleeves, he says, the government has, in effect, shifted the burden of privacy protection to the citizen.
Like Mr Pinkerton, I was able to renew my passport before the RFID fiasco in 2006. So, I have a few years before I need to enclose it in a Faraday cage.
The best part of this is: We get to pay for being screwed. Higher fees for the passport and (I just checked one website – Magellan’s) $40 for the RFID blocking cover. Ain’t we got a great Gov?
When the State Department adopted the RFID standard used in our current passports (it was probably in 2004 or some time around there), they were warned by security experts that the passports were going to be readable from a distance so the data enclosed on them should be encrypted. No matter how much evidence was given to them, they “stayed the course” and stuck with the plain text passports we have today.
I think a card edge connector would be better.
NO batteries and transmitter required.
Or even a inductive connection..It has to touch the surface to transfer information.
ANY signal, has at least a 16′ range.
I could put a small wireless reader on those EXIT RF security stands, and read everyones ID as they went thru. I could install a reader, JUST under the edge of a counter in a store, and read your ID.
decoding?? not much of a problem, get your OWN Passport and read it, then see if you can make it match. Would be encouraging if the DATA was only a checksum, variant, insted of DATA.
Put all of the above in a “Mu Metal” box so none of it radiates out.
#12, ‘dro,
You miss the point continually.
Even if they wanted to, the State Department can’t change their system overnight even if they wanted to. There is a process they must follow in order to change the regulations.
I know this is quite unlike Cuba where you guys just do what you want. In the US we have what is called the Rule of Law. For well over 200 years this concept has served us well. Maybe you could convince Raul to try it.
So, what would a 10 second spin in a microwave do to the thing I wonder…
Short of that, a little hammer percussion isn’t going to go amiss.
#13 So what’s the change then. A Bush fuck-up that Obama has done nothing or it has even made it worse. Where’s the change?
#23 Rule of Law? You mean like letting Chenney go free? No wonder he will stay that way.
There were better choices. The government bleeped again. A tradition I can believe in.
Nothing 2 seconds in the microwave wont fix
The microwave will fix that chip nicely, and there’s no way to prove you ever tampered with it.
Nuking your passport will just result in you being required to get it replaced, at around a hundred beanos.
Remember, they hate us for our freedom.
America, land of the surveilled, home of the afraid. Twas not always so. R.I.P., Walter.
#31,
Don’t most passports say they are the property of the US government? (mine’s in my safe deposit box, so I can’t look at it to be sure)
Well in that case it should be the GOVERNMENT’s responsibility to maintain them or fix them if something goes wrong, shouldn’t it?
So essentially the only people not at risk to have their identity stolen are terrorists using fake passports.
Stop bitch’n. The idea of a passport is not to protect ones identity.
The republican idea of carrying no identification has already been tried.
If it can’t be read then Immigration might very well deny you entry. But hey, why listen to me? Go ahead, nuke it for a few seconds and find out. Please let us know if you get stuck in Mexico.
#34
Take a deep breath and say with me “Bush did not lie, Republicans are not evil”.
It’s the 1st step of a multi-step program to help you get on with your life.
Faraday cage wallet at thinkgeek.com. Works for me, tested it with my badge at work.
http://www.thinkgeek.com/gadgets/security/8cdd/