Passport RFIDs cloned wholesale by $250 eBay auction spree

RFID (as in passports, Oyster cards, driving licenses, ID cards) hacked remotely using off the shelf gear built by a hobbyist for under £200.

On top of that, the government already admits it can’t protect people’s data, with many highlights of state sponsored ineptitude listed here.

El Reg

Using inexpensive off-the-shelf components, an information security expert has built a mobile platform that can clone large numbers of the unique electronic identifiers used in US passport cards and next generation drivers licenses.

The $250 proof-of-concept device – which researcher Chris Paget built in his spare time – operates out of his vehicle and contains everything needed to sniff and then clone RFID, or radio frequency identification, tags. During a recent 20-minute drive in downtown San Francisco, it successfully copied the RFID tags of two passport cards without the knowledge of their owners.

Paget’s contraption builds off the work of researchers at RSA and the University of Washington, which last year found weaknesses in US passport cards and so-called EDLs, or enhanced drivers’ licenses. So far, about 750,000 people have applied for the passport cards, which are credit card-sized alternatives to passports for travel between the US and Mexico, Canada, the Caribbean, and Bermuda. EDLs are currently offered by Washington and New York states.

Yep, that makes me feel much better. Forget tin foil hats, you’ll need tin foil wallets. This is of course part of the opening up of tracking all individuals, everywhere, all the time (to fight terrorism or for the children or something), a plot that the global government intends to see through to implantable RFID chips for you, to supplement the complete eradication of cash, to be replaced by digital transactions, which themselves will exist on remote servers, taking all power over your own property (cash) away from you.

To protect you of course.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s