Backtracking from earlier claims that e-passports are “totally secure,” the U.S. State Department is now urging travelers to keep their RFID-chip enabled passports in “radio-opaque sleeves” to protect owners from having their information skimmed by unauthorized readers within a 30-foot range.
The State Department’s warning comes with the caveat that “hackers won’t find any practical use for data,” because personal information is encrypted. But that encryption has already been cracked.
So now the data and the accessibility of the chip have been compromised. Why are we using this technology, again?
Implementation of this technology means more hassle, more concern about your data, and, frankly, less convenience. Great.
As Marc Rotenberg, executive director of the Electronic Privacy Information Center, notes, “By obliging Americans to use these sleeves [...] the government has, in effect, shifted the burden of privacy protection to the citizen.”
And while this is a completely remote possibility for everyday travelers…
In 2006, a mobile security company, Flexilis, conducted an experiment in which the transponder of a partially opened e-passport triggered an explosive planted in a trashcan when a dummy carrying the chipped passport approached the bin. A video of the experiment was shown that year at a security conference.
I like the old, non-IED-triggering plain-vanilla passports better.
The whole RFID controversy is so frustrating because it’s completely unnecessary. You don’t need a chip to create a counterfeit-resistant document in the first place. But by addressing one problem — counterfeiting — it creates a swath of new problems.
If you want to be sure, remember that there’s really only one surefire way to prevent your e-passport from broadcasting your personal information: Break the chip. Pound it with a hammer.
RSS (FeedBurner)
Read with Amazon Kindle
Subscribe by E-mail
Follow on Twitter
July 14th, 2009 at 10:16 pm
Twitter Comment
#Travel – Backtracking from earlier claims that e-passports are “totally secure,” the U.S. State Depart.. [link to post]
– Posted using Chat Catcher
July 14th, 2009 at 11:26 pm
Twitter Comment
Why do we allow the government to make us carry these things? (Usafe RFID passports and driver licenses) [link to post]
– Posted using Chat Catcher
July 15th, 2009 at 5:24 am
Twitter Comment
US passports – what a surprise, not quite as secure as Big Brother government likes to pretend [link to post]
– Posted using Chat Catcher
July 15th, 2009 at 6:14 am
Twitter Comment
e-passport are *not* secure; US State Dept urges travelers to put RFID-chip enabled passports in “radio-opaque sleeves” [link to post]
– Posted using Chat Catcher
July 15th, 2009 at 6:20 am
Twitter Comment
RT @NewYorkology e-passport R not secure; US urges travelers to put RFID passports in “radio-opaque sleeves” [link to post]
– Posted using Chat Catcher
July 15th, 2009 at 6:25 am
Twitter Comment
RT @NewYorkology: e-passport are unsecure; State Dept urges travelers to put RFID passports in “radio-opaque sleeves” [link to post]
– Posted using Chat Catcher
July 15th, 2009 at 7:56 am
Twitter Comment
RT @NewYorkology: e-passport R*not*secure;State Dept urges travelers 2 put RFIDchip passports in radio-opaque sleeves [link to post]
– Posted using Chat Catcher
July 15th, 2009 at 8:46 am
Where does one get a “radio-opaque” sleeve?
July 15th, 2009 at 8:52 am
Chris, I have seen ads for them online. One site is:
http://www.idstronghold.com/Secure-Sleeve-for-Passports-IDSH1002-001-/productinfo/IDSH1002-001/
They’re charging $5.99 for an alloy sleeve designed for passports.
I’m not endorsing that company in any way. I’m sure there are other sellers.
July 18th, 2009 at 1:09 pm
[...] alloy sleeves urged to block hackers? [AP via Upgrade: Travel Better] PREVIOUSLY: HOW TO: Disable RFID in Your New Passport (Photo: Ryan [...]
July 20th, 2009 at 5:35 pm
Spectacular: New State Department Passport Chips Leak Private Data…
Is there anything these idiots can’t screw up? This is what happens when you have bureaucrats enamored with outside cutting-edge “knowledge” that’s way, way beyond their competence to evaluate. In foreign policy you get an obsessive focus on “alw…
July 28th, 2009 at 3:07 am
So what are the authorities meant to do then?
Some degree of security has to be installed in passports – what we had before (plain paper) just wasn’t secure enough.
Now this is demonstrating problems.
It doesn’t matter what they come up with, someone will crack it – you can’t blame the passport agencies for wanting to make that task a bit more difficult.
July 28th, 2009 at 6:17 am
The article is factually incorrect. The State Dept issues an Electronic Passport Booklet “e-Passport” AND a Passport Card.
The e-Passport permits travel internationally by any means (planes, trains, auto, ship, etc.). The passport card is only for travel to/from the U.S. from Canada and Mexico and can not be used for air travel.
The e-passport is secure and uses contactless smartcard technology following the ISO 14443 standard. It can only be read from a maxium distance of about 2 inches. It is secure and is deployed in more the 40 countries currently issuing electronic passports. There is no need to keep an e-passport in a sleeve, nor does the State Dept recommend this. They do advise that you keep you e-passport closed when you are not using it for additional security, Since it is a bookjlet, it closes by itself so that is really a non-issue. Read more at: http://travel.state.gov/passport/eppt/eppt_2788.html
The U.S. Passport Card is a wallet-sized travel document that can be used to enter the United States from Canada, Mexico, the Caribbean, and Bermuda at land border crossings or sea ports-of-entry. Note that it cannot be used for international air travel. It contains an EPCglobal Gen2 standard UHF RFID chip intended to expedite border crossings. The cards are controversial because many feel the RFID chips lack enough security to safeguard identities and prevent cloning and other hacking. This is the same RFID technology used to track inventory or pay highway toll. It can be read from as far 30 feet and does not include the security features that are in the e-passport. Since the card can be read from 30′, you really should keep this in the protective sleeve as advised. Read more at http://travel.state.gov/passport/ppt_card/ppt_card_3926.html
September 8th, 2009 at 1:37 pm
[...] passport anyway? No one knows. But if you do happen to have one, do what Mark Ashley of Upgrade: Travel Better suggests “Break the chip. Pound it with a hammer.” I’ll add in there, as a message to the [...]
September 8th, 2009 at 2:02 pm
[...] Your e-passport isn’t secure after all Posted by: Mark Ashley – Upgrade: Travel Better Backtracking from earlier claims that e-passports are “totally secure,” the U.S. State Department is now urging travelers to keep their RFID-chip enabled passports in “radio-opaque sleeves” to protect owners from having their information skimmed by unauthorized readers within a 30-foot range. [...]
September 17th, 2009 at 4:50 am
[...] passport anyway? No one knows. But if you do happen to have one, do what Mark Ashley of Upgrade: Travel Better suggests “Break the chip. Pound it with a hammer.” I’ll add in there, as a message to the [...]