Source:
http://www.wired.com/news/privacy/0,1848,67333,00.html?tw=wn_3polihead
Excerpt:
Following criticism from computer security professionals and civil
libertarians about the privacy risks posed by new RFID passports the
government plans to begin issuing, a State Department official said his
office is reconsidering a privacy solution it rejected earlier that would
help protect passport holders' data.
The solution would require an RFID reader to provide a key or password
before it could read data embedded on an RFID passport's chip. It would
also encrypt data as it's transmitted from the chip to a reader so that
no one could read the data if they intercepted it in transit.
Chrissy Comment:
The government had long maintained that the passport chips to be used could
be read from only 10 cm away. But at least one test showed that a reader
could read a passport chip from 30 feet away. What next, 100 feet, too
meters? If they select "encryption", think they will tell the truth about
is vulnerability to attacks? An authentication scheme that has a "key" is
Mickey Mouse technology unless well vetted and passwords are so out of date
it's not even funny. |