Dept. of Chickens, Roosting

Back when I was in the RFID business, we first started hearing rumblings of the colossally stupid notion of putting RFID chips in U.S. passports. Predictably and in true “Gummit Security” fashion, those in charge dismissed complaints from RFID and private-sector security experts with vague handwaving and unresponsive answers despite the fact that the approach was doomed to compromise almost immediately. No-contact data reads on a piece of ID? Why? And what the hell are you thinking?

Well, it turns out they really weren’t thinking at all, at least beyond “hey! RFID is cool!” A hacker has already put together a drive-by passport cloner/reader using only $250 worth of off the shelf parts. Color me completely unsurprised.

Comments are closed.