The Times is running an exclusive this morning saying that it has had a security expert clone an e-passport in less than an hour and inject an image of Osama Bin Laden onto it which then passed the scanner check as the genuine article.
I'm not quite sure how exclusive such a story is as the ePassport technology was hacked sometime ago, and the methods that would have been used for this latest cloning would have been an extension of the original code injection flaws that were found I imagine.
Still, it does put into focus, quite sharply in fact, that when Government ministers and officials claim that things are uncrackable they're asking for trouble.
Wednesday, August 06, 2008
ePassports cloned in less than an hour
Labels:
epassports,
home office,
Information security
Subscribe to:
Post Comments (Atom)
Search Dizzy Thinks
Dizzy reads
- Ben Brogan
- Big Brother Watch
- Boulton & Co
- Coffee House
- Conservative Home
- Dan Hannan
- Donal Blaney
- Douglas Carswell MP
- FT Westminster
- Guido Fawkes
- Hoby Cartoons
- Iain Dale
- Keep Thinking Butch
- Nadine Dorries
- Nothing British
- Old Holborn
- Paul Waugh
- Political Betting
- Politics Home
- Quizzicalgaze
- Red Box
- Shane Greer
- Sky.com/News Blog
- Tory Radio
Not Lefties
Blog Archive
-
►
2011
(140)
- November (2)
- October (3)
- August (1)
- July (3)
- June (2)
- May (14)
- April (5)
- March (43)
- February (25)
- January (42)
-
►
2010
(658)
- December (50)
- November (56)
- October (21)
- September (34)
- August (32)
- July (44)
- June (51)
- May (69)
- April (87)
- March (92)
- February (62)
- January (60)
-
►
2009
(1050)
- December (60)
- November (60)
- October (65)
- September (78)
- August (85)
- July (85)
- June (96)
- May (119)
- April (104)
- March (115)
- February (86)
- January (97)
6 comments:
I see a company in the good ol' USA is in trouble as well for having lost data which was not encrypted. Considering the system was called "Clear" makes it obvious why the data was not encrypted.
Your last line suggests a new term:
Titanic Tech
Inspired by your earlier post about the stolen passports, I created this little Photoshop picture.
It was meant to be a joke, honest!
If this is true then it suggests that the Passport Agency's private key has been leaked. That's the only way passports could be digitally signed like the 'genuine article'.
The implication of this is that all UK e-passports are compromised!
ID cards will be unhackable!
I have come to the conclusion that I don't believe almsot every claim made by any member of this appalling government.
My reasoning is that since none of the ministers are experts at anything, least of all the departments they are nominally in charge of, how can they be expected to say anything other than what is either politically expedient or what they have been told to say.
Why we listen to any of them defies logic...
In the world of software, there is no such thing as uncrackable. Perhaps ministers should start their though process from this basic truth before uttering meaningless assurances, not to mention the commitment of billions of taxpayers money on daft schemes.
Post a Comment