Comments: another way to track their citizens

This vulnerability in itself can be fatal, which is my opinion constitutes a complete and catastrophic failure.

Posted by Sam (Cato on fake Id's saving lives) at April 11, 2008 08:02 AM

SSL (and TLS) generally sends client certificates in plaintext, to ensure that every man-in-the-middle knows your identity when you login somewhere, even if he can't decrypt your traffic.

Posted by Philipp at April 11, 2008 11:23 AM

I am amazed that this massive scale critical infrastructure project driven by the US was so hastily executed, especially given the relatively long lifetime of these documents (10 years which is an eternity in technology security).

In any case we can already fit multiple kilobytes of data onto paper using standard printing processes ( and almost certainly a lot more using passport printing/engraving technology. That being the case, why go for dangerous RF technology at all, and if you must, why not use a high density barcode to print a secure key?

Also, given the danger I highlighted above (death), how is it possible that the 'front door' is not standardised? Ideally these things would say nothing until authenticated to using (some derivative of) the printed key.

Finally, given the risk of eavesdropping at border control, one would hope that the conversation between the reader and the passport was well secured (for example by leveraging the shared key to set up a session key, or better yet, simply verifying the integrity of the machine readable content and not transmitting secret data unless absolutely necessary and even then only ever within the confines of the reader which one would hope was protected by a faraday cage or similar.

Posted by Sam Johnston at April 21, 2008 11:53 AM
Post a comment

Remember personal info?

Hit Preview to see your comment.
MT::App::Comments=HASH(0x5622f0606548) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/ line 125.