[OT] NH protest against HP printers with RFID chips Nov. 5th
Bill Sconce
sconce at in-spec-inc.com
Wed Oct 26 15:59:00 EDT 2005
On Tue, 25 Oct 2005 13:15:14 -0400
Bill Sconce <sconce at in-spec-inc.com> wrote:
> ...A similar argument raged recently over binding RFID tags
> into passports, for similar reasons.
By coincidence, this today from the Washington Post. Two things
jump out: no encryption on the passport; 98.5% of comments opposed
the idea.
U.S. Passports to Receive Electronic Identification Chips
By Jonathan Krim
Washington Post Staff Writer
Wednesday, October 26, 2005; Page A08
The State Department yesterday issued final rules for implanting
electronic identification chips into all U.S. passports, despite
continuing controversy over the security of the system and its impact on
personal privacy.
The regulations mean that as of October 2006, all new and renewed U.S.
passports will contain radio frequency identification chips that will
include a digital photo and all other information currently printed in
passports.
Over time, as older passports expire, everyone who holds a passport will
get an electronic version.
Government employee and diplomatic passports will receive the chips in a
pilot program beginning early next year.
In issuing the new rules, the department is matching a requirement it is
imposing on visitors from several other countries. Foreigners from
countries who do not need visas to enter the United States also must
have the chips by next October. Such countries will be responsible for
providing their citizens with passports that comply with U.S. entry
requirements.
A spokeswoman said the department is convinced the electronic passports
will provide enhanced security.
But in a federal filing, the department said that 98.5 percent of the
2,335 comments it received since it issued proposed rules last spri ng
opposed the program.
Technology experts have said that the data on the chips, which will be
read at a short distance by electronic devices in a passport-control
booth, could be electronically intercepted and potentially misused.
Some privacy groups also fear that the chips could be a prelude to
tracking individuals' movements.
Other security experts said the system is not robust enough, noting that
digital photographs can have high error rates compared with actual
faces. These experts said the system should instead use a biometric
identifier such as fingerprints.
The new rules seek to address some of the concerns.
According to the filing, the passports will be equipped with
"anti-skimming" technology to reduce the chance of the signal being
intercepted between the passport and the electronic reader.
The chip itself will be embedded in the back cover of a newly designed
passport, and the anti-skimming film will be in both the front and back
covers, reducing the chance of interception when someone is standing in
a passport line.
According to the filing, the passport needs to be within inches of the
reader in order to work.
The department rejected calls to encrypt, or scramble, the data on the
passport. Instead, the transmission stream when the data is passing from
the passport to the reader will be encrypted.
The department also rejected some calls for using a smart-card-type chip
that must come into contact with the reader, as opposed to a radio
frequency identification chip that can be read at a distance. The
department said smart-card chips do not lend themselves to being put
into a book-like document such as a passport.
The chips will have enough memory so additional biometric information
could be added in the future.
But the department said it has no plans to include personal information
such as Social Security numbers on the chips.
Ari Schwartz, associate director of the Center for Democracy and
Technology, a digital-policy group, said he had not yet studied the
department filing.
But he said it was a "risky strategy" without first testing the system
on a large scale.
More information about the gnhlug-discuss
mailing list