Share UK Passport data via RFID

Worrying security developments with UK passports.  They should have bitlockered them ;-)

"UK security experts have cracked the sooper sekure new UK biometric passports. It took 48 hours. With £174 worth of sniffer hardware, attackers can read all the personal information off of any of the three million new UK passports in circulation -- and if combined with demonstrated hacks for reading RFIDs at a distance, this could happen from across the room, or even farther. You can then clone the RFID and stick it in another passport (surprise! your identity is now owned by a terrorist!)."
(Via Boing Boing)

 

"The Home Office is using strong cryptography to prevent conversations between the passport and the reader being eavesdropped, but they are breaking one of the fundamental principles of encryption by using non-secret information published in the passport to create a 'secret key'.

"That is the equivalent of installing a solid steel front door to your house and putting the key under the mat."
(Via The Daily Mail)

Nice - I can't wait to get my new passport next year!