Thursday, July 23, 2009

That NSA Spy in your Wallet and Purse

I found this article over at Greg Bacon's site "Goon Squad". I have posted an article or two of his before and I really enjoy his writing. Until I read this, I have never really given this much thought, but maybe I should go buy some magnets.







That NSA Spy in your Wallet and Purse
Microchips in ID cards raise privacy fears


Climbing into his Volvo, outfitted with a Matrics antenna and a Motorola reader he’d bought on eBay for $190, Chris Paget cruised the streets of San Francisco with this objective: To read the identity cards of strangers, wirelessly, without ever leaving his car.

It took him 20 minutes to strike hacker’s gold.

Zipping past Fisherman’s Wharf, his scanner downloaded to his laptop the unique serial numbers of two pedestrians’ electronic U.S. passport cards embedded with radio frequency identification, or RFID, tags. Within an hour, he’d “skimmed” four more of the new, microchipped PASS cards from a distance of 20 feet...

Ethical hacker Chris Paget demonstrates a low-cost mobile device that surreptitiously reads and clones RFID tags embedded in United States passport cards and enhanced drivers' licenses....

In its October 2005 Federal Register notice, the State Department reassured Americans that the e-passport’s chip would emit radio waves only within a 4-inch radius, making it tougher to hack.

But in May 2006, at the University of Tel Aviv, researchers directly skimmed an encrypted tag from several feet away. At the University of Cambridge in Britain, a student intercepted a transmission between an e-passport and a legitimate reader from 160 feet.

The State Department, according to its own records obtained under FOIA, was aware of the problem months before its Federal Register notice and more than a year before the e-passport was rolled out in August 2006.

“Do not claim that these chips can only be read at a distance of 10 cm (4 inches),” Frank Moss, deputy assistant Secretary of State for passport services, wrote in an April 22, 2005, e-mail to Randy Vanderhoof, executive director of the Smart Card Alliance. “That really has been proven to be wrong.”





I know of a friend that upon receiving a new driver's license or credit card, does two things: One, he swipes a magnet across the back of the cards where the magnetic strip is and does this repeatedly over the course of a couple of days and he also places the card(s) in a microwave and gives them short bursts of radiation.

It makes the card a little crinkly and you can't swipe the credit card thru, the clerk will have to manually punch in the numbers, but I imagine if there is an RFID chip in either, it gets fried.

Sound paranoid? If you're not a bit paranoid after 9/11, eight years of the Bush-Cheney Junta and have already lost track of the number of lies Obama has told and haven't developed a least a little concern about our government, then you must be living in Oz.
Posted by Greg Bacon at 6:56 AM 9 comments

No comments: