Biometric passports are insecure
As this article in The Guardian shows, the new biometric passports are easy to crack. Within a few hours your biometric details can be read off the chip in the passport. Once your neighbourhood criminal has that information, cloning your passport is one step closer.
I think it's been said thousands of times now, but strong passwords are as important as strong encryption. More importantly, is there really a need to have your unencrypted biometric data on the passport at all? One way encryption - using a suitably strong method - would still provide a unique pattern that only your biometrics could result in, but prove near impossible for someone to determine your biometrics from.
This is more significant because the government intend to store biometrics, and other private information, on the compulsory ID cards they're determined to introduce at great cost. With a centralised database containing these same details, and a plastic card also containing these details, and no measures in the legislation to punish abusers of the system, the scope for your identity being stolen, or your details being falsely linked with crimes, increases rapidly.
The government have taken another measure to ensure our privacy is further eroded with the new NHS central database containing your medical records. With over 250,000 access cards issued for the system, and again no penalties in the legislation for misuse, do they seriously think that your medical details will not be leaked or stolen?
The breathtaking arrogance of this government's pursuit of ill-conceived, poorly executed ideas that amount to serious assaults on our privacy for vague, insubstantial benefits to the greater good is only matched by their arrogant assuredness of the existence of WMDs in Iraq.
When the state exercises such cavalier fecklessness with other people's property, we should all be worried. The legacy of these decisions is going to be with us for generations, and it's going to be costly.
I think it's been said thousands of times now, but strong passwords are as important as strong encryption. More importantly, is there really a need to have your unencrypted biometric data on the passport at all? One way encryption - using a suitably strong method - would still provide a unique pattern that only your biometrics could result in, but prove near impossible for someone to determine your biometrics from.
This is more significant because the government intend to store biometrics, and other private information, on the compulsory ID cards they're determined to introduce at great cost. With a centralised database containing these same details, and a plastic card also containing these details, and no measures in the legislation to punish abusers of the system, the scope for your identity being stolen, or your details being falsely linked with crimes, increases rapidly.
The government have taken another measure to ensure our privacy is further eroded with the new NHS central database containing your medical records. With over 250,000 access cards issued for the system, and again no penalties in the legislation for misuse, do they seriously think that your medical details will not be leaked or stolen?
The breathtaking arrogance of this government's pursuit of ill-conceived, poorly executed ideas that amount to serious assaults on our privacy for vague, insubstantial benefits to the greater good is only matched by their arrogant assuredness of the existence of WMDs in Iraq.
When the state exercises such cavalier fecklessness with other people's property, we should all be worried. The legacy of these decisions is going to be with us for generations, and it's going to be costly.
0 TrackBacks
Listed below are links to blogs that reference this entry: Biometric passports are insecure.
TrackBack URL for this entry: http://www.robbiebow.co.uk/mt/mt-tb.cgi/6
Leave a comment