[funsec] "Safest ever" passport is not fit for purpose
Toralv_Dirro at McAfee.com
Toralv_Dirro at McAfee.com
Tue Mar 6 11:32:56 CST 2007
>
> > They are still this stupid/dump/blind after all this time?
>
> I know very little about this specific project, but I suspect
> that you're listening to the first cuckoo of spring. Or
> perhaps a bureaucract recycling the assurances of a third
> party supplier. The essential driver here is that it's
> political suicide to give any credence to the possibility
> that a high profile public project is not in every sense
> perfect. My forecast for the mid-term future is along the
> lines of either an under-publicized switch in suppliers or a
> shelving of the project disguised as deferral, but
> realistically it probably has to be the former. The least
> likely outcome is a public admission that the customer
> specification/underlying concept is in any way flawed, but it
> may be that some of the conceptual holes will get a dab of
> Polyfilla along with a change of provider.
Looking at previous publications looking into the problems of using RFID
chips for passports (Lukas Grunwald et al) in the last months/years it
really seems the deliberately chose to remain completely ignorant of the
issue.
> Last night a Home Office spokesman said: "We do not believe it would
be possible
> to successfully forge a new passport by doing this."
While this is fine, but probably remains to be proven, this so
completely misses the point of a person's identity being stolen,
underlining they are still ignorant of the problem.
cheers,
Toralv
More information about the funsec
mailing list