[funsec] "Safest ever" passport is not fit for purpose

Toralv_Dirro at McAfee.com Toralv_Dirro at McAfee.com
Tue Mar 6 11:32:56 CST 2007


> 
> > They are still this stupid/dump/blind after all this time?
> 
> I know very little about this specific project, but I suspect 
> that you're listening to the first cuckoo of spring. Or 
> perhaps a bureaucract recycling the assurances of a third 
> party supplier. The essential driver here is that it's 
> political suicide to give any credence to the possibility 
> that a high profile public project is not in every sense 
> perfect. My forecast for the mid-term future is along the 
> lines of either an under-publicized switch in suppliers or a 
> shelving of the project disguised as deferral, but 
> realistically it probably has to be the former. The least 
> likely outcome is a public admission that the customer 
> specification/underlying concept is in any way flawed, but it 
> may be that some of the conceptual holes will get a dab of 
> Polyfilla along with a change of provider. 

Looking at previous publications looking into the problems of using RFID
chips for passports (Lukas Grunwald et al) in the last months/years it
really seems the deliberately chose to remain completely ignorant of the
issue.

> Last night a Home Office spokesman said: "We do not believe it would
be possible
> to successfully forge a new passport by doing this."

While this is fine, but probably remains to be proven, this so
completely misses the point of a person's identity being stolen,
underlining they are still ignorant of the problem.


cheers,
Toralv



More information about the funsec mailing list