Shostack + Friends Blog Archive


So who likes them?

Ryan Singel catches an AP article on RFID passports:

On the latest passports, the agency has “taken a ‘keep it simple’ approach, which, unfortunately, really disregards a basic privacy approach and leaves out the basic security methods we would have expected to have been incorporated for the security of the documents,” said Neville Pattinson, an executive at Axalto North America, which is working on a prototype U.S. electronic passport.

So I’m just curious. If the privacy-aware don’t like them; if the people making them don’t like them; if the security experts don’t like them; who’s pushing this crap? The identity thieves union?

2 comments on "So who likes them?"

  • Roy says:

    Who’s pushing this crap? The government itself. (ah… no HTML, so please forgive the plaintext link to Bruce Schneier makes a great, though disturbing, point. The only logical reason to promote such a transparently insecure design is to facilitate clandestine access. And because pickpockets succeed by blending into the crowd, you can’t ever be sure just who is snarfing your passport info. Is it J. Random Identity-Thief or your Favorite Uncle?

  • adam says:

    Roy–So who in the government? Uncle Sam isn’t a monolithic entity. Is it the FBI? State? Someone else? We need to isolate them and mock them, and the more precisely we know who’s at fault, the more pressure we can bring to bear on them.

Comments are closed.