RFID Passports: Be afraid. Be VERY afraid!

Zone-H.org reports from Blackhat ’06:

“As demonstrated at Black Hat 2006 by Flexilis inc., the proposed American RFID passport might be used  terrorists to identify possible targets and automatically detonate bombs…

To back up their statements, Flexilis inc. produced a worrying video in wich an unproperly shielded RFIDF American passport is used to trigger a detonating device.

This can happen when the passport has its cover opened by a fraction of inch (which is a quite common situation, especially in women’s bags… did you ever get your hand trapped by one of those?) thus allowing to be revealed by a RFID scanning device, eventually connected to a bomb-like device.”

They go on describing how this depends on decrypting the passport, but this may not even be necessary. I’m pretty sure the chips/passports will be carrying information (like country of origin) that can be accessed without encrypting the content.

Furthermore, how is this shielding used internationally? Do all RFID passports have shielding?

Thinking ahead, this is not even limited to passports: as RFID starts spreading, this can be extended to other objects with tags that allow putting a person into a certain category (like, ‘coming from Tel Aviv airport duty free store’).

Scary.

3 thoughts on “RFID Passports: Be afraid. Be VERY afraid!

Comments are closed.