Drive-By ‘War Cloning’ Attack Hacks Electronic Passports, Driver’s Licenses

 (Dark Reading, 2/2/09)

With a $250 used RFID scanner he purchased on eBay and a low-profile antenna tucked away in his car, a security researcher recently cruised the streets along Fisherman’s Wharf in San Francisco, where he captured — and cloned — a half-dozen electronic passports within an hour. This newest RFID attack is being coined as “war cloning” given its similarity to war-driving, or wireless sniffing.

The security weaknesses of the EPC Gen 2 RFID tags, which lack encryption and true authentication, have been well-known and of concern to privacy advocates for some time. These tags are being used in the new wallet-sized passport cards that the U.S. Department of Homeland Security offers under the new Western Hemisphere Travel Initiative for travel to and from Western Hemisphere countries. The e-cards are aimed at simplifying and speeding up the border-crossing process, providing U.S. Customs and border agents with information on the individual as he or she queues up to inspection booths at the border.

http://www.darkreading.com/security/privacy/showArticle.jhtml?articleID=213000321&cid=nl_DR_WEEKLY_T

About Tim McDowell

Colorado ACFEI Member's Homeland Security Weblog
This entry was posted in CIP, HLD. Bookmark the permalink.

Leave a Reply