The government plans to use ePassports at Immigration and Border Control. The information is electronically read from the Passport and displayed to a Border Control Officer or used by an automated setup. THC (The Hacker's Choice) has discovered weaknesses in the system to (by)pass the security checks. The detection of fake passport chips does not work. Test setups do not raise alerts when a modified chip is used. This enables an attacker to create a Passport with an altered Picture, Name, DoB, Nationality and other credentials. The manipulated information is displayed without any alarms going off. The exploitation of this loophole is trivial and can be verified using thc-epassport. Regardless how good the intention of the government might have been, the facts are that tested implementations of the ePassports Inspection System are not secure. ePassports give us a false sense of security: We are made to believe that they make usemore secure. I'm afraid that's not true: current ePassport implementations don't add security at all.
ePassports at Immigration
Related Posts
Department of Trust serves up the BetBudget Café in multi-channel Cheltenham Festival consumer marketing push
March 14, 2023
Slot Gods Hits New Milestone of 1,000 Slot Reviews
May 31, 2022
Strongest ever speaker lineup for next week’s Betting on Sports
September 5, 2017
Networking with a view – Betting on Sports party gains Altitude
June 30, 2017
