All of Your Passports are Belong to Us

David Heath
Wednesday, 29 October 2008 05:35

Your IT - Home IT

There you are at immigration, surrounded by a large number of electronic passports – just imagine how many you would be able to vacuum up as you snake your way back and forth along the queue.

Ah, you might say, but what if the passports were shielded?  Wouldn’t that stop this nefarious behaviour?  Not really, as they still have to be opened for the immigration officials to read them – you still get access to large numbers of them.  Plus – how many nervous travellers do you see with their passports open at the ready as they wait in the queue?

OK, so we can read as many passports as we wish.  We can create our own (modified) versions of them.  What else could we do with these new tricks?

Firstly, terrorists (if such people still exist, of course) will LOVE this stuff.  Think about it – how difficult would it now be to obtain a snapshot of the passport details of a specific high-ranking American in Iraq?  Given that information, how hard would it be to build a smart road-side bomb that sits and waits for the passport to drive by?  Chances are it will be in the pocket of said official.

How about we hide another bomb in a place where tourists frequent.  A bomb that sits and waits, for days or weeks if necessary, for 10 Australian (or American, or British) passports to be in range.

I’m sure there are plenty of other ways to exploit this kind of information that are somewhat less ‘explosive,’ but you get the idea.

OK, I’ll offer you just one more.  You own a tourist-products store – lets say on the Gold Coast.  How useful would it be to have a group walk through your door and know EXACTLY what their nationalities were?  You would immediately know what language they speak, what are the typical products they buy (from previous data collection) and how much they’re likely to spend.

When governments first introduced the concept of electronic passports with 10 year lives, the technical experts all warned that 10 years was a very long time in the evolution of security and hacking.  Who knew what developments might occur in that time to render any security measures to be pointless.  Well, it only took about 3 or 4 years for every shred of security to vanish.

I’m very happy that I renewed my passport just a short time before these electronic passports were rolled out.  Because I certainly feel sorry for those people who hold one, especially if two days ago, someone with a clone of their passport crossed the same border as they are attempting right now.