Truck and Barter

This is only marginally relevant to the general discussion around here, but it does highlight a point I've raised in the past.

Looks like it's a lot easier to crack the RFID on a passport than one might hope.

Dutch TV programme Nieuwslicht (Newslight) is claiming that the security of the Dutch biometric passport has already been cracked. As the programme reports here, the passport was read remotely and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read.

The crack is attributed to Delft smartcard security specialist Riscure, which here explains that an attack can be executed from around 10 metres and the security broken, revealing date of birth, facial image and fingerprint, in around two hours. Riscure notes that that the speed of the crack is aided by the Dutch passport numbering scheme being sequential.

When the passport is cracked, you lose all that information, as well as an electronic represenation of your fingerprint. A new driver's license you can get, but new fingers? The centralization of personal information in this way makes the subsequent loss that much more traumatic. After the theft of biometric data, how do you prove that you are who you say you are?