Does Big Brother Want to Watch?.
Since
the terrorist attacks of 2001, the Bush administration–specifically,
the Department of Homeland Security–has wanted the world to agree on a
standard for machine-readable passports. Countries whose citizens
currently do not have visa requirements to enter the United States will
have to issue passports that conform to the standard or risk losing
their nonvisa status.
These future passports, currently being tested, will include an
embedded computer chip. This chip will allow the passport to contain
much more information than a simple machine-readable character font,
and will allow passport officials to quickly and easily read that
information. That is a reasonable requirement and a good idea for
bringing passport technology into the 21st century.But the Bush administration is advocating radio frequency
identification (RFID) chips for both U.S. and foreign passports, and
that's a very bad thing.These chips are like smart cards, but they can be read from a
distance. A receiving device can “talk” to the chip remotely, without
any need for physical contact, and get whatever information is on it.
Passport officials envision being able to download the information on
the chip simply by bringing it within a few centimeters of an
electronic reader.Unfortunately, RFID chips can be read by any reader, not just the
ones at passport control. The upshot of this is that travelers carrying
around RFID passports are broadcasting their identity.Think about what that means for a minute. It means that passport
holders are continuously broadcasting their name, nationality, age,
address and whatever else is on the RFID chip. It means that anyone
with a reader can learn that information, without the passport holder's
knowledge or consent. It means that pickpockets, kidnappers and
terrorists can easily–and surreptitiously–pick Americans or nationals
of other participating countries out of a crowd.
It is a clear threat to both privacy and personal safety, and quite
simply, that is why it is bad idea. Proponents of the system claim that
the chips can be read only from within a distance of a few centimeters,
so there is no potential for abuse. This is a spectacularly naïve
claim. All wireless protocols can work at much longer ranges than
specified. In tests, RFID chips have been read by receivers 20 meters
away. Improvements in technology are inevitable.
Security is always a trade-off. If the benefits of RFID outweighed
the risks, then maybe it would be worth it. Certainly, there isn't a
significant benefit when people present their passport to a customs
official. If that customs official is going to take the passport and
bring it near a reader, why can't he go those extra few centimeters
that a contact chip–one the reader must actually touch–would require?
The Bush administration is deliberately choosing a less secure
technology without justification. If there were a good offsetting
reason to choose that technology over a contact chip, then the choice
might make sense.
Unfortunately, there is only one possible reason: The administration
wants surreptitious access themselves. It wants to be able to identify
people in crowds. It wants to surreptitiously pick out the Americans,
and pick out the foreigners. It wants to do the very thing that it
insists, despite demonstrations to the contrary, can't be done.
Normally I am very careful before I ascribe such sinister motives to
a government agency. Incompetence is the norm, and malevolence is much
rarer. But this seems like a clear case of the Bush administration
putting its own interests above the security and privacy of its
citizens, and then lying about it.
This article originally appeared in the 4 October 2004 edition of the International Herald Tribune. [Schneier on Security]