![[FSF
Associate Member]](http://www.modspil.dk/images/fsfMembergetButton.png){kind=small}
Supersikre pas med biometriske data hacket
En interessant nyhed fra dagens Guardian, der stiller spørgsmåsltegn ved fordelene ved de nye pas og ID-kort med biometriske data, der dels skulle gøre identifikationen mere sikker, dels skulle gøre dokumenterne umulige at forfalske:
Hi-tech biometric passports used by Britain and other countries have been hacked by a computer expert, throwing into doubt fundamental parts of the UK's £415m scheme to load passports with information such as fingerprints, facial scans and iris patterns.Men er Grünwalds opdagelse mere akademisk - er en sådan forfalskning for vanskelig i praksis til, at den teoretiske mulighed for at forfalske de nye pas og ID-kort har nogen betydning i praksis?
Speaking at the Defcon security conference in Las Vegas, Lukas Grunwald, a consultant with a German security company, said he had discovered a method for cloning the information stored in the new passports. Data can be transferred onto blank chips, which could then be implanted in fake passports, a flaw which he said undermined the project.
The revelation also casts another shadow over the government's plan for a national ID card, which would contain much of the same information.
"The whole passport design is totally brain damaged," Mr Grunwald told Wired.com. "From my point of view all of these [biometric] passports are a huge waste of money - they're not increasing security at all." Since March anyone applying for a UK passport has been issued with a biometric version, which contains physical identification information.
Vel, sådan tænkte man også i sin tid om kreditkort, og de kan i dag forholdsvis let kopieres.
Og ifølge The Guardian giver Grünwald os heller ingen trøst i så henseende:
Mr Grunwald said his discovery was made within two weeks of first attempting to copy the data, and the equipment used cost $200 (£105). It is believed the hacking principle could be applied to any new passport issued in Britain, the US and other countries. But the findings do not mean that all biometric information could be faked or altered by criminals. Although the data held on a passport chip is not encrypted, it is not yet possible to change the cloned data without alerting the authorities.Og det sidste forbehold vil formentlig også ende med at falde. Til syvende og sidst lader det til, at overvågningskameraer, ID-kort og biometriske pas næppe er særligt leveringsdygtigt i øget sikkerhed - snarere i falsk tryghed og større pres på og bedre muligheder for overvågning af almindelige, lovlydige borgere.