Tool to backup, modify and clone ePassport released

[Peter Fairbrother]

Peter Fairbrother wrote:
> Ian Batten wrote:
>>
>> On 30 Sep 2008, at 18:07, Charles Lindsey wrote:
> 
>>> I think it safe to assume that UK passports have omitted several 
>>> features which a competent cryptographer would have included as a 
>>> matter of course :-(.
>>
>> I don't.  It'd be stunned if the design hadn't made a trip to the West 
>> Country.  
> 
> You expect CESG to do more than say product X complies with a standard? 
> I think you have an overly optimistic expectation of CESG's capabilities.
> 
> The subversion of the entire UK passport system would be
>> rather uncool.  The passports have had the benefit of some of the best 
>> physical security people in the game in the design of the paper and 
>> the watermarks, so why wouldn't they be equally motivated to sort out 
>> the electronic properties?
> 
> Motivation - do CESG have any such motivation?
> 
> Then there is their lack of competence, or let's see, maybe - their lack 
> of competence?
> 
> I don't know how competent GCHQ are, but CESG are only good for 
> certification to standards written by someone else, and not even that 
> really. They simply don't know how to do secure.
> 
> And I don't think GCHQ is going to want to be involved in passport design.
> 
> 
> 
> -- Peter Fairbrother
> 
> 

Of course, the other thing about CESG is that nobody in Gubbmint seems 
to ask them anything, or to take any notice of what they say; so it 
wouldn't surprise me at all if it "hadn't made a trip to the West 
Country" -- or if it had, quite possibly no-one took any notice of what 
they said.

-- Peter Fairbrother