Tool to backup, modify and clone ePassport released

[steve]

Hi,

On Wed, Oct 01, 2008 at 01:01:48PM +0100, Ian Batten wrote:
> >
> >>would stop this.  It's some memory.  I can load bits into it.  Why
> >>wouldn't I be able to?
> >
> >First of all the data should only be readable by people who are
> >authorized to read them.
> 
> 
> What's the definition of `authorized'?  I would argue that anyone to  
> whom I show my passport is authorized, because the data belongs to me  
> and I can authorize whoever I like to read it.

absolutely. That's how it should be. Unfortunatly it's possible to ready
the data from your epassport by anyone from 3 meter distance. Without
you authorizing it or knowing it.

> 
> one.  What did you have in mind as `authorized'?

Same what you thought: It's my data. I should be able to deny or allow
access to this data.

> >Not anyone with any kind of rfid reader
> >without any kind of authentication.
> 
> I think it's perfectly right that I should be able to use an RFID  
> reader to extract data from my passport, and my children's passports.   

yepp. you should be allowed to read them. In the end you own them. They
are your data.


steve