I wonder whether will help out terrorists to point out US citizens among the crowd using proper RF reading device. If the passport is not shielded, this would be too difficult to achieve, right?

Got to love the State Department. The department that tells its people to take all possible precautions to not identify themselves as Americans or give away any personal information when they travel abroad, is the same one that wants us to carry around these insecure things broadcasting our identity to anyone and everyone with insecure RFID chips. :rolleyes:

I understand that they've taken some steps to shield these things, however.

And this is being by done by the same government whose recent statements and actions (including actions and select omissions) have put travelling Americans at the greatest risk of terrorism than at any point in the past few decades. So exposing Americans to greater risk by way of such flagging e-passports seems just more of the same. :(

It'll first be done by criminals lookings for financial pickings. Then those criminals looking for political point scoring will pick up on it too. In any event, standardized documents eventually become a criminal's friend -- whether it be to pilfer from someone or to circumvent security to do that or worse.

I got one of those e-passports yesterday. I shall put it through an RFID reader to see what i can find out... :)

Sheeple are not that smart, but unfortunately terrorists and criminals are.

I think a rfid passport could it make through the wash fine.

Just be sure to leave your rfid passport on the counter when you warm up the leftovers in the Microwave because you would not want to damage your passport by leaving in the microwave for a very short time ;)

Hopefully my passport will make it until 2015 and by that time we'll have restored some sense to this madness. I'll have to remember not to microwave my passport accidentally.

See, the problem I have here is the USA and especially the alphabet (DHS, TSA whatever) that is responsible for this deseaster.

Since the first RFID Hack in the Netherlands I (and everybody else that saw it) knew that it this whole project was rushed through by the USA by all means.
They bascially said that the Visa Waiver Programm is going bye-bye if Governments do not start selling RFID Passport by some deadline, which even had to be moved a year because it was so unrealistic.

Now we got the Problem of an existing standard that is definately not safe and cost millions. There won't be a new standard because nobody really sees the need for it.

And as soon as my passport expires, guess what: The only available passport will be the RFID Passport for only 100€ / 125$ in Germany.

Thank you, USA.

Having just had to apply for one of these passports yesterday (German), I asked this question at the embassy in Bern (where German citizens with Swiss residence have to get theirs). I asked them exactly this question, since my current passport is slightly... mangled, let's say. :o

They said that if the chip is damaged, the passport reverts to being treated as a non-biometric passport, which means it is scanned and checked the old way. Apparently, there is no problem with this so far, especially since there are still so many passports around which are non-biometric. For the life of the passport (5 years for me b/c I'm under 26, but also for the usual 10 years), it will not matter if the chip ceases to work, simply because this is still accepted as a trial phase.

Thankfully, I've gotten in on the lesser of two evils - my passport will only contain my data and my picture. Starting 2007, German passports will also additionally also have your left and right indexfinger-prints saved on the chip. Is this a foreshadowing of more fingerprint checks to come online in other countries in the future? :eek:

I remember seeing a post on an RFID thread which suggested that the passport can only broadcast when the cover is opened. Can somebody confirm or invalidate this?

Should it be true, I will definitely always be keeping a rubber band around my new passport, lest it be accidentally readable.

"As planned, U.S. e-passports will contain a web of metal fiber embedded in the front cover of the documents to shield them from unauthorized readers. Though Basic Access Control would keep the chip from yielding useful information to attackers, it would still announce its presence to anyone with the right equipment. The government added the shielding after privacy activists expressed worries that a terrorist could simply point a reader at a crowd and identify foreign travelers.

In theory, with metal fibers in the front cover, nobody can sniff out the presence of an e-passport that's closed. But Mahaffey and Hering demonstrated in their video how even if a passport opens only half an inch -- such as it might if placed in a purse or backpack -- it can reveal itself to a reader at least two feet away.

Using a mockup e-passport modeled on the U.S. design, they showed how an attacker could connect a hidden, improvised bomb to a reader such that it triggers an explosion when a passport-holder comes within range."

Video here

From a November 2005 article by By Bruce Schneier:
"The State Department downplayed these risks by insisting that the RFID chips only work at short distances. In fact, last week's publication claims: "The proximity chip technology utilized in the electronic passport is designed to be read with chip readers at ports of entry only when the document is placed within inches of such readers." The issue is that they're confusing three things: the designed range at which the chip is specified to be read, the maximum range at which the chip could be read and the eavesdropping range or the maximum range the chip could be read with specialized equipment. The first is indeed inches, but the second was demonstrated earlier this year to be 69 feet. The third is significantly longer.

And remember, technology always gets better -- it never gets worse. It's simply folly to believe that these ranges won't get longer over time."

anyone checked out these gadgets? I'm tempted at getting one... http://www.difrwear.com/products.shtml

20 bucks including worldwide shipping? That's not bad at all - assuming it works.

No. It's similar, but not exactly the same. The US passports use ISO 14443 tags, which operate in the 13 MHz band and have the capability to perform various cryptographic computations. The US passports do use encryption to partially protect their contents.

The RFID technology in the "5-cent Walmart" tags typically used for inventory management is pretty different. Those cheap tags operate in the 915 MHz band, and they can't do any encryption: all they do is store a 96-bit unique ID, and will gladly tell anyone who asks what their ID is.

Nonetheless, the US e-passports effort has not been well-thought-out. I don't think the State Department really understood what they were getting into, and the system they will be using has some known security problems. I don't know if I'd go so far as to call it "braindead", but it's not exactly a shining example of privacy and security done right.

For what it's worth, I recently renewed my passport early, just so I wouldn't stuck with one of the new RFID-enabled e-passports. Hopefully I won't have to worry about RFID for another 10 years; I'm just as happy to let someone else be the State Dept's guinea pigs.