Risky Business #74 -- HOWTO: Make your own Elvis bin Laden e-passport

Previously on Risky Business...
19 Aug 2008 » Risky Business

This week's Risky Business is brought to you by Microsoft and hosted, as always, by Vigabyte virtual hosting. On this week's show we take a look at e-passport security. After 9-11, Chimp W Shrub decreed that foreigners wanting to enter the United States would soon need to carry new-fangled, biometric passports with embedded wireless RFIDs.

The result was a rush job the likes of which you've never seen.

This week's guest, Peter Gutmann, has figured out how to modify the data on e-passport chips. He hasn't broken the encryption scheme responsible for signing the data but that doesn't matter -- no one checks to see if the signing key is genuine and even if they do the implementation is so bad it's easy to fool.

The recent theft in Britain of 3,000 blank e-passports in a van hijacking is starting to make a lot more sense.

ZDNet Australia's Munir Kotadia is back this week to chat about recent news, and this week's sponsor interview is with Microsoft's Jeffery Jones who talks comparative vulnerability analysis.

The music used at the end of this week's podcast comes from Marshall and the Fro. Australians can buy the band's album for $25 via Paypal (postage paid) here. Music used with permission.