Within an hour, Jeron Van Beek was able to create a successful clone of Britain’s new E-Passport. All he needed was a £40 card reader, two £10 RFID chips, and a small, improvised script. Although the exact details were not specified, it looks like he read the ID on the real passport using the RFID reader, then he wrote it to the two blank chips and put them in the fake passports. There is also a flaw which may allow outright forging of the passports. Nearly all of the 45 countries using the system have not yet registered with the Public Key Directory, which was put in place to make forging impossible.
The government is claiming that this hack is a hoax, but recent reports have shown that these RFID systems were never secure. No matter what the actual truth is about these hacks, it can certainly be said that the ability to clone or forge these passports would be a devastating security issue for every country involved.
[Photo: Digital World Tokyo]
[via The Guardian]
The US Department of Homeland Security recently disclosed a new policy that allows agents to seize laptops, or anything capable of storing information, “for a reasonable period of time”. Okay, so this seems normal; A government agency is declaring they may confiscate personal property. However, the strange part of this story is that under this policy, federal agents can confiscate these things without any suspicion of wrong doing or any reason what so ever. So what happens to your personal data after they seize your laptop? Apparently they share the data with federal agencies, and in some cases the private sector, as additional services such as file decryption or translation are needed. While this may seem like a major violation of privacy, it is important to note that this policy only applies to people entering the United States. However given the direction that our federal government is moving in the area of security, it wouldn’t surprise me if this policy will soon apply for domestic flights as well.
[photo: postmodern sleaze]
GRIP, the Group for Interdisciplinary Psychology at the University of Bamberg have put together a couple tutorials on hacking the Pleo. For those unfamiliar, the Pleo is a small robot shaped like a dinosaur. Their goal was to make it cute and simulate emotion at a higher level than previously attained by consumer robots. Ugobe, the makers of Pleo encourage hacking of the unit and the controlling software. Look at the “developers” area of their site to download all kinds of tools to work on your Pleo.
The two tutorials released by GRIP cover adding wireless communication with a PC and adding a higher resolution camera to the unit. The goal was to make the platform capable of doing facial recognition.
Continue reading “Hacking Pleo for face recognition and remote control”