Paul Hardwick: Biometrics

Administrivia: Possible unscheduled upgrade of Privacy Digest

Sun, 18 Mar 2007 01:39:04 GMT

Administrivia: Possible unscheduled upgrade of Privacy Digest.

I might be implementing an unscheduled upgrade of the site due to some problems with the software I am currently using to run the site. I had been working on upgrading the software to implement some new features but may have to implement sooner than originally planned. If you would like to take a peek at the planned software take a visit to http://www.PrivacyDigest.com/index.php Yes the full URL will have to be entered until I have completed the switch over.

There may be some hiccups during the process as the XML/RSS location will change along with access to the sub-topics. I plan to create mod-rewrite rules to take of this but they may not all be ready on day one.

Please let me know what you think.

Biometrics, What and How.

Fri, 16 Mar 2007 18:46:52 GMT

Biometrics, What and How. Moustafa Kamal submits this article that attempts to cover all of the characteristics that are used in Biometrics, how they are used, and what are the disadvantages of using them. By Moustafa Kamal. [Infosec Writers Latest Security Papers]

Don't like ID cards? Hand over your passport | the Daily Mail

Sun, 11 Mar 2007 16:56:16 GMT

Anybody who objects to their personal details going on the new "Big Brother" ID cards database will be banned from having a passport.

James Hall, the official in charge of the supposedly-voluntary scheme, said the Government would allow people to opt out - but in return they must "forgo the ability" to have a travel document.

With one in every eight people saying they will refuse to sign-up, up to five million adults could effectively be refused permission to leave the country.

Campaigners reacted to Mr Hall's remarks with fury, saying they were yet more evidence of the lurch towards "Big Brother" Britain.

Phil Booth, of the NO2ID group, said: "The idea that ID cards scheme is voluntary, and people can opt-out, is a joke.

"There are all sorts of reasons why people need to travel, not just for holidays. There is work, visiting relatives.

"What are these people supposed to do? It stretches the definition of voluntary beyond breaking point. They will go to any length to get personal information for this huge database. Who knows what will happen to it then?"

No Passport For Britons Refusing Mass Surveillance.

Sun, 11 Mar 2007 16:52:17 GMT

No Passport For Britons Refusing Mass Surveillance. UpnAtom writes "People who refuse to give up their bank records, tax records & details of any benefits they've claimed, and the records of their car movements for the last year, or refuse to submit to an interrogation on whether they are the same person that this mountain of data belongs to -- will be denied passports from March 26th. The Blair government has already admitted that this and other data will be cross-linked so that the Home Office and other officials can spy on the everyday lives of innocent Britons. Britons were already the most spied upon nation in Western Europe -- more so even than Sweden. Data-mining through this unprecedented level of mass-surveillance allows any future British government to leapfrog even countries like China and North Korea." [Slashdot: Your Rights Online]

Homeland Security offers details on Real ID | CNET News.com

Sun, 04 Mar 2007 02:52:36 GMT

Hundreds of millions of Americans will have until 2013 to be outfitted with new digital ID cards, the Bush administration said on Thursday in a long-awaited announcement that reveals details of how the new identification plan will work.

The announcement by the U.S. Department of Homeland Security offers a five-year extension to the deadline for states to issue the ID cards, and proposes creating the equivalent of a national database that would include details on all 240 million licensed drivers.

According to the draft regulations (PDF), which were required by Congress in the 2005 Real ID Act and are unlikely to assuage privacy and cost concerns raised by state legislatures:

âo¢ The Real ID cards must include all drivers' home addresses and other personal information printed on the front and in a two-dimensional barcode on the back. The barcode will not be encrypted because of "operational complexity," which means that businesses like bars and banks that require ID would be capable of scanning and recording customers' home addresses.

âo¢ A radio frequency identification (RFID) tag is under consideration. Homeland Security is asking for input on how the licenses could incorporate "RFID-enabled vicinity chip technology, in addition to" the two-dimensional barcode requirement.

Administrivia: Now we have a overheated CPU ( 60 degrees centigrade )

Tue, 27 Feb 2007 23:39:01 GMT

OK, if the DDOS attack wasn't enough. Now our server went down with a temperature overload. We were up to 60 degrees centigrade when we shut down. The CPU and a broken fan have been replaced.

Administrivia: Our data-center was hit by a DDOS attack today.

Tue, 27 Feb 2007 21:19:59 GMT

Sorry for being either very slow or off the net for a while recently. The data-center we are part of was hit by a DDOS (Distributed Denial Of Service) attack recently. At the moment it looks to be under control, but we are keeping an eye on things.

DHS Biometric Program in Trouble.

Mon, 26 Feb 2007 22:31:00 GMT

DHS Biometric Program in Trouble. Spiraling costs and a missing long-term strategy bedevil the US-VISIT program, which screens incoming travelers to the United States for terrorist links. Luke O'Brien reports from Washington. [Wired News: Security Blanket]

Smart Cards Key to Information and Identity Security, Says Gates, Others.

Wed, 14 Feb 2007 00:43:38 GMT

Smart Cards Key to Information and Identity Security, Says Gates, Others. "We need to secure the king instead of the castle. Information is king and it likes to move around." [GT: Security and Privacy]

China Creates Massive Online ID Database.

Mon, 12 Feb 2007 03:48:50 GMT

China Creates Massive Online ID Database. schwaang writes that while the US continues to hash out concerns over the Real ID Act, which aims to create a national ID by standardizing state driver's licenses, China has already implemented a massive online ID database, which they say will help prevent fraud. --- From the Xinhua English-language site: "Anyone can now send a text message or visit the country's population information center's website, to check if the name and the ID number of a person's identity card match. If they do match the ID card-holder's picture also appears, said the Ministry, adding that no other information is available to ensure a citizen's privacy is protected. Completed at the end of 2006, China's population information database, the world's largest, contains personal information on 1.3 billion citizens. Giving public accessing to the database is also designed to correct mistakes if an individual discovers that their name, number and picture don't match." [Slashdot: Your Rights Online]

MS Seeks Patent For Repossessing School Computers.

Mon, 12 Feb 2007 03:40:04 GMT

MS Seeks Patent For Repossessing School Computers. theodp writes "Microsoft has applied for a patent for 'securely providing advertising subsidized computer usage.' The application describes how face-recognition webcams and CAPTCHAs can be used in schools to ensure that computer users are paying attention to ads, and the recourse of 'disabling or even repossessing the computer' if they are not." [Slashdot: Your Rights Online]

LiveScience.com - Stealthy Iris Scanner in the Works

Sat, 10 Feb 2007 00:47:34 GMT

>A public iris scanning device has been proposed in a patent from Samoff Labs in New Jersey. The device is able to scan the iris of the eye without the knowledge or consent of the person being scanned. The device uses multiple cameras, and then combines images to create a single scan (see diagram).

Iris recognition is a biometric identification system that requires a high-resolution picture of the irides of the subject's eye. Pattern recognition software is then used to match that picture against future iris scans.

Iris scans are considered highly accurate; current iris recognition algorithms have an incredibly low false match rate. Good quality scans result in a "false match" less than one time per one hundred billion (this system has been used with excellent results in the United Arab Emirates).

Public Iris Scanning Device In the Works.

Sat, 10 Feb 2007 00:42:13 GMT

Public Iris Scanning Device In the Works. Nonfinity writes "A public iris scanning device has been proposed in a patent application from Sarnoff Labs in New Jersey. The device is able to scan the iris of the eye without the knowledge or consent of the person being scanned. The device uses multiple cameras, captures multiple images, and then selects the best image to process." [Slashdot: Your Rights Online]

Maine rejects Real ID Act | CNET News.com

Sat, 27 Jan 2007 19:20:03 GMT

Maine overwhelmingly rejected federal requirements for national identification cards on Thursday, marking the first formal state opposition to controversial legislation scheduled to go in effect for Americans next year.

Both chambers of the Maine legislature approved a resolution saying the state flatly "refuses" to force its citizens to use driver's licenses that comply with digital ID standards, which were established under the 2005 Real ID Act. It asks the U.S. Congress to repeal the law.

The vote represents a political setback for the U.S. Department of Homeland Security and Republicans in Washington, D.C., which have argued that nationalized ID cards for all Americans would help in the fight against terrorists.

"I have faith that the Democrats in Congress will hear this from many states and will find a way to repeal or amend this in the coming months," House Majority Leader Hannah Pingree, a Democrat, said in a telephone interview after the vote. "It's not only a huge federal mandate, but it's a huge mandate from the federal government asking us to do something we don't have any interest in doing."

The Real ID Act says that, starting around May 2008, Americans will need a federally approved ID card--a U.S. passport will also qualify--to travel on an airplane, open a bank account, collect Social Security payments or take advantage of nearly any government service. States will have to conduct checks of their citizens' identification papers, and driver's licenses likely will be reissued to comply with Homeland Security requirements.

New Scanners for Tracking City Workers - New York Times

Fri, 26 Jan 2007 14:07:43 GMT

The Bloomberg administration is devoting more than $180 million toward state-of-the-art technology to keep track of when city employees come and go, with one agency requiring its workers to scan their hands each time they enter and leave the workplace.

The scanning, which began in August at the Department of Design and Construction, has created an uproar at a generally quiet department that focuses on major city construction projects.

At a City Council hearing yesterday, several unions vowed to resist the growing use of biometrics -- the unique identifying qualities associated with faces, fingers, hands, eyes and other body parts. The unions called the use of biometrics degrading, intrusive and unnecessary and said experimenting with the technology could set the stage for wider use of biometrics to keep tabs on all elements of the workday.

The use of new tracking technologies has been contentious at more and more workplaces. At Wyckoff Heights Medical Center in Brooklyn, nurses carry radio-frequency identification tags that allow their movements to be tracked, a practice the nurses protested in an arbitration proceeding. A lawyer for the hospital, David N. Hoffman, said the system was used to ensure the quality of patient care and not to keep track of nurses who are on breaks.

The town of Babylon, N.Y., installed global positioning system technology last year in most of its 250 vehicles, including snow plows and dump trucks; drivers complained that the system intruded on their privacy.

Identification devices are at the frontier of debates over workplace privacy, supplanting more traditional concerns like the use of drug tests and polygraphs, said Marc Rotenberg of the Electronic Privacy Information Center, a research and advocacy organization in Washington. "New technologies raise questions about the control over disclosure of personal information," he said.

[...]

"Are these hand scanners the wave of the future," asked Councilman Joseph P. Addabbo Jr. of Queens, who conducted the hearing as chairman of the Civil Service and Labor Committee, "or are they unnecessary, costly and a detriment to worker morale and productivity?"

The scanners were introduced in August at the department's headquarters in Long Island City, Queens. Hundreds of workers who keep daily timesheets -- generally, those who make less than $66,000 a year -- must use the scanners; those who file weekly timesheets, including many managers and supervisors, are exempt.

[...]

Cecelia McCarthy, an official in the Organization of Staff Analysts, another union representing employees at the department, said one worker complained after a colleague with an injured hand was asked to remove a bandage and place the hand -- with an open finger wound -- on the machine.

WCSH6.com - Maine Lawmakers Take Stand Against Real ID Act

Fri, 26 Jan 2007 13:58:54 GMT

The Maine House and Senate registered nearly unanimous opposition Thursday to the federal Real ID Act, which requires states to change their drivers' licenses into national IDs linked to a central database.

Supporters of the nonbinding resolution say the program would cost Maine taxpayers $185 million, while compromising their privacy.

"The national I.D. card would be one key opening up a porthole that everything you hold precious and private. That's the problem," said Senator Libby Mitchell from Augusta.

Opponents also say Real ID would turn state Bureau of Motor Vehicle clerks into de facto federal Immigration and Naturalization Service agents.

The resolution is not binding on Congress, but says the Legislature refuses to implement the Real ID Act. It asks Congress to repeal the law.

UK to review school fingerprinting.

Wed, 17 Jan 2007 03:35:48 GMT

UK to review school fingerprinting.

Leave them kids alone, as they say

The Department for Education and Skills is to reconsider the fingerprinting of school children after a four year campaign by parents.

[The Register - Music and Media]

UK airport iris biometric system flunks its exams.

Thu, 11 Jan 2007 20:57:48 GMT

UK airport iris biometric system flunks its exams.

Buried evaluation reveals awful truth

An evaluation of the Home Office scheme to operate border controls via iris recognition "pretty much fails" Project Iris, according to Tory MP Ben Wallace. Wallace has been doggedly pursuing the results of the evaluation since autumn 2005, and these were quietly placed in the House of Commons library in late December. They reveal, according to Wallace, that Project Iris "failed half its assessments."

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

The Bush Era Draws to a Close.

Thu, 11 Jan 2007 02:51:48 GMT

The Bush Era Draws to a Close. From warrantless surveillance to torture, the ugliest aspects of the "War on Terror" ended 2006 teetering on the brink of reform and renunciation. Commentary by Jennifer Granick. [Wired News: Security Blanket]

Truste survey finds support for government use of biometric IDs.

Thu, 11 Jan 2007 02:40:25 GMT

Truste survey finds support for government use of biometric IDs. Despite privacy concerns, most Americans feel that biometric identity credentials will shore up national and financial security. [Computerworld Privacy News]

Editor: Not the people I know.

Study Says Americans Support Adding Biometrics to Government-Issued Identification - Jan 10, 2007

Thu, 11 Jan 2007 02:38:07 GMT

Eighty-two percent of Americans support the use of biometric identification on passports, according to a recent survey conducted by Truste, a privacy certification and seal program, and market information group TNS. Three-quarters of Americans support the addition of biometric information to driver's licenses and nearly as many (72.6 percent) support adding it to Social Security cards, said the study sponsors in a release. More than half (52 percent) of respondents agreed with the statement that "it will make it much harder for terrorists to operate within the U.S. with the use of biometrics to establish the identity of Americans." Conducted in September 2006, the survey indicates that Americans are willing to forego some personal privacy and anticipate misuse of the information in exchange for security.

Government drops iris scan plan.

Wed, 10 Jan 2007 00:41:38 GMT

Government drops iris scan plan.

Fingerprints only

Iris scans will not form part of the UK Government's planned identity card system the National Identity Register (NIR). The only biometric information to be held on ID cards will now be fingerprints, in contrast to previously stated plans.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Britons to be scanned for FBI database | Special reports | Guardian Unlimited

Mon, 08 Jan 2007 18:46:38 GMT

Millions of Britons who visit the United States are to have their fingerprints stored on the FBI database alongside those of criminals, in a move that has outraged civil rights groups.

The Observer has established that under new plans to combat terrorism, the US government will demand that visitors have all 10 fingers scanned when they enter the country. The information will be shared with intelligence agencies, including the FBI, with no restrictions on their international use.

US airport scanners now take only two fingerprints from travellers. The move to 10 allows the information to be compatible with the FBI database.

'We are going to start testing at several airports,' a Department of Homeland Security spokeswoman confirmed. 'It will begin some time this summer.'

Sources said 10 airports would initially be involved. The scheme will cover most of the major airports frequently used by British travellers, including New York, Washington and Miami. Countries subject to the new scheme include Britain, other European Union nations, Japan, Australia and New Zealand.

Last night the British civil rights group Liberty expressed astonishment at the plan, which will affect four million British travellers to the US. 'This must be the Keystone Cops school of border control,' said Shami Chakrabarti, director of Liberty. 'Accumulating the fingerprints of millions of innocent passengers will not deter would-be suicide bombers.'

US Visitor Fingerprints To Be (Perhaps) Stored by FBI.

Mon, 08 Jan 2007 18:44:24 GMT

US Visitor Fingerprints To Be (Perhaps) Stored by FBI. stair69 writes "Since 2004 many visitors to the United States have had 2 fingerprints taken under the US-VISIT scheme. Now there are new plans to extend this scheme [~] under the proposal all 10 fingerprints will be taken, and they will be stored permanently on the FBI's criminal fingerprint database. The fingerprints will also be made available to police forces in other countries. The scheme is due to be introduced by the end of 2008, but it will be trialled in 10 of the bigger airports initially." Of course, it is worth pointing out that given the recent change in Congress, I suspect that a number of countries will get a "bye" on this round, [Slashdot: Your Rights Online]

Face Recognition for Online Photo Searches Sparks Privacy Fears

Sat, 06 Jan 2007 21:34:51 GMT

A new type of search engine using facial recognition technology could soon be able to pinpoint images of a person among the billions of photos posted online--even if their name does not appear.

A Swedish company named Polar Rose plans to launch its service for facial searches tied to the photo-sharing site Flickr within a couple weeks.

In the next few months the firm hopes to expand the service to search images across the entire Web.

The technology promises enhanced photo finding that would make it easier to find people on the Internet.

But privacy advocates are concerned that Polar Rose and similar facial-mapping search engines will violate people's rights and potentially aid criminals.

Lee Tien is an attorney at the Electronic Frontier Foundation, an Internet watchdog group that focuses on privacy and civil liberties.

"Photos [posted online] are effectively anonymous now," Tien said, unless they are labeled with some sort if identifying text. "But if Polar Rose works the way they say it will, that's all going to change."

Tien said that this kind of technology could aid stalkers in tracking down their victims, or it could allow employers, insurance companies, and the government to pry into people's lives more than some of us would like.

Editor: The situation is currently being discused in a public discussion area over at Flickr itself. Stewart who works for Flickr and is one of the original big wigs commented early today in the thread. He said:

As far as I know they've never been in touch with us (I'll ask around internally). Judging from the screenshot, it looks like an explicit opt-in feature (which makes sense if they need people to identify the faces in the photos). If it's not opt-in, we'll have a look at how it works and see how people feel and do the right thing :)

Unfortunately from looking at many of tghe other user comments, many people still don't get it. Probably because they don't understand the linking together of data from many variuos sources/databases. Many seem to think that if its not all in one monolithic database, its not connected.

Computers, Freedom and Privacy - Montreal, May 1-4 2007

Thu, 28 Dec 2006 23:41:06 GMT

Come to CFP2007 in Montreal, May 1-4 2007. There's a lot at stake.

Computers, Freedom and Privacy 2007 - Call For Proposals

Thu, 28 Dec 2006 23:37:58 GMT

Call For Proposals - The deadline for proposals is January 20, 2006

The Program Committee of the Seventeenth Conference on Computers, Freedom, and Privacy (CFP2007) seeks your proposals for innovative conference sessions and speakers.

Polar Rose - We sort the web of photos!

Thu, 28 Dec 2006 22:07:50 GMT

Polar Rose relies on a combination of our unique face recognition algorithms and the collective intelligence of our users.

The face recognition technology used was originally developed by CTO Jan Erik Solem during his M.Sc and Ph.D. stints at the universities of Lund and MalmÃ¶ in southern Sweden. It's unique in that we are able to extract 3D information from regular 2D images, an approach that radically improves the short-comings of existing face recognition approaches.

However, we don't and can't rely exclusively on face recognition, but also harness the collective intelligence of our users who help train our software and tag names on people we haven't seen before.

Face-hunting software will scour web for targets - 19 December 2006 - New Scientist Tech

Thu, 28 Dec 2006 22:03:21 GMT

A search engine that uses sophisticated facial recognition to allow users to identify and find people in online images will launch next month. But civil liberties groups say the biometric-style tool could compromise the privacy of anyone who has their picture online.

Search engine Polar Rose reconstructs the 3D shape of a person's face and then combines that with characteristics of their features to generate a unique "face print". This can then be used to search other photos for a match.

In January users will be able to download a plugin for their browser that allows users to enter information about faces they recognise in online images. This data is then sent to a central server allowing anyone looking at an image containing that particular face print to tell who it is. Users can also search the web for more photos containing that face.

Online image search engines usually work much like their text counterparts. "They find images on pages that contain the words you search for," says Jan Erik Solem, whose PhD project at MalmÃ¶ University College, Sweden, led to the new company. "Search engines are blind to images, Polar Rose is not."

Polar Rose: More Amateur Facial Recognition.

Thu, 28 Dec 2006 21:59:18 GMT

Polar Rose: More Amateur Facial Recognition.

Another facial recognition search engine product has launched - Polar Rose. This New Scientist Tech article notes some of the privacy concerns:

Polar Rose and future developments that make facial recognition available to the masses risk encroaching on people's privacy, warns Yaman Akdeniz, director of the UK non-profit group Cyber-Rights & Cyber-Liberties.

"Although this sounds like a great idea, I would not like to be searchable in this way, or so easily tracked without my consent," says Akdeniz. The database compiled by Polar Rose is similar to the kind of biometric database some governments wish to use, he points out.

"I wonder whether they have a right to build such a database," says Akdeniz, he suggests people think twice before embracing such potentially intrusive tools, and consider which photos of themselves they allow online.

Others agree. Simon Davies, director of the campaign group Privacy International and a specialist in technology and privacy at the London School of Economics, UK, says face-searching technology is valuable but must be used responsibly.

He fears Polar Rose could help identity thieves or stalkers, or even be used by the police to monitor protesters. "They could use the service to find where people have been, what their activities are, or who they associate with," he says.

Search engines should allow users to prevent their photos being searched, says Davies. "There should be a way to put code in a webpage that signals you want to opt out," he told New Scientist.

I don't have time to add much more, but I've blogged about the privacy and surveillance concerns with widespread adoption of facial recognition search engines here, here, and here.

[via Pogo Was Right]

[michaelzimmer.org]

Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID Act.

Thu, 21 Dec 2006 14:44:57 GMT

Akaka-Sununu Bill Corrects Many Bad Aspects of Real ID Act.

In 2005, Congress hastily passed legislation that rolled back privacy rights and moved the country towards a national ID system. The REAL ID Act states that drivers' licenses will only be accepted for "federal purposes"[~]like accessing planes, trains, national parks, and court houses[~]if they conform to certain uniform standards. The law also requires a vast national database linking all of the ID records together. Estimated costs of $12 billion or more will be passed on to the states and, ultimately, average citizens in the form of increased DMV fees or taxes.

Thankfully, new bipartisan legislation could correct some of REAL ID's many flaws and add critical privacy and civil liberties safeguards. With the "Identification Security Enhancement Act of 2006," Senators Daniel Akaka (D-HI) and John Sununu (R-NH) would cancel most of the standardization that might have led to a national ID card, call for more flexible standards, require encryption of the data itself, and prohibit the use of ID data by third parties.

For more information on the problems with the Real ID Act of 2005, visit www.realnightmare.org.

[EFF: Deep Links]

BBC NEWS | Programmes | Click | ePassports 'at risk' from cloning

Mon, 18 Dec 2006 20:03:48 GMT

So when Lukas Grunwald and Christian Bottger realised they could clone the new ePassport they were pretty sure it would be identical to the original, and undetectable. So how did they do it?

The chip inside the ePassport is a Radio Frequency Identification (RFID) chip of the type poised to replace the barcode in supermarkets.

A new British biometric European Union passport, which is embedded with a microchip
The 'enhanced' security features of ePassports are being questioned

The good thing about RFID chips is that they emit radio signals that can be read at a short distance by an electronic reader.

But this is also the bad thing about them because, as Lukas demonstrated to me, he can easily download the data from his passport using an RFID reader he got for 200 Euros on eBay.

Lukas is less forthcoming about where he got what is called the Golden Reader Tool, it is the software used by border police and it allows him to read the chip on his ePassport, including the photo.

Now for the clever bit. Thanks to a software he himself has developed, called RFdump, he downloads the passport's data onto his computer and then onto a blank chip.

Using a standard off-the-shelf component you can just buy at a component store you can have a cloned ePassport in less than five minutes.

E-Passport Cloned In Five Minutes.

Mon, 18 Dec 2006 20:00:23 GMT

E-Passport Cloned In Five Minutes. Last month a panel of EU experts warned that the e-Passport's security is "poorly conceived", and in fact a week later a British newspaper demonstrated a crack. Now another researcher has shown how to clone a European e-Passport in under 5 minutes. A UK Home Office spokesman dismissed it all, saying "It is hard to see why anyone would want to access the information on the chip." [Slashdot: Your Rights Online]

Senators Propose Repeal of National ID Card Law.

Thu, 14 Dec 2006 19:12:10 GMT

Senators Propose Repeal of National ID Card Law. A pair of Senators last week proposed legislation to repeal a controversial law mandating the creation of a national identification card. Senators Daniel Akaka (D-Hawaii) and John Sununu (R-N.H.) proposed the bill on the last day before the 109th Congress adjourned for good, but are likely to reintroduce it in 2007. The Real ID Act -- approved in 2005 without hearings or debate -- was intended to standardize state drivers' licenses and create a national network of databases of personal information. Since then, it has become increasingly apparent that REAL ID is so fraught with privacy and security concerns that it requires fundamental reevaluation. CDT supports the bill and urges Sens. Akaka and Sununu to reintroduce it in the 110th Congress. [Center for Democracy and Technology]

FCW.com - GPO makes millionth e-passport

Tue, 12 Dec 2006 02:44:04 GMT

The Government Printing Office reached a landmark this week when it produced its millionth electronic passport.

At the beginning of the year, GPO began producing the passports for the State Department, which then personalizes the blank documents.

"We are very proud to reach this milestone," said Ben Brink, assistant public printer for security and intelligent documents. "In the post-[Sept. 11] era, many documents require new levels of security, from their creation to the distribution."

The passports contain controversial radio frequency identification tags that contain a document holder's personal information and can be scanned remotely.

At the Black Hat conference in early August, a German researcher demonstrated how a remote RFID reader could be used to clone a passport. Members of the Smart Card Alliance industry group said that the multiple security layers in the American e-passport can reduce such risks.

UK plans 'real-time' no-fly lists plus fingerprint ID for air travel.

Fri, 08 Dec 2006 13:43:59 GMT

UK plans 'real-time' no-fly lists plus fingerprint ID for air travel.

'No finger, no fly' to commence at Heathrow

As has been illustrated all too frequently in the past, they don't tell immigration ministers anything - and, if what he had to say this week at the official unveiling of Heathrow's biometric trial is anything to go by, current incumbent Liam Byrne is no exception. Quoted here in the Telegraph, Byrne observes that he does not see the Heathrow system as being a "stand-alone scheme", and that the Government wanted to see it used as part of efforts to control immigration and to check the identity of people coming to this country.âo[oe]

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Heathrow kicks off 'fingerprint fast-track' security checks.

Mon, 27 Nov 2006 17:32:58 GMT

Heathrow kicks off 'fingerprint fast-track' security checks.

Tracking with a soupcon of fast...

The Telegraph reveals that the UK government is plotting fingerprinting of air passengers as a matter of routine, to check the identity of departing passengers and to tighten up border controls for incoming. Which, given the firmness of the regime's plans for ID cards, is scarcely news in the long term - but in the interim, turkeys are apparently being asked to volunteer for Christmas, now.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Shock, horror, outrage - biometric passport data snooped, again.

Wed, 22 Nov 2006 03:48:15 GMT

Shock, horror, outrage - biometric passport data snooped, again.

Insecurity as a design feature...

The biometric passport has been 'cracked' again - but it's the same crack as the old crack (which is not exactly a crack). This time it's the new UK passport, and Liberal Home Affairs spokesman Nick Clegg is calling for the urgent recall of all the 3 million that have already been issued.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Halt to school fingerprinting.

Fri, 10 Nov 2006 23:23:59 GMT

Halt to school fingerprinting.

China strikes blow for privacy

The Hong Kong privacy commissioner has ordered a school to stop fingerprinting children before it becomes a runaway trend that is too late to stop.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Biometric ID cards an insecure menace, says EU ID outfit.

Fri, 10 Nov 2006 22:41:47 GMT

Biometric ID cards an insecure menace, says EU ID outfit.

Don't do it, and fix the passports ASAP, apparently...

The EU-funded FIDIS (Future of Identity in the Information Society) project has warned that implementation of the current generation of biometric travel ID will dramatically decrease security and privacy, and increase the risk of identity theft. In the Budapest Declaration, which derives from FIDIS' September meeting in Budapest, FIDIS calls for short-term damage control measures to be taken (because biometric ID is already being rolled out), and for "a new convincing and integrated security concept" to be developed within the next three years.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

USA to ground all travellers until 'cleared'.

Fri, 10 Nov 2006 01:50:39 GMT

USA to ground all travellers until 'cleared'.

Security as a blanket presumption of guilt

No one will be permitted to board an aircraft or a marine vessel leaving or bound for the United States until cleared by the US Department of Homeland Security (DHS) Bureau of Customs and Border Protection (CBP), under proposed regulations.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Beaucoup Cell-Phone Security.

Wed, 01 Nov 2006 07:08:33 GMT

Beaucoup Cell-Phone Security. Want a phone that can recognize you and refuse to work if you get too far away from it? A new Japanese mobile phone comes with a security card that doubles as a credit card, and has facial ID capability and password protection. [Wired News: Top Stories]

Fingerprint the expats! FCO plans phase two biometric passport.

Tue, 31 Oct 2006 15:06:31 GMT

Fingerprint the expats! FCO plans phase two biometric passport.

Cross-Channel loophole to close by 2010

Plans to add fingerprints to UK overseas passports are under way, despite the cost and complexity involved in gathering biometrics from UK citizens across the globe, a parliamentary answer revealed last week. Passports issued by the Foreign & Commonwealth Office are already "biometric", but only in the somewhat minimalist sense required by ICAO - the addition of fingerprints, however, would pull overseas UK residents into the National Identity Register net, closing off a prized but little-known escape route.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

RFID Journal - Germany's BKA Uses RFID to Test Criminal-ID Software - RFID (Radio Frequency Identification) Technology News & Features

Mon, 30 Oct 2006 18:26:42 GMT

Oct. 30, 2006--Germany's Bundeskriminalamt (BKA), or Federal Criminal Investigation Office, is using RFID as part of a test of facial-recognition software. The trial began this month and will last until January.

The country's Federal Ministry of the Interior authorized the test in mid-February, which is being held in the main railway station in Mainz, a city not far from Frankfurt. The project gained new relevance in August when police foiled a plot to blow up regional trains in Germany. Video monitoring of passengers in train stations played a key role in identifying the attempted terrorists.

Home Office thumbs up for Yeovil pub fingerprint plan.

Thu, 26 Oct 2006 23:46:03 GMT

Home Office thumbs up for Yeovil pub fingerprint plan.

But crime stats raise questions

The extent of interest among local authorities to install fingerprinting security in pubs and clubs around the country has been revealed by the police brains behind the pilot scheme in Yeovil.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Steal my ID, steal my fingers - the public gets nervous.

Wed, 25 Oct 2006 21:22:30 GMT

Steal my ID, steal my fingers - the public gets nervous.

So how many fingers do you need anyway?

The public fears losing their fingers to ruthless biometric ID thieves in the fingerprint-controlled future, apparently. Or at least, so says Frost & Sullivan analyst Sapna Capoor, who argued unconvincingly that "A dead finger is no good to a thief."

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Beer fingerprints to go UK-wide.

Wed, 25 Oct 2006 21:10:58 GMT

Beer fingerprints to go UK-wide.

Yeovil, an example for us all

The government is funding the roll out of fingerprint security at the doors of pubs and clubs in major English cities.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Irish passports go RFID, and naked.

Wed, 25 Oct 2006 21:03:53 GMT

Irish passports go RFID, and naked.

Mug me, my house is currently worth a fortune

Analysis The Irish government has begun issuing RFID passports with biometric data that can be read at a distance to comply with US regulations for its visa waiver programme.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Slashdot | RFID In Government Issued ID?

Wed, 25 Oct 2006 19:47:19 GMT

RFID! writes, "The Department of Homeland Security's Data Privacy and Integrity Advisory Committee published a draft report that poured cold water on using RFID in government-mandated identity cards and documents (PDF link). But this met with some consternation among the DHS bureaus that plan to use RFID in this way and the businesses eager to sell the technology to the government, and now a vote on the report has been delayed until December."

e-Passport Solution Successfully Delivered in Ireland.

Mon, 16 Oct 2006 20:59:15 GMT

e-Passport Solution Successfully Delivered in Ireland. Biometric, contactless e-passport meets requirements of U.S. visa program [GT: Security and Privacy]

The Ithaca Journal - Enhanced federal IDs could spark biometrics boom

Wed, 11 Oct 2006 21:51:44 GMT

The technology has been the stuff of movies for years: A secret agent runs his fingertip and an encrypted ID card over a pair of sensors. There's a match, and the door swings open.

In the coming months, a wave of government initiatives could start making such high-tech methods of identification commonplace -- beginning with the replacement this fall of federal employee IDs. Similar cards are planned for transportation workers, first responders and visitors to the United States.

Packed with biometric data such as fingerprints and containing a computer chip with room to expand the amount of information stored, the new IDs represent a potential boon to technology companies eyeing an estimated $8 billion in identity-related contracts. Firms such as BearingPoint Inc. and Lockheed Martin Corp. have set up showcase identity labs, pulling technology from different companies into turnkey operations. Hundreds of smaller companies, down to manufacturers of plastic cards, are vying for part of the market.
The biggest business opportunity still looms: Driver's licenses, which are due for a retooling under new federal laws.

Pay By Touch puts its finger on ID verification system.

Wed, 11 Oct 2006 21:41:13 GMT

Pay By Touch puts its finger on ID verification system. Pay By Touch, a credit card processing and in-store biometrics vendor, has launched an identity verification service that allows online shoppers to make purchases by using their fingerprint to verify their identity. [Computerworld Privacy News]

Parents prepare to sue fingerprint grabbers.

Wed, 11 Oct 2006 05:25:21 GMT

Parents prepare to sue fingerprint grabbers.

Schools to be challenged over biometrics

Parents are preparing a legal challenge to schools that have fingerprinted their children without their consent.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Byrne sprinkles biometric ID pixie dust over immigration 'issue'.

Wed, 11 Oct 2006 03:59:16 GMT

Byrne sprinkles biometric ID pixie dust over immigration 'issue'.

Magics 'new' data from old pilots

Home Office Minister Liam Byrne was today scheduled to pitch ID cards as a crucial weapon in the fight against illegal immigrants, according to the advance spin in yesterday's Sunday Telegraph. The paper, entirely forgetting about Tony's Fortress Britain, claims the switch to playing the immigration card is a "fresh approach" from John Reid, this week's Home Secretary.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Keystroke Dynamics.

Mon, 25 Sep 2006 16:58:38 GMT

Keystroke Dynamics. In this paper Tom Olzak takes a look at biometrics, followed by keystroke dynamics, including history, how it works, and why it may be the answer for organizations with people or cost issues. By Tom Olzak. [Infosec Writers Latest Security Papers]

People prefer iPods to biometric passports.

Wed, 20 Sep 2006 14:48:33 GMT

People prefer iPods to biometric passports.

Anyone for an iDcard?

The Home Office has tried to frighten people into taking its identity plans seriously by publishing a marketing survey it said proved their passports were easy targets for ruthless criminals.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Headmaster justifies fingerprinting pupils.

Thu, 14 Sep 2006 17:57:41 GMT

Headmaster justifies fingerprinting pupils.

'We don't have to ask parents'

The headmaster of Porth County Comprehensive School in South Wales has defended fingerprinting all 1,400 of his pupils days after their parents were told about the scheme last Wednesday.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Who Says When Biometrics Data Is Wrong?

Tue, 05 Sep 2006 14:10:14 GMT

Who Says When Biometrics Data Is Wrong? An article over at Technokrati called Biometric data integrity and error correction brings up the point of getting the information in a database corrected when humans get labeled wrong. How does an African male prove that he isn't the Swedish female that his passport claims he is? It is something worth keeping in mind. [LinuxBiometrics.com]

Feds Show Off Massive Database.

Thu, 31 Aug 2006 18:52:59 GMT

Feds Show Off Massive Database.
Feeling a little burnt from stories about its technological incompetence, the Justice Department wooed reporters Tuesday with its massive anti-terrorism database that contains some 659 million records comprising no-fly list data, airline records, driver's license numbers, social security numbers and suspicious financial activity reports, according to this story from Ellen Nakashima in the Washington Post.

Privacy advocates said the Investigative Data Warehouse, launched in January 2004, raises concerns about how long the government stores such information and about the right of citizens to know what records are kept and correct information that is wrong.

The data warehouse is an effort to "connect the dots" that the FBI was accused of missing in the months before the 2001 attacks, bureau officials said. About a quarter of the information comes from the FBI's records and criminal case files. The rest -- including suspicious financial activity reports, no-fly lists, and lost and stolen passport data -- comes from the Treasury, State and Homeland Security departments and the Federal Bureau of Prisons.

One assumes that the database includes such things as the hundreds of thousands of records agents culled in 2003 from Las Vegas hotels and casinos, rental car agencies and airlines as part of their response to increased intelligence chatter.

This system is not totally unknown -- Washington Post journalist Robert O'Harrow, Jr. covered it in his book No Place to Hide.

Kenneth Ritchhart, the man who headed the project, made his aims clear to O'Harrow: John Poindexter's Total Information Awareness project.

"The technology that he's looking at," Ritchhart told O'Harrow, "is right up our alley."

Is it legal?

Depends on who you talk to.

It's not clear the agency has ever disclosed the database in the Federal Registry or published Privacy Impact Assessments as required by law.

You might also remember that the Justice Department exempted its criminal databases in 2003 from the requirement that they be accurate.

It's now not their problem, its yours.

Photo: Wbs 70

[27B Stroke 6]

EFF - miniLinks for 2006-08-30.

Thu, 31 Aug 2006 18:49:38 GMT

miniLinks for 2006-08-30.

AOL Goes From Badware to Worseware
As AOL's servers give out your search terms, its client takes control of your computer without permission. What's not to like?

Barney's Last Gasp
New York Times sees our case as the final straw for the purple dinosaur.

Boomtime for Biometrics Manufacturers
Tech companies eye $8 billion in government ID contracts.

IGF IP workshop
IP Justice, EFF, and CPTech, eFIL, ask the Internet Governance Forum to look at impact of overbroad IP on the Internet.

Preemptive Cease and Desists bad for ... Lawyers?
American Lawyer looks at the media outrage that bad publicity blanket C&D letters gather.

Free Wi-Fi - Just No Free Speech
Culver City, home of the film studios, starts filtering its free muni wi-fi

Or Constitutional Rights
... while its terms of service declare you've waived your First Amendment rights.

Press Here to Waste Police Time
MSN Messenger apps will have a one-click "report sex offender" button in the UK.

Give us Your Poor, Your Huddled Personal Information
Michael Chertoff asks our "European allies" to hand over their citizens' personal data to the US.

[EFF: Deep Links]

Motor Vehicle Agency Implements Biometrics.

Tue, 29 Aug 2006 23:34:58 GMT

Motor Vehicle Agency Implements Biometrics. Facial recognition tool used to stop identity theft and related crimes [GT: Security and Privacy]

London school to fingerprint students

Tue, 29 Aug 2006 23:19:32 GMT

London school to fingerprint students.

But only to monitor attendance, school claims

A London school is to embark on a trial to fingerprint children when they return to school.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

Unlocking Fingerprints - Plan for Enhanced Federal IDs Could Open Door to a Biometrics Boom

Mon, 28 Aug 2006 17:38:42 GMT

The technology has been the stuff of movies for years: A secret agent runs his fingertip and an encrypted ID card over a pair of sensors. There's a match, and the door swings open.

In the coming months, a wave of government initiatives could start making such high-tech methods of identification commonplace -- beginning with the replacement this fall of federal employee IDs. Similar cards are planned for transportation workers, first responders and visitors to the United States.

Packed with biometric data such as fingerprints and containing a computer chip with room to expand the amount of information stored, the new IDs represent a potential boon to technology companies eyeing an estimated $8 billion in identity-related contracts. Firms such as BearingPoint Inc. and Lockheed Martin Corp. have set up showcase identity labs, pulling technology from different companies into turnkey operations. Hundreds of smaller companies, down to manufacturers of plastic cards, are vying for part of the market.

The biggest business opportunity still looms: Driver's licenses, which are due for a retooling under new federal laws.

"When you're talking about credentialing the federal workforce and contractors, you're talking about maybe 10 million people. When you're talking first responders, you're at 20, 30 or 40 million people," said Thomas Greco, a vice president at Herndon-based Cybertrust Inc. "But when you're talking credentialing all registered drivers in the United States, you're up to hundreds of millions of people. Nobody is losing sight of that."

In an era of chronic concern over terrorism and anxiety over immigration, the business of determining who is who has become increasingly urgent. But it is not without controversy. Americans have long resisted the idea of a national ID card, for example. The growing sophistication of computer databases and networks has heightened privacy concerns -- as have data breaches, from the theft or loss of government computers to AOL's online posting of 36 million keyword searches conducted by hundreds of thousands of subscribers. If the pool of government programs using the new identity technology gets large enough and the amount of information collected gets detailed enough, "there will be a lot of pressure for these programs to converge," creating a de facto national identity system, said Barry Steinhardt, director of the technology and liberty project at the American Civil Liberties Union.

Use of a new government standard may prompt the private sector to follow. The banking, retailing and health-care industries are monitoring the federal initiatives, ready to apply stricter identity standards when dealing with their employees and customers. In an online world, the technology could also be used to establish that two people who never meet in person really are who they say they are.

Federal agencies are supposed to begin issuing their new ID cards in October, complying with a 2004 Bush administration directive requiring more stringent methods for tracking who gets access to federal facilities.

Slashdot | E-Passport In the Works

Tue, 22 Aug 2006 15:47:01 GMT

ExE122 writes "In an attempt to curb falsification of passports, the United States has placed an order for millions of embedded ID chips. 'The chips carry an encrypted digital photograph of the passport holder. The chip is designed to be read by a special device that will be used by U.S. government workers who check passports when travelers come through border crossings. The State Department began issuing what are being called e-passports to tourists last week and will gradually increase production. State Department spokeswoman Janelle Hironimus said existing passports will remain valid until they expire but, eventually, all U.S. passports -- about 13 million will be issued in 2006 -- will contain such chips.'"

Infineon chips to be used in U.S. e-passports.

Mon, 21 Aug 2006 17:32:48 GMT

Infineon chips to be used in U.S. e-passports. German chip maker Infineon Technologies will supply chips for new electronic passports the U.S. government will begin issuing in October. [Computerworld Privacy News]

Google to do Image & Face Recognition ??

Thu, 17 Aug 2006 22:20:31 GMT

Google to do Image & Face Recognition.

In a quick follow-up to this speculation about Google using Gmail photos to build a facial recognition database, Google just announced they acquired Neven Vision, a company that develops technology to detect and recognize objects and persons in images. While Google is currently spinning this as a new way to help organize your photos (the software could automatically group all images on a hard drive with one[base ']s ex-girlfriend[base ']s face in it), it could also be integrated into their image search engine (to automatically find all images on the web with one[base ']s ex-girlfriend[base ']s face in it) or to create a mobile version so when you snap a picture of a random person on the street, Google can tell you if her face happens to be someone else[base ']s ex-girlfriend.

[via Google Operating System]

[michaelzimmer.org]

Chipped Passports Coming Monday.

Sun, 13 Aug 2006 20:17:46 GMT

Chipped Passports Coming Monday. Scorned by privacy groups but embraced by the State Department, the new "smart" documents soon will land in the hands of U.S. citizens. [Wired News: Security Blanket]

U.S. to Begin Rollout of E-Passports

Sun, 13 Aug 2006 20:13:37 GMT

Despite ongoing privacy concerns and legal disputes involving companies bidding on the project, the U.S. State Department plans to begin issuing smart chip-embedded passports to Americans as planned Monday.

Not even the foiled terror plot that heightened security checks at airports nationwide threatens to delay the rollout, the agency said. Any hitches in getting the technology to work properly could add even longer waits to travelers already facing lengthy security lines at airports.

The new U.S. passports will include a chip that contains all the data contained in the paper version _ name, birthdate, gender, for example _ and can be read by electronic scanners at equipped airports. The State Department says they will speed up going through customs and help enhance border security.

Privacy groups continue to raise concerns about the security of the electronic information and a German computer security expert earlier this month demonstrated in Las Vegas how personal information stored on the documents could be copied and transferred to another device.

But electronic cloning does not constitute a threat because the information on the chips, including the photograph, is encrypted and cannot be changed, according to the Smart Card Alliance, a New Jersey-based not-for-profit made up of government agencies and industry players.

'It's no different than someone stealing your passport and trying to use it,' Randy Vanderhoof, executive director of the alliance, said in a statement. 'No one else can use it because your photo is on the chip and they're not you.'

RFID passports cloned and shown to be poorly shielded.

Thu, 10 Aug 2006 18:44:49 GMT

RFID passports cloned and shown to be poorly shielded. I wasn't there, but at a hacker conference last weekend in Las Vegas, two different security research groups publicly demonstrated major vulnerabilities in the RFID passports now beginning to be issued by the USA and many other countries. Using a new German passport (based on the same ISO14443 and ICAO document 9303 specifications as the new USA passports with RFID chips), Lukas Grunwald of DN-Systems showed how the data on the RFID chip in each of these passports could be remotely read, copied onto another off-the-shelf blank chip, and used to fool an RFID reader . After Grunwald's demonstration some RFID proponents claimed that the encryption of most of the data on the chip (although not the unique chip ID number broadcast in the clear ) would prevent the use of a cloned RFID passport chip for digital impersonation -- conveniently forgetting that the encryption has already been cracked . At least as significant, but much less widely publicized, was another report on tests by Flexilis of the RF shielding in the outer covers of the RFID passports, which has been heavily advertised by the USA State Department as "preventing" reading of the RFID chip unless the passport is deliberately opened. The graph on page 2 of the experimental results shows that an RFID passport "shielded" according to the current standard could be read from 4 (10 cm) inches away (e.g. by someone bumping against the outside of the victims' pocket or purse with an RFID reader in a piece of luggage) if the covers gapped open as much as 1/2 inch (1.2 cm) at their outer edges, as could easily happen inadvertently. Even a 1/4 inch (7 mm) gap between the outer edges of the passport covers allowed reading from 1 1/2 inches (4 cm) away, well within the plausible range of a approach for a "bump" attack through clothing or a purse. And as has already been demonstrated , the distances at which the chips can be read will likely continue to increase with improved readers during the 10-year validity of RFID passports now being issued. If you want a new USA passport (valid for the next 10 years) without an RFID chip, apply for one now . You probably just barely have time, if you do so immediately. When you get your new passport, check for the RFID logo on the front cover; if you find it, please let me know right away when and by which office your passport was issued, so I can spread the word. And if you do get stuck with an RFID passport, don't rely on adequate shielding being built into the cover. Keep it wrapped in electrically conductive mylar or aluminum foil, or in one of these RF-shielding cases whenever you don't want it read. [The Practical Nomad]

Last Chance for a Chipless Passport?

Fri, 04 Aug 2006 21:35:07 GMT

Last Chance for a Chipless Passport?

The e-passport is coming. The e-passport is coming.

After much ado, the United States has begun or will begin issuing passports with RFID chips in them.

The passports now have some anti-skimming features, including Basic Access Control and some sort of internal tin-foil hat.

But the chips are readily clonable, and some security experts still aren't sure they are a good idea. Also, it's just plain creepy to be on the same level as a pallet from WalMart.

You might still be able to get a passport without the chip and that passport will be good for 10 years -- long enough to get you to the point where new passports will be RFID chips implanted in your neck.

Travel privacy guru Edward Hasbrouckhad a good post up in May about how to maximize your chances of getting a chip-less passport, which involves a little extra money anda refundable ticket. The trick still might work.

You can also make sure your passport lasts longer by including with your application a written letter that says you need extra pages.

The government's page on getting a new passport is here, and renewals are here, but so far, the State Department hasn't returned my call asking if they are actually issuing the passports, though the last report I read was that they were starting with the Denver office.

Photo: Jesse Edwards

[27B Stroke 6]

How to clone the copy-friendly biometric passport.

Fri, 04 Aug 2006 16:06:17 GMT

How to clone the copy-friendly biometric passport.

So easy the manual tells you that you can do it

Analysis At Black Hat yesterday, security consultant Lukas Grunwald of German company DN-Systems demonstrated the cloning of a biometric passport, observing beforehand to Wired that the "whole passport design is totally brain damaged." But should we be surprised? Not exactly, because that's precisely what it says on the tin.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

e-passport cloning risks exposed.

Fri, 04 Aug 2006 16:04:18 GMT

e-passport cloning risks exposed.

RFID hack attack

A security consultant has shown how to clone electronic passports based on internationally agreed designs due to begin distribution this year.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

The Future of Crime - Biometric Spoofing?

Mon, 31 Jul 2006 16:35:52 GMT

The Future of Crime - Biometric Spoofing? AxisPower9 writes "What we often watch in films and television - circumventing biometric security access - is turning from science-fiction to reality. Bori Toth, biometric research and advisory lead at Deloitte & Touche, warned that biometric spoofing is a growing concern. From the article: 'We are leaving our prints everywhere so the chance of someone lifting them and copying them is real. Currently it's only researchers that are doing spoofing and copying. It's not a mainstream activity--but it will be. Many people are trying to regard biometrics as secret but they aren't. Our faces and irises are visible and our voices are being recorded. Fingerprints and DNA are left everywhere we go and it's been proved that these are real threats.'" [Slashdot: Your Rights Online]

Kiddiprinters! EU biometric ID plans reach out for the children.

Mon, 31 Jul 2006 16:17:07 GMT

Kiddiprinters! EU biometric ID plans reach out for the children.

You're never too young to get a record, say interior ministers

The EU is planning to fingerprint children from as young as six, and earlier just as soon as it is technically feasible, according to documents obtained by Statewatch. The matter has already caused considerable debate (albeit behind closed doors and with no visible civil liberties concerns) among member states, but is being pushed ahead as part of a broader push towards biometric identifiers, without reference to the European Parliament.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]

UK ID card scheme near collapse, as Blair pushes cut-down 'variant'.

Mon, 10 Jul 2006 13:01:22 GMT

UK ID card scheme near collapse, as Blair pushes cut-down 'variant'.

Leaked emails detail train, track, buffers

The UK ID card scheme is doomed to fail, and an attempt to put a face-saving downscaled version into place threatens to wreck the project sooner, rather than later, according to civil service correspondence. An email exchange between David Foord of the Office of Government Commerce and Peter Smith, acting commercial director of the Identity and Passport Service, leaked to the Sunday Times, paints a picture of an impossible mission, a "Mr Blair" driving a cut-down "early variant" card and a Passport Service already making contingency plans in anticipation of ID cards crashing in flames.

[The Register - Internet and Law: Digital Rights/Digital Wrongs]