Archive for the ‘Chris Paget’ Category


Ultimately, Michael Holly, chief of consular affairs/international affairs at the U.S. Department of State, says Chris Paget’s interception of the passport card’s data is no reason for concern.

“Mr. Paget actually was doing nothing more than what we intended to have happen…the card, if powered by a reader, will give off the ID number, which is simply a pointer to the data that we share with the Department of Homeland Security,” he says.


[BTC Comment – Is the State Department’s job to make egregious hacks look like it was all their idea and that they have everything under control?

I guess the more important question to ask is: are you in control of your identity and where your private information lands due to RFID deployment?

If you are confident RFID is insecure you reserve the right to demand more privacy provisions, especially if it’s a legal mandate and you are required to pay for it.]

RFID Passport Tags Save Time, Risk Privacy
By Jeff Goldman

c/o WiFi Planet

The presence of an RFID tag in U.S. passport cards has raised privacy concerns, but government officials insist the technology is safe–and that the efficiency it adds at land borders is worth the risk.

By the time WHTI went into effect on June 1st of this year, requiring Americans to present passport books, passport cards, or EDLs when crossing land borders into the United States, over a million RFID-enhanced passport cards had already been issued. While WHTI itself isn’t new, its implementation for land borders was delayed two years ago in order to allow for further testing of passport card technology.

It’s important to note that there’s a key difference between e-passports(passport books) and passport cards. While passport cards use vicinity RFID (EPC Gen 2) technology, which can be read at distances of up to 30 feet, e-passports use ISO 14443 contactless smart card tech with a read range of a few inches. To compensate for their readibility (and therefore hackability) at a distance, passport cards only transmit an ID number that relates back to information stored in a secure central database, while e-passports store and transmit much more detailed information about the passport holder.

According to Randy Vanderhoof, executive director of the Smart Card Alliance, that difference was key to the selection of the two technologies. “The electronic passport was built knowing that it was going to store secure information like a person’s name, city of issuance, passport number, image of the person… and therefore they chose a more secure chip technology to protect that information—whereas the passport card was designed to be a static identifier to a central database, with no personal information stored in the chip itself,” he says.

Vanderhoof contends that the government’s decision to use the longer-range EPC Gen 2 technology in passport cards was a mistake. “The decision to trade speed over security and privacy, I think, was a poor decision on the part of the program managers under WHTI—but they repeatedly defended the decision because of the traffic flows through the land borders and the fact that they needed something that could be read from great distances,” he says.

Still, Paul Hunter, technical lead for the Western Hemisphere Travel Initiative at U.S. Customs and Border Protection, insists that the time savings provided by the passport cards are considerable. “We can actually read the documents as they’re approaching the booth…which means, instead of handing a document to an officer and him swiping it or manually typing in data, the data’s already there, and now he can focus on the person, and he can focus on the conveyance…it saves six to eight seconds per person,” he says.

And at a land border, Hunter says, time is of the essence. “We’re talking over 100 million crossings a year,” he says. “Those six to eight seconds actually are very significant. We’ve done time and motion studies where we’ve actually measured the time it takes to take the document, to bring it into the booth, to either manually type or swipe and then wait for the results—and if you eliminate all that, you are actually on average saving between six to eight seconds.”

What’s more, Hunter says, the same technology has already been in use for over ten years in the government’s SENTRI and NEXUStrusted traveler programs. “And we have not had one reported incident of somebody skimming that data and using it for nefarious purposes…the reality is, it’s just a number,” he says. “And we further mitigate that by making sure the data that’s associated with that is in a secure back-end database.”

Ultimately, Michael Holly, chief of consular affairs/international affairs at the U.S. Department of State, says Chris Paget’s interception of the passport card’s data is no reason for concern. “Mr. Paget actually was doing nothing more than what we intended to have happen…the card, if powered by a reader, will give off the ID number, which is simply a pointer to the data that we share with theDepartment of Homeland Security,” he says.

But Paget himself, now president and CTO of the security research firm H4RDW4RE, says that ID number shouldn’t be so easily accessible. “You shouldn’t necessarily think of it as low-risk just because it’s a number,” he says. “Your social security number is just a number. Your credit card number is just a number. It’s the meaning that’s attached to those numbers that makes it risky—and in this instance, it’s an identifier for a person, so any time you see that identifier, you can be certain that you’re seeing that same person.”

One possible solution, Paget says, would be to add an on/off switch to the passport card, as has been suggested by Dr. Ann Cavoukian,Information and Privacy Commissioner for the Canadian province of Ontario. Paget says it’s simply a matter of adding “a button on the card that you have to physically squeeze to turn the tag on, at which point it can be read—so it completely negates the need for shielding…because the tag is off until you actually want it to be turned on.”

The larger point, Paget says, is that RFID needs to be approached with the same caution as the Internet—both, essentially, are simply untrusted networks that move bits of data from point a to point b. “There’s no reason why RFID cannot have equivalent security to something like SSH or SSL that we use on the Internet all the time…I’m certainly not against RFID as a technology: I think it’s got great potential, but there needs to be a lot more security involved in the design of the systems,” he says.

LISTEN :::H4RDW4RE : An RFID Clean Up Team

BTCRadio Frequency ID chip technologies are “too vulnerable in too many ways,” says Chris Paget, ethical hacker and partner for H4RDW4RE, a new company creating privacy and security solutions to existing RFID problems in the marketplace.


The public has been made aware of RFID or Radio Frequency ID technologies commissioned for national identity documents: passports, Enhanced Drivers Licenses, TWIC cards, Speed Passes and even Tribal Identity Cards. Unfortunately, RFID as a government sanctioned technology earned a big brother reputation from its ability to track a persons current location, storing and conveying private information from 20 – 30 feet away.


Chris Paget, a technology penetration consultant, found the Western Hemisphere Travel Initiative compliant RFIDs especially troublesome. He began doing live demonstrations exposing identity security flaws RFIDs had on average cardholders. Then Chris Paget and his business partner Tim Mullen formed H4RDW4RE.com. They have made it their business to demonstrate exactly how insecure Western Hemisphere compliant RFID chips can be for people to possess in identity cards, smart-contactless cards and credit cards.


In this interview they explain the benefits of technology penetration testing or “ethical hacking” for investors and adopters. One of Paget’s demonstrations went viral via YouTube in February, blowing apart any faint notion of RFID’s billing as a secure identity technology. Equipped with only a $250 signal reader and a conventional laptop, Paget cloned or copied private passport information from a parked car in San Francisco.


H4RDW4RE recently featured high profile demonstrations at 2009 conventions like DefCon & Black Hat. They continue to invent solutions for existing security problems and risks ordinary people face from identity technologies present in U.S. passports and other public cards.


c/o Current TV




Sorry …I have been really under the weather for the last several days. I want to use my uptick in wellness to promote the interview exclusive I have with Chris Paget’s new company H4RDW4RE.com. States like Washington have everything to lose and nothing to gain from Enhanced Drivers Licenses with WHTI compliant RFID tags – which read and expose coded information from 20-30 feet away. Based on my talks with the EFF, this brand of RFID is the most dangerous. It also happens to be the type DHS wants, even as it has failed their own pilot tests.
If DHS insists on screwing the American people out of their privacy, we insist they start providing “protection”, especially in the case of RFID. Paget’s inventions and innovations can provide solutions for States already sold on WHTI compliant RFID. This brand of RFID allows your private information to be exposed to those with bad intentions. Check back in a few days…

Christ Paget RFID Hacker Part 2

Posted: February 17, 2009 in Chris Paget, hackers, RFID

“The goal of [Chris Paget’s] research from the beginning was to show that RFID is unsuitable for security situations like this[U.S. identity]. Passport cards assign a unique identifier to each holder. This id can be read from a distance and coordinated with the holders other rfid items like their credit card. Any party can track someone holding these cards, and they don’t make border crossings any faster, since the cards still have to be checked in person.

The usa is now tracking its residents with the same respect given to items in walmart.” –  HACK A DAY

For 57 minutes of your time, here it is.

http://video.google.com/googleplayer.swf?docid=-282861825889939203&hl=en&fs=true

Chris Paget is the newest Anti- RFID  vlogger considered  “worth watching” by various news sources.   He reveals the hows and whys of black market identity racket terms of identity raids where RFID would be used on the common man.

Passport RFIDs cloned wholesale by $250 eBay auction spree


{Video demo shows you how}
By Dan Goodin in San Francisco

Posted in Security, 2nd February 2009 06:02 GMT

VMware whitepaper – The business case for Virtualization

Using inexpensive off-the-shelf components, an information security expert has built a mobile platform that can clone large numbers of the unique electronic identifiers used in US passport cards and next generation drivers licenses.

The $250 proof-of-concept device – which researcher Chris Paget built in his spare time – operates out of his vehicle and contains everything needed to sniff and then clone RFID, or radio frequency identification, tags. During a recent 20-minute drive in downtown San Francisco, it successfully copied the RFID tags of two passport cards without the knowledge of their owners.

Paget’s contraption builds off the work of researchers at RSA and the University of Washington, which last year found weaknesses in US passport cards and so-called EDLs, or enhanced drivers’ licenses. So far, about 750,000 people have applied for the passport cards, which are credit card-sized alternatives to passports for travel between the US and Mexico, Canada, the Caribbean, and Bermuda. EDLs are currently offered by Washington and New York states.

“It’s one thing to say that something can be done, it’s another thing completely to actually do it,” Paget said in explaining why he built the device. “It’s mainly to defeat the argument that you can’t do it in the real world, that there’s no real-world attack here, that it’s all theoretical.”

Use of the cards is expected to rise as US officials continue to encourage their adoption. Civil liberties groups have criticized the cards and a travel industry association has called on the federal government to suspend their use (http://www.theregister.co.uk/2008/12/01/rfid_scanning_under_fire/) until the risks can be better understood.

The cards make use of the RFID equivalent of optical barcodes known as electronic product code tags, which are widely used to track cattle and merchandise as it’s shipped and then stored in warehouses. Because the technology employs no encryption and can be read from distances of more than a mile, the tags are highly susceptible (PDF) (http://www.rsa.com/rsalabs/staff/bios/ajuels/publications/EPC_RFID/Gen2authentication–22Oct08a.pdf) to cloning and tracking, researchers have concluded.

Paget’s device consists of a Symbol XR400 RFID reader (now manufactured by Motorola), a Motorola AN400 patch antenna mounted to the side of his Volvo XC90, and a Dell 710m that’s connected to the RFID reader by ethernet cable. The laptop runs a Windows application Paget developed that continuously prompts the RFID reader to look for tags and logs the serial number each time one is detected. He bought most of the gear via auctions listed on eBay.

And if you read on, we’ll show you video proof that the thing actually works.