Or so says Chris Paget, a security researcher who, “with a $250 used RFID scanner he purchased on eBay and a low-profile antenna tucked away in his car, recently cruised the streets along Fisherman’s Wharf in San Francisco, where he captured — and cloned — a half-dozen electronic passports within an hour.”
Talking about the security weaknesses of the EPC Gen 2 RFID tags, which are being used in the new wallet-sized passport cards offered by the U.S. Department of Homeland Security, DarkReading’s Kelly Jackson Higgins writes,
Unlike previous RFID hacks that have been conducted within inches of the targeted ID, Paget’s hack can scan RFID tags from 20 feet away. “This is a vicinity versus proximity read,” he [Paget] says. “The passport card is a real radio broadcast, so there’s no real limit to the read range. It’s conceivable that these things can be tracked from 100 meters — a couple of miles.”
Paget says he was able to drive his car at 30 miles per hour and capture an RFID tag in a matter of seconds. “The software for [copying them] lets you just choose the tag you want to copy, wave a blank tag in front of it, and it writes it out,” he says.
