6 March 2007
In a ‘web chat’ yesterday afternoon, James Hall, Chief Executive of the UK Identity & Passport Service (UKIPS), denied that the new ePassport had been “cracked” [1] on the same day that just such a successful crack by NO2ID [2] was reported in the national press [3]. The UKIPS spin machine was also on full cycle – re-announcing a three-year-old programme to fix the 35 year old ‘Day of the Jackal’ loophole [4], in a desperate attempt to distract from further bad news about the nature of the passport ‘upgrade’ [5].
Phil Booth, NO2ID's National Coordinator said:
“Mr Hall must be confused. His own officials admitted at the weekend that the chip in the passport can be ‘cloned’ in transit [6]. NO2ID has proved beyond any doubt that the data on an unknown passport’s chip can be stolen from inside the sealed envelope in which it is delivered. He knows that passports are leaky. His department designed them to be [7].
“Rather than boasting about fixing a problem that has been well-known for more than three decades, James Hall and his Home Office masters should face the music for the serious flaws they have deliberately introduced into the passport system so that your passport data can be instantly perfectly copied by border authorities. They have chosen to dispense with the individual security of millions of UK residents for international official convenience [8].”
-ENDS-
Notes for editors:
1) James Hall web chat - http://www.webchat.pm.gov.uk/index.asp?webchatID=34 - in which Mr Hall said: “The passports were not cracked. All that was shown was that someone who already had access to all the details in the passport could read those same details on the chip. [...] What was demonstrated would not have been possible if the people concerned had not already had possession of the passport details and been able to read it.”
Not only is it possible, but NO2ID was able to read an unknown passport’s chip **in under 4 hours**, using little more than the information printed on the face of the (intercepted) envelope in which it was delivered.
2) NO2ID is the UK-wide non-partisan campaign against ID cards and the database state. NO2ID is affiliated to by the National Union of Journalists: http://www.nuj.org.uk/inner.php?docid=1595. Scroll down http://www.no2id.net for a list of ‘database state’ initiatives that NO2ID is actively opposing.
3) “'Safest ever' passport is not fit for purpose”, Sue Reid in the Daily Mail, 5/3/07:
http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=440069&in_page_id=1770
Working with security expert Adam Laurie, NO2ID have previously demonstrated
insecurities in the new ‘ePassport’, as reported in the Guardian last
November:
http://www.guardian.co.uk/idcards/story/0,,1950226,00.html
4) “Passport officials close ID loophole”, Yorkshire Post, 5/3/07: http://www.yorkshiretoday.co.uk/ViewArticle.aspx?ArticleID=2096503&SectionID =55
5) “Warning over ePassport microchips”, BBC, 7/2/07: http://news.bbc.co.uk/1/hi/uk_politics/6337687.stm
6) “New 'chip' passports are copied in transit”, Brian Brady in Scotland on Sunday, 4/3/07: http://scotlandonsunday.scotsman.com/index.cfm?id=341772007
7) See Regulatory Impact Assessment for the eBorders scheme: http://www.privacyinternational.org/issues/terrorism/library/ukebodersria.pd f British and American delegates were advocates of the new ICAO standard to which all passports now conform. It is designed to suit the US-VISIT programme, which is coincidentally managed by Mr Hall’s former employers Accenture. See Washington Post, "US Border Security at the Crossroads": http://www.washingtonpost.com/wp-dyn/content/article/2005/05/22/AR2005052200613.html
8) Bruce Sterling explained it this way, writing in Wired, "Beyond the Beyond", 17/11/06: http://blog.wired.com/sterling/2006/11/arphid_watch_fi.html “They did this, not because they want to make private citizens more secure against ID theft, but because they want to install huge databases that track the movements of civil populations generally. The point of electronic ID is to input a suspect passport number and see every place that guy's been in the last 20 years. Then you compare that the movements of other known malefactors and you've got an instant Al Qaeda winnowing-machine. “Of course some individuals will suffer, but compared to the awesome imaginary benefits of Total Information Awareness, that's like watching a few Nevada civilians cough up their lungs from atom-bomb tests.”
For further information, or for immediate or future interview, please contact Phil Booth (National Co-ordinator, national.coordinator@no2id.net) on 07974 230 839, Guy Herbert (General Secretary, general.secretary@no2id.net) on 07956 544 308, or Michael Parker (Press Officer, press.officer@no2id.net) on 07773 376 166.
The NO2ID Campaign
Box 412
19-21 Crawford Street
London W1H 1PJ
enquiries@no2id.net
Tel: 07005 800 651
Press: click here
