Feds Aren’t Verifying Passport Data By Kevin D. Williamson

https://www.nationalreview.com/blog/corner/passport-data-not-verified-feds-decade/

Is there any agency in American law enforcement actually doing its job? Today in Wired:

Passports, like any physical ID, can be altered and forged. That’s partly why for the last 11 years the United States has put RFID chips in the back panel of its passports, creating so-called e-Passports. The chip stores your passport information — like name, date of birth, passport number, your photo, and even a biometric identifier — for quick, machine-readable border checks. And while e-Passports also store a cryptographic signature to prevent tampering or forgeries, it turns out that despite having over a decade to do so, US Customs and Border Protection hasn’t deployed the software needed to actually verify it.

This means that since as far back as 2006, a skilled hacker could alter the data on an e-Passport chip — like the name, photo, or expiration date — without fear that signature verification would alert a border agent to the changes. That could theoretically be enough to slip into countries that allow all-electronic border checks, or even to get past a border patrol agent into the US.

In a “WTF?” letter, Senators Wyden and McCaskill report that the relevant federal staff “lacks the technical capabilities to verify e-passport chips.”

All in, national-security spending is damn near $1 trillion a year. The average annual federal compensation package is somewhere north of $120,000 per worker. And we can’t even properly manage passport control.

Comments are closed.