Skapa ett eget pass

Den tyska hackergruppen THC demonsterar hur de emulerar -chippet i ditt :

THC skriver:

The government plans to use ePassports at Immigration and Border

Control. The information is electronically read from the Passport

and displayed to a Border Control Officer or used by an automated

setup. has discovered weaknesses in the system to (by)pass the

security checks. The detection of fake passport chips does not

work. Test setups do not raise alerts when a modified chip

is used. This enables an attacker to create a Passport with an

altered Picture, Name, DoB, Nationality and other credentials.

The manipulated information is displayed without any alarms going off.

The exploitation of this loophole is trivial and can be verified using


Regardless how good the intention of the government might have been, the

facts are that tested implementations of the ePassports Inspection System

are not secure.

ePassports give us a false sense of security: We are made to believe

that they make usemore secure. I’m afraid that’s not true: current

ePassport implementations don’t add security at all.

Jonas Lejon

Om Jonas Lejon

En av sveriges främsta cybersäkerhetsexperter med nästan 20 års erfarenhet inom området och en bakgrund från FRA och Försvarsmakten. Kontakta mig gärna på telefonnummer 010 1889848 eller [email protected] om Er organisation behöver hjälp med cybersäkerhet. LinkedIn Twitter

One comment

  1. Pingback: Jens O. » Blog Archive » Reinfeldt! Vi tystnar inte på ditt kommando

Skriv en kommentar

Du kan använda följande HTML HTML:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>