(shkspr.mobi)

287 points robin_reala | 1 comments | 25 Jun 25 07:33 UTC | HN request time: 0s | source

Show context

dzhiurgis ◴[25 Jun 25 09:35 UTC] No.44375315[source]▶

>>44374574 (OP) #

Hol up. So what stops you from uploading custom photo + metadata onto random chip and planting it in a fake passport?

replies(5): >>44375334 #>>44375336 #>>44375342 #>>44375469 #>>44376015 #

edent ◴[25 Jun 25 09:39 UTC] No.44375342[source]▶

>>44375315 #

The data are signed with the passport issuing authority's private key.

So you could implement a chip which reacts like an official passport. When the border guards see that the signature is invalid, you can explain how it's just a prank and you'll all have a jolly good laugh about it.

replies(4): >>44375530 #>>44375612 #>>44375693 #>>44375852 #

1. Nextgrid ◴[25 Jun 25 10:35 UTC] No.44375693[source]▶

>>44375342 #

I remember reading an article or paper that checked the validity and spec compliance of various nations's passports, and found lots of variation, so a valid signature isn't actually a guarantee even in a legit passport.

↑

Reading NFC Passport Chips in Linux