←back to thread

Reading NFC Passport Chips in Linux

(shkspr.mobi)
287 points robin_reala | 1 comments | 25 Jun 25 07:33 UTC | HN request time: 0.001s | source
Show context
dzhiurgis ◴[25 Jun 25 09:35 UTC] No.44375315[source]
Hol up. So what stops you from uploading custom photo + metadata onto random chip and planting it in a fake passport?
replies(5): >>44375334 #>>44375336 #>>44375342 #>>44375469 #>>44376015 #
edent ◴[25 Jun 25 09:39 UTC] No.44375342[source]
The data are signed with the passport issuing authority's private key.

So you could implement a chip which reacts like an official passport. When the border guards see that the signature is invalid, you can explain how it's just a prank and you'll all have a jolly good laugh about it.

replies(4): >>44375530 #>>44375612 #>>44375693 #>>44375852 #
23434dsf ◴[25 Jun 25 10:12 UTC] No.44375530[source]
So if I strolled through the airport with a high power NFC reader/writer, I could ruin a lot of peoples trips?
replies(4): >>44375586 #>>44375593 #>>44375610 #>>44376406 #
lukan ◴[25 Jun 25 10:21 UTC] No.44375593[source]
"The NFC chip in a passport is protected by a password. The password is printed on the inside of the physical passport. As well as needing to be physically close to the passport for NFC to work0, you also need to be able to see the password."
replies(2): >>44375631 #>>44379675 #
wkat4242 ◴[25 Jun 25 10:25 UTC] No.44375631[source]
Yes but. In Europe this tech is also in our id cards whether said passport is printed on the outside (considering it's just a credit card format). You still have to see it but it doesn't have to be opened to the right page like a passport.

Both sides even have the info printed. One side in human format, the owner side in machine readable.

replies(1): >>44375664 #
lukan ◴[25 Jun 25 10:30 UTC] No.44375664[source]
Yes, but this still means a attacker needs to have physical access to the passport?
replies(2): >>44375871 #>>44376215 #
1. wkat4242 ◴[25 Jun 25 11:52 UTC] No.44376215[source]
Kinda the same as with the NFC.

You can read from a small distance, probably further than you can read an NFC tag with your phone. And you can automate both on a phone (OCR and NFC)