Democratic Underground Latest Greatest Lobby Journals Search Options Help Login
Google

Scan This Guy's E-Passport and Watch Your System Crash

Printer-friendly format Printer-friendly format
Printer-friendly format Email this thread to a friend
Printer-friendly format Bookmark this thread
Home » Discuss » Topic Forums » National Security Donate to DU
 
Ian David Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Aug-01-07 12:13 PM
Original message
Scan This Guy's E-Passport and Watch Your System Crash
A German security researcher who demonstrated last year that he could clone the computer chip in an electronic passport has revealed additional vulnerabilities in the design of the new documents and the inspection systems used to read them.

Lukas Grunwald, an RFID expert who has served as an e-passport consultant to the German parliament, says the security flaws allow someone to seize and clone the fingerprint image stored on the biometric e-passport, and to create a specially coded chip that attacks e-passport readers that attempt to scan it.

Grunwald says he's succeeded in sabotaging two passport readers made by different vendors by cloning a passport chip, then modifying the JPEG2000 image file containing the passport photo. Reading the modified image crashed the readers, which suggests they could be vulnerable to a code-injection exploit that might, for example, reprogram a reader to approve expired or forged passports.

"If you're able to crash something you are most likely able to exploit it," says Grunwald, who's scheduled to discuss the vulnerabilities this weekend at the annual DefCon hacker conference in Las Vegas.


RFID expert Lukas Grunwald says e-passport readers are vulnerable to sabotage.
photo: Courtesy of Kim Zetter

More:
http://www.wired.com/politics/security/news/2007/08/epassport
Refresh | +1 Recommendations Printer Friendly | Permalink | Reply | Top
lapfog_1 Donating Member (1000+ posts) Send PM | Profile | Ignore Wed Aug-01-07 12:58 PM
Response to Original message
1. Ah yes, jpeg images stored on your passport.

Easy to create a "jpeg" that expands to overflow picture buffers (especially when they likely allocate only enough to contain the stated size and resolution of the image, encoded in the preamble to the jpeg). Once you overflow the buffer, you can pretty much do what you want.

My very first "hack" was a similar attack to an old operating system that didn't protect against a buffer overflow. Overflow enough and you can find a call stack or dynamic code chunk, load your own floatable assembly code and you are off to the races...

Silly programmers!
Printer Friendly | Permalink | Reply | Top
 
vgt888 Donating Member (1 posts) Send PM | Profile | Ignore Wed Aug-29-07 05:54 AM
Response to Reply #1
2. interesting!
How can one accomplish this, in hopes to protect their own systems from such an attack? Feel free to send me a PM if you like. Thanks!
Printer Friendly | Permalink | Reply | Top
 
DU AdBot (1000+ posts) Click to send private message to this author Click to view this author's profile Click to add this author to your buddy list Click to add this author to your Ignore list Mon May 06th 2024, 12:34 AM
Response to Original message
Advertisements [?]
 Top

Home » Discuss » Topic Forums » National Security Donate to DU

Powered by DCForum+ Version 1.1 Copyright 1997-2002 DCScripts.com
Software has been extensively modified by the DU administrators

Important Notices: By participating on this discussion board, visitors agree to abide by the rules outlined on our Rules page. Messages posted on the Democratic Underground Discussion Forums are the opinions of the individuals who post them, and do not necessarily represent the opinions of Democratic Underground, LLC.

Home  |  Discussion Forums  |  Journals |  Store  |  Donate

About DU  |  Contact Us  |  Privacy Policy

Got a message for Democratic Underground? Click here to send us a message.

© 2001 - 2011 Democratic Underground, LLC