Mark Joynes says...

""Governments' security experts aren't dummies and they aren't going to make those mistakes.""

I say:

what planet is he living on? it seems it must be a different one to the one I'm on.

Huh?

100s of lost government laptops every year

Confidential data on USB keys

CDs with confidential data lost in the post

Top Secret documents left on trains

Disks stolen from secure areas

"Governments' security experts aren't dummies and they aren't going to make those mistakes."

If it wasn't all quite so sad - that would have to be one of the funniest comments I've seen in ages.

So what you're saying is

That Elvis has not only left the building but is now a hacker living in Amsterdam. Damn that's quite the career move.

Bow Down To Elvis

I for one welcome Elivs as our new rocking overlord

A different angle

One thing which isn't getting much coverage is that there's just as much scope to cause chaos by altering someone else's ePassport with tampered data.

Once someone determines how to get an authoritative certificate verification the whole system becomes ineffective. How 'impossible' that is may just be a matter of time.

Government security experts? Surely you jest.

They aren't experts and they are dummies. The endless losses of govt data are more than ample proof of both propositions.

@So what you're saying is

<choke> you owe me a new keyboard... The screen went when I read:

"Governments' security experts aren't dummies and they aren't going to make those mistakes."

To be fair to the experts

"Governments' security experts aren't dummies and they aren't going to make those mistakes."

Let's not malign the experts. There are probably a few people who do know about security and formulate sensible policies - secure data transfer, encryption, minimal use only, no use of laptops or USB drives, data not to be removed from the office, etc etc - but they're vastly outnumbered by the bozos who lose laptops, post unencrypted CDs and leave Top Secret documents on trains.

You can lead a horse to water...

Government Security

""It's exceedingly unlikely," says PKI product manager Mark Joynes, arguing that the equipment used by van Beek for his demo is intended for test and development purposes, not for border deployment. "Governments' security experts aren't dummies and they aren't going to make those mistakes."""

Really? So the massive break ins and hacks, and secret docs left everywhere, are an indication of them doing things RIGHT are they?

Stupid tw*t

re: "Governments' security experts aren't dummies and they aren't going to make those mistakes."

yes - but what are the chances those ones will have any say in the matter?

Governments' security experts aren't dummies and they aren't going to make those mistakes."

No, they will just post all the details of everyons passport on a couple of DVD's and then say that no harm could ever have been done.

Is this man totally man?

Mines the one with the Paris Hilton passport in the pocket

Don't touch that 007, it's for eBay...

"Governments' security experts aren't dummies and they aren't going to make those mistakes"

That is fantastic. In the UK, Government security experts never make any mistakes... like leaving top secret documents on a train, or flogging a camera with top secret info on it. Add in the subconstractors (who certainly do make mistakes because of the rock-bottom price they quoted for the job) and the bean counters and you have a recipie for disaster.

If these machines are cheaper than the fully-secure real deal I wouldn't be at all surprised to see them used on 'non-critical border crossings' by any European government...

Mine's the one with a selection of Prime Ministerial passports in the pocket...

Gov't employees

The clerk who handles secure data is the same person who sat beside you at school who didn't have a fecking clue about anything ( i.e. knows fuck all about fuck all ) and he/she has served his/her time in the position and risen to the extreme limit of his/her incompetence. You know the ones, just above the level req'd. to work in the town hall - just a little bit more go in them. These are the bastards we trust with all these details, and they know no more now than they did when they left school, they've tried the civil service exams for years until they got to know the questions and the answers - enabling them to pass - eventually. FFS. These are George Orwell's hot house flowers with a qualification or two. These are the people who meander through life much like the Thaals (sp.?). You know them as well as I do. What do you expect?

Can we have a brain dead gov't clerk logo please?

Mines the one with the guaranteed pension fund in the pocket, ho-ho...

Are digital signatures that good an idea for Passports?

So all this relies on digital signatures from a recognized government CA (would a government really rely on a foreign 3rd party CA?).

I may have misunderstood the way trust chains work, but wouldn't the compromising of any of the certs in the chain compromise any signatures relying on that chain when the compromised certificate is revoked (or is the system not setup to do any certificate revocation checking)?

If this is the case, then compromising any cert in the trust chain would invalidate any Passport relying on the trust chain for it's signature requiring the cancelation and re-issue of the affected passports. If a country relies on a single trust chain to sign all passports, it could potentially mean the cancellation and re-issuing of ALL pasports.

Also the whole idea of having digitally signed passports make getting hold of a certificate in the chain (without alerting authorities) a very high value prize for both foreign intelligence agencies (even allies) and organized crime.