[Infowarrior] - UK ID card hacked/cloned in 12 minutes

[Richard Forno]

http://www.computerweekly.com/Articles/2009/08/06/237215/uk-national-id-card-cloned-in-12-minutes.htm
The prospective national ID card was broken and cloned in 12 minutes,  
the Daily Mail revealed this morning.

The newspaper hired computer expert Adam Laurie to test the security  
that protects the information embedded in the chip on the card.
Using a Nokia mobile phone and a laptop computer, Laurie was able to  
copy the data on a card that is being issued to foreign nationals in  
minutes.

He then created a cloned card, and with help from another technology  
expert, changed all the data on the new card. This included the  
physical details of the bearer, name, fingerprints and other  
information.

He then rewrote data on the card, reversing the bearer's status from  
"not entitled to benefits" to "entitled to benefits".

He then added fresh content that would be visible to any police  
officer or security official who scanned the card, saying, "I am a  
terrorist - shoot on sight."
According to the paper, Home Office officials said the foreign  
nationals card uses the same technology as the UK citizens card that  
will be issued from 2012.

Guy Herbert, general secretary of privacy lobby group NO2ID, said it  
was a mistake to assume that the Home Office cared about the card, or  
identity theft or citizens' benefit.

He said the Home Office wanted the central database to record  
citizens' personal details in one place for official convenience.

"It is that database which will deliver unprecedented power over our  
lives to Whitehall and make the Home Office king in Whitehall. The  
card is an excuse to build the database. If the card is cancelled it  
already intends to use passports as a secondary excuse," he said.

Home Office officials said they were working on a response to the  
story, and would issue a statement later today.