Is Elvis Dead? Who Knows, But His Passport Made It Through Airport Security In Amsterdam

from the biometrics? dept

There's been a big push lately to use "biometrics" at airports -- especially in light of the well publicized attack attempt last Christmas. But biometrics -- especially chips in passports -- can easily be fooled, and can create a false sense of security. JJ sent over the news of two hackers who were able to get past the security check-in with a passport claiming to be Elvis Presley -- they even included an Elvis photo. Now, there certainly are some limitations with what they did, and even they admit that this sort of hacking wouldn't work in a lot of cases. However, just the fact that they were able to get past the machine with a faked biometric Elvis chip suggests that the whole focus on biometrics is a bit of a red herring, as the data can be faked.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: airport security, elvis, security


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Blatant Coward (profile), 1 Mar 2010 @ 10:59pm

    Unh huh huh!

    Wonder what the name of the created country was? Graceland?

    link to this | view in chronology ]

  • icon
    Joe Perry (profile), 1 Mar 2010 @ 11:06pm

    I love it when hackers do things just to prove that they can. it's just lucky that they did it before any of the slightly intelligent criminals got around to it. I'm sure it won't make a huge difference in the use of the system, people tend to be overly confident in their security. maybe it'll wake up a few people, though, and someone will find ways to improve it. improving security technologies is always good, after all.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Mar 2010 @ 1:02am

      Re:

      Joe said
      " it's just lucky that they did it before any of the slightly intelligent criminals got around to it"

      I wouldn't be too sure about that. By the time "good" people think about it criminals have already been doing it for years

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Mar 2010 @ 1:02am

      Re:

      Joe said
      " it's just lucky that they did it before any of the slightly intelligent criminals got around to it"

      I wouldn't be too sure about that. By the time "good" people think about it criminals have already been doing it for years

      link to this | view in chronology ]

    • icon
      PaulT (profile), 2 Mar 2010 @ 1:50am

      Re:

      "improving security technologies is always good, after all."

      The problem isn't the technology, but peoples' dependence on it. Liberties are being violated in the name of security, and the monkeys they have staffing the machines seem to lack the capability to critically examine the information they are being given. Far too many legitimate travellers have problems "because the machine says so", while those passed are often not examined with human eyes.

      There's also the fact that such "security" is really just theatre and totally reactive. Somebody tries a shoe bomb, but is caught by existing methods - make everybody take their shoes off. Somebody tries a liquid based bomb that fails miserably - nobody can take a bottle of water on the plane. It's silly, and does nothing to improve security, regardless of the quality of the technology.

      link to this | view in chronology ]

      • icon
        Griff (profile), 5 Mar 2010 @ 12:23pm

        Shoe bomber was not caught

        "Somebody tries a shoe bomb, but is caught by existing methods"

        As I recall, Richard Reid was not "caught by existing methods" but was in the process of (stupidly) igniting his bomb in the cabin rather than the toilet when he was apprehended.

        So he was in fact not "caught" at all, in the "keeping everyone safe" meaning of the word.

        Relying on all bombers being idiots was never going to be a good long term policy. Not after the level of planning shown on 9/11.

        They need to get some creatives together to brainstorm attack methods, THEN see if their systems would withstand such attack attempts. I predicted 2 component liquid bombs would come soon after 9/11 but I'm not someone they are likely to listen to and anyway who am I supposed to tell ?

        For example, how big a swallowed detonator is required to ignite the stomach of a suicide bomber who has been swallowing many small pouches of semtex ?

        Our security services simply have no imagination, that's the problem.

        link to this | view in chronology ]

  • identicon
    bp, 1 Mar 2010 @ 11:37pm

    On the inter european union flights I get normally past the airport security without anyone really checking my id. To get a boarding pass I ususally stick a credit card into some machine, and that's already it. Someone with my credit card can fly on any domestic flight in my place by stealing one of my cards or even just getting a slip. On the baggage check I have to sometimes do something so essential to flight security as to throw my 200 ml shower gel into waste basket, but no one verifies even my picture id. Bruce Schneier has it right, when he names all this a security theatre. I had a chance to observe an Israeli airplane on an airport near my home. Well they seem to know what they are doing, they try to verify the identity of its passengers using several methods among other things and never ever leave a plane unobserved, they cannot afford bullshit in place of real flight security.

    link to this | view in chronology ]

  • icon
    Lisae Boucher (profile), 2 Mar 2010 @ 1:46am

    OMFG! Schiphol Airport? That's within 2 miles from where I live! I'm deeply ashamed...

    link to this | view in chronology ]

  • identicon
    bigjobsboard, 2 Mar 2010 @ 2:55am

    I think the security now has an idea what to improve in their system. Thanks to this culprit, the airport security will be able to do necessary actions about this so no further attempts will arise.

    link to this | view in chronology ]

  • identicon
    Lets Fear Monger, 2 Mar 2010 @ 5:05am

    False Sense of Security

    I thought that all of the 911 attackers had valid passports and other identification, all valid.

    So, of what benefit is this additional (so called) security?

    link to this | view in chronology ]

  • icon
    Richard (profile), 2 Mar 2010 @ 5:28am

    All you know is..

    These kind of systems move security away from the traditional methods (photographs and signatures) - where the personnel understood what was happening and stood a chance of using their own intelligence to detect fraud - to system of "black boxes".

    When an immigration official checks a photo ID then he can be pretty sure that the photograph is of the person in front of him. He can also use his own judgement that the document is genuine. Neither process is perfect of course - but at least the person involved understands what is going on.

    When an official checks a biometric passport a little green light (or some such) will light up to tell him its OK - but all he really knows it that the little light lit up.

    It turns him into a cypher and probably results in a lower standard of personnel in the job.

    It increases the hassle on false positives - because he will not feel that he has any discretion.

    It guarantees that anyone who defeats the technology will get through - because he is no longer bothering with any other signs.

    And of course someone WILL defeat the technology - because its such a big target that it will attract all the best hackers worldwide (eg MOSSAD).

    link to this | view in chronology ]

  • icon
    slim (profile), 2 Mar 2010 @ 7:20am

    I wouldn't be too sure about that. By the time "good" people think about it criminals have already been doing it for years

    link to this | view in chronology ]

  • identicon
    known coward, 2 Mar 2010 @ 8:03am

    no no no

    this just goes to prove ELVIS IS ALIVE. I couldnt be happier bust out the peanut butter and bannana sandwiches. The king is dead, long live the KING

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 2 Mar 2010 @ 2:40pm

    The problem with most airport security systems is that they're expensive to implement and cheap to circumvent. What we need is a system that's cheap to implement and expensive to circumvent.

    I propose a system that involves the passengers. For instance, our method of handling emergencies often involves citizens. It would be impractical for the police to monitor everything that goes on all at once and respond to emergencies accordingly. As a result we implement a system called 911. As children, in grade school, we are taught when to call 911 and when not to and when we see an emergency we call 911 directing the focus of authorities where it needs to be directed the most. The same thing can be done here. You enter an airplane and they normally have a big screen T.V. that either shows movies or a map or whatever. Well, after everyone enters an airplane and is seated they can have a five minute clip that shows/tells everyone what to look out for and when to alert authorities about suspicious behavior and when not to (ie: to avoid false positives as much as possible). Then, they can have a keypad or something that people can press a couple numbers in next to each seat to alert authorities of suspicious behavior to allow authorities to respond appropriately. After all, the passengers are in the airplane anyways, they do have an interest in ensuring safety, why not have them be the lookouts for suspicious behavior instead of just being idle.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Mar 2010 @ 3:03pm

      Re:

      Another method of creating passenger based security is to involve text messages. Airports can have some number that I can send text messages to and if I see suspicious behavior I can text message it to some authority who can text back and ask questions and tell me what to do to keep safe in case of a situation. Kinda like 911.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Mar 2010 @ 3:55pm

      Re:

      "The problem with most airport security systems is that they're expensive to implement and cheap to circumvent."

      Also, this is why teams of software engineers can spend many man hours and millions of dollars trying to secure a piece of software only to have some 13 year old kid crack it in very little time at very little cost. There are many more possible functional and insecure combinations of software than there are possible functional and secure combinations of software and so finding a functional and secure combination of software can be expensive.

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 2 Mar 2010 @ 5:06pm

      Re:

      Also think of how Americas Most Wanted works. It's a system that gets citizens involved in catching criminals. It's cheap to implement (ie: just broadcast the pictures of some criminals) and expensive to circumvent (ie: the criminals now must hide from the public at large). Without citizen involvement catching many of these criminals would not be feasible.

      We need to implement a passenger aided security system, one that involves the passengers and their ability to look out for suspicious behavior and educate passenger about what to look out for and what to report and what not to worry about.

      link to this | view in chronology ]

  • identicon
    Michael, 3 Mar 2010 @ 4:01am

    Airplane Security

    We seem to focus too much on airport security and not on airplane security. We should at least start with risk management - prevent hijackings of the planes. This one is easy - put the door to the cockpit on the OUTSIDE and put a reinforced bulkhead behind it. This limits the risk of an attack to the individual plane and whatever happens to be under it when it goes down.

    If a plane is less useful as a hijacking target, there will be less hijackings.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 3 Mar 2010 @ 1:09pm

    This is why people who actually do security for a job do not deploy biometrics most of the time, because it's very hard to get them right.

    They are useful in cases where you have a database of biometric data, and a person you want to mach to the database. So you have a person claiming that they are someone say John, you read the iris or finger print from the person making the claim and see if it matches John's entry in the database. (This has problems in that matching biometric data is not entirely reliable and to be really sure you need to get an export to verify the match, and even then it's "These could be from the same person")

    The problem with biometric passports is that you are getting the data you are checking against from the same person you are trying to identify... This doesn't work.

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.