Jeremy writes to tell us that using some simple deduction, a security consultant discovered how to clone a passport as it's being mailed to its recipient, without ever opening the package. "But the key in this first generation of biometric passport is relatively easy to identify/crack. It is not random, but consists of passport number, the passport holder's date of birth and the passport expiry date. The Mail found it relatively easy to identify the holder's date of birth, while the expiry date is 10 years from the issue date, which for a newly-delivered passport would clearly fall within a few days. The passport number consists of a number of predictable elements, including an identifier for the issuing office, so effectively a significant part of the key can be reconstructed from the envelope and its address label."
There are discussions right now about the best ways to update the outdated Congressional IT policies, including the best way to make legislative records more accessible to the public via XML, APIs, etc. The Open House Project is drafting a report that they will be submitting to Congress. The project, incidentally, is supported by the Sunlight Foundation, Speaker Pelosi, and several other groups. There is also a mailing list and wiki for the project.
piersonr writes: "Under No Child Left Behind, high schools are required to turn over lists of student contact information to the Department of Defense, which adds this information to an extensive database of children. The Department of Defense claims to need the names, addresses, and phone numbers of high school students for recruiting purposes, because it enables recruiters to contact children directly in their homes and at school, which is often done without the knowledge or consent of their parents. Yesterday, Silicon Valley Congressman Mike Honda introduced legislation to restrict recruiter's access to just those students who have "opted-in" to the list."
Parallax Blue writes: CNET News is running a story on a brain/computer interface system made by Emotiv Systems. It can be used to pick up on thoughts, facial expressions, and emotions within the brain, wirelessly relaying them to a game console or PC. Uses in other industries are planned, including medicine, security, market research, and interactive television.