Security researchers have found that the supposedly hard-to-counterfeit digital driver's licenses (DDLs) in use in New South Wales, Australia, actually can be altered easily .
Introduced in 2019, DDLs are used with an iOS or Android application that displays each holder's identity and age, and permits authentication.
Researcher Noah Farmer found the DDL can be cracked by brute-forcing the four-digit personal identification number that encrypts the data, which can take less than an hour using publicly available scripts and a commodity computer.
Once a hacker accesses encrypted DDL data, brute force enables them to read and alter anything stored on the file.
Farmer aired the flaws in a blog post last week; it is not clear how, or if, Service NSW, which issued the digital driver’s licenses, plans to respond.
From Ars Technica
View Full Article
Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA
No entries found