American Passports to Have RFID Chips

pr1000 writes "Wired is reporting that the State Department is planned on adding RFID chips to new American passports, starting with diplomat's passports in January. Those worried about the privacy concerns of RFID should take notice, as this rollout could set a precedent."

ID...

[Amiga Lover]

Yeah. this really sucks. Imagine that, putting an RFID chip, a means of uniquely identifying a person, in a passport, a device that is meant to uniquely identify a person.

Bastards!

Tracking...

[spagetti_code]

I'm a frequent US visitor who has been fingerprinted and photographed. It didn't feel good, but its not like we have a choice.

This new step is another step towards control - remember, that is what this is all about. Bad guys get around the system - the 9/11 guys were all bona-fide visitors. Good guys, which is everyone else, gets tracked and watched.

I'm glad I'm outside the country 8+ months of the year.

Failure

[ttys00]

What happens when these chips fail? Do you get locked up for tampering with a Federal document, or some crap like that?

Re:Law Enforcement

[big ben bullet]

Maybe... but it sounds to me that the thing is not going to be that difficult to hack.

No encryption, only a digital signature...

He even admits it at the end of the article.

Now let's see what those tinfoil hats think about this. This could becoma a very interesting discussion :)

Anyway, once again I'm so glad I'm not American.

Re:Failure

[selderrr]

That is not the core problem. The issue is that IF the gov claims these tags to be secure (which they will), and your tag gets copied by someone (which, if ever feasible by criminals, can be done wirelessly, so you can't protect yourself unless you start wrapping foil around your wallet. But that would beat the purpose of the RF in RFID) you have very little means left to protect yourself.

And even worse : who will be blamed if your tag is stolen ? You ? The gov ? Certainly not the crooks as they usually get away with everything. My guess is that the new passport will carry a EULA that shifts all responsabilities to the carrier.

RFID co-channel interference?

[cardpuncher]

When your clothes have RFID chips and your passport and driving license and you're in an environment where everything else has been chipped, are the scanners going to be able to pick up anything but noise?

Re:Simple solution

[Anonymous Coward]

In my country, such faraday-cage bags have been out-lawed in several cities. As they (might) block your personal information from traveling outside of that bag, they allso block the signals of anti-theft RFID components going the same way.

The reasoning is that if you (want to) block those signals, you're probably out attempting to steal something ...

Biometrics imposed on the world

[doodlelogic]

As US passport authorities are indirectly forcing the rest of the world's governments to include biometrics in their passports (otherwise they will be denied the Visa Waiver Program).

Seems only fair that similar invasions of privacy should be imposed on Americans too. What's good for the goose...

RFID activated Mines

[Anonymous Coward]

I wonder how long it is before terrorists target US Diplomats with explosives triggered by proximity to one of these RFID tags!

Govt makes own citizens walking targets!

[a24061]

As I said last time this was mentioned, this will let terrorists to create a bomb triggered by the presence (within the RFID's readable range) of someone of a specific nationality.

So the US government is making it easier for people to target its own citizens. Nice.

The Terrorist Bomber's Dream!

[newt]

RFID chips can be read from up to 50 feet away. Sure, most readers only work from a few inches, but there is off-the-shelf equipment available for a moderate number of dollars with a much, much greater range.

So, lets assume that the RFID chips in US Passports will be readable from "a long way away". Doesn't matter if it's 10 feet, 20 feet or 50 feet. Lets just say it's more than a few inches.

What does this mean? It means that a bomber with a moderate budget could build a detonator for an explosive device which goes off when it can detect the presence of an RFID chip.

It doesn't need to actually read the chip (lets assume the passport data is encrypted), it just needs to know it's there.

Furthermore, it could count the number of unique RFIDs which are currently in range, and only detonate the explosive when enough of them are seen at the same time.

It could be planted days, weeks or months in advance, and it'd sit there until its batteries ran down waiting for the right moment to go off.

The result is a bomb which only goes off when a sufficiently large density of American citizens is present.

- mark

A signature would only provide limited security.

[Serious Simon]

If no encryption is embedded in the RFID tags, and the signature is done as a secret calculation on the data, you could copy all the data including the signature.

Of course it will be difficult to change the data and create a fake passport, but you could copy the tag from someone else's passport (without their knowledge) and use it in identity theft.

A complication would be that blank RFID tags cannot be obtained with the same serial number (current RFID tags mostly have unique serial numbers that are pre-programmed by the chip manufacturer). I would expect that the serial number is included in the signature calculation.

However, you could still build your own functionally equivalent "RFID tag chip" using off the shelf logic components and program any serial number you like. It would not be as compact as a real RFID tag, but it could be used in situations where the tag would be read without being visible.

Going naked won't do it...

[irishkev]

http://www.sciencedaily.com/print.php?url=/release s/2002/10/021015073446.htm

Gait Recognition Technology May Aid Homeland Defense
The characteristics of your walk may not be as distinctive as the swaggering of John Wayne or the sashay of Joan Collins, but your stride may still be unique enough to identify you at a distance -- alone or among a group of people.

Researchers at the Georgia Institute of Technology and elsewhere are developing technologies to recognize a person's walk, or gait. Results indicate these new identification methods hold promise as tools in the war on terrorism and in medical diagnosis.

Gait recognition technology is a biometric method - that is, a unique biological or behavioral identification characteristic, such as a fingerprint or a face. Though still in its infancy, the technology is growing in significance because of federal studies, such as the Georgia Tech projects, funded by the federal Defense Advanced Research Projects Agency (DARPA).

At Georgia Tech, one study is addressing issues of gait recognition by computer vision, and the other is exploring a novel approach -- gait recognition with a radar system similar to those used by police officers to catch speeders.

The ultimate goal is detect, classify and identify humans at distances up to 500 feet away under day or night, all-weather conditions. Such capabilities will enhance the protection of U.S. forces and facilities from terrorist attacks, according to DARPA officials.

"We need technology to find the bad guys at a distance around federal buildings," says Jon Geisheimer, a research engineer at the Georgia Tech Research Institute (GTRI). "That is the original application. And after Sept. 11, we began to see the usefulness of these technologies in airports."

Because gait recognition technology is so new, researchers are assessing the uniqueness of gait and methods by which it can be evaluated.

"We know that we can get some information on gait, but that it is much less diagnostic than faces," says Aaron Bobick, an associate professor of computing and co-director of the computer vision project at Georgia Tech. " Currently, we can't recognize one in 100,000 people. At the moment, gait recognition is not capable of that, but it's getting better so it can act as a filter."

In its early development, gait recognition technology likely will serve as a screening tool in conjunction with other biometric methods.

With two years of experiments and analysis almost complete, researchers on both Georgia Tech projects are hopeful for continued funding to conduct further studies. They must address numerous technical issues and it will be at least five years before the technologies are commercialized, researchers say.

In the project using radar for gait recognition, results from experiments, data analysis and algorithm design are promising, says Geisheimer, who works under the direction of GTRI principal research scientist Gene Greneker, and collaborates with GTRI research engineer Bill Marshall and Georgia State University Professor of Biomechanics Ben Johnson.

Gait recognition by radar focuses on the gait cycle formed by the movements of a person's various body parts move over time.

"The magic goal we're shooting for is accuracy in the high 90 percent range," Geisheimer says. "We're not there yet, but our initial results are encouraging and promising."

Researchers correctly identified 80 to 95 percent of individual subjects, with variances in that range among the three experiment days.

The next step is to build a more powerful radar system and test it in the lab and then the field. In experiments last year, subjects started walking 50 feet away from the radar and then walked within 15 feet of it. But researchers are now building a radar system that can detect people from 500 or more feet.

In the study of gait recognition by computer vision, researchers distinguish their approach from others with a techniqu

Re:Tracking...

[c0p0n]

Just because the US went from pretty much nothing to something doesn't mean the europeans have anything to goad over us.

Are you saying that the parent post of yours is doing some xenophobe afirmations?

The point is that if you go to US and you're not from the US (I do not say american... cubans are americans too) you have a serious risk of being humiliated by US frontier guards, being the risk proportional to:

1. Size of your moustach
2. Darkness of your skin

My brother went to US last year. He has no moustach, but a aggressively black hair and he has a dark skin. He was locked by the airport guards for 3 hours. They even assured that he was on a black list (!!!) only to scare him to see his reaction.

Well, if that is what you call freedom ... FIGHT AGAINST THAT, BY GOD'S SAKE!!!. There will not be another opportunity.

Scanning butts for cash

[SgtChaireBourne]

You want to walk around broadcasting data who you are to anyone with a hidden RFID reader?

This reminds me of a comment along similar lines.

When the U.S. mint added the shiny metallic strips to the bills, a friend of mine claimed quite seriously that it was so that it would be possible to "scan your butt" (or wherever you carry your wallet) to see if you were carrying loads of cash. My response at the time was sceptical, especially since the comment came from someone very non-tech, but wonder if it is even technically possible.

If the material is conductive, it should respond/reflect/absorb a specific frequency much like chaff does. Would it be possible to build a cash scanner? And if so ... "where can I get me one?" ;)

Re:Law Enforcement

[mirko]

Exactly my point, I think it's just providing an encrypted mean of reading a passport a quicker way without even having to open it, then ensure it's real.
The real issue is to know whether we need passports as a single RFID could store it all, each of the element being encrypted for a specific usage only...

Great for Terrorists

[cheetah_spottycat]

Now isn't this great news for Terrorists world wide?

RFID-Triggered bombs that will only explode when americans are in close vicinity.

Re:Simple solution

[will_die]

You don't use a jammer you use a RFID blocker, and they are the size of a regular RFID so you could just slip them into your wallet.
In a very basic explaination the blockers work by send all possible RFID numbers(in the billions and billions) so that readers get over wealmed and give up.
Thier is some talk that when RFID become more used that bags will have the blocker chip in them. This would allow the all benifits of RFID for the consumer but also allow privacy. Some other ideas have a keychain fob with an alert, when you are being read, so that you can switch on/off as you want.

Re:Failure

[mpe]

The issue is that IF the gov claims these tags to be secure (which they will), and your tag gets copied by someone (which, if ever feasible by criminals, can be done wirelessly, so you can't protect yourself unless you start wrapping foil around your wallet. But that would beat the purpose of the RF in RFID)

There has never been a document which cannot be forged. Even if such a mythical document could be created there is still the problem of criminal gangs getting a foothold in the issuing of "real" documents, through either getting a job with the issuing agency or bribing/blackmailing existing employees.

And even worse : who will be blamed if your tag is stolen ? You ? The gov ? Certainly not the crooks as they usually get away with everything.

When it comes to identity theft the "crooks" include foreign governments. Even when they get caught, as recently happened in New Zealand, all they got was a few months in jail...

Re:Tracking...

[bogado]

I actually aways wanted to visit the united states, but after the bush goverment I actually am afraid, not of terrorist but of the goverment. I am also not very confortable to visit and take my hard earned money ($1.00 = R$3.00) to a country that will treat me like a criminal from the day I arrive.

I am sorry, I do not plan to visit the US anymore. I am sure there is plenty to see and many cool things there. But I do not have anything against American people, and I will sure welcome they here in my home city, Rio de Janeiro. :-)

Re:The Terrorist Bomber's Dream!

[newt]

Read this month's CRYPTO-GRAM.

Bruce Schneier thinks the reason the RFID chips are being mandated for passwords is to permit the US Govt to read them from long distances in crowds.

He's not exactly the kind of guy who makes this stuff up.

Same principle, different application.

- mark

Re:Law Enforcement

[mirko]

The system could look like this :

1. RFID emits encrypted info
2. to decrypt emntioned info, you need to acquire some value from the passport holder.... an iris scan, for example
3. once decrypted, you get a code
4. use this code along with yours to access a database in the holder's country in order to retrieve credentials you are willing to share with them.

UK too

[t_allardyce]

Were getting the same thing in the UK starting 2005. I put my passport in the wash the other day so need to get a new one and I wasn't sure what the deal was with biometrics, I vowed not to get one if they already had fingerprint or iris data, I just feel that's totally uncalled for, especially since fingerprint theft could involve cutting off someone's fingers. So far its only going to be facial recognition which I don't really care about - passports already have your picture on them and this is basically just a very very expensive system to do exactly what a human does already. Its already a failure [bbc.co.uk] and the money has probably already been spent (the new trend these days is to spend £150M on some new system and then have the company say "erm it doesn't work, sorry, thanks for the money". I got a very big-brother-esq leaflet with my forms that told you exactly how to look for your photo - remember DO NOT smile, DO NOT frown, Look directly into the camera with a neutral expression and think about 9/11 damit! Hopefully they won't be dicks about it, if I go through check-in and the computer says I don't look like myself WTF are they going to do? Look at my photo and say "hmm you look like the photo but the computer says no, im sorry"

The data should be covered by the DPA so if I ever get a passport with a chip i'll be sure to ask for a printout of what's on it. I don't know if these will be RFID chips or not, i'd hope not, it will only be a matter of time before someone's passport is stolen while its still in their pocket.

Re:Tracking...

[isorox]

I dont mind the Yanks fingerprinting us. I just think that we should return the favour. Arrive by plane (to the UK), three queues:EU citizens (10-20 minute queue, quick glance), World Citizens (few more questions), Americans (5 hour interrogation, lock you up as a potential terrorist if you have a cowboy hat on overnight and send you back)

Do as to others etc. Not that Blair would ever upset Bush though, I wonder what will happen if Kerry gets in...

Re:Or, on the other hand for target selection

[dbIII]

Assume I am a bad guy. If I want to find an American overseas

Wouldn't it be a cheap and trivial bit of electronics to trigger a claymore mine or other piece of nastyness when someone goes by with a RFID tag? This has got to be the most counterproductive "security" measure so far.

Worried about privacy? Buy some RAM!

[AWhistler]

If you're worried about the RFID tags being detected wherever you go, consider this...

If you put your passport in a static bag, wouldn't it act like a Faraday cage and shield your passport from being detected?

If so, and I haven't tested this (anyone wanna try?), then if you upgrade the RAM in your PC you should be "protected" from these RFID privacy problems.

Re:Or, on the other hand for target selection

[forgotten_my_nick]

It does sound made up but there are certainly tourists like that. I have met quite a few. But certainly the US don't hold the monopoly on annoying tourists. One that springs to mind. I was at CeBit years ago and I am waiting for a Tram to get to the conference. Beside me is an American couple. The husband is loud and going on as the previous poster mentioned how "Everything is better where we live". He is complaining about tickets for the tram. I mention to him it is a prepay system and he needs to buy a ticket from a shop. He complains loudly about how backward that is. I have a book of tickets for the week so I give him two. They cost about 50c each (at that time). He says thanks and then gives me $20. I tell him that is way too much money and I really don't want any money for them but he goes on about how its not that much money in his country and how worthless European money is. Felt a bit insulted after that.

Re:Or, on the other hand for target selection

[SenseiLeNoir]

Obviously, you have not read the disclaimer.

I, like MOST Londonners are VERY amiable to tourists, it keeps the London economy ticking, and many time I have gone to central london during the weekends, where myself and my friends have been very friendly towards tourists, showing them around, and stuff. Although we get nominal "expenses" for this, in reality we do it because we enjoy it, and love to learn about others. I ESPECIALLY am fond of New Yorkers, who I view as coming from London's sister city. I am also Sri Lankan born, just for your information, so i am not a typical "white man, from little england"

EVEN "Loud Mouthed Texans" are GREAT fun to be with. They are VERY noticable, but that doesnt mean they are not appealling.

In reality, I skipped out a couple of details in that description of what happend. The man in concern was ALSO being racist and offensive to Chinese and Black people, saying london is "full of japs with cameras" and "niggers running the show" that the Mayor should take a stand and deal with it.

There WERE a lot of offended people, and a confrontation seemed likely to erupt. I said what i said to introduce humour into the OTHER passengers and to diffuse what could have been a very bad situation. It worked.

As i got off the train, i contacted the underground staff at the station and explained what was happening, and they had a polite word with him, and it was pretty evenly resolved. Afterwards I did see the funny side to the whole thing.

My original post was a reflection of the humour that myself and my fellow passengers felt at the time.

Guys, its friday, lighten up! For gods sakes, humour is sorely needed here.

As for your views about British Drunken Yobs, well I am safe to say, they are not welcome by the majority of the Brits either.

Re:Or, on the other hand for target selection

[legojenn]

Hey, I think I met that guy too when I was in London on holiday a few years ago. I was in London with my boyfriend at the time who was then living in England. So, we were on the London Eye and as you may well know, once you get in, you can't get out until it's made the loop around. Anyhow, This middle-aged American man with a Chicago Bears hat guy hears me speaking with ythe guy I was with and it's something like, "yer an American, Right, ah don't know what people see in this place. It's crowded and expensive and people are rude and there ain't much ta see." I politely replied that I wasn't American and maybe he wasn't giving the place a chance as you could spend years in London and not see or do all it's great things that it has to offer. His repsonse was, "Nahh, yer American" His wife finally shut him down, but he had already made a fool of himself.

Another experience that trip was in a cafe near the tube station at Green Park? I think. A woman was sitting at the table staring at a bunch of coins. She asked us what these were. I didn't have much patience for it. I figured that the coins had their denominations stamped on them and knowing simple math would be sufficient. The guy I was with figured that she just wanted rough equivalents, like the penny is the penny, there is no eqivalent to the 2p coin, the 5p coin is like the nickel, 10p dime, 20p quarter (though not as many p) 50p no common name for th equivalent. I guess that one was just funny because it was strange. It's easy to pick on US tourists, because there are so many of them.

I realise that when you travel, you go to relax, you also put yourself in a new place, but why do tourists also seem to turn their brains off when they leave their home city/country etc?

Hint for tourists to London, stay on the right side on the escalators in the Tube. I saw some old guy, well maybe middle aged, poke some tourist in the back with an umbrella, who then tripped. I laughed so hard, I almost fell over myself.

Re:The Terrorist Bomber's Dream!

[CreatureComfort]

Why wait? They could do it now with the RFID in $20 bills. Hey, by counting number of unique IDs, they could target only wealthy Americans.

Re:Tracking...

[arivanov]

Russians tried it. They have it as a law. Any visa or entrance measure is strictly bi-lateral. If a country enforces additional checks on Russian citizens, the Russian government has no other choice, but to implement the same checks reciprocally within 1 year. So watch for Russians taking american fingerprints till the end of the year. That will be fun. Almost as fun as around the end of the Clinton administration when the americans introduced an additional 100$ processing fee for Russians. Russians immediately replied. Americans retalliated by raising it to 300$. Russians replied. IIRC Americans raised it to 500$ for a few weeks before waiving it completely. I had to travel to the US (visa payed by my american employer) at the time. The dept director was close to "having kittens" after getting the demand for 300$. I think it reached as far as the company writing a letter to some congresscritters and the State Department to get a grip on reality and stop the pissing match.

Re:What's the fuss about?

[hackstraw]

We want to hide our ID from anyone's eyes who has not identified himself as a lawful officer on duty. With RFID it is hardly possible.

Well said.

I don't have much of a problem showing an ID to someone that asks for it, and I know why and what they are looking for and who they are. But being surveilled to the point that they have a complete ID on me with no physical intervention is a little scary.

Its not too tough to track someone today after the fact with such things as CC receipts, easypass things, witnesses, phone records, etc. But these things take a warrant, again after the fact. Being criminally investigated in realtime, err, no thank you.

How does this work? If you treat someone like a child, they will act like a child. If you treat someone like a criminal, they will be a good upstanding citizen? I don't think so.

If the feds want to update the passports with electronic technology, use barcodes or something. Actually, the more I think about it, it might be much more stealth to have a reveresed engineered passport RFID tag to say whatever you want. I don't see how this would be illegal because its not fraud or falsifying a document because if anyone asks for the passport, give it to them, but drive by scanning, I'm Homer Simpson and my ssn is 078-05-1120. Thanks for asking.

Overwhelm the system?

[YouHaveSnail]

Maybe a way to deal with RFID is to take a page from Microsoft's playbook. We should "embrace and extend" RFID.

Embrace it. Cover yourself in so many RFID devices that a scanner simply can't read them all reliably. I have no sense of how many that might be, but it would seem technically difficult to scan several thousand devices all at once. At a nickle per, you're really only talking about a couple hundred bucks even if you have to buy the devices yourself. With stores like Walmart essentially giving them away, you might not even have to do that. Sew them into your jacket or something so that when someone scans you, they're greeted by a cacophony of garbage signals.

Extend it. It won't be long before someone figures out how to either a) make their own RFID devices or b) modify existing ones. And there will be a window of opportunity before Congress makes doing so illegal. If you can make a chip that matches another, you can appear to be someone else. Or to be in two places at once. Or to teleport across a store or a country in a heartbeat.

Now, I certainly wouldn't suggest tampering with a device in a passport, of course, but the possibilities at Walmart are pretty interesting.

Even if you just buy legit devices from existing manufacturers, RFID can and will be used to consumers' benefit. RFID chips could be hidden by investigative journalists in products returned to stores and then used to prove that the store turns around and sells the item as "new" again. Not a big deal for a book, perhaps, but interesting when the item is, say, a car or a mattress or a rump roast.

Contactless Smart Cards - NOT RFID

[Anonymous Coward]

Unfortunately, the Wired article has it wrong. They are NOT putting RFID into passports - they are putting contactless smart cards that have built-in processing capabilities.

This doesn't mean that there aren't privacy issues, but they are different and more complex than the RFID ones.

You are a very, very, very stupid person.

[Fantastic Lad]

People who still believe in the illusion of 'terrorists' at this point are being willfully blind.

The 'terrorists' upon whose actions all of this insane police state nonsense is based were funded and manipulated by both the U.S. and Israel specifically because the psychopaths in power want to stay in power so that they can have all the money, power, sex and cocaine. Having to work for a living, or serve in the military [rense.com], is scary for them, and so they choose instead to trick all the trusting citizens into believing in 'terrorists'.

Anybody who looks at the details clearly will see the manipulation.

Remember the 'terrorist' passport they, 'found' on top of the smoking remains of the WTC?

That is just one of a hundred loose threads, and if it doesn't get your brain ticking, then you are either sleeping or dead, and you richly deserve the hell you are seeing rise around you.

"Oooh. But Conspiracies don't exist! It's impossible for a large number of people to keep a secret!"

Yeah? What the heck does that prove? NEWSFLASH: Conspirators do not NEED to keep secrets when the populace has been brainwashed into constantly looking the other way whenever a piece of evidence pops up.

People would rather fight and yell and argue in favor of the psychopathic manipulator rather than deal with the truly awful possibility that they are being raped. This, in fact, is exactly the reason psychopaths are so dangerous. Normal people are hardwired into certain behavioral traits which make them excellent marks for this sort of manipulation.

Any 'terrorist' who uses RFID passports to blow up Americans will be doing so with the consent of the military industrial complex, and your spreading of fear is making those jerks giddy with the joy of a mind-job successfully executed.

I have to live in this world, too, and imbeciles like you are contributing to the misery smart people also have to deal with. Arrogant? Gee, sorry. I'll just quietly go off to a barbed wire camp so you don't have to feel like an idiot.

-FL

Dangerous?

[Steffan]

In many countries in which I have lived, as a U.S. citizen it is not always in your best interests to broadcast the fact. This technology could give potential adversaries information on who you are, and where you are, making it easier to target Americans, even those who are not acting / dressing like it. Potentially, it could even be used to track you in a crowd, etc., making possible more targeted muggings / robberies / kidnappings.

Re:Gods own country ...

[AK Marc]

Well, when the government starts mandating that all passports be stapled to the bearer's forehead, I'll start worrying.

RFIDs are getting us further from Amageddon. No longer will they be stamped on out foreheads or right hands, but they will be able to read the number of the beast straight from our pocket. Thus, we will have averted Armageddon.

Re:There IS an RFID DOS

[Technician]

like keeping your passport in a lead bag (used for carrying film)

Don't take false security in miss-applying technology.

Some lead bags to make them flexible, use lead paint. The lead particles are suspended in the paint and are not connected to their neigbors. This will block the very short wavelength of X-rays, but allow longer wave radio to pass right on through as the lead particles are not very much of a wavelength at UHF frequecies and below. You are looking for someting that is fully conductive to kill the E field component of a radio wave to make a Farady Cage.

A cage made from particles not connected to it's neighbors may not work well at frequencies it's not designed to shunt.

Here is an experiment you can do right in your own kitchen.. Follow the directions carefully to avoid equipment dammage..

If you have a good strong cell signal in your house (like I do), call your cell phone.

Now place it in your microwave oven.

***** Do not turn on the oven! ******

Close the door.

****** Do not turn on the oven *****

Did the signal get lost?

Is the phone still connected?

Do you have any signal strength on the display?

Here is the explination of why the phone may remain connected.

The cavity of the oven is a metal box.. It should fully block RF.. It does.. The door is metal. It should block RF.. It does. The joint between the door and the cavity should have an RF seal..

Well it kinda does. The door seal on a microwave oven consists of a row of 1/4 wave stubbs that reflect energy from the magnetron back into the cavity preventing their escape. It reflects an RF short from the open end of the stub back to the gap between the door and the cavity. This reflected short connectes the door to the cavity making a continious connection to that frequency. If the door seal gets dirty or has anything caught in it, it no longer works properly. That is why the oven owners manual is worded strongly on keeping the door seal clean, in good shape, and having nothing caught in it. This stub does not work at frequencies it's not designed for. It blocks 802.11b just fine. Your 2.4 GHZ phone might not work in the microwave as that's the frequency it's designed to block. Other frequencies get past with some attenuation.

This applies to the lead film bags. They are OK at X-rays, but may fall short in UHF and VHF.

Do the microwave/phone experiment with your cell phone and the film bag. Did it loose connection when placed in the bag and the bag closed?

If the phone did not loose the signal, then you may want to try another solution.