With prisons bursting at the seams, and prisoners spending nights in poilce or court cells, it’s no surprise people have been wondering if the government is desperate enough to put higher risk prisoners in low security prisons.

They can, however, only put prisoners in the right category of prison, or higher - so a Category A prisoner cannot be put into a Category D (or Open) prison. Only if a prisoner has been recategorised can he (or she) be moved. So the question is really whether the government has been tweaking the categorisation rules to make it easier to downgrade people, and make space in High Security prisons.
The Home Office now says categorically it has done nothing of the sort and Prison Service Order 0900 which governs categorisation is still in force, and hasn’t been changed in the last two years. So why does the Prison Officers Association disagree? They issued a press release in January claiming:

The POA have exposed the scam of continually changing the allocation criteria to shoe horn prisoners into open conditions to crisis manage an ever increasing population.

The prison service, have disposed of their Prison Service Order 0900 outlining specifically the criteria for categorisation and allocation in favour of a more easily changed IT based process.

More investigation needed, it seems.

Security consultant Adam Laurie has demonstrated in the Daily Mail how a new UK biometric passport can be cloned without even being removed from its delivery envelope. The government tends to laugh off questions about the risks associated with the new ePassports - see this letter from Joan Ryan in the Guardian where she claims:

It is no more remarkable that the basic information on the chip can be copied than it would be for someone to photocopy the same information that you can read on the personal details page of the passport.

John Lettice explains at The Register why such a dismissive response is short sighted at best:

The newly-delivered passport envelope was rerouted, and a working key was identified within four hours. Once this has been done, a fraudster would have all of the information needed to copy the chip, and therefore would be some considerable distance closer to being able to produce an identical copy of the entire passport.

The Mail notes that no proof of identity was required when the passport was delivered, but the vulnerabilities exposed mean that the problem goes far beyond the occasional passport being cloned after its delivery has been intercepted. Because it’s feasible to steal the data without detection, it’s perfectly possible that insiders could intercept large numbers of the millions of new passports delivered every year.

Given that we expect the same RFID chips to be used in ID cards, these vulnerabilities could prove extremely serious.