| Topic: |
Science > Prophecies-Of-Nostradamus |
| User: |
"" |
| Date: |
24 Jul 2006 08:57:58 AM |
| Object: |
RFID hacked again and vendor says it's as safe as anything in our wallet! |
RFID is a highly controversial technology because (some say), it is
easily "hacked," which will leave it wide open for data theft. This
could mean - a bad guy gaining access to a secure building - or even
your personal information being compromised (cloned), when used in
"identification documents," such as passports.
And to make it even easier for the crooks, it's "wireless."
http://fraudwar.blogspot.com/2006/07/rfid-hacked-again-and-vendor-says-its.html
.
|
|
| User: "Cardinal Chunder" |
|
| Title: Re: RFID hacked again and vendor says it's as safe as anything inour wallet! |
26 Jul 2006 12:30:11 PM |
|
|
wrote:
RFID is a highly controversial technology because (some say), it is
easily "hacked," which will leave it wide open for data theft. This
could mean - a bad guy gaining access to a secure building - or even
your personal information being compromised (cloned), when used in
"identification documents," such as passports.
And to make it even easier for the crooks, it's "wireless."
http://fraudwar.blogspot.com/2006/07/rfid-hacked-again-and-vendor-says-its.html
I expect simple RFID devices just emit a very long number. To "hack" it,
all you need do is find out what that number is and clone it. That kind
of RFID is likely to replace or complement the kind of information that
is already printed on food and clothing labels, such as batch numbers,
production dates, product codes and so on.
As long as the RFID is in the packaging this should not be a big deal to
anyone. RFIDs sewn into clothing is another matter.
More sophisticated RFIDs may do some form of challenge response so you
can't just record and replay it since it depends on the challenge which
would change each time. One would hope that passports etc. would
implement challenge response.
Or rather one would hope that RFID is recognized as a waste of time and
a potential security hole for passports and their ilk. Even if a replay
attack is not possible, just the presence of an RFID opens up all kinds
of unpleasant attacks vectors that don't exist otherwise. If a passport
has to contain extra data, it should be via a smart chip that needs
physical contact with a machine to be read, rather than someone just
walking by.
--
"Hello. I'm Leonard Nimoy. The following tale of alien encounters is
true. And by true, I mean false. It's all lies. But they're entertaining
lies. And in the end, isn't that the real truth? The answer is: No."
.
|
|
|
| User: "Perseid" |
|
| Title: Re: RFID hacked again and vendor says it's as safe as anything in our wallet! |
26 Jul 2006 08:41:28 PM |
|
|
Cardinal Chunder <cc@foo.no.spam.xyzabcfghllaa.com> Spat the Words
tedrichardson9925@sbcglobal.net wrote:
RFID is a highly controversial technology because (some say), it is
easily "hacked," which will leave it wide open for data theft. This
could mean - a bad guy gaining access to a secure building - or even
your personal information being compromised (cloned), when used in
"identification documents," such as passports.
And to make it even easier for the crooks, it's "wireless."
http://fraudwar.blogspot.com/2006/07/rfid-hacked-again-and-vendor-says-
i
ts.html
I expect simple RFID devices just emit a very long number. To "hack" it,
all you need do is find out what that number is and clone it. That kind
of RFID is likely to replace or complement the kind of information that
is already printed on food and clothing labels, such as batch numbers,
production dates, product codes and so on.
Sounds almost like someone was intentionally trying to create a
completely useless rfid tracking system that could be easily
spoofed and successive generations of the device couldn't easily
engineer out its weaknesses.
As long as the RFID is in the packaging this should not be a big deal to
anyone. RFIDs sewn into clothing is another matter.
More sophisticated RFIDs may do some form of challenge response so you
can't just record and replay it since it depends on the challenge which
would change each time. One would hope that passports etc. would
implement challenge response.
Or rather one would hope that RFID is recognized as a waste of time and
a potential security hole for passports and their ilk. Even if a replay
attack is not possible, just the presence of an RFID opens up all kinds
of unpleasant attacks vectors that don't exist otherwise. If a passport
has to contain extra data, it should be via a smart chip that needs
physical contact with a machine to be read, rather than someone just
walking by.
.
|
|
|
|
|
| User: "Woodswun" |
|
| Title: Re: RFID hacked again and vendor says it's as safe as anything in our wallet! |
24 Jul 2006 05:51:35 PM |
|
|
On Mon, 24 Jul 2006 06:57:58 -0700, tedrichardson9925 wrote:
RFID is a highly controversial technology because (some say), it is
easily "hacked," which will leave it wide open for data theft. This
could mean - a bad guy gaining access to a secure building - or even
your personal information being compromised (cloned), when used in
"identification documents," such as passports.
And to make it even easier for the crooks, it's "wireless."
http://fraudwar.blogspot.com/2006/07/rfid-hacked-again-and-vendor-says-its.html
It's easily hacked because there's no built in at all, the rf just
broadcasts whatever it's got. It's got to be just about the dumbest
"security" idea ever - if we rely on this to keep baddies out of the
country, we've just opened up the gate.
Here's a recent article on how easily someone can not only grab the info,
but duplicate a chip in its entirety:
http://blogs.reuters.com/2006/07/22/high-tech-cloning/
Woods
.
|
|
|
|
|
Related Articles |
|
|
