Friday, March 14, 2008

RFID Proved to Be Entirely Vulnerable





It's so funny to me how people tend to think technology is so great. Now, speaking as a man with three laptops, three iPods, two cell phones, and a handful of other gadgets, it may seem odd for me to be critical of the very genre of objects I clearly love so much. The thing is, nothing is perfect and "security" is something technology just doesn't do well.



Whether it's electronic voting machines or DVD encryption, one thing you can guarantee about anything digital, is that eventually someone will hack it. The more high-profile the tech is, the faster it will get it's ass hacked. RFID is a great example of a technology widely regarded as a brilliant, despite it being electronic and therefore hackable.



Radio Frequency IDentification chips were originally lauded as a great solution to all sorts of problems. From inventory tracking, to speedy payment for items in stores, to accessing medical records, RFID, to those in denial, is the technology of the gods.



For those of us willing to see the big picture, RFID is still digital.



The above screencap of a March 13, 2008 Engadget post reports that RFID chips are indeed hackable--easily so. Which is really frightening based on a March 14, 2008 Engadget post (here: http://www.engadget.com/…stems-too/ ). It reports that: "Sure, it's fun to say that one billion RFID cards are now at risk due to the Mifare Classic's broken encryption, but it's another thing to comprehend how widespread the fallout could potentially be -- the London Underground's Oyster Card is based on the chip, for example."



They go on to explain that the encryption can be beat using a PC. The post also includes a list over ten cities that use "the Mifare Classic for access control and / or mass transit ticketing" including London, Boston and Hong Kong.



If memory serves, RFID chips are also used in some credit cards and new US passports.



WHOOPS!



The video attached to this post was snagged from YouTube here: http://snipurl.com/21slz and demonstrates precisely how hacking RFID can be done. It's incredibly easy.

Mobile post sent by thepete using Utterz Replies.


Orignal From: RFID Proved to Be Entirely Vulnerable

No comments: