|
Poll Question:
Do you carry an RFID bag, or device with you that has sensitive information, or accesses restricted areas? | | Total Votes: | 38 | | 1. Yes, but it's EM shielded when not in use. | 2 | 5.26 % | 
| | 2. Yes, but what is EM? | 5 | 13.16 % |
| | 3. No | 20 | 52.63 % |
| | 4. No way, no how, NO! | 11 | 28.95 % |
|
blackhawk
  
This member has been banned. See the banlist for more information.
location:
Mission Control
UER newbie
 |  |  | The RFID Hacking
< on 5/5/2006 1:23 PM >
|  | | | I'm not condoning the use of this, but this shows one the pitfalls of modern technology. RFID's that contained sensitive information, or access need to be electromagnetically shielded at all times when not is use.
http://www.wired.c...ve/14.05/rfid.html
[last edit 5/5/2006 5:44 PM by Raticus - edited 2 times]
Just when I thought I was out... they pulled me back in.
|
|
Flik
 
location:
Fargo, ND
Gender: Male
| |  | Re: The RFID Hacking
<Reply # 1 on 5/5/2006 2:42 PM >
| | | | I used to carry an RFID dongle on my keychain to access the doors and garage of an apartment I used to live in. It was very convenient. I never had problems with the system, but I could see where issues could arise with a computer or power error not unlocking the doors.
I do know of some places that use RFID systems for after hour access, and they have some pretty sensitive information. I'm almost tempted to forward that website link to them.
|
|
grit1
location:
University Campus - Minneapolis, MN
Gender: Male
Got Shear Line?
| | | Re: The RFID Hacking
<Reply # 2 on 5/5/2006 3:17 PM >
| | | | I use an RFID badge at work, but luckily it's not even active until my hand geometry is read - a nice safeguard!
|
|
Sanitarium
location:
Florida
Gender: Male
| |  | Re: The RFID Hacking
<Reply # 3 on 5/5/2006 3:26 PM >
| | | | I'm not very techno-smart but this is a good read. Shows that computers aren't always the answer to everything.
I'll stick with the 5 locks on my shop door...
|
|
grit1
location:
University Campus - Minneapolis, MN
Gender: Male
Got Shear Line?
| | | Re: The RFID Hacking
<Reply # 4 on 5/5/2006 4:13 PM >
| | | | Posted by Sanitarium
I'll stick with the 5 locks on my shop door...
|
They'd better be Medeco or Primus...
|
|
Wabbit
location:
Twin cities, Minnesota
Gender: Male
Go Silly Rabbit!
| | | Re: The RFID Hacking
<Reply # 5 on 5/5/2006 5:52 PM >
| | | | I've got RFID for both work and to get access to may apartment.
-wabs |
|
nutekk
  
location:
Central NJ
Gender: Male
| | | Re: The RFID Hacking
<Reply # 6 on 5/5/2006 6:03 PM >
| | | | and people wonder why i dont want to install rfid door entry systems... use a damn keypad connected to an alarm panel ... geez. at least then they need to use a key and number combination. i do security work for a living too haha, thanx , i'm gonna print that out and use it to show people whats up !
thanx !
cheers !
" Take only pictures, leave only footprints" |
|
grit1
location:
University Campus - Minneapolis, MN
Gender: Male
Got Shear Line?
| | | Re: The RFID Hacking
<Reply # 7 on 5/5/2006 6:30 PM >
| | | | Like most security technologies in the industry, they are only effective if used properly. Case in point, my above post. We have regular HID RFID badges at a nuclear power plant, but they're absolutely worthless until the computer acknowledges your hand geometry and your badge is activated.
Keys and locking systems are worthless unless they have an aspect of key control. This can mean something stupid and simple as a deterrent like a "do not duplicate" stamping, or something extensive and expensive like Medeco Keymark or Schlage Primus that prevents duplication of the key outright.
Keypads on an alarm system have to have audit trails and the keys have to be kept clean, and the key pad should be replaced if worn. Worn/dirty keys make brute-forcing codes easier.
The best defense is a combination of technologies and education for the users of said technologies.
|
|
Agent Skelly
  
Web Sheriff
location:
Oregon Territory
Gender: Male
Prenez De L'Avance Avec Chrysler!
| |  | | | Re: The RFID Hacking
<Reply # 8 on 5/5/2006 7:13 PM >
| | | | I don't put my EZPass or my SpeedPass in a bag. I find it kind of pointless because well for one thing, with the Speedpass, the information in it is just the device ID number printed on the side that corresponds to a backend system reference number.
The EZPass? Well, your a moron if you want to hack data off of it because its just a pointless tag number.
I do have a PayPass-enabled MasterCard, but thats not RFID, thats a ISO Standard Contactless SmartCard.
I know with Wal*Mart's transition plan to RFID, they are going to back to use Wal*Mart specific SKUs on the RFID tags themselves.
|
|
blackhawk
This member has been banned. See the banlist for more information.
location:
Mission Control
UER newbie
| | | Re: The RFID Hacking
<Reply # 9 on 5/6/2006 1:43 AM >
| | | | Posted by nutekk
and people wonder why i dont want to install rfid door entry systems... use a damn keypad connected to an alarm panel ... geez. at least then they need to use a key and number combination. i do security work for a living too haha, thanx , i'm gonna print that out and use it to show people whats up !
thanx !
|
Yeah, that's not too bright unless you want to speed up the bad guy's productivity! Finger print would make a good key though. If they got the bucks, why not?
Here's a deadbolt I found on the net, not the same thing but sort of cool.http://www.smarthome.com/51611l.html
Just when I thought I was out... they pulled me back in.
|
|
junkyard
location:
LaCrosse, WI
Gender: Male
Strategic Beer Command where the metal hits the meat.
| | | Re: The RFID Hacking
<Reply # 10 on 5/11/2006 10:29 PM >
| | | | When I need security somewhere, you can keep all your locks and electronics. I'll stick with the Mr. Brown Security Company.
I drink gasoline for breakfeast and beer for dinner!
Any problem can be licked with a case of beer and a few sticks of dynamite.
Strategic Beer Command ruling the desert since 1995 http://www.strategic-beer-command.com |
|
Pleiades
location:
Halifax
Gender: Male
| | Re: The RFID Hacking
<Reply # 11 on 5/14/2006 4:42 AM >
| | | | Posted by Agent Skelly
I don't put my EZPass or my SpeedPass in a bag. I find it kind of pointless because well for one thing, with the Speedpass, the information in it is just the device ID number printed on the side that corresponds to a backend system reference number.
The EZPass? Well, your a moron if you want to hack data off of it because its just a pointless tag number. |
Sure it’s not a lot of money but someone could use the stolen id to pay for tolls at your expense.
|
|
Bobtheallmighty
location:
Somewhere over london, Ontario
Gender: Male
gotta climb.
| | Re: The RFID Hacking
<Reply # 12 on 5/14/2006 5:23 AM >
| | | | the rf id tag i have for my work has such a short range on it, that i would never realy think anyone would be able to steal the number off of it . it would almost be the same as picking up someones credit card to read the numbers. you would have to be the same distance away.
-bob
" <Samurai> you know, we aren't as far removed from animals as we'd like to think... i still have bowel movements that border on mystical... i mean almost orgasmic" |
|
blackhawk
This member has been banned. See the banlist for more information.
location:
Mission Control
UER newbie
| | | Re: The RFID Hacking
<Reply # 13 on 5/14/2006 5:47 AM >
| | | | Posted by Bobtheallmighty
the rf id tag i have for my work has such a short range on it, that i would never realy think anyone would be able to steal the number off of it . it would almost be the same as picking up someones credit card to read the numbers. you would have to be the same distance away.
|
An RFID is not a magnetic strip of data. That's part of the concept; to have extended range. It uses RF to transmit the data, so you are at considerably much more risk of this happening with an RFID. They can steal not only a number, but any other data it contains.
Just when I thought I was out... they pulled me back in.
|
|
Bobtheallmighty
location:
Somewhere over london, Ontario
Gender: Male
gotta climb.
| | Re: The RFID Hacking
<Reply # 14 on 5/14/2006 5:48 AM >
| | | | yes but you can limit the transmit range of the tag its self.
-bob
" <Samurai> you know, we aren't as far removed from animals as we'd like to think... i still have bowel movements that border on mystical... i mean almost orgasmic" |
|
blackhawk
This member has been banned. See the banlist for more information.
location:
Mission Control
UER newbie
| | | Re: The RFID Hacking
<Reply # 15 on 5/14/2006 5:52 AM >
| | | | Posted by Bobtheallmighty
yes but you can limit the transmit range of the tag its self.
|
By EM shielding it, in which case it won't be usable when shielded.
Just when I thought I was out... they pulled me back in.
|
|
Bobtheallmighty
location:
Somewhere over london, Ontario
Gender: Male
gotta climb.
| | Re: The RFID Hacking
<Reply # 16 on 5/14/2006 5:55 AM >
| | | | rf tags arent all ways letting off the there signal. thay need to be powered buy something to be transmitting, thay usually dont have batteries.
-bob
" <Samurai> you know, we aren't as far removed from animals as we'd like to think... i still have bowel movements that border on mystical... i mean almost orgasmic" |
|
blackhawk
This member has been banned. See the banlist for more information.
location:
Mission Control
UER newbie
| | | Re: The RFID Hacking
<Reply # 17 on 5/14/2006 6:07 AM >
| | | | Posted by Bobtheallmighty
rf tags arent all ways letting off the there signal. thay need to be powered buy something to be transmitting, thay usually dont have batteries.
|
Right. That's how you hack them; by either reading them when powered up by the intended source, or by providing an RF source. It's an open book.
Just when I thought I was out... they pulled me back in.
|
|
Bobtheallmighty
location:
Somewhere over london, Ontario
Gender: Male
gotta climb.
| | Re: The RFID Hacking
<Reply # 18 on 5/14/2006 6:10 AM >
| | | | yeah but you would have to pump a pretty massive signal at it to be able to read it from a distance, or hav an insanely sensitive receiver
-bob
" <Samurai> you know, we aren't as far removed from animals as we'd like to think... i still have bowel movements that border on mystical... i mean almost orgasmic" |
|
Nords
Gender: Male
| | Re: The RFID Hacking
<Reply # 19 on 5/14/2006 8:14 AM >
| | | | At my security job we have those badges that let us into highly restricted areas. but we wear them on retractors, usually clipped to our front shirt pockets, so it would be obvious if someone was stealing its info.
Interesting article though.
|
|
Powered by AvBoard AvBoard version 1.5 alpha
Page Generated In: 109 ms
|
|
Ethics