...via tv.boingboing.net
A number of credit card companies now issue credit cards with embedded RFIDs (radio frequency ID tags), with promises of enhanced security and speedy transactions.
But on today's episode of Boing Boing tv, hacker and inventor Pablos Holman shows Xeni how you can use about $8 worth of gear bought on eBay to read personal data from those credit cards -- cardholder name, credit card number, and whatever else your bank embeds in this manner.
Fears over data leaks from RFID-enabled cards aren't new, and some argue they're overblown -- but this demo shows just how cheap and easy the "sniffing" can be.
Forget the tin foil hat.
Wrap it around your wallet and watch where you sit.
There may be an antenna under that chair.
Showing posts with label RFID. Show all posts
Showing posts with label RFID. Show all posts
Tuesday, March 25, 2008
Thursday, March 13, 2008
RFID Cards Hacked
Researchers and students of the Digital Security group of the Radboud University Nijmegen have discovered a serious security flaw in a widely used type of contactless smartcard, also called RFID tag. It concerns the "Mifare Classic" RFID card produced by NXP (formerly Philips Semiconductors). Earlier, German researchers Karsten Nohl en Henryk Plötz pointed out security weaknesses of this cards. Worldwide around 1 billion of these cards have been sold.
This type of card is used for the Dutch 'ov-chipkaart' [the RFID card for public transport throughout the Netherlands] and public transport systems in other countries (for instance the subway in London and Hong Kong). Mifare cards are also widely used as company cards to control access to buildings and facilities. All this means that the flaw has a broad impact. Because some cards can be cloned, it is in principle possible to access buildings and facilities with a stolen identity. This has been demonstrated on an actual system. (more)
This type of card is used for the Dutch 'ov-chipkaart' [the RFID card for public transport throughout the Netherlands] and public transport systems in other countries (for instance the subway in London and Hong Kong). Mifare cards are also widely used as company cards to control access to buildings and facilities. All this means that the flaw has a broad impact. Because some cards can be cloned, it is in principle possible to access buildings and facilities with a stolen identity. This has been demonstrated on an actual system. (more)
"I reprogrammed a car fob, Mr. Cheney. Now I control you."
by Chris Soghoian...
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.
The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field...
By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public. (more)
A team of respected security researchers known for their work hacking RFID radio chips have turned their attention to pacemakers and implantable cardiac defibrillators.
The researchers will present their paper, "Pacemakers and Implantable Cardiac Defibrillators: Software Radio Attacks and Zero-Power Defenses," during the "Attacks" session of the 2008 IEEE Symposium on Security and Privacy, one of the most prestigious conferences for the computer security field...
By reading between the lines (millions of remotely implanted medical devices, able to administer electrical shocks to the heart, can be controlled remotely from distances up to 5 feet, designed by people who know nothing about security), it is easy to predict the gigantic media storm that this paper will cause when the full details (and a YouTube video of a demo, no doubt) are made public. (more)
Security and Spying With Nanotechnology as Tiny Spy Dust Chips Track Your Movements
Nox Defense has released an invisible perimeter defense technology, which combines high-resolution video pictures and radio frequency identification (RFID) tags, sometimes referred to as "spy chips", to track assets and people in real time. The system allows security officers to see a theft or intrusion as it happens, and track a stolen object even if concealed inside a briefcase, under a jacket, or stuffed inside a sock. The FBI is among early adopters of the Nox Intelligent Perimeter Defense system, though has not released details how it will use the system. (more)
Sunday, February 24, 2008
FutureWatch - Pimping your ride with RFID
First Singapore, then Bermuda, then...?Here what happened in Bermuda...
"The Bermuda Government is issuing vehicle owners with credit card sized stickers containing a RFID chip and it is expected that every vehicle in Bermuda will carry one within a year or two. The scheme is mandatory and a $10,000 penalty applies if owners remove the chips. RFID readers are being placed in telephone poles and buildings throughout Bermuda, which enable authorities to monitor the past and present location of vehicles and record the speed at which they are traveling. The information is being sent to high speed computers that calculate everything you could possibly imagine about a travellers journey, even the route taken." (more)
The handwriting is on your windshield.
Look for government to pimp your ride, next.
Hey, they even call it something benign and acceptable.
...like EZ-Pass, Ipass or UneedaPass.
Thursday, December 27, 2007
Geoslavery
Geoslavery is a new form of human bondage based on cellphone or GPS tracking. Four years ago in IEEE Technology and Society Magazine, Pete Fisher and I [Jerome E. Dobson] defined geoslavery as "a practice in which one entity, the master, coercively or surreptitiously monitors and exerts control over the physical location of another individual, the slave." ...
This year in the Geographical Review, Pete and I warned that human tracking will become commonplace, mainly because of reduction in price. As recently as 10 years ago, the cost of round-the-clock surveillance was about $350,000 per watched person per year -- an exorbitant price tag justified only for high-value targets in matters of national security or corporate espionage. Now the cost is less than $500 per watched person per year. (more)
This year in the Geographical Review, Pete and I warned that human tracking will become commonplace, mainly because of reduction in price. As recently as 10 years ago, the cost of round-the-clock surveillance was about $350,000 per watched person per year -- an exorbitant price tag justified only for high-value targets in matters of national security or corporate espionage. Now the cost is less than $500 per watched person per year. (more)
Thursday, December 20, 2007
Santa tracks naughty and nice kids with RFID
Santa has been spying on kids for centuries but now, his these days, his job is easier, thanks to modern technology. “At Santa Claus Office in Finland, St. Nick’s elves give EPC Gen 2 tags to visiting boys and girls, who wear them so he knows who’s naughty or nice.”
EPC Gen 2 tags translates to RFID (Radio Frequency IDentification), aka spy tags. (more) (more)
Spy back on Santa. (more)
Tuesday, October 30, 2007
"So, uh, does this mean the Invisible Fence idea is out, too?"
Taiwanese high school students have launched a campaign to boycott a multi-function electronic identification card. They argued that the radio frequency identification (RFID) student card required by the Taipei City's Bureau of Education violates their rights to privacy. According to Taipei Times, the High School Student's Rights Association (HSRA) launched the boycott campaign on Sunday. The newspaper quoted the HSRA's secretary, Wang Hao-zheng, as saying that the ID keeps students under strict surveillance like convicts or animals. (more)
UK - Ten students in a secondary school in the United Kingdom are being tracked through RFID implants in their school uniforms in a pilot program. (more)
Not all parents are thrilled. (more)
Not all governments are thrilled. (more)
(In case you don't know... Invisible Fence)
Saturday, August 4, 2007
Microchips implanted in humans: High-tech helpers, or Big Brother surveillance tools?
CityWatcher.com, a provider of surveillance equipment, attracted little notice itself - until a year ago, when two of its employees had glass-encapsulated microchips with miniature antennas embedded in their forearms.
The "chipping" of two workers with RFIDs - radio frequency identification tags as long as two grains of rice, as thick as a toothpick - was merely a way of restricting access to vaults that held sensitive data and images for police departments, a layer of security beyond key cards and clearance codes, the company said.
Innocuous? Maybe.
To some, the microchip was a wondrous invention - a high-tech helper that could increase security at nuclear plants and military bases, help authorities identify wandering Alzheimer's patients, allow consumers to buy their groceries, literally, with the wave of a chipped hand.
To others, the notion of tagging people was Orwellian, a departure from centuries of history and tradition in which people had the right to go and do as they pleased without being tracked, unless they were harming someone else.
Chipping, these critics said, might start with Alzheimer's patients or Army Rangers, but would eventually be suggested for convicts, then parolees, then sex offenders, then illegal aliens - until one day, a majority of Americans, falling into one category or another, would find themselves electronically tagged. (more)
The "chipping" of two workers with RFIDs - radio frequency identification tags as long as two grains of rice, as thick as a toothpick - was merely a way of restricting access to vaults that held sensitive data and images for police departments, a layer of security beyond key cards and clearance codes, the company said.
Innocuous? Maybe.
To some, the microchip was a wondrous invention - a high-tech helper that could increase security at nuclear plants and military bases, help authorities identify wandering Alzheimer's patients, allow consumers to buy their groceries, literally, with the wave of a chipped hand.
To others, the notion of tagging people was Orwellian, a departure from centuries of history and tradition in which people had the right to go and do as they pleased without being tracked, unless they were harming someone else.
Chipping, these critics said, might start with Alzheimer's patients or Army Rangers, but would eventually be suggested for convicts, then parolees, then sex offenders, then illegal aliens - until one day, a majority of Americans, falling into one category or another, would find themselves electronically tagged. (more)
Subscribe to:
Posts (Atom)