Re: RFID Flap Silences Security Researchers

[nobody@xxxxxxxxxxxx (Dave Houston)]

"Robert Green" <ROBERT_GREEN1963@xxxxxxxxx> wrote:

>http://blog.washingtonpost.com/securityfix/
>
>RFID Flap Silences Security Researchers
>
>"New research into security vulnerabilities in radio frequency
>identification cards made by technology giant HID Global has been pulled
>from the lineup at an East Coast security conference this week.
>
>Researchers from Seattle-based security provider IOActive were planning to
>detail a technique they developed to clone the credentials stored on certain
>RFID cards made by HID. The company was expected to present the findings
>Wednesday at the Black Hat Federal security conference in Crystal City, Va.
>However, IOActive last Thursday was contacted by HID attorneys, who claimed
>the researchers were infringing on HID's intellectual property.
>
>. . .
>
>Paget said he built the cloning device mostly using information from HID's
>publicly filed patents and materials that anyone could purchase off of eBay
>for about $20."
>
>(article continues at the WaPo site, registration required )-:

I should have said "old hat" rather than "old news" as this was documented
at an earlier Black Hat conference in August 2006 and I recall even earlier
reports.

Here are a few URLs that may surprise you. The first one is the best.

http://www.youtube.com/watch?v=4jpRFgDPWVA
http://www.wired.com/wired/archive/14.05/rfid_pr.html
http://www.schneier.com/blog/archives/2006/08/hackers_clone_r.html
http://www.rfidbuzz.com/news/2005/johns_hopkins_university_and_rsa_labs_demonstrate_rfid_token_cracking_and_cloning_with_cheap_fpga_hardware.html
http://cq.cx/verichip.pl
http://blogs.reuters.com/2006/07/22/high-tech-cloning/


http://davehouston.net
http://tech.groups.yahoo.com/group/roZetta/
roZetta-subscribe@xxxxxxxxxxxxxxx