Real RFID Hacking Scenarios 180
kjh1 writes "Wired is running an article on RFID hacking that has potentially scary implications. Many RFID tags have no encryption and will happily transmit their information in the clear if they are active or within range of a reader. Worse yet is that they can be overwritten. Some interesting scenarios and experiments: snagging the code off of a security badge and replaying it to gain access to a secure building; vandalizing library contents by wiping or changing tags on books; changing the prices of items in a grocery or other store; and getting free gas by tweaking the ExxonMobil SpeedPass tags."
Stop your worrying! (Score:5, Funny)
Never fear, the DMCA is here to protect us from that sort of behavior. It's illegal, so I doubt criminals would even try it ;) Thanks god for big government!
http://religiousfreaks.com/ [religiousfreaks.com]Re:Regarding security badges (Score:1, Funny)
Re:Regarding security badges (Score:2, Funny)
Uhhhh... (Score:3, Funny)
Kick Me (Score:3, Funny)
Ancient RFID Hacking at Bethel Park HS (Score:0, Funny)
If they failed to deactivate the tag, or if you tried to steal a book, the system would sound an alarm, and Gary would be in an uproar. He might even have called the elderly Mrs. Simpson as backup. I recognized the 400Hz. tone as being a Mallory Sonalert.
Seeing as how we were already using the ASR-33 Teletypes with acoustic couplers in the Library to hack into local dial-up modem mainframes, I felt that a new hack was in order.
I had a Mallory Sonalert from a recent dumpster dive where my brother worked. I wired it and a 9v battery to a momentary switch and kept it in my coat pocket.
On occasions, I would situate myself in a library desk near the checkout. When Gary would wand a book, I would sound my alarm. Then, with a red face, he'd retrieve the book, and wand it again. I'd beep. He'd wand again. And again. Then, I'd stop before his blood pressure popped his head off.
Sometimes, I'd activate my Sonalert when Gary walked past the sensor gate. Sometimes not. I was having fun.
Why the long story? Well, just to let you know that hacking in a jovial sense can be a pantload of fun, and that you might not have to hack the internals of a system, to hack a system. That was 1977 folks - RFID (even in a crude sense) has been around for a while.
Our hacking was not malicious, it was fun. We never caused harm, and we never left tracks.