Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Security

Submission + - Physical Access to most US institutions broken (openpcd.org)

An anonymous reader writes: During the "27th Chaos Communication Congress" (http://events.ccc.de/congress/2010) held in Berlin this last December, a document was presented that shows how to expose the security keys of HID's proprietary iClass physical access cards. By some reports, over 80% of US-based institutions have deployed iClass physical access cards and readers. Look around your building and see if your door card reader has the HID logo. This exposes hospitals, universities, sea-side ports, utility companies, airports, high-tech companies, etc throughout the US to potential physical access security breaches. Those intimate with physical security have advocated for other PROX and MIFARE technologies. The US Government has been defining new standards in physical access associated with successful US Government employee PIV ID Card (http://csrc.nist.gov/publications/nistpubs/800-116/SP800-116.pdf). Many Government contractors as well as some local state governments have deployed PIV-I ID Cards (http://www.va.gov/pivproject/faq.asp) that rely on updated physical access technology/security. Physical Security managers at these US Institutions should be aware of this new vulnerability and assess their new elevated risks.

Slashdot Top Deals

You are always doing something marginal when the boss drops by your desk.

Working...