Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

Submission + - Physical Access to most US institutions broken (openpcd.org)

An anonymous reader writes: During the "27th Chaos Communication Congress" (http://events.ccc.de/congress/2010) held in Berlin this last December, a document was presented that shows how to expose the security keys of HID's proprietary iClass physical access cards. By some reports, over 80% of US-based institutions have deployed iClass physical access cards and readers. Look around your building and see if your door card reader has the HID logo. This exposes hospitals, universities, sea-side ports, utility companies, airports, high-tech companies, etc throughout the US to potential physical access security breaches. Those intimate with physical security have advocated for other PROX and MIFARE technologies. The US Government has been defining new standards in physical access associated with successful US Government employee PIV ID Card (http://csrc.nist.gov/publications/nistpubs/800-116/SP800-116.pdf). Many Government contractors as well as some local state governments have deployed PIV-I ID Cards (http://www.va.gov/pivproject/faq.asp) that rely on updated physical access technology/security. Physical Security managers at these US Institutions should be aware of this new vulnerability and assess their new elevated risks.

Slashdot Top Deals

Many people write memos to tell you they have nothing to say.

Working...