Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

Submission + - Physical Access to most US institutions broken (openpcd.org)

An anonymous reader writes: During the "27th Chaos Communication Congress" (http://events.ccc.de/congress/2010) held in Berlin this last December, a document was presented that shows how to expose the security keys of HID's proprietary iClass physical access cards. By some reports, over 80% of US-based institutions have deployed iClass physical access cards and readers. Look around your building and see if your door card reader has the HID logo. This exposes hospitals, universities, sea-side ports, utility companies, airports, high-tech companies, etc throughout the US to potential physical access security breaches. Those intimate with physical security have advocated for other PROX and MIFARE technologies. The US Government has been defining new standards in physical access associated with successful US Government employee PIV ID Card (http://csrc.nist.gov/publications/nistpubs/800-116/SP800-116.pdf). Many Government contractors as well as some local state governments have deployed PIV-I ID Cards (http://www.va.gov/pivproject/faq.asp) that rely on updated physical access technology/security. Physical Security managers at these US Institutions should be aware of this new vulnerability and assess their new elevated risks.

Slashdot Top Deals

Your good nature will bring you unbounded happiness.

Working...