[Previous entry: "Bounty poster for bad cops"] [Main Index] [Next entry: "Pres on behavior modification drugs? (Rumor only)"]

07/28/2004 Archived Entry: "RFID hacking"


Low-cost RFID tags--many which are smaller than a nickel and cost less too--are already being added to packaging by retailers to keep track of inventory but could be abused by hackers and tech-savvy shoplifters, said Lukas Grunwald, a senior consultant with DN-Systems Enterprise Solutions GmbH. While the technology mostly threatens consumer privacy, the new technology could allow thieves to fool merchants by changing the identity of goods, he said.

"This is a huge risk for companies," Grunwald said during a discussion at the Black Hat Security Briefings here. "It opens a whole new area for shoplifting as well as chaos attacks." ...

When such tools become widely available, hackers and those with less pure motives could use a handheld device and the software to mark expensive goods as cheaper items and walk out through self checkout. Underage hackers could attempt to bypass age restrictions on alcoholic drinks and adult movies, and pranksters could create confusion by randomly swapping tags, requiring that a store do manual inventory.

Grunwald's software program, RFDump, makes rewriting RFIDs easy. While there are significant malicious uses of the program, consumers could also use it to protect themselves, he said.

Here's the article on CNET News.com.

And here's RFDump. (Note that of the three versions available, all three are for Linux and one of those three is also available for Windows. You also need a tag reader, but these are getting cheaper all the time.)

Ain't it wonderful -- the anarchic market at work again -- that potential solutions begin to pop up almost before the problem (RFID perpetual tagging) is upon us?

Posted by Claire @ 09:41 PM CST

Powered By Greymatter