Dailydave mailing list archives
Re: VeriChip hack? (Sorry if this posts twice)
From: Hugo Fortier <hfortier () recon cx>
Date: Thu, 27 Jul 2006 11:06:21 -0400
On 26-Jul-06, at 6:39 PM, Michael Krymson wrote:
A commenter on a news link I read today said that the presenters only demonstrated grabbing the unique ID off the RFID. Unfortunately, the rest of the data is supposedly more encrypted and it is not a concern to leak the unique ID itself. I cannot attest to this firsthand, but perhaps someone here can.
Only the unique ID is stored on the RFID, the rest of the data is stored in a Database. The presentation was about the fact that the Verichip compagny that implant RFID on Human are using a system that have no security at all (even if they say it's secure). The demo Jonathan did was a demo about the Reader/Spoofer device he made, he has basicly read Annalle implanted RFID and spoofed it back to the Verichip reader. Here is a quote from Verichip website: "With VeriChip's patented, FDA-cleared, human-implantable RFID microchip technology, access control has achieved a new level of protection never offered before. Now, organizations can protect entire buildings, floors, or designated areas with the highest level of security available today, and easily incorporate this into existing building control systems. Additionally, staff, visitors, and even assets can be tracked within the facility in real-time." Ok now If I told you that Highest level of security available today is the same technologie that is used to tag Pets? Personally If I was implanting myself with a chip with the intention to open my door or use it as a credit card, I would't want to hear I got to change my chip every year for security update... Apparently the removal can be a mess... If you want to check more about RFID and Verichip: Annalee Newtiz Wired article: http://www.wired.com/wired/archive/ 14.05/rfid_pr.html Jonathan Westhues website: http://cq.cx/prox.pl Last year recon presentation / video about RFID Proximity Cards http://2005.recon.cx/recon2005/papers/Jonathan_Westhues/ Hugo
Either way, there are three truths to this new technology: - It will happen. That's just the way technology is...not everything gets turned away like e-voting (sort of) - It will be insecure and will cause problems...but then again, do fake IDs, passports, etc. - It will be the next big thing since virtualization steam-rolled into the industry Nick Selby wrote:Anyone see the demo on the verichip hack at hope? Anyone have any opinion on the demo, like, was it successful :) ? Apologies again if this posts twice. --------------------------------------------------------------------- --- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: VeriChip hack? (Sorry if this posts twice), (continued)
- Re: VeriChip hack? (Sorry if this posts twice) Michael Krymson (Jul 26)
- Re: VeriChip hack? (Sorry if this posts twice) Josh L. Perrymon (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Jared DeMott (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Curt Wilson (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) dan (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Jared DeMott (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Josh L. Perrymon (Jul 28)
- Re: VeriChip hack? (Sorry if this posts twice) Dave Korn (Aug 03)
- Re: VeriChip hack? (Sorry if this posts twice) Josh L. Perrymon (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Alex J Lennon (Jul 28)
- Re: VeriChip hack? (Sorry if this posts twice) Michael Krymson (Jul 26)
- Re: VeriChip hack? Sarb (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Nicholas Andre DePetrillo (Jul 27)
- Re: VeriChip hack? (Sorry if this posts twice) Pusscat (Jul 27)