Dailydave mailing list archives

Previous By Date Next
Previous By Thread Next

Re: VeriChip hack?

From: "Sarb" <sarbsembhi () blueyonder co uk>
Date: Thu, 27 Jul 2006 16:54:21 +0100

Josh wrote

I also have concerns with the RFID push. I have been contacting most of the

companies pushing the technology like EPC and their response is >" First we muct
get the technology in the market, then we can worry about security".

Josh, I'm sure you've seen this many times before and will see it many times
again, this is just the way these industries tends to think. I was at the
Embedded World Conference earlier this year, and attended the "Security and
Cryptography" track. And most of the speakers were from vendor companies, so I
asked them specifically what was it in their product that enhanced security?
Every single one (apart from one - who talked about MILS - Multiple Independent
Levels of Security) said that they leave the security to be dealt with at the
network level. At the end of the Conference I felt that I had confirmed to
myself that those "lovely ideas" of security in depth, onion layer approach,
multiple levels of security, etc. were just for security people.

Just to an even worse stance to this (if that's possible), the products
(represented in the Exhibition by those and many other vendors) will be those
same products (as embedded software or hardware) which will go into making so
many other appliances. Which in the long run will provide an untold number of
vulnerabilities to exploit.

Only security people are interested in security. Vendors just what to sell
products. Shame but true.

Cheers
Sarb Sembhi






_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Previous By Date Next
Previous By Thread Next

Current thread: