funsec mailing list archives
RE: RFID World Still Reacting Strongly To Virus Research
From: Blanchard_Michael () emc com
Date: Tue, 21 Mar 2006 11:24:33 -0500
Absolutely, given the right type of data on these RFID chips, the incentive goes up to hack them. Right now, who really cares if your dog or cat has had it's worm shot... But, throw SSN#, CC#'s, the ability to unlock your home, start your car, order a pizza, gamble at las vegas without using checks (chips) or any actual cash, the incentive goes way way up for organized crime, and any script kiddie with a little knowledge to start hacking these things.... Be it a worm, spybot, or just plain pirating the information.... Michael P. Blanchard Antivirus / Security Engineer, CISSP, GCIH, MCSE, MCP+I Office of Information Security & Risk Management EMC ² Corporation 4400 Computer Dr. Westboro, MA 01580 -----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Nick FitzGerald Sent: Saturday, March 18, 2006 2:53 PM To: funsec () linuxbox org Subject: Re: [funsec] RFID World Still Reacting Strongly To Virus Research Richard M. Smith quoting:
http://www.informationweek.com/story/showArticle.jhtml?articleID=183700423
<<snip>>
"RFID has security challenges," Ashton admits. "This isn't one of them." This is a far fetched scenario requiring many improbable security holes to line up just so."
Funny -- that was the official line at MS until sometime around 2001 when it realized that it was not just a bad series of coincidences that had led to all the bad stuff we were seeing due to all those "improbable security holes" lining up just so. It surely is improbable they will ine up naturally, but add a malcontent determined (or paid) enough to "get at your stuff" and the odds of a method of making things "line up just so" being found increases dramatically if you haven't paid significant attention to the details that the reaction to this story suggest may have been being ignored or glossed over... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- RFID World Still Reacting Strongly To Virus Research Richard M. Smith (Mar 18)
- Re: RFID World Still Reacting Strongly To Virus Research Nick FitzGerald (Mar 18)
- RE: RFID World Still Reacting Strongly To Virus Research Blanchard_Michael (Mar 21)
- Re: RFID World Still Reacting Strongly To Virus Research Valdis . Kletnieks (Mar 19)
- Re: RFID World Still Reacting Strongly To Virus Research Lionel Ferette (Mar 20)
- <Possible follow-ups>
- RE: RFID World Still Reacting Strongly To Virus Research Kohlenberg, Toby (Mar 18)
- Re: RFID World Still Reacting Strongly To Virus Research Nick FitzGerald (Mar 18)