funsec mailing list archives
After Security Breach, Harvard Unveils New IDs
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 17 Jul 2008 18:50:03 -0400
http://www.thecrimson.com/article.aspx?ref=523934 The Faculty of Arts and Sciences (FAS) announced last week that students, faculty, and staff will receive new identification cards that use contactless Smartcard technology when they return to campus this fall. The upgrade comes less than a year after Theodore R. Pak '09 was caught creating duplicates of the Harvard University ID (HUID) cards belonging to University President Drew G. Faust, Assistant Dean of the College Paul J. McLoughlin II, and Dunster House Superintendent H. Joseph O'Connor. Pak's hack revealed a significant security flaw in the more than 15-year-old swipe card system, as he was able to gain access to buildings and gates across campus with only knowledge of HUID numbers and a $200 card reader bought from eBay. Assistant Dean for Physical Resources Michael L. Lichten said that the Pak incident "was a motivator for us to move more quickly in putting the new system in place." Prior to the Pak incident, HUID numbers were available to a number of individuals at the University including undergraduate User Assistants, Harvard University Dining Services workers, building managers, and freshman proctors. The University has since strictly restricted the access to these numbers, putting in place a number of protocols that limit how and when they can be displayed and accessed by members of the Harvard community. ... _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- After Security Breach, Harvard Unveils New IDs Richard M. Smith (Jul 17)