Re: RFID cloning and overall security

[Larry Pesce <lpesce () carene org>]

I'll second Robin's suggestion for Adam Laurie's presentations, certainly
Shmoocon '07.  The tool used by Adam was RFIDiot (rfidiot.org), which has
been updated quite a bit since the presentation.  Adam even sells compatible
reader and writer hardware at his website.

Full Disclosure:  I am the guy I the the Shmoocon '07 video of Adam's
presentation getting his implanted tag cloned on stage.

- L


On 1/1/08 11:19 AM, "Robin Wood" <dninja () gmail com> wrote:

> On 27/12/2007, LordDoskias <lorddoskias () gmail com> wrote:
> > Hello, and Merry Christmas to all :)
> >
> > I was wondering whether there is some info on the subject of RFID
> > cloning? I'm talking about software and instructions for a home-made
> > rfid cloner. I remember seeing a project called OpenPxxx but I can't
> > remember the name. I'd be glad if someone posts some URLs pointing to
> > information on this subject.
> Google for any of Adam Laurie's RFID presentations, he talks you
> through the different types of devices and how easy it is to clone
> them.
>
> If you can get the Shmoocon video from 07 I know that is a good one as
> I was there.
>
> Robin
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------

- L

Larry Pesce
GAWN-Gold, GCIH, GCFA
Manager, IS Security
Care New England
lpesce () carene org



This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual
or entity to whom they are addressed.  If you are not the intended recipient, you are hereby notified
that any disclosure, copying, distribution or taking of any action in reliance on the information contained in 
this e-mail is prohibited.  If you have received this e-mail in error, please notify sender by reply e-mail and 
delete this message and any attachment(s) immediately.  Thank you for your consideration in this matter.


________________________________________________________________
This message could have been secured by PGP Universal. To secure
future messages from this sender, please click this link:

https://keys.carene.org/b/b.e?r=pen-test%40securityfocus.com&n=qyxjcHJJSaPxv4ZLDFoReQ%3D%3D

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------