Wednesday December 3, 2008 7:41 AM AEST

SC Magazine Australia/NZ > News > Breaches & Exposures > Corporate Data > RFID leakage is hushed up - claim

Vulnerability Alerts

SANS

Microsoft

MS07-068 - Critical: Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569 and 944275) - Version:2.3
MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723) - Version:2.0

CERT/CC

Latest Comments

"trend is good antivirus software."

on Trend Micro OfficeScan Client/Server Edition

by jack | Dec 3, 2008 7:02 AM

"I feel it with you guys. These irritating interruptions on privacy MUST be stopped. It is a ..."

on Yahoo and Microsoft take aim at lottery scams

by Jan Wilmans | Dec 2, 2008 7:11 PM

"My AVG WILL NOT UPDATE"

on AVG update deletes critical Windows file

by James Downs | Dec 2, 2008 5:58 AM

"Concerned man's comments seem to intimate that if I'm using agents all will be well but the ..."

on Shavlik Technologies to broaden its patch management offerings

by Werner K | Nov 26, 2008 8:36 PM

"That will enhance Microsoft Office system, including SharePoint - good platform for enterprise ..."

on Companies have security to consider with in-the-cloud Office

by SGE | Nov 25, 2008 3:29 PM

Corporate Data

RFID leakage is hushed up - claim

By Tony Dennis
Sep 5, 2008 10:07 AM
Tags: RFID | leakage | oyster | data |

Most RFID products – like passports and Oyster cards – leak data like sieves says Brit firm, Peratech.

The scandal broke back in August but those affected – like government agencies and credit card companies – are trying to hush the problem up rather than fix it claims Peratech's Taysom.

The worst offenders are the latest generation of 'biometric' passports, he says. These very easily leak information via RFID scanning. And the victims won't even notice it is happening.

The information – garnered from airports – would be sufficient to enable a passport to be cloned, he reckons. But in Taysom's opinion, the solution is easy. Just install an ultra-thin switch using Peratech's QTC technology [see earlier INQ story].

This would mean that a biometric passport would only give its secrets up when somebody depresses the switch. That would make RFID sniffing extremely difficult.

Taysom argues that the USA is taking the whole RFID issue far more seriously than us Brits because the stakes are higher. On teh other hand they may be better at hushing it up too

Some RFID enabled credit cards have limits of around £250 (A$538). In the UK, hacking an Oyster travel card would only earn you about three quid a go, so it's currently not really worth it.

The trouble is that the wheels within the financial industry grind very slowly so Peratech shouldn't hold its breathe waiting for credit card company execs to come knocking on its door.

See Also Mythbusters RFID show axed

Ads by Google

Thoughts on this article? Add a comment below.

Be the first to comment on this article.

Report this comment as offensive:

* Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.

Name:

Email:

(will not be displayed)

Comment:

(HTML not permitted)

Validation

Enter the code you see below:

Most Read
Most Discussed
Latest News

Breaches & Exposures Whitepapers

RFID leakage is hushed up - claim

Sponsored Links

SC MAGAZINE SITEMAP

CATEGORIES

News

Alerts

Products

Stats

Blogs

Photo Galleries

Whitepapers

Events

Jobs

Downloads

Vulnerabilities & Exploits

Breaches & Exposures

Messaging

Mobile

Access Control

Biometrics & Forensics

Legal

Risk Management

Job Centre

Patch Management