Ones and Zeros

I’m not a security guy, that’s a whole ‘nother software specialty. But I write software, and have a fair amount of experience with networking software. That makes me aware of security issues. But I don’t need much doesn’t require much security experience at all to anticipate this kind of thing:

LAS VEGAS — It’s one of the most hostile hacker environments in the country –- the DefCon hacker conference held every summer in Las Vegas.

But despite the fact that attendees know they should take precautions to protect their data, federal agents at the conference got a scare on Friday when they were told they might have been caught in the sights of an RFID reader.

The reader, connected to a web camera, sniffed data from RFID-enabled ID cards and other documents carried by attendees in pockets and backpacks as they passed a table where the equipment was stationed in full view. (See the full article here.)

I’m just a software/networking guy. And I know better than to carry an RFID-enabled card to DefCon. I know that RFID cards can be read remotely. And I have my concerns about RFID passports and other critical ID. So, you’d think that Federal personnel who ARE security geeks would know about this and realize the implications! After all, DefCon is a key conference for security people, you’re not there if you’re not interested in technical and computer security.

I’m also writing this here so that you’ll know - even if you’re not a geek at all - that more and more ID cards, credit cards, toll booth payment devices, and similar items have RFIDs. If you can wave it near something and have your card work, it’s an RFID. And it can be read by someone you don’t want to read it. Sometimes something that’s more convenient for you is more convenient for a thief too.

There are protections like passport wallets and the like. Or, you can decide when and where you want to carry it basing that on any potential effects of theft and the potential risk of that theft. But don’t be like the Feds at DefCon who were surprised with the obvious.

This entry was posted on Sunday, August 9th, 2009 at 06:30 and is filed under hardware, electronics, technology. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.