lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue Jun 27 06:53:22 2006 From: joshuaperrymon at gmail.com (Josh L. Perrymon) Subject: Sniffing RFID ID's ( Physical Security ) I'm just looking to validate if this is the case. Are most RFID access control cards susceptable to interception? I can see the security features built into something like RFID Credit Cards.. but I'm betting this is not the case with RFID access cards. Obviously, I can't validate this until I get a RFID reader/writer. If this is the case then it's a global problem. Not only for accessing a building illegally-- but this is a form of stealing a users identify. A lot of companies use the backend data from the card readers to trend workers in/out time and areas accessed. blah blah blah. Plus, I'd like to try this on my next on-site hack. JP PacketFocus.com On 6/27/06, mikeiscool <michaelslists@...il.com> wrote: > > On 6/27/06, Josh L. Perrymon <joshuaperrymon@...il.com> wrote: > > My post was based more on *existing* RFID implementations used for > physical > > security access cards. > > > > I know that non-contact cards such as RFID Credit Cards use encryption > so > > on... But are still vulnerable to non-authorized transactions.. I'm > mean.. > > there is no green button you push to authorize the transaction. > > > > But I just don't believe that the RFID access-card I use to access > client > > premeises use any type of encryption or only communicate with specific > > readers. > > > > IF* this is the case then an attacker should have no problems powering > the > > card and making a "copy" of the contents. > > so what's your question then? how your card works? or how to make it > secure? > > > > JP > > PacketFocus > > > > www.packetfocus.com > > josh.perrymon@...ketfocus.com > > -- mic > CMLRA, Mirios > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060627/35e386cd/attachment.html
Powered by blists - more mailing lists