Black Hats Salivating Over RFID
RFID Securityor the lack of itwas one of the hottest topics at Black hat 2004 in Las Vegas. One application demonstrated the ability to read and modify RFID tag data.RFID security has become a hot topic at Black Hat 2004, currently being held in Las Vegas. Lukas Grunwald, a senior consultant with DN-Systems Enterprise Solutions GmbH, showed the audience a program he developed called "RFDump," which can read, and potentially modify, the data on an RFID tag. There are many reasons why a manufacturer or retailer might not want to invest money in RFID right now: The technology is still immature, standards have only just now been settled, and the business case has not yet been proven. Here is another: data can be exploited through these systems. It is not as if anyone had promised that these systems were secure. "Theyre not," Gartner research director Jeff Woods tells NewsFactor. But unlike computers and networks, a breach in RFID technology is not a danger to companies -- yet.
That is because most of the deployments are still in the pilot stage, and it would be next to impossible to steal data from such a limited universe. "Everybody understands this. The thinking is, security is a secondary issue right now that will be fixed once deployments are underway," Woods says.