But hey, wait a minute! Could this be deja vu all over again, sort of? Although different in some ways, RFIDs security issues do harken back a bit to troubles plaguing the 802.11 Wi-Fi market over the past couple of years. Now being replaced with the newer IEEE 802.11i, Wi-Fis earlier WEP encryption protocol was characterized by some major flaws, including a weak encryption algorithm and no mechanism for distributing encryption keys. Just as importantly, untold numbers of Wi-Fi users havent even been bothering to turn on WEP encryption.Meanwhile, even before Grunwalds talk at the Black Hat Briefings, industry analysts were already citing other lingering problems with RFID, ranging from standardization to tag pricing and performance. In a report issued in June, AMR Research noted that, with compliance deadlines rapidly approaching, the RFID industry is still without a single global standard, even though a couple of organizationsePC Global and the ISOare each striving in that direction. According to the same report, 10 percent to 20 percent of RFID tags are "dead on arrival." Tags that pass initial inspection can only be read 80 percent to 90 percent of the time. So in August of 2004, is RFID really ready for prime time yet? With unprecedented security problems starting to rear their heads, too, it might be best to stick with pilots and other limited deployments for the moment, if you can. Check out eWEEK.coms Mobile & Wireless Center at http://wireless.eweek.com for the latest news, reviews and analysis.
And guess what? In entries in Internet newsgroups, drive-by hackers have mentioned Wal-Mart warehouses, among other places, as particularly easy pickings for Wi-Fi eavesdropping.