RFID: time to get really paranoid

Friday, 10 August 2007, 11:31 AM EST

In a recent Black Hat demonstration, RFID passport readers were reportedly "crashed" when a manipulated JPEG 2000 photo was included in an RFID-enabled passport. The corrupted image caused a "buffer overflow" fault in the readers by containing more data than was expected and halting the reading process. This has been hyped as a problem with RFID but the truth is that it was a reader programming oversight. The software should have rejected the data (and e-Passport) instead of allowing the buffer overflow to stop the reading program. What's the lesson here? That it's time for manufacturers and implementers of RFID to get paranoid. But in a good way.

At AIM Global.

[ Read more ]




Spotlight

CTO insights: Defending your organization from insider attacks

An insider knows exactly how an organization does things, what they consider valuable, and how they will respond to an attack. Who else would be better to carry out an attack than an insider?


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, May 1st
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //