|
kotik
fuckingsuperhero


Registered: 06/29/04
Posts: 3,531
Last seen: 4 years, 24 days
|
hackers target VerChip... and succeed!
#5901204 - 07/26/06 06:20 AM (17 years, 6 months ago) |
|
|
http://www.engadget.com/2006/07/24/verichips-human-implatable-rfid-chips-clonable-sez-hackers/
Quote:
a pair of hackers have recently demonstrated how human-implantable RFID chips from VeriChip can be easily cloned, effectively stealing the person's identity.
Quote:
with Newitz herself playing the role of guinea pig, implanting a VeriChip RFID chip in her right arm. To clone the chip, Westhues first red Newitz's arm with a standard RFID reader, then scanned it again with a homebrew antenna connected to his laptop, which recorded the signal off the chip. He then used the same RFID reader to read the signal from his laptop, which promptly spit out Newtiz's supposedly unique ID.
what a wonderful world we are living in.
-------------------- No statements made in any post or message by myself should be construed to mean that I am now, or have ever been, participating in or considering participation in any activities in violation of any local, state, or federal laws. All posts are works of fiction.
|
OJK
Stranger

Registered: 06/08/03
Posts: 10,629
|
Re: hackers target VerChip... and succeed! [Re: kotik]
#5901224 - 07/26/06 06:33 AM (17 years, 6 months ago) |
|
|
The information on VeriChips is cleartext, and broadcast as cleartext. AFAIK, copying it is trivial.
I don't imagine VeriChips are designed for secure applications.
|
kotik
fuckingsuperhero


Registered: 06/29/04
Posts: 3,531
Last seen: 4 years, 24 days
|
Re: hackers target VerChip... and succeed! [Re: OJK]
#5901226 - 07/26/06 06:34 AM (17 years, 6 months ago) |
|
|
no, but having 2 (or more) of the same chip would cause many problems with the way their system is designed, and this is but a precursor to RFID in general.
people dont need to steal your wallet anymore.. eventually they will be able to clone your credit cards and ID the same way people clone cell phones with scanners on highways.
-------------------- No statements made in any post or message by myself should be construed to mean that I am now, or have ever been, participating in or considering participation in any activities in violation of any local, state, or federal laws. All posts are works of fiction.
|
OJK
Stranger

Registered: 06/08/03
Posts: 10,629
|
Re: hackers target VerChip... and succeed! [Re: kotik]
#5904343 - 07/27/06 03:28 AM (17 years, 6 months ago) |
|
|
AFAIK, VeriChip isn't integral to the concept of RFID... I don't see why you couldn't have RFID chips with fairly strong salted encryption (although, thinking about it, salting might be a problem for passively powered chips). Of course, if it's for applications that are necessarily quite public (product tagging, people tagging etc.) there might be security problems if the keys and the crypto are distributed to many scanners (i.e. made public), because as the ciphertext is necessarily public with RFID, that could introduce weakness in a kind of DRM stylee.
|
Konnrade
↑↑↓↓<--><-->BA



Registered: 09/13/05
Posts: 13,833
Loc: LA Suburbs
Last seen: 8 months, 26 days
|
Re: hackers target VerChip... and succeed! [Re: OJK]
#5904381 - 07/27/06 04:24 AM (17 years, 6 months ago) |
|
|
In the end, verichip will inevitably be as vulnerable as any other personal data nowadays. It will no doubt be as vulnerable as credit cards, cell phones, etc.
Which means that whenever it starts becoming mainstream, people will start being victimized by those who will start circumventing/manipulating/duping it
--------------------
I find your lack of faith disturbing
|
kotik
fuckingsuperhero


Registered: 06/29/04
Posts: 3,531
Last seen: 4 years, 24 days
|
Re: hackers target VerChip... and succeed! [Re: OJK]
#5904400 - 07/27/06 04:45 AM (17 years, 6 months ago) |
|
|
Quote:
Odiumjunkie said: VeriChip isn't integral to the concept of RFID...
yup, in fact its the other way around.. RFID is an integral part of VeriChip.
Quote:
I don't see why you couldn't have RFID chips with fairly strong salted encryption.
you could.. but that would only work if someone was trying to read the chip, that has nothing to do with cloning chips. and the entire system relies on each person having a unique VeriChip, which is something cloning would def. complicate.
-------------------- No statements made in any post or message by myself should be construed to mean that I am now, or have ever been, participating in or considering participation in any activities in violation of any local, state, or federal laws. All posts are works of fiction.
|
Seuss
Error: divide byzero


Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 2 months, 20 days
|
Re: hackers target VerChip... and succeed! [Re: OJK]
#5904406 - 07/27/06 04:52 AM (17 years, 6 months ago) |
|
|
> I don't imagine VeriChips are designed for secure applications.
From the verichip website http://www.verichipcorp.com/content/company/rfidtags#implantable:
Quote:
About the size of a grain of rice, the microchip inserts just under the skin and contains only a unique, 16-digit identifier. The chip itself does not contain any other data other than this unique electronic ID, nor does it contain any Global Positioning System (GPS) tracking capabilities. And unlike conventional forms of identification, the VeriChip™ cannot be lost, stolen, misplaced, or counterfeited. It is safe, secure, reversible, and always with you.
Based upon that blurb, as a developer, I would assume the chip to be safe for use in secure applications. Especially since it cannot be stolen or counterfeited and it is both safe and secure.
One of the companies proposed uses for the technology is baby/mother identification. Basically, a way to identify that a newborn belongs with a specific woman to prevent kidnappings. Of course, if it only takes me a few seconds to copy the mothers ID...
|
kotik
fuckingsuperhero


Registered: 06/29/04
Posts: 3,531
Last seen: 4 years, 24 days
|
Re: hackers target VerChip... and succeed! [Re: Seuss]
#5904410 - 07/27/06 05:01 AM (17 years, 6 months ago) |
|
|
Quote:
And unlike conventional forms of identification, the VeriChip™ cannot be lost, stolen, misplaced, or counterfeited. It is safe, secure, reversible, and always with you.
-------------------- No statements made in any post or message by myself should be construed to mean that I am now, or have ever been, participating in or considering participation in any activities in violation of any local, state, or federal laws. All posts are works of fiction.
|
kotik
fuckingsuperhero


Registered: 06/29/04
Posts: 3,531
Last seen: 4 years, 24 days
|
Re: hackers target VerChip... and succeed! [Re: kotik]
#5905055 - 07/27/06 11:34 AM (17 years, 6 months ago) |
|
|
related: http://jonesreport.com/articles/260706_nafta.html
"NAFTA Superhighway RFID Card For US Citizens"
Quote:
Illegal aliens with cloned RFID transponders will enjoy streamlined access to the US while Americans labor under the financial burden of tolls that go directly to foreign corporations and restrictions that take the right of free travel out of their hands.
-------------------- No statements made in any post or message by myself should be construed to mean that I am now, or have ever been, participating in or considering participation in any activities in violation of any local, state, or federal laws. All posts are works of fiction.
|
|