April 16th, 2014

Credit Card RFID Vulnerabilities

This looks like an interesting paper published recently about the vulnerabilities in RFID chips found in newer credit cards . It sounds like the issues are fairly serious — all card tested were found susceptible to privacy leakage and relay attacks, and some of them can be “skimmed, and replayed at will”. These can be combined with “cross-contamination attacks” by encoding related data to the magstripe of the same card.

I personally never saw the point of these RFID CC’s. I guess I don’t get the difference between swiping your card <10cm away vs. swiping the magstripe directly. Is there some other grand use case for these that justifies the risks involved?

RFID and ePassport detection

Relevant to other discussions and presentations we’ve had at MRL, here is a video on ePassport detection by flexilis, the same people who brough you the bluetooth sniper rifle. They found that despite the internal shielding that the new ePassports could be read even when open only a fraction of an inch (like it could be when bouncing around in a purse). In the video they have a video of a dummy being dragged past a trash-can rigged with a RFID reader which triggers a mock explosion.

How to Build a Low-Cost, Extended-Range RFID Skimmer

This looks like it could be a fun project. Before going into construction details, he gives some background on RFID in general, talks about different specifications, and even covers a few of the other RFID hacks that have taken place. Their project is portable, and was made for less than $100.

Big Blue shows us Big Brother

IBM has a developerWorks article on Using RFID for people tracking. The tagline for the article is “You can run, but you can’t hide…“. It covers high-level concepts, architecture and technologies within RFID as well as the difficulties with tracking your employees like cattle people tracking. It also claims that people tracking through RFID is one of the most popular scenarios for RFID tracking.

RFID, tinfoil, “luciferian beehivers” and you

I’m not sure why I (or the register) didn’t hear about this earlier, but apparently the proposed Dutch biometric passport has already been cracked. It looks like this was announced here some time ago. Electronic (being used here as a euphemism for RFID now that it’s a bad word) passports are going to be issued during a pilot program in the US starting this month, but full compliance isn’t mandatory until this October.

This seems awfully fast considering that the Department of State says that they “will not issue passports incorporating integrated circuits until privacy-related concerns have been addressed.“, and the initial feedback they received on the proposal was apparently 98.5% negative. This feedback, by the way, has been posted in whole on their website. When I say “in whole”, I mean all of it, including the name, email address and sometimes physical address and phone number, and anything else in the feedback (both email and snail mail). So, way to go, thanks for addressing our privacy concerns by posting the personal information of everyone that had feedback on the subject.

Just for grins, I whipped something up to grab all of the submitted comments, and did find this a particular gem (I promise I did not make this up, it’s on the site!):

No mark of the beast for me you Luciferian beehivers.
You can take all those RFID chips wrapped like a burrito in the HR 4(6+6+6)
national id bill and stick it up yor own arse!

That left me to wonder what a “Luciferian beehiver” was though, I’m not a big fan of either Satan or Bees, much less a ghastly union of the two. Burritos are good though. This comment was left by someone claiming to be simultaneously from both Texas and Heaven, though I’m pretty sure the two are nowhere near each other. I also found 9 other comments that referenced the “mark of the beast”, 17 that speak of “evil”, and 4 “Anti-Christs”.

Anyway, beehives aside, here is a link to the slides of the original researchers (Bart Jacobs & Ronny Wichers Schreur) who exposed the dutch passport crack, and here are a couple slides on the demo that he gave. The good thing is that it takes two hours with a computer (nobody ever waits two hours in an international airport, right?), and that there is still time for improvements (hopefully fixes) before they are primetime.

november meeting

/* **************************************************************************** 
*                           Midnight Research Labs                            *
*                     !!  November Meeting announcement !!                    * 
*                        (http://midnightresearch.com)                        *
**************************************************************************** */

                        __  ____    __     _      __   __ 
                       /  |/  (_)__/ /__  (_)__ _/ /  / /_
                      / /|_/ / / _  / _ \/ / _ `/ _ \/ __/
                     /_/  /_/_/\_,_/_//_/_/\_, /_//_/\__/ 
                        ___               /___/       __      
                       / _ \___ ___ ___ ___ _________/ / 
                      / , _/ -_|_-< --_) _ `/ __/ __/ _ \
                     /_/|_|\__/___/\__/\_,_/_/  \__/_//_/
                              __        __     
                             / /  ___ _/ /  ___
                            / /__/ _ `/ _ \(_-<

		Fellow Hackers, Slackers, and Code-crackers:
        On Friday November 18th at 7pm PST we will be holding our monthly
        official Midnight Research Labs meeting.

        The focus for this month will be an entry-level talk/presentation on
        RFID, and also furthering development on wicrawl.  Check out
        [http://midnightresearch.com/wiki/index.php/Wicrawl] for more details.

        Anyone with project ideas, or active projects that they want
        help with are encouraged to bring them along.  This can either
        be just to show them off, or to actively propose them for an
        official MRL project.  Projects are generally either security
        or "novel computing" related, though we're always open to cool
        and new ideas (read robotics, electronics hacking, etc =).
        Don't feel pressured to come up with something or bring anything.

        Light refreshments, pizza and beer will be served.

                Phase 0x0: Bootstrapping
                  - Greetings and welcome
                  - Who we are, and what we do
                Phase 0x1: Initialization
                  - RFID preso (25 min)
                  - RFID project brainstorming (15 min?)
                  - wicrawl
                          - status
                          - Design, brainstorming, etc
                          - roles, research, and project pieces
                          - Project Hacking!
                Phase 0x2: Local exploits
                  - Food
                  - Off topic tools, toys and other shiny things -- If anyone
                    has any interesting to show off or play with, please bring
                        - cybernmd's VR goggles
                  - Whatever till whenever -- This is the more social
                    part of the event.  People are invited to stay and
                    hack and have a couple drinks till whenever this

        This is an "invite only" event, so, don't distribute the location to
        just anyone =).  That being said, we're still looking for active
        members, so if you know someone that would be interested in
        contributing and want to sponsor or vouch for them, feel free to bring
        them along (let me know in advance if possible)

       [ censored for http, contact [sth -[at]- midnightresearch dot com] for details ]

                For those remote, we will have a conference number, and I'll
                email that out shortly before the meeting.

        Notes (nfo):
        - We're about 1.5 miles from bart.
        - Bringing a Laptop is a probably good idea if you have one.
        - Please feel free to contact me by email or phone if you have
          any questions
        - I don't expect hordes of people to show up, probably ~8-10 but I
          do expect the signal to noise ratio to be very good.  I hope that
          people learn and are challenged by attending, and on the flipside,
          I expect great things to come out of MRL.

Thanks! Hope to see you there!

        # perl -e '$in_real_life ? print "Aaron\n" : print "sith\n"'

tracking people with rfid (update)

Just a quick update to the last post. Here’s a link to c|net coverage, and here’s a link to some pictures of the event. Looks like it had a pretty good turn out.

tracking people with rfid

Karen Marcelo who does a couple other pretty cool things like dorkbot
and survival research labs helped a couple others put together an interesting thing tonight at SFMOMA.

From what I can gather, they handed all the entrants a RFID tag, and proceeded to track them throughout the exhibits. Then they wrote some visualization software to track them as they wandered about. I haven’t seen any of the output from this, but it sounds pretty cool, and I’m sad that I missed it (just saw the announcement tonight).

Imhotep theme designed by Chris Lin. Proudly powered by Wordpress.
XHTML | CSS | RSS | Comments RSS