News

Blatant theft of ID is OK. Just don't be sneaky with RFID hacking, OK?

by Guy J Kewney | posted on 04 October 2008


You can't steal data from a RFID wireless chip in California. Fine $1,500. Bet that will terrify the hackers. And neither in Washington state just up the coast. Well, you can, as long as you aren't doing it specifically to steal ID.

The whole story, by Nancy Gohring makes hilarious, and fascinating reading. The problem, it says, is real:

A paper recently published by the Stanford Law Review detailed some alarming examples of security researchers hacking into RFID systems. In one instance several years ago, researchers at Johns Hopkins University cracked the encryption code on Texas Instruments chips used in Exxon Mobil gas cards. Armed with that code, a laptop and a simple RFID device, they were able to fill up their gas tanks for free.

But the laws sound daft. The California one only prohibits "surreptition" reading of data. What's the betting that if you set up a "check your RFID chip here" booth, people would queue up?


Technorati tags:   
"Credit cards validated for a small fee..." - You can discuss this article on our discussion board.