- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
The recurring topic of RFID security flaws has been making headlines again lately. But unlike new e-mail viruses or Internet worms that demand the immediate attention of the IT department, this threat isn’t a front-burner security issue…at least not yet.
A few recent events have brought renewed attention to the fact that RFID is vulnerable. Earlier this month a security expert cracked one of the U.K.’s new biometric passports that use RFID to store personal information. Last month at the RSA Security `07 conference, a company called IOActive demonstrated an RFID cloner that can steal codes from building access cards. (IOActive was slated to show a similar demonstration at last month’s Black Hat security conference, but the session was quashed by a leading RFID card maker and generated more headlines regarding fairness and disclosure than the original demo would have.)
Add those events to headlines from the past year that the U.S. Department of State plans to issue passports with RFID chips containing personal information -- to which the American Civil Liberties Union has expressed vehement opposition because of the potential for exposed personal information – and reports that an RFID virus could be developed that make tags vulnerable, and suddenly the technology seems about as safe as sending confidential data over Web mail.
Yet, unlike Internet threats that could affect every person using the Web, RFID security holes are only truly dangerous if the information stored on these tags is valuable. In most enterprise applications of RFID today – many of which are still in their early phases – that’s not the case.
| The year in RFID threats These headlines were among the revelations of RFID security weaknesses over the past year:year: |
||||||||
|
Nutritional product maker Schiff Nutrition launched an RFID pilot about three months ago to tag cases and palates of supplements and energy bars with basic information – what the product is, where it was manufactured, and what kind of item it is. Security has not yet factored into the project, says Rod Farrimond, manager of business analysis, because that data alone isn’t valuable.

Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...

Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...

We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (1)
RE: RFID holes create security concernsBy rfidglobal on August 28, 2007, 5:12 amOn the 30th of September this year, a new compliance directive will come into force from the Payment Card Industry (PCI) that will affect each and every business...
Reply | Read entire comment
View all comments