Judge Halts Def Con Talk
There's nothing incestuous about the drama unfolding at Def Con. Reporters in Vegas for the Black Hat and Def Con events are getting two for the price of one this year.
The Black Hat story was arguably a tempest in a teapot with journalist-on-journalist spying. What unfolded at Def Con today is the real thing. A judge in Massachussets barred students from the prestigious Massachussets Institute of Technology from presenting on a hack of RFID-based transportation tags that are used in Boston to pay for the local subway system known as the "T."
The undergraduate students had been scheduled to give a presentation Sunday afternoon in which they planned to describe "several attacks to completely break the CharlieCard," according to a CNET News.com report. The students also planned to release card-hacking software they had created, but canceled both the presentation and the release of the software.
Hacks of RFID systems used for public transit have become popular, possibly more popular than the passport hacks of the past years. In Europe the payment tags used in systems across the continent have come under heavy scrutiny from security experts. In my home country of The Netherlands, for example, the OV Chipkaart is said to have been compromised.
What all of this shows is that, once again, organisations are rushing to implement new technologies--RFID in this case--without fully considering the security impacts ahead of time. It is critical, now more than ever, to do a solid security review before commercializing any type of technology. I am sure that many of the "hackers" at Def Con and Black Hat could be hired for such services.
The Black Hat story was arguably a tempest in a teapot with journalist-on-journalist spying. What unfolded at Def Con today is the real thing. A judge in Massachussets barred students from the prestigious Massachussets Institute of Technology from presenting on a hack of RFID-based transportation tags that are used in Boston to pay for the local subway system known as the "T."
The undergraduate students had been scheduled to give a presentation Sunday afternoon in which they planned to describe "several attacks to completely break the CharlieCard," according to a CNET News.com report. The students also planned to release card-hacking software they had created, but canceled both the presentation and the release of the software.
Hacks of RFID systems used for public transit have become popular, possibly more popular than the passport hacks of the past years. In Europe the payment tags used in systems across the continent have come under heavy scrutiny from security experts. In my home country of The Netherlands, for example, the OV Chipkaart is said to have been compromised.
What all of this shows is that, once again, organisations are rushing to implement new technologies--RFID in this case--without fully considering the security impacts ahead of time. It is critical, now more than ever, to do a solid security review before commercializing any type of technology. I am sure that many of the "hackers" at Def Con and Black Hat could be hired for such services.
posted by Joris Evers @ 5:36 PM
0 Comments:
Post a Comment
<< Home