«
Expand/Collapse
94 items tagged "rfid"
Related tags:
tag [+],
system [+],
reader [+],
harald welte [+],
audio [+],
rfidiot [+],
rfid reader [+],
rfid devices [+],
radio frequency identification [+],
python library [+],
library [+],
card [+],
chris paget [+],
black hat [+],
video [+],
usa [+],
time [+],
slides [+],
openpcd [+],
microcontrollers [+],
fifa worldcup tickets [+],
digital [+],
commission [+],
world [+],
wallet [+],
soccer world cup [+],
rfidiots [+],
privacy event [+],
privacy [+],
nick farr [+],
misc [+],
librfid [+],
iso [+],
hacking [+],
free software implementation [+],
fifa soccer world [+],
fifa [+],
europe [+],
door [+],
device [+],
authors [+],
andreas krisch [+],
adam laurie tags [+],
adam laurie [+],
hacks [+],
vending machine [+],
transportation [+],
talk [+],
taiwan [+],
taipei [+],
spoofers [+],
spoofer [+],
soldering irons [+],
smart card reader [+],
reading [+],
raoul dcosta [+],
radio [+],
public transportation services [+],
practical [+],
openpicc [+],
nohl [+],
new [+],
mythbusting [+],
mifare [+],
mhz [+],
luiz eduardo tags [+],
iphone [+],
home [+],
hacker community [+],
free hardware designs [+],
extreme range [+],
experimental verification [+],
epassport [+],
emrtd [+],
electromagnetic radiation [+],
cryptographic primitives [+],
correct implementation [+],
code [+],
chaos communication camp [+],
cat [+],
car [+],
capital taipei [+],
call [+],
biometric passports [+],
asia [+],
Wireless [+],
chaos communication congress [+],
zach charat [+],
year [+],
work [+],
wooden craft [+],
way [+],
wave of the hand [+],
transplant [+],
transit card [+],
transit [+],
tracking [+],
track [+],
tool [+],
toilet paper [+],
tiny hands [+],
thirsty patrons [+],
table [+],
swipe [+],
structure mounts [+],
strike plate [+],
strike [+],
speakers [+],
someone [+],
soldering iron [+],
software interface [+],
soda machine [+],
social structure [+],
sniffer [+],
smart card writer [+],
smart card reader writer [+],
simple [+],
serge [+],
security system [+],
security implications [+],
security authors [+],
scratch built [+],
schematics [+],
rush [+],
robot [+],
ribeiro [+],
rfid tags [+],
rfid implementation [+],
record player [+],
record [+],
range [+],
radio shack [+],
quite some time [+],
qr code [+],
proximity detection [+],
proximity [+],
proprietary algorithms [+],
proprietary [+],
presentation [+],
power [+],
popcard [+],
player [+],
pin microcontroller [+],
physical tokens [+],
phone [+],
peripherals [+],
patent attorneys [+],
patent attorney [+],
passwords [+],
passports [+],
passive [+],
parallax [+],
override [+],
orange tiles [+],
orange square [+],
orange [+],
online [+],
novel radio [+],
novel methods [+],
novel [+],
nonsense [+],
nomex fabric [+],
nicholas [+],
news [+],
navic [+],
nail polish remover [+],
musical toy [+],
mind control devices [+],
milosch [+],
microcontroller [+],
mesh network [+],
melanie rieback [+],
matt [+],
malware [+],
magnet wire [+],
magic table [+],
magic music [+],
magic [+],
machine [+],
lukas grunwald [+],
low frequency [+],
lot [+],
long [+],
logic chips [+],
logic [+],
locks [+],
live [+],
lifehacks [+],
level functionality [+],
legal channels [+],
latest project [+],
landmanr [+],
kid friendly [+],
keypad [+],
kevlar [+],
jukebox [+],
john [+],
joe [+],
industry guidelines [+],
immobiliser [+],
huge collection [+],
home entertainment systems [+],
hindrances [+],
hex code [+],
having some sort [+],
hat europe [+],
hands and fingers [+],
hand [+],
guidelines [+],
ground pins [+],
government id [+],
government [+],
fun [+],
free drinks [+],
felines [+],
fabrication system [+],
exploits [+],
existence [+],
european commission [+],
eric [+],
electronics engineer [+],
electronic id [+],
edward farrell tags [+],
edward farrell [+],
ebay [+],
duct tape [+],
drink [+],
doug jackson [+],
double doors [+],
dorm rooms [+],
dorm room [+],
dorm [+],
door latch [+],
don [+],
dominik [+],
documentation [+],
diy [+],
dives [+],
distro [+],
dirt [+],
dip switches [+],
development demo [+],
development [+],
detection [+],
design considerations [+],
demystified [+],
curiosity [+],
cryptographic algorithms [+],
cornell university [+],
concept demonstrations [+],
concept [+],
classic [+],
child [+],
charat [+],
change [+],
cat tracker [+],
cat flaps [+],
cat feeder [+],
cat door [+],
carl [+],
cards [+],
card reader writer [+],
car door [+],
capacitors [+],
bunnie [+],
build [+],
bucks [+],
brad antoniewicz [+],
bottom button [+],
boston transit [+],
boston [+],
boris danev [+],
better security [+],
beth [+],
bertrand fan [+],
bertrand [+],
benjamin blundell [+],
benjamin [+],
beginners [+],
becky stern [+],
avr [+],
audio playback [+],
assets [+],
anna [+],
aluminum angle [+],
alex [+],
afar [+],
adam [+],
acetone [+],
access system [+],
access panel [+],
access [+],
abu dhabi [+],
abdullah [+],
aaron [+],
security [+],
rfid readers [+],
rfid tag [+],
arduino [+]
-
-
13:01
»
Hack a Day
iClass is an RFID standard that is aimed at better security through encryption and authentication. While it is more secure than some other RFID implementations, it is still possible to hack the system. But initial iClass exploits were quite invasive. [Brad Antoniewicz] published a post which talks about early attacks on the system, and then [...]
-
-
9:01
»
Hack a Day
[João Ribeiro] is an electronics engineer by day, but in his free time he likes to ply his trade on everyday items. Recently he’s been integrating his own microcontroller network to unlock and start his car via RFID. In addition to the joy of pulling apart the car’s interior, he spent time designing his own [...]
-
-
12:01
»
Hack a Day
This soldering nightmare is a configurable RFID tag which has been built from 7400-series logic chips. The beast of a project results in an iPhone-sized module which can be used as your new access card for security systems that uses the 125 kHz tags. The best part is that a series of switches makes the [...]
-
-
20:50
»
Packet Storm Security Recent Files
RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
-
20:50
»
Packet Storm Security Recent Files
RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
-
20:50
»
Packet Storm Security Tools
RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
-
20:50
»
Packet Storm Security Tools
RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
-
20:50
»
Packet Storm Security Misc. Files
RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
-
20:50
»
Packet Storm Security Misc. Files
RFIDIOt is a python library for exploring RFID devices. It currently drives a couple of RFID readers made by ACG, called the HF Dual ISO and the LFX. Includes sample programs to read/write tags and the beginnings of library routines to handle the data structures of specific tags like MIFARE(r).
-
-
12:01
»
Hack a Day
We never bought an RFID reader because it seems too simple to be all that much fun. But [Abdullah] really caught our eye with his latest project. It’s an RFID reader built from discrete parts, and that’s an adventure we can get behind! His write-up dives right into the theory of the device. He wrapped [...]
-
-
21:50
»
SecDocs
Authors:
Henryk Plötz Milosch Meriac Tags:
RFID Event:
Chaos Communication Camp 2007 Abstract: This presentation will explain how to access information stored on 13.56MHz RFID cards by using the open hardware RFID reader/writer design OpenPCD. It will enable users of the OpenPICC 13.56Mhz RFID emulator to add software support for RFID emulation profiles and show how to practically sniff RFID transactions with OpenPICC. OpenPCD is a free hardware design for Proximity Coupling Devices (PCD) based on 13,56MHz communication. This device is able to screen informations from Proximity Integrated Circuit Cards (PICC) conforming to vendor-independent standards such as ISO 14443, ISO 15693 as well as proprietary protocols such as Mifare Classic. Contactless cards like these are for example used in the new electronic passports. The intention of the OpenPCD project is to offer the users full hardware control of the RFID signal and to provide different output signals for screening the communication. With already existing Free Software from the OpenMRTD project for implementing the PCD side protocol stack of various RFID protocols, this project will happily extend the free toolchain around RFID verification. The OpenPICC project for Proximity Integrated Circuit Cards (PICC) is the counterpart to OpenPCD. It is a device that emulates 13.56MHz based RFID transponders / smartcards. OpenPICC can be used to e.g. simulate ISO 14443 or ISO 15693 transponders, such as those being used in biometric passports and FIFA worldcup tickets. Like OpenPCD, the hardware design and software are available under Free Licenses.
-
21:50
»
SecDocs
Authors:
Henryk Plötz Milosch Meriac Tags:
RFID Event:
Chaos Communication Camp 2007 Abstract: This presentation will explain how to access information stored on 13.56MHz RFID cards by using the open hardware RFID reader/writer design OpenPCD. It will enable users of the OpenPICC 13.56Mhz RFID emulator to add software support for RFID emulation profiles and show how to practically sniff RFID transactions with OpenPICC. OpenPCD is a free hardware design for Proximity Coupling Devices (PCD) based on 13,56MHz communication. This device is able to screen informations from Proximity Integrated Circuit Cards (PICC) conforming to vendor-independent standards such as ISO 14443, ISO 15693 as well as proprietary protocols such as Mifare Classic. Contactless cards like these are for example used in the new electronic passports. The intention of the OpenPCD project is to offer the users full hardware control of the RFID signal and to provide different output signals for screening the communication. With already existing Free Software from the OpenMRTD project for implementing the PCD side protocol stack of various RFID protocols, this project will happily extend the free toolchain around RFID verification. The OpenPICC project for Proximity Integrated Circuit Cards (PICC) is the counterpart to OpenPCD. It is a device that emulates 13.56MHz based RFID transponders / smartcards. OpenPICC can be used to e.g. simulate ISO 14443 or ISO 15693 transponders, such as those being used in biometric passports and FIFA worldcup tickets. Like OpenPCD, the hardware design and software are available under Free Licenses.
-
2:55
»
SecDocs
Authors:
Harald Welte Milosch Meriac Tags:
RFID Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The presentation will cover an introduction into the two popular RFID Standards, ISO14443 and ISO15693, as well as the author's Free Software implementation "librfid" The number of deployments of RFID based solutions is growing every day. Still, detailed low-level knowledge of the involved protocols is rare, even within the hacker community. The first part of this presentation describes the two commonly-deployed ISO standards 14443 and 15693 - from physical layer up to session layer. It will then continue to look at the typical architecture of RFID readers. The second part will cover "librfid", the GPL licensed Free Software implemetation of an ISO 14443 and 15693 host-side stack. The third part will look at our current progress in developing hardware and software defined radio (SDR) based passive sniffing of the RFID radio interface. After all, who wouldn't want to have "tcpdump" like functionality for RFID?
-
2:46
»
SecDocs
Authors:
Harald Welte Milosch Meriac Tags:
RFID Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The presentation will cover an introduction into the two popular RFID Standards, ISO14443 and ISO15693, as well as the author's Free Software implementation "librfid" The number of deployments of RFID based solutions is growing every day. Still, detailed low-level knowledge of the involved protocols is rare, even within the hacker community. The first part of this presentation describes the two commonly-deployed ISO standards 14443 and 15693 - from physical layer up to session layer. It will then continue to look at the typical architecture of RFID readers. The second part will cover "librfid", the GPL licensed Free Software implemetation of an ISO 14443 and 15693 host-side stack. The third part will look at our current progress in developing hardware and software defined radio (SDR) based passive sniffing of the RFID radio interface. After all, who wouldn't want to have "tcpdump" like functionality for RFID?
-
2:45
»
SecDocs
Authors:
Harald Welte Milosch Meriac Tags:
RFID Event:
Chaos Communication Congress 22th (22C3) 2005 Abstract: The presentation will cover an introduction into the two popular RFID Standards, ISO14443 and ISO15693, as well as the author's Free Software implementation "librfid" The number of deployments of RFID based solutions is growing every day. Still, detailed low-level knowledge of the involved protocols is rare, even within the hacker community. The first part of this presentation describes the two commonly-deployed ISO standards 14443 and 15693 - from physical layer up to session layer. It will then continue to look at the typical architecture of RFID readers. The second part will cover "librfid", the GPL licensed Free Software implemetation of an ISO 14443 and 15693 host-side stack. The third part will look at our current progress in developing hardware and software defined radio (SDR) based passive sniffing of the RFID radio interface. After all, who wouldn't want to have "tcpdump" like functionality for RFID?
-
-
21:44
»
SecDocs
Authors:
Harald Welte Milosch Meriac Tags:
RFID Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This presentation will introduce and demonstrate OpenPCD and OpenPICC. The purpose of those projects is to develop free hardware designs and software for 13.56MHz RFID reader and transponder simulator. OpenPICC can be used to e.g. simulate ISO 14443 or ISO 15693 transponders, such as those being used in biometric passports and FIFA worldcup tickets. The OpenPCD project is a 100% Free Licensed RFID reader hardware and software design. It has first been released on September 13, 2006. Using OpenPCD, interested hackers can directly access the lowest layers of 13.56MHz based RFID protocols. The hardware offers a number of digital and analog interfaces, and the firmware source code is available and can be modified and compiled using arm-gcc. The OpenPICC project is the counterpart to OpenPCD. It is a device that emulates 13.56MHz based RFID transponders / smartcards. Like OpenPCD, the hardware design and software are available under Free Licenses. It has not been released yet, but the first prototypes are working and it is expected to be released before 23C3. The presentation will introduce and explain the OpenPCD and OpenPICC hardware as well as software design.
-
-
21:45
»
SecDocs
Authors:
Harald Welte Milosch Meriac Tags:
RFID Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This presentation will introduce and demonstrate OpenPCD and OpenPICC. The purpose of those projects is to develop free hardware designs and software for 13.56MHz RFID reader and transponder simulator. OpenPICC can be used to e.g. simulate ISO 14443 or ISO 15693 transponders, such as those being used in biometric passports and FIFA worldcup tickets. The OpenPCD project is a 100% Free Licensed RFID reader hardware and software design. It has first been released on September 13, 2006. Using OpenPCD, interested hackers can directly access the lowest layers of 13.56MHz based RFID protocols. The hardware offers a number of digital and analog interfaces, and the firmware source code is available and can be modified and compiled using arm-gcc. The OpenPICC project is the counterpart to OpenPCD. It is a device that emulates 13.56MHz based RFID transponders / smartcards. Like OpenPCD, the hardware design and software are available under Free Licenses. It has not been released yet, but the first prototypes are working and it is expected to be released before 23C3. The presentation will introduce and explain the OpenPCD and OpenPICC hardware as well as software design.
-
-
14:59
»
SecDocs
Authors:
Henryk Plötz Karsten Nohl Tags:
RFID Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk will elaborate on the security and social aspects of RFID technology. We will talk about our projects of the past year, including the FIFA World Cup tickets. This talk will be about some of the hacking related things (technological and social) that you can do with RFID technology. Topics will include: + electronic passports + Mifare cryptography (maybe even some reverse engineering results) + tickets for the FIFA World Cup (ca. 15 min) In this part of the talk, we will show the first real world mass application of RFID-technology at the 2006 FIFA soccer world cup. Some valid tickets are shown, including their data and a look at the payload. After that, we will report a simple and unsuccessful hacking-attempt, where one valid ticket was copied. The lecture is accompanied by pictures of some stadium-entrances to examine FIFA security and ticket manipulation.
-
14:54
»
SecDocs
Authors:
Henryk Plötz Karsten Nohl Tags:
RFID Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk will elaborate on the security and social aspects of RFID technology. We will talk about our projects of the past year, including the FIFA World Cup tickets. This talk will be about some of the hacking related things (technological and social) that you can do with RFID technology. Topics will include: + electronic passports + Mifare cryptography (maybe even some reverse engineering results) + tickets for the FIFA World Cup (ca. 15 min) In this part of the talk, we will show the first real world mass application of RFID-technology at the 2006 FIFA soccer world cup. Some valid tickets are shown, including their data and a look at the payload. After that, we will report a simple and unsuccessful hacking-attempt, where one valid ticket was copied. The lecture is accompanied by pictures of some stadium-entrances to examine FIFA security and ticket manipulation.
-
14:51
»
SecDocs
Authors:
Henryk Plötz Karsten Nohl Tags:
RFID Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: This talk will elaborate on the security and social aspects of RFID technology. We will talk about our projects of the past year, including the FIFA World Cup tickets. This talk will be about some of the hacking related things (technological and social) that you can do with RFID technology. Topics will include: + electronic passports + Mifare cryptography (maybe even some reverse engineering results) + tickets for the FIFA World Cup (ca. 15 min) In this part of the talk, we will show the first real world mass application of RFID-technology at the 2006 FIFA soccer world cup. Some valid tickets are shown, including their data and a look at the payload. After that, we will report a simple and unsuccessful hacking-attempt, where one valid ticket was copied. The lecture is accompanied by pictures of some stadium-entrances to examine FIFA security and ticket manipulation.
-
-
14:31
»
SecDocs
Authors:
Nick Farr Tags:
hacking Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Radio Frequency Identification (RFID) tags are remotely-powered data carriers, that are often touted as a "computer of the future", bringing intelligence to our homes and offices, optimizing our supply chains, and keeping a watchful eye on our pets, livestock, and kids. However, many RFID systems rely upon the integrity of RFID tag data for their correct functioning. It has never been so easy to interfere with RFID systems; we have built a handheld device that performs RFID tag emulation and selective RFID tag jamming (sortof like a personal RFID firewall). Our device is compatible with the ISO 15693/14443A (13.56 MHz) standards, and fits into a shirt pocket. This presentation will explain the "nuts and bolts" of how tag spoofing and selective RFID jamming work, and will conclude by demonstrating this functionality.
-
14:30
»
SecDocs
Authors:
Nick Farr Tags:
hacking Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Radio Frequency Identification (RFID) tags are remotely-powered data carriers, that are often touted as a "computer of the future", bringing intelligence to our homes and offices, optimizing our supply chains, and keeping a watchful eye on our pets, livestock, and kids. However, many RFID systems rely upon the integrity of RFID tag data for their correct functioning. It has never been so easy to interfere with RFID systems; we have built a handheld device that performs RFID tag emulation and selective RFID tag jamming (sortof like a personal RFID firewall). Our device is compatible with the ISO 15693/14443A (13.56 MHz) standards, and fits into a shirt pocket. This presentation will explain the "nuts and bolts" of how tag spoofing and selective RFID jamming work, and will conclude by demonstrating this functionality.
-
14:23
»
SecDocs
Authors:
Nick Farr Tags:
hacking Event:
Chaos Communication Congress 23th (23C3) 2006 Abstract: Radio Frequency Identification (RFID) tags are remotely-powered data carriers, that are often touted as a "computer of the future", bringing intelligence to our homes and offices, optimizing our supply chains, and keeping a watchful eye on our pets, livestock, and kids. However, many RFID systems rely upon the integrity of RFID tag data for their correct functioning. It has never been so easy to interfere with RFID systems; we have built a handheld device that performs RFID tag emulation and selective RFID tag jamming (sortof like a personal RFID firewall). Our device is compatible with the ISO 15693/14443A (13.56 MHz) standards, and fits into a shirt pocket. This presentation will explain the "nuts and bolts" of how tag spoofing and selective RFID jamming work, and will conclude by demonstrating this functionality.
-
-
21:27
»
SecDocs
Authors:
Andreas Krisch Tags:
RFID privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Following the public consultation on Radio Frequency Identification (RFID) carried out in 2006 the European Commission set up an RFID Expert Group in July 2007, focussing on Privacy and Security. One of the groups tasks is to provide advice to the Commission on the content of a Recommendation to the member states, which shall set out the principles that public authorities and other stakeholders should apply in respect of RFID usage. European Digital Rights (EDRi) participates in this task as a member of the Expert Group. This session will provide an overview of the EU policy activities regarding RFID and Privacy in 2007 and give an outlook to activities planned for 2008. EDRi's positions on RFID and Privacy will be presented and, when published by the Commission before the event, the contents of the Recommendation to the member states will be presented and discussed in detail.
-
21:27
»
SecDocs
Authors:
Andreas Krisch Tags:
RFID privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Following the public consultation on Radio Frequency Identification (RFID) carried out in 2006 the European Commission set up an RFID Expert Group in July 2007, focussing on Privacy and Security. One of the groups tasks is to provide advice to the Commission on the content of a Recommendation to the member states, which shall set out the principles that public authorities and other stakeholders should apply in respect of RFID usage. European Digital Rights (EDRi) participates in this task as a member of the Expert Group. This session will provide an overview of the EU policy activities regarding RFID and Privacy in 2007 and give an outlook to activities planned for 2008. EDRi's positions on RFID and Privacy will be presented and, when published by the Commission before the event, the contents of the Recommendation to the member states will be presented and discussed in detail.
-
21:27
»
SecDocs
Authors:
Andreas Krisch Tags:
RFID privacy Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Following the public consultation on Radio Frequency Identification (RFID) carried out in 2006 the European Commission set up an RFID Expert Group in July 2007, focussing on Privacy and Security. One of the groups tasks is to provide advice to the Commission on the content of a Recommendation to the member states, which shall set out the principles that public authorities and other stakeholders should apply in respect of RFID usage. European Digital Rights (EDRi) participates in this task as a member of the Expert Group. This session will provide an overview of the EU policy activities regarding RFID and Privacy in 2007 and give an outlook to activities planned for 2008. EDRi's positions on RFID and Privacy will be presented and, when published by the Commission before the event, the contents of the Recommendation to the member states will be presented and discussed in detail.
-
-
9:03
»
Hack a Day
Check it out, this is a Boston transit pass — or at least the parts of it that matters. [Becky Stern] got rid of the rest in a bid to embed the RFID tag inside her cellphone. The transit pass, called a CharlieCard, started out as a normal credit card shaped tag which you might [...]
-
-
14:59
»
SecDocs
Authors:
Henryk Plötz Karsten Nohl Tags:
RFID Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Mifare are the most widely deployed brand of secure RFID chips, but their security relies on proprietary and secret cryptographic primitives. We analyzed the hardware of the Mifare tags and found weaknesses in several parts of the cipher.
-
14:53
»
SecDocs
Authors:
Henryk Plötz Karsten Nohl Tags:
RFID Event:
Chaos Communication Congress 24th (24C3) 2007 Abstract: Mifare are the most widely deployed brand of secure RFID chips, but their security relies on proprietary and secret cryptographic primitives. We analyzed the hardware of the Mifare tags and found weaknesses in several parts of the cipher.
-
-
21:55
»
SecDocs
Authors:
Boris Danev Tags:
fingerprinting RFID Event:
Chaos Communication Congress 25th (25C3) 2008 Abstract: In the lecture portion of this workshop we will present an overview of existing and our own novel methods for hacking electronic passports and driver's licenses including novel radio frequency fingerprinting techniques. In the the hands-on section we will show participants entering with basic radio experience how to conduct experiments with RFID and reverse engineer proprietary protocols.
-
-
21:28
»
SecDocs
Authors:
Ciro Cattuto Milosch Meriac Tags:
RFID social Event:
Chaos Communication Congress 25th (25C3) 2008 Abstract: We describe the implementation of a distributed proximity detection firmware for the OpenBeacon RFID platform. We report on experiments performed during conference gatherings, where the new feature of proximity detection was used to mine and expose patterns of social contact. We discuss some properties of the networks of social contact, and show how these networks can be analyzed, visualized, and used to infer the underlying social structure.
-
-
12:01
»
Hack a Day
RFID hacking has been around for years, but so far all the builds to sniff data out of someone’s wallet have been too large, too small a range, or were much too complicated for a random Joe to build in his workshop. [Adam]‘s RFID sniffer gets around all those problems, and provides yet another reason to [...]
-
-
21:36
»
SecDocs
Authors:
Henryk Plötz Milosch Meriac Tags:
RFID Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: Popular contactless systems for physical access control still rely on obscurity. As we have shown, time and time again, proprietary encryption systems are weak and easy to break. In a follow-up to last year's presentation we will now demonstrate attacks on systems with 'proper' cryptographic algorithms. Since we broke the last of the big players on the market at 26C3, most vendors are now migrating to new systems which rectify our main point of concern: proprietary algorithms. All new technologies use AES or 3DES for encryption and/or authentication and vendors tirelessly tout the security of their systems and the use of these algorithms between card, reader and host. We will discuss the design of the successor to a system we attacked last year, and demonstrate how a system can be insecure despite the use of secure cryptoprimitives.
-
-
21:50
»
SecDocs
Authors:
Lepht Anonym Tags:
science robotics Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: Lightning talk on biohacking, complete with cyborg speaker, implant demonstrations, and knowledge of how to hack your own perception of electromagnetic radiation for approximately thirty Euros. A talk on what's become my specialty - biohacking, or meathacking, whatever you wanna call it. I've got a full set of home-brewed implants, a subdermal RFID, a sort of cult on the Internet plus things like proven designs for cheap EM sensory nodes, experimental verification of that shit I'm claiming, etc. I have videos of procedures, photos of what I've been doing and the like, and will happily make gory slides for all to see. Can do demos of the EM nodes and RFID chip as well. I want to talk about the grinder movement - underground biohacking - it's my life. Thus, my article in H+ Magazine: "A call to arms for biohackers".
-
21:50
»
SecDocs
Authors:
Lepht Anonym Tags:
science robotics Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: Lightning talk on biohacking, complete with cyborg speaker, implant demonstrations, and knowledge of how to hack your own perception of electromagnetic radiation for approximately thirty Euros. A talk on what's become my specialty - biohacking, or meathacking, whatever you wanna call it. I've got a full set of home-brewed implants, a subdermal RFID, a sort of cult on the Internet plus things like proven designs for cheap EM sensory nodes, experimental verification of that shit I'm claiming, etc. I have videos of procedures, photos of what I've been doing and the like, and will happily make gory slides for all to see. Can do demos of the EM nodes and RFID chip as well. I want to talk about the grinder movement - underground biohacking - it's my life. Thus, my article in H+ Magazine: "A call to arms for biohackers".
-
-
21:40
»
SecDocs
Authors:
Harald Welte Tags:
RFID bank Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: How to reverse engineer the data format of a real-world RFID based debit card system. One of Asia’s most popular electronic payment systems uses insecure technology. The EasyCard system, established in 2001, is the most popular stored-valued card in Taiwan. With more than 18 million issued cards, it is the predominant means of paying for public transportation services in the capital Taipei. In 2010, use of the EasyCard was extended beyond transportation. Card holders can now pay in all major convenience stores like 7eleven, coffe shops like Starbucks and and major retail companies like SOGO. Despite the large fraud potential, the EasyCard system uses the MIFARE Classic RFID technology, whose proprietary encryption cipher CRYPTO1 relied on obscurity and was first publicly broken several years ago at 24C3 This presentation analyzes the results of combining the practical attacks on the MIFARE Classic CRYPTO1 system in the context of the EasyCard payment system. It describes the process of reverse- engineering the actual content of the card to discover the public transportation transaction log, the account balance and how the daily spending limit work. Furthermore, the talk will present how fundamentally flawed the system is, and how easy it is to add or subtract monetary value to/from the card. Cards manipulated as described in the talk have been accepted by the payment system.
-
21:40
»
SecDocs
Authors:
Harald Welte Tags:
RFID bank Event:
Chaos Communication Congress 27th (27C3) 2010 Abstract: How to reverse engineer the data format of a real-world RFID based debit card system. One of Asia’s most popular electronic payment systems uses insecure technology. The EasyCard system, established in 2001, is the most popular stored-valued card in Taiwan. With more than 18 million issued cards, it is the predominant means of paying for public transportation services in the capital Taipei. In 2010, use of the EasyCard was extended beyond transportation. Card holders can now pay in all major convenience stores like 7eleven, coffe shops like Starbucks and and major retail companies like SOGO. Despite the large fraud potential, the EasyCard system uses the MIFARE Classic RFID technology, whose proprietary encryption cipher CRYPTO1 relied on obscurity and was first publicly broken several years ago at 24C3 This presentation analyzes the results of combining the practical attacks on the MIFARE Classic CRYPTO1 system in the context of the EasyCard payment system. It describes the process of reverse- engineering the actual content of the card to discover the public transportation transaction log, the account balance and how the daily spending limit work. Furthermore, the talk will present how fundamentally flawed the system is, and how easy it is to add or subtract monetary value to/from the card. Cards manipulated as described in the talk have been accepted by the payment system.
-
-
14:19
»
Hack a Day
While young children have the tiny hands and fingers that most hackers/tinkerers wish they possessed from time to time, their fine motor skills aren’t always up to par when it comes to operating complicated electronics. People are always looking for ways to make their home entertainment systems accessible to their kids, and [Humpadilly] is no [...]
-
10:01
»
Hack a Day
Here’s another audio playback hack that uses physical tokens to choose what you’re listening to. It uses Touchatag RFID hardware to control iTunes. The concept is very similar to the standalone Arduino jukebox we saw on Wednesday except this one interfaces with your computer and the tags select entire albums instead of just one song. [...]
-
-
16:01
»
Hack a Day
[Dominik] built a fun musical toy for his daughter [Anna]. It’s a jukebox that lets her play her favorite tunes using RFID tags to select between them. The project is simple, yet robust. The enclosure is a wooden craft box that you can pick up for a couple of bucks. Inside there’s an Arduino with [...]
-
-
7:58
»
Hack a Day
[Navic] added a slew of abilities to his RFID reader. It’s now a full-featured RFID reader and smart card writer with extras. When we looked at it last time the unit was just an RFID and smart card reader in a project enclosure. You could see the RFID code of a tag displayed on the LCD [...]
-
-
15:01
»
Hack a Day
[Flowolf] added an auto-locking RFID entry system to his front door. He used our favorite fabrication system, acrylic and threaded rod (we also like to throw in aluminum angle bracket from time to time). The support structure mounts underneath the escutcheon plate for the lockset, keeping the main acrylic sheet flat against the door. An [...]
-
-
12:27
»
Hack a Day
[Aaron] was looking for a cheap RFID reader that had some easy to follow documentation and a standardized interface. Most everything he saw was pretty expensive, so he decided to buy a cheap $10 reader from eBay to see how easy it would be to work with. The reader came with very little documentation, but [...]
-
-
7:14
»
Hack a Day
Locks are always temporary hindrances. After deciding to open the RFID-secured lock in his department, [Tixlegeek] built a device to read and spoof RFID tags (French, Google translate here). The system is built around an ATMega32 microcontroller with a 16×2 LCD display. A commercial RFID reader module takes care of all the sniffing/cloning duties, and [...]
-
-
11:01
»
Hack a Day
[Alex] wrote in to let us know he just completed a pretty major upgrade to his PopCARD RFID vending machine system. You may remember that earlier this year he added an Arduino based RFID reader to a soda machine so that thirsty patrons could pay with plastic instead of cold hard cash. That system worked, [...]
-
-
10:01
»
Hack a Day
Instructables user [XenonJohn] recently put together a fantastic tutorial detailing how he made an RFID-controlled jukebox. The Magic Music Table was created for a disabled child, who is unable to use a CD payer, nor navigate small buttons and menus on MP3 players. He originally though about making the buttons more accessible a la the Frankenkindle, [...]
-
-
15:02
»
Hack a Day
Here’s an open source RFID cloner design that is about the same size as a standard RFID key card. It doesn’t need a battery to capture key codes, just the magnetic field generated by an RFID reader. You can see the functionality demonstrated in the video after the break. By holding the bottom button as [...]
-
-
12:01
»
Hack a Day
An inductor and 8-pin microcontroller are all that make up this barebones RFID tag. You might have done a double-take when first seeing the image above. After all, there’s nothing hooked up to the power and ground pins on the chip. As [Ramero Pareja] explains in his post, the power is actually supplied via the [...]
-
-
3:44
»
Hack a Day
[Serge] was in search of a new wallet, but he was concerned about ne’er do wells with RFID readers stealing his data. He could have gone out to the store and plunked down $20-$30 for a shielded walled, but where’s the fun in that? Instead, he decided to make his own. Using Kevlar-Nomex fabric, he [...]
-
-
12:01
»
Hack a Day
One of the first things that [Eric] hacked together when he got to college was an RFID door locking system. He found that he was often in a rush to get in and out of his dorm room, and that using a simple wireless key was a great way to streamline his days. Over the [...]
-
-
13:04
»
Hack a Day
[Milosch] wrote in to tell us that he has recently released a bootable RFID live hacking system – something he has been diligently working on for quite some time. The live distro can be used for breaking and analyzing MIFARE RFID cards, as well as a reasonable selection of other well-known card formats. The release [...]
-
-
11:01
»
Hack a Day
Like most of us at Hack a Day, [Bertrand Fan] has a huge collection of digital music that was all obtained through legal channels. Missing the physical process of choosing and playing an album, [Bertrand] built an RFID record player to get rid of the paradox of choice that arises when thousands of albums are [...]
-
-
6:09
»
Hack a Day
A few years ago, [Beth] came up with the idea of using an AVR as an RFID tag. She’s gotten sidetracked with a few other projects in the meantime but her idea has surfaced again, this time as a duct tape RFID tag. The build is just four components: 0.1 µF and 1 nF capacitors, [...]
-
-
12:50
»
Hack a Day
[Navic] wrote in to show us his latest project. This is a portable smart card reader with a nice LCD display. he just happened to have a Basic Stamp 2px, smart card reader, and smart card reader/writer sitting around waiting to be used. What better use than a hand held smart card reader? Tossing the [...]
-
-
13:23
»
SecDocs
Authors:
Lukas Grunwald Tags:
RFID Event:
Black Hat Abu Dhabi 2010 Abstract: This presentation is showing some risk of the use of "Insecure" RFID implementation on Passports and Government ID Documents for Automatic Immigration (E-Gates) as well how easy a identity could be stolen. A overview of already existing electronic ID will be given, as well new work of the new German eID with Multi-Usage for Government, Legal as well private use for Parking-Meters, home Banking as well e-commerce.
-
-
11:04
»
Hack a Day
[Avatar-X] snagged a drink vending machine online a few years back, and has been selling drinks to his neighbors ever since. People are always asking him for change, and just the other day he was thirsty and out of change himself. He considered adding an override key so that he could snag free drinks whenever [...]
-
-
4:13
»
Hack a Day
A few months back, [John] was reading an article about a simple RFID security system kit, and decided he would like to build one himself. While many of the system’s details, including full schematics were provided, he was dismayed to find that the source code for the project was not published as it was held [...]
-
-
12:00
»
Hack a Day
RFID cat flaps are one of those projects we see all of the time. They are generally pretty simple to rig up, not too expensive, and have a good “wow” factor for any non-technical friends or family, not to mention tremendously useful. Why did we decide to share this one? Well, for one, it is [...]
-
-
12:00
»
Hack a Day
It turns out that hacking together a security keypad is remarkably simple if you know what you’re doing. [Don] needed to add a keypad with an RFID reader on it. He had previously built a USB RFID reader and thought he could integrate those concepts into the new unit. He once again started with a [...]
-
-
21:25
»
SecDocs
Authors:
Edward Farrell Tags:
RFID Event:
Ruxcon 2010 Abstract: RFID technology is the new cool. It’s the access pass around our neck, the overpriced contactless train ticket that goes “ping” and the payment card that doesn’t bother with two factor authentication. Even with issues with the underlying architecture, the majority of implementations out there haven’t quite thought things through (like getting rid of manufacturers keys and locking down the read/write access). We’re going to melt back the noooiiiice looking plastic on RFIDs and see what’s inside before the government starts using them as mind control devices.
-
-
9:00
»
Hack a Day
Here’s a field-programmable RFID spoofer developed by [Doug Jackson]. He was inspired by the spoofers we looked at near the end of September that didn’t have source code available. With the idea seeded in his mind he figured he could develop his own version, and then decided to share the build details with the rest [...]
-
-
23:49
»
SecDocs
Tags:
RFID Event:
PhreakNIC 11 Abstract: Last year's presentation was high level functionality and basic knowledge of what RFID is. The year they will present the low level technical specs on different communication types, the physics behind RFID reading and transmitting, and the actual circuitry of an RFID tag and what it takes to make them operate more consistently. The presentation will also cover actual tag data and coding schemes with standardization including EPC Gen 2 and other ISO standards such as PayPass RFID enabled credit cards. There will be reader/writer demonstrations as well as other proof of concept demonstrations.
-
-
8:00
»
Hack a Day
More and more today, it is becoming harder to avoid having some sort of RFID tag in your wallet. [bunnie], of bunnie:studios decided to ease the clutter (and wireless interference) in his wallet by transplanting the RFID chip from one of his subway cards into his mobile phone. Rather than the tedious and possibly impossible [...]
-
-
13:00
»
Hack a Day
[Jair2K4] is using his unique RFID tag address as an online password. We’d bet that if you went far enough to get an implant in your hand you’d continually search for a reason to use it. Wanting to do more than just start his car with a wave of the hand, he built an interface [...]
-
-
6:14
»
Hack a Day
[Matt] has mixed up a batch of two RFID reading door lock systems. While the “door lock” part of the setup has yet to come into existence, the “RFID reading” section is up and running. By using the Parallax RFID readers (for cheap, remember?) and an Arduino, [Matt] is able to parse an RFID tag, [...]
-
-
12:00
»
Hack a Day
[Carl] has done a lot of work developing a collection of RFID hardware. The two cards you see above are spoofers that can be programmed in the field using the keypad on the left, or the rather intimidating banks of DIP switches on the right. We also enjoyed his look at the Atmel T5557 and [...]
-
-
9:00
»
Hack a Day
[Fileark] built an RFID entry system that uses a pretty ingenious alternative to an electronic strike plate. An electronic strike is a rather expensive hinged plate that mounts in the door frame and catches the door latch. But this system opens a set of double doors. The door without the handle is fixed in place and has [...]
-
-
8:37
»
Hack a Day
When faced with having 2 cats with different dietary needs, [Landmanr] had to decide between manually stopping the cat on a diet from eating normal food, or building a dietary robot overlord. [Landmanr] chose the robot route. Using an old cd rom for the opening/closing mechanism, and RFID to distinguish between felines, [Landmanr] no longer [...]
-
-
8:00
»
Hack a Day
[Zach Charat] didn’t want to carry around yet another card with him so he transplanted the RFID guts from his card to his phone. Soaking the card in nail polish remover for twelve hours got him nowhere, but when he broke out the acetone the card was falling apart in 30 seconds. Above you can [...]
-
-
7:14
»
Hack a Day
This tweeting RFID reader is a great working example for the mbed. When an RFID tag is read it is matched with the name of the owner and a Twitter message is sent out. This is very similar to the RFID cat tracker that used an Arduino. The code is short and simple due to [...]
-
1:54
»
SecDocs
Authors:
Raoul D'Costa Tags:
RFID Event:
Black Hat EU 2010 Abstract: With the transition to RFID enabled travel documents (including the ePassport and the eID) in Europe, a correct implementation of the authentication and verification of passport technologies is necessary. The complexity if the technology can cause a myriad of security issues in the identification. Our presentation examines the eMRTD security controls and suggests correct implementations to enable identification as a mechanism. We also examine the dangers of incorrect implementations and the resulting consequences.
-
1:54
»
SecDocs
Authors:
Raoul D'Costa Tags:
RFID Event:
Black Hat EU 2010 Abstract: With the transition to RFID enabled travel documents (including the ePassport and the eID) in Europe, a correct implementation of the authentication and verification of passport technologies is necessary. The complexity if the technology can cause a myriad of security issues in the identification. Our presentation examines the eMRTD security controls and suggests correct implementations to enable identification as a mechanism. We also examine the dangers of incorrect implementations and the resulting consequences.
-
-
8:01
»
Hack a Day
These speakers play different audio tracks depending on which orange square the sit atop. They’re RFID aware and the orange tiles are tags. If you get tired of a track just move the speaker to a different one, or place the speakers next to each other to play the same song. We’re sure there’s a [...]
-
-
18:33
»
Hack a Day
We received a tip about Radio Shack putting Parallax’s RFID reader on clearance for around $10. The only reference we could find that indicated Radio Shack sold the reader was a review page. The reader originally sold for around $50 in the stores, so getting it for $10 made it worth a curiosity trip to [...]
-
-
7:00
»
Hack a Day
[andrew_h] has put together this slick anti theft device for his car. The RFID immobiliser is used to keep the car from starting unless you swipe an RFID tag. Depending on how well you hide it, and how well the person stealing the car knows you, they would have no reason to suspect that they [...]
-
-
11:00
»
Hack a Day
We asked for it and our readers delivered. [Klulukasz] left a comment pointing to this diy RFID reader that was a final project in 2006 for a class at Cornell University. It is well documented and includes not only a schematic and code, but an explanation of the design considerations used during the build. The [...]
-
-
9:00
»
Hack a Day
An Arduino, a spent roll of toilet paper, magnet wire, and a few passive components are what’s needed to build this RFID spoofer. It’s quick, dirty, and best of all, simple. However, [SketchSk3tch's] creation is not an RFID cloner. You must already know the hex code of the tag you want to spoof. That may [...]
-
-
11:34
»
Hack a Day
[Benjamin Blundell] built an RFID reader for the iPhone. A jailbroken iPhone connects to this project box by patching into a standard iPhone USB cable. Like in past iPhone serial projects, [Benjamin] is using openFrameworks for the software interface. Right now this reader only detects low-frequency tags but he’s working on the code to read [...]
-
-
15:21
»
Hack a Day
[Nicholas] built an active tracking system using RFID tags. The system’s tags operate in the 2.4 GHz band and are used to track either people or assets. The readers are on a mesh network and can triangulate the location of any tag for display on a map. His system is even set up to show [...]
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
SecuriTeam
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution