Software defined radio makes a lot of th ... / 2013-08-04

2013-08-04 Software defined radio makes a lot of th ...
Software defined radio makes a lot of things possible, including exposing vulnerabilities that were earlier described as "only possible in specially set up laboratories with expensive equipment". The USRP boards still count as expensive to me, but they make RF technology more accessible. This video is about reading the ID from a tollroad transponder (brand name FasTrak) in a car. I thought one of the basic design choices in RFID was that the reader has to authenticate to the rfid card before the card answers. I guess in this case there is too little authentication and it is possible to read the ID of the transponder. There are interesting privacy implications when anyone can set up a transponder ID reader.

Found via Reading a FasTrak tag ID with USRP + GNU Radio - Stuart Irwin on Google+

Update: I did some more reading on FasTrak and found out this could be the prelude to a complete system failure: FasTrak talk summary and slides explains there is no security at all in the RFID protocol used to interrogate and maybe update transponders.

Tags: , , ,

IPv6 check

Running test...
, reachable as PGP encrypted e-mail preferred. PGP key 5BA9 368B E6F3 34E4 local copy PGP key 5BA9 368B E6F3 34E4 via keyservers

Meningen zijn die van mezelf, wat ik schrijf is beschermd door auteursrecht. Sommige publicaties bevatten een expliciete vermelding dat ze ongevraagd gedeeld mogen worden.
My opinions are my own, what I write is protected by copyrights. Some publications contain an explicit license statement which allows sharing without asking permission.
Other webprojects: Camp Wireless, wireless Internet access at campsites, The Virtual Bookcase, book reviews
This page generated by $Id: newsitem.cgi,v 1.57 2022/02/15 21:48:18 koos Exp $ in 0.008904 seconds.