I have been a bit swamped since Nerdfest, so the Security Corner has slipped a bit. My apologies.
The Defcon and Blackhat conferences always bring out a few interesting stories, and this year is no exception.
If you thought that RFID scanning requires a lot of expensive equipment, think again. According to this article, $30 – $50 USD will set you up to start stealing data from unsuspecting folks carrying RFID chips in passports and other identification cards.
Wrapping these cards in aluminum foil attenuates the RFID signal, but does not eliminate it. You can also purchase a special wallet to block RFID.
In a related story, there are claims that the new identity card in the UK are easily hacked and cloned. We should note that the Home Office disputes this claim.
In a strange bit of irony, a fake atm machine was discovered at Defcon. Some number of people ran their cards through the machine and entered pin information (with no cash returned) before someone shined a flashlight into the place where there should have been a camera and discovered a PC inside.
There were lots of other hacks and vulnerabilities revealed at these conferences – they always leave me a bit discouraged, so I will end on a lighter note: We have all heard the excuse of “my dog ate it” and some of us have actually had the dog eat something important (a $540 check in my case). This Florida man claims that his cat is responsible for downloading some 1000 images of child pornography. Now, there is nothing funny about child pornography, but this man’s claim is at least mildly amusing. I don’t buy it and I doubt the jury will either.
Dennis H in West Virginia, US