Kaspersky is one of the leading companies in the security and antivirus
market. It seems as though they are not able to secure their own data
bases.
Seems incredible but unfortunately, its true.
Alter one of
the parameters and you have access to EVERYTHING: users, activation codes, lists
of bugs, admins, shop, etc.
Sunday, February 8, 2009
Kaspersky failed to protect their own website from hackers
Full article: Link
Why RFID is not suitable for ID card/Passport?
Here is why.
Hackers clone passports in drive-by RFID heist
By Iain Thomson 4 February 2009
Copyright © 2009 vnunet.com
Hackers clone passports in drive-by RFID heist
By Iain Thomson 4 February 2009
A British hacker has shown how easy it is to clone US passport cards that use
RFID by conducting a drive-by test on the streets of San Francisco.
Chris
Paget, director of research and development at Seattle-based IOActive, used a
US$250 Motorola RFID reader and an antenna mounted in a car’s side window and
drove for 20 minutes around San Francisco, with a colleague videoing the
demonstration.
During the demonstration he picked up the details of two US
passport cards, which are fitted with RFID chips and can be used instead of
traditional passports for travel to Canada, Mexico and the Caribbean.
“I
personally believe that RFID is very unsuitable for tagging people,” he
said.
“I don’t believe we should have any kind of identity document with RFID
tags in them. My ultimate goal here would be, my dream for this research, would
be to see the entire Western Hemisphere Travel Initiative be scrapped.”
Using
the data gleaned it would be relatively simple to make cloned passport cards he
said. Real passport cards also support a ‘kill code’ (which can wipe the card’s
data) and a ‘lock code’ that prevents the tag’s data being changed.
However
he believes these are not currently being used and even if they were the radio
interrogation is done in plain text so is relatively easy for a hacker to
collect and analyse.
The ease with which the passport cards were picked up is
even more worrying considering that less than a million have been issued to
date.
Paget is a renowned ‘white hat’ ethical hacker and has made the study
of the security failings of RFID something of a speciality.
In 2007 he was
due to present a paper on the security failings of RFID at the Black Hat
security conference in Washington but was forced to abandon the plans after an
RFID company threatened him with legal action.
He points out that RFID tags
are increasingly being used in physical security systems such as building access
cards and the technology needs significant security adding before it could be
considered safe for commercial use.
Copyright © 2009 vnunet.com
Subscribe to:
Posts (Atom)
Global Virus Map
