RFID More Hackable Than Retailers Think?

Iphtashu Fitz writes "Lukas Grunwald, a senior consultant with DN-Systems Enterprise Solutions GmbH, is warning retailers that the RFID technology that they are quickly adopting can easily be hacked with the appropriate tools. Grunwald has written a program called RFDump which lets you read and display all metadata within an RFID tag and also modify the user data using a text or hex editor. He wrote this program to demonstrate how consumers can protect themselves by wiping out RFID data after purchasing a product but he acknowledges that it would be trivial to abuse this behavior. What, you might ask, can you do if you hack an RFID tag? Well as the technology is adopted more widely a thief could conceivably mark down the price of an expensive piece of jewelry before paying for it at an automated checkout counter, underage hackers could purchase alcohol or adult movies, and pranksters could simply reprogram the inventory of an entire store by just walking up and down the isles. 'The people who will be using this (shopkeepers) don't know much about technology,' Grunwald warned."

Not everyone can really write to tags

[happynut]

This case was already covered in the older RFID specs that used to appear at www.autoidcenter.org (they have since become viewable to membersonly when they handed standards off to www.epcglobalinc.org several months ago).

In order to write data to the tag you needed to know a 64bit number that was programmed into the tag. The standard didn't say how you set that number; that was policy reserved to the tag programmer. But in order to have a write command accepted, you needed to match the previously programmed number.

So if commercially deployed tags really are generally writeable it is more of an administration problem (like leaving telnet enabled on public facing servers) than a failure to consider the problem at all.

Why these people are fucked.

[syberanarchy]

Let's be honest, the biggest advocate of this stuff (walmart) isn't exactly the employer of rocket scientists. I have called them before at midnight, asking if they had Socom and the PS2 Net Adapter (when that was the "new thing.")

"Oh, yeah, we have it."

I get there, and it turned out they didn't have it. They had an AC Adapter.

A clerk who cannot tell the difference between something that lets you go on the internet and something that plugs into the electric socket will be easily fooled by the RFID swap. Even if someone DOES check your bag, do you think "Joe Walmart" is really going to be acute enough in his observation to recognize that you've got the high end ATI card, and not the 9600? Doubtful.

It'll be great to watch Wal-Mart reap the fruit of the seed they've sown - lost merchandise, lost profits, etc. And it's quite fitting that this really has nothing to do with RFID, but their unwillingness to go the extra mile to spend a few more bucks to get employees who know what they are doing.

Re:No Tech is safe

[Lumpy]

It's simple. instead of using the expensive reprogrammable rfid tags you use the cheaper PROM rfid tags.

you set them once and they stay that way forever.

The story is nothing but high brow FUD.

not all RFID tags are the rewriteable type. most are the single write read many variety. and nothing is to stop a manufacturer like coke from ordering their rfid tags preprogrammed. not every can of coke needs a different tag. (just like hoe they dont have different barcodes on them.