RFID More Hackable Than Retailers Think?

Iphtashu Fitz writes "Lukas Grunwald, a senior consultant with DN-Systems Enterprise Solutions GmbH, is warning retailers that the RFID technology that they are quickly adopting can easily be hacked with the appropriate tools. Grunwald has written a program called RFDump which lets you read and display all metadata within an RFID tag and also modify the user data using a text or hex editor. He wrote this program to demonstrate how consumers can protect themselves by wiping out RFID data after purchasing a product but he acknowledges that it would be trivial to abuse this behavior. What, you might ask, can you do if you hack an RFID tag? Well as the technology is adopted more widely a thief could conceivably mark down the price of an expensive piece of jewelry before paying for it at an automated checkout counter, underage hackers could purchase alcohol or adult movies, and pranksters could simply reprogram the inventory of an entire store by just walking up and down the isles. 'The people who will be using this (shopkeepers) don't know much about technology,' Grunwald warned."

W-O-R-M

[usefool]

Is it possible to make RFID write once read many? So the product info is in the tag, and price/special/discount is cross-referenced with a database.

Is there any advantage for embedding prices in the tag?

Re:W-O-R-M

[Jesrad]

Would it be possible to overlay a forged signal when the tag is interrogated, if I'm standing close enough from the reader ?

Crypto?

[sk6307]

Why not simply store only a cryptographically secure (signed) random unique value on the tag itself, and keep all the other data somewhere else that all the legitimate readers are connected to?

With a simple database, this is not a problem, since it is computationally infeasable to forge a signature like that.

Re:No Tech is safe

[Sique]

The fact, that relabelled barcodes are quite good to spot even for an untrained eye.

Reprogrammed RFID-Chips are not to spot without the proper equipment. And if you use the self checkout lane, there is no one to spot anything except the machine which is programmed to look solely at the RFID chips.

A way to prevent some misuses would be to ask the customer to scan at least the bar code too, so the check out machine can do a match between the RFID information and the bar code information. But THEN your argument holds true that the fraudulent customer could also relabel the good before going to the check out. A label scanner is not able to difference between a printed on bar code and a bar code that got stuck on by someone.

Re:Easy detectable

[panurge]

It depends if you know where the RFID tag is located. A coil that sat on the end of a finger, under Elastoplast with a layer of shielding, could easily be brought up next to the tag to reprogram it, resulting in a lower power demand and very short range detectability.
Having done some research into metal detectors for -ahem- covert operations some years ago, I can assure you that there are ways and means within the scope of home build.

Supermarkets would just love to ban people from bringing in mobile phones, palmtops, laptops in standby mode, and all the other gadgets that create background RF noise, wouldn't they? The whole object is to make it look as if you can just walk in, load up and walk out.

Re:No Tech is safe

[Elecore]

Also, the self checkout lines double check your items by weight. So if you scan your steaks as onions, it's going to see that your steaks weigh a lot more than the onions should and notify the person on duty.