- Is Microsoft preparing us to move beyond Vista?
- Why Google wanted to lose wireless spectrum auction
- iPhone shortage fuels rumors of imminent 3G phone
- XP for cheap PCs: a second crack in the wall
- Darts into data: Leveraging random action to competitive advantage
- Most iPhone buyers are existing Apple customers
- AT&T's so-called open network principles
- Mono dev tool offered
- ActiveState upgrades IDE
- Serena plans SaaS products
February 27, 2007 | Comments: (0)
Black Hat presentation pulled after patent infringement threats
A planned talk on RFID security by a security researcher has been pulled from this week's Black Hat Federal security conference after secure card maker HID Corp. claimed the talk violated the company's patent rights and threatened to take legal action against Chris Paget, the researcher, and IOActive Inc., Paget's employer, if the talk went forward.
The company decided to cancel the talk after all night negotiations with HID collapsed, said Josh Pennell, CEO of IOActive. In response, Black Hat organizers were forced to tear materials out of printed show proceedings and will instead present a discussion by a representative of the ACLU on the criticality of RFID security, said Jeff Moss, founder and director of Black Hat.
The decision follows tense negotiations and legal threats from HID after IOACtive did a demo of the RFID hacking device at RSA
More to come...
Posted by Paul Roberts on February 27, 2007 08:49 AM
RATE THIS ARTICLE:
-
- COMMENTS
The truth be known, there is not one RFID tag that can not be hacked except for the SAW technology. We have real concerns on over sell of RFID technologies where national secuirty is at risk. RFID has cost effective benefit in logistic track-N-trace in the supply chain side, but to use RFID in passports, access control, personnel tracking, and compliance tracking is highly questionable.
While Black Hat may be stopped from presenting this specific case, these weaknesses need to be known.
There is a methodology in development to secure RFID tags which detects if a tag has be altered, switched, or generally zapped and it is really easy to do.
If HID is claiming patent infringement then he obviously reversed one of their reader/writers for his RFID cloner. Bad move. If he would have created everything by scratch (hardware/code) then I don't see a way of HID enforcing such a ridiculous threat. (But then they would find something else to force a withdraw, wouldn't they?) =p
Posted by: Q at February 28, 2007 05:46 AMTOP STORIES
ADDITIONAL RESOURCES
- Remote Access: Maintain Security and Decrease the Burden on IT
- Beyond AntiVirus: Symantec Endpoint Protection
- What Every Enterprise Needs to Know About VDI
- Help Simplify Virtualization
- Solution for Open Virtualization Provides Server Consolidation
- A Guide to Rich Internet Application (RIA) Security
