Hacking RFID: The Implications

Wired is running an article on RFID hacking that has potentially scary implications. Depending on your definition, RFID systems actually date back to the 1930s, but what we’re used to thinking of RFID tags only date back to the 70s. Anyway, RFID chips today are everywhere and many of them have no encryption and will happily transmit their information in the clear if they’re active or within range of a reader if they’re passive emitters. Sure, that’s scary enough as it is, especially if you’re walking around with an RFID chip embedded in your skin so that hospitals can read your medical history when you’re admitted in an emergency (or otherwise if you’d like). But what’s worse,is that since most tags are unprotected, anyone with an RFID reader/writer can change the information on the tags. The article has some interesting scenarios and experiments: snagging the code off of a security badge and replaying it to gain access to a secure building, vandalising library contents by wiping or changing tags on books, changing the prices of items in a grocery or other store, getting free gas by tweaking the ExxonMobil SpeedPass tags.