Protecting against Wi-Fi, Bluetooth, RFID data attacks
on July 21st, 2008 at 10:25 amNEW YORK–Using a laptop, cell phone headset, building access badge, credit cards, or even a passport can make you a walking target for data thieves and other criminals, a security expert warned at the Last HOPE hacker conference here late Friday.
In a frightening but entertaining session entitled “How do I Pwn Thee? Let me Count the Ways” (pwn is hacker speak for “own” or control), a hacker who goes by the alias “RenderMan” explained how most people are at risk and don’t even know it.
By now most people probably know they should be careful using Wi-Fi networks, especially public hotspots that don’t encrypt data transmissions and where network access points can be spoofed. These issues leave Web surfers at risk of having their data stolen, receiving fake Web pages and other information, and having their computers completely taken over, he said.
Even airplane passengers who either ignore stewardess requests to disable Wi-Fi or don’t know how to turn it off are not immune to attacks from others in the airplane, he added.
RenderMan suggests that people disable Wi-Fi when it is not in use and use VPNs and firewall software.
Bluetooth headset users are at risk because of a security hole in the technology and default PINs that don’t get changed, he said. Exploiting vulnerabilities someone can break in and steal data from the phones, make calls without the cell phone owner knowing, listen in on and break into conversations, and even spy on people by turning the device into a bug.
He advises that people change the default password, disable the Bluetooth on the phones, turn off the headsets when not in use, and limit access to the data and features when communicating with other Bluetooth devices.
Many people don’t realize that new U.S. passports have RFID technology with weak encryption that makes the data on the chip easy to read with the proper reader device.
The U.S. government attempted to mitigate the privacy threat by putting a metal foil layer on the front and back cover of the passports, but the stiffness of the foil pops the passport open as much as an inch, wide enough for RFID readers to snatch the data, RenderMan said, showing a video to demonstrate this.
“There is no rule that says that if the chip doesn’t work, they will refuse you access to the border. You will get increased scrutiny, but it’s still a valid document,” he said. “So, liberal application of a hammer can negate a lot of the possible” problems.
But doing willful damage to the passport is a crime, one attendee pointed out. “I fell, really hard,” RenderMan deadpanned.
RFID used in transit and building access badges has also been proven to be insecure, allowing someone to use an RFID reader to copy data off the card and make a clone of it, he said.
A security flaw in the Mifare Classic Chip used in transit systems is the subject of a court case in The Netherlands. The maker of the chip, NXP Semiconductors, sued to block a university from publishing details of the problems, but a court ruled on Friday that the research can be made public.
Even traditional keys are vulnerable, RenderMan said. For instance, photographs of spare keys for electronic-voting machines displayed on a Web page were used to make replicas with similar-looking keys, he said. A video demo showed how someone filed down a key from a hotel mini-bar and was able to open up the memory card slot of a Diebold voting system.