Free Newsletter
HOT TOPICS >> The tech world's top flops and fiascos of 2011 | Top 8 features in Windows 8 | Paul's Q&As
INDUSTRY >> Healthcare IT | Government IT | Financial Services IT | Biotech IT | Compliance IT
The coolest hacks of the year
As we head into the holidays, everyone is rounding out the year with a series of lists. What caught my attention over at DarkReading--a site that focuses on security issues, was their round up of the coolest hacks of 2008.
We're not talking about web site defacement, zero-day security vulnerability or even the presence of new malware. Rather, we're talking about really innovative hacks that might just affect how we conduct our daily lives. I highlight a couple of the most interesting ones here.
- Electronic Toll System hack
A researcher ripped apart one of the popular RFID-based FasTrak toll tags used for highway tolls in the San Francisco Bay Area. To his horror, Nate Lawson discovered the absence of encryption on the RFID tags, which opens the system to cloning and sniffing. Data pertaining to the remaining cash value of a FasTrack is stored at back-end servers, though there is nothing to prevent even a novice with the right equipment from reprogramming the unique identifier for nefarious gains.
If you still don't get it, imagine a shoplifter swapping barcodes at the supermarket. However, shenanigans involving barcodes are clearly visible to an alert staff, while swapping an RFID code is far more difficult to uncover. In addition, the open nature of this system makes it possible to track other drivers using this system. As I wrote earlier, I think RFID is due for an overhaul; as the successful hacking of the Mifare Classic RFID technology shows. - Remove hacking using the iPhone
In a scene reminiscent of the latest Batman movie, The Dark Knight, Errata Security had an iPhone equipped with Wi-Fi auditing tools shipped to a remote site to run a penetration test of a client's wireless network. They put TCPdump and Nmap Wi-Fi auditing tools into the iPhone, then overnighted it to the required site. Citing efficiency, CEO Robert Graham noted that, "This was a simple solution that didn't [require] us going on-site."
Next time you receive an unidentified parcel, be careful--especially if it's an iPhone.
For more on this story:
- check out this article from DarkReading
Related Articles:
RFID due for an overhaul
Mifare Classic RFID successfully hacked
Hackers news from FierceCIO
SHARE WITH:
Home
| Subscribe | Advertise | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
