Archive for July, 2009

RFID—the technology is real; the threat is not

RFID privacy concerns have made news again. The Associated Press reported on a video of a security consultant in California filming himself reading the identifiers off of the new U.S. passport cards (PASS cards). As I’ve previously argued, most of these claims about RFID are bogus. Even in this most recent example, what did the self-described “hacker” really learn while driving around? A passport containing the unique identifier X was at location Y at time Z. That’s all. Even assuming there was a way to link these identifiers to people, the same information could be achieved by simply watching people as you walk down a street. Privacy advocates like to argue that RFID is another step towards a high-tech dystopia where the government (and private companies) will track your every move. Unfortunately, for these critics, these privacy concerns are based more on perception than any actual risk. The simple reality is that the benefits from RFID far outweigh these concerns (concerns, of course, because they are all based on scenarios not actual events).

RFID offers many benefits to businesses, government and individuals. RFID benefits consumers and businesses considerably … Read the rest

Thoughts on 4th of July Cyber Attacks

While most Americans were watching fireworks on July 4, hackers launched what would turn in to a multi-day denial-of-service attack against U.S. websites. The Associated Press reported that the cyber attack knocked out the websites of several government agencies including the U.S. Treasury, Secret Service, Transportation Department and the Federal Trade Commission. In addition, the attackers targeted the websites of the White House and the Pentagon but neither was severely disrupted.

The attack later expanded to a number of other websites including the New York Stock Exchange, NASDAQ and the Washington Post. South Korean websites were also added to the list with many of the targets experiencing outages during the same time period. South Korean intelligence officials believe that North Korea initiated the attacks and today U.S. officials confirmed that the IP addresses of many of the attacks originated from North Korea. Officials have cautioned, however, that there is no evidence that the Pyongyang government was involved.

Recent troubles with the forthcoming system designed to protect the U.S. government’s networks, Einstein 3, indicate that relief is probably not on the way. As the Wall Street Journal reports, the next version … Read the rest