The RFID Hacking Underground

By | May 19, 2006

James Van Bokkelen is about to be robbed. A wealthy software entrepreneur, Van Bokkelen will be the latest victim of some punk with a laptop. But this won´t be an email scam or bank account hack. A skinny 23-year-old named Jonathan Westhues plans to use a cheap, homemade USB device to swipe the office key out of Van Bokkelen´s back pocket.

“I just need to bump into James and get my hand within a few inches of him,” Westhues says. We´re shivering in the early spring air outside the offices of Sandstorm, the Internet security company Van Bokkelen runs north of Boston. As Van Bokkelen approaches from the parking lot, Westhues brushes past him. A coil of copper wire flashes briefly in Westhues´ palm, then disappears.

Van Bokkelen enters the building, and Westhues returns to me. “Let´s see if I´ve got his keys,” he says, meaning the signal from Van Bokkelen´s smartcard badge. The card contains an RFID sensor chip, which emits a short burst of radio waves when activated by the reader next to Sandstorm´s door. If the signal translates into an authorized ID number, the door unlocks.Read Full Story

Leave a Reply