RSA researcher Ari Juels sat down with SearchSecurity.com to discuss various topics. One of which was the constrained capabilities of RFID (like wireless bar codes), and how it affects the security posture needed to secure these devices.
But, in fact, it’s possible to shoehorn in capabilities for which these tags were not explicitly designed. For example, in RSA Labs, we proposed techniques to commandeer access control features on the tags — those are an optional security mechanism — and even the privacy feature on the tags, what’s called the “kill” function, a self-destruct feature that’s meant to protect consumer privacy. We’ve shown ways the tags can be commandeered for authentication.
