Description
RFID has become the magic solution for every problem from Biometric Passports to Inventory Tracking and Access Control, Micropayments and even Human Identification.... But how fit for purpose is it?
This course will look at the underlying technology and concepts of RFID systems, potential security concerns and issues, as well as specific tools for accessing and manipulating RFID devices, reading, writing and even cloning them, and provide essential insight for those wishing to audit or securely deploy RFID based systems.
The instructor of this course is well known for his work in Bluetooth, Magnetic Stripe, InfraRed and Open Source security in general, and is the author of RFIDIOt, the Open Source python library for RFID.
More information on his work can be found at http://rfidiot.org and http://www.trifinite.org, the home of the Trifinite Group.
1 day course, consisting of a short lecture and demonstrations, followed by hands-on installation of tools and instruction in their use.
Prerequisites
Students coming into this course should have a basic knowledge of python or other high level language, and a working knowledge of the Linux operating system.
Prerequisite material
Students should bring a laptop with an up to date Linux install, or a LiveCD with python support and the ability to install additional python modules (see http://rfidiot.org for current module requirements).
Students will be provided with Serial, USB or Compact Flash RFID devices as appropriate, for the duration of the course, and these may be available for purchase if required (please contact trainer beforehand to give some idea of quantities).
Adam Laurie
Adam Laurie is Chief Security Officer and a Director of The Bunker Secure Hosting Ltd. He started in the computer industry in the late Seventies, working as a computer programmer on PDP-8 and other mini computers, and then on various Unix, Dos and CP/M based micro computers as they emerged in the Eighties. He quickly became interested in the underlying network and data protocols, and moved his attention to those areas and away from programming, starting a data conversion company which rapidly grew to become Europe's largest specialist in that field (A.L. downloading Services). During this period, he successfully disproved the industry lie that music CDs could not be read by computers, and, with help from his brother Ben, wrote the world's first CD ripper, 'CDGRAB'. At this point, he and Ben became interested in the newly emerging concept of 'The Internet', and were involved in various early open source projects, the most well known of which is probably their own'Apache-SSL'which went on to become the de-facto standard secure web server. Since the late Nineties they have focused their attention on security, and have been the authors of various papers exposing flaws in Internet services and/or software, as well as pioneering the concept of re-using military data centres (housed in underground nuclear bunkers - http://www.thebunker.net) as secure hosting facilities. Adam has been a senior member of staff at DEFCON since 1997, and also acted as a member of staff during the early years of the Black Hat Briefings.