California Senate Approves Bill To Outlaw Skimming RFID Tags
Technology to steal -- or skim -- information from RFID tags is readily available, off-the-shelf, and surprisingly inexpensive.
The California State Senate voted to make it a crime to skim information stored on RFID tags.
The Senate voted 36 to 3 to pass the bill, introduced by State Sen. Joe Simitian (D-Palo Alto). The bill, SB 31, goes to the California State Assembly.
Simitian participated in a controlled experiment to demonstrate how skimming works.
"The problem is real," he said, while announcing passage of his bill. "The card I use to access the State Capitol was skimmed and cloned by a hacker in a split second. Minutes later, using that clone of my card, he was able to walk right into the Capitol through a 'secure' and locked entrance."
Simitian said personal information on tags used for drivers' licenses and student IDs should be protected the same way other personal property is protected.
"If you've been mugged, or even had your pocket picked, you know you've been a victim," he said. "You can take steps to protect yourself against identity theft. But if your personal information has been 'skimmed' without your knowledge or consent, you're completely vulnerable. Right now if someone steals your ID, it's a crime; but if they steal the information on your ID by 'skimming,' it's not."
Simitian said the problem is exacerbated by the fact that millions of IDs and access cards carry unlimited information and there aren't any rules about including technology to protect privacy for privately-issued cards.
"RFID technology is not in and of itself the issue," he said. "RFID is a minor miracle with all sorts of good uses. But it's easier than ever to steal someone's personal information with an unauthorized reader -- technology that is readily available, off-the-shelf, and surprisingly inexpensive."
Simitian's bill makes exceptions for inadvertent scanning. It also allows emergency medical workers and law enforcement agencies to scan cards without permission, while trying to provide care or investigate crimes -- as long as investigators have obtained a search warrant.
[Interop ITX 2017] State Of DevOps ReportThe DevOps movement brings application development and infrastructure operations together to increase efficiency and deploy applications more quickly. But embracing DevOps means making significant cultural, organizational, and technological changes. This research report will examine how and why IT organizations are adopting DevOps methodologies, the effects on their staff and processes, and the tools they are utilizing for the best results.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.