Major Malfunction details biometric security risks #SecTor

From the “My Eyeballs Are My Passwords‘ files:

TORONTO. Security researcher Adam Laurie, aka Major Malfunction is well known in the hacker community as an RFID hardware hacker.  At the SecTor conference today, the Major gave a gory keynote talk telling the Canadian audience all that’s wrong with biometrics and RFID.

I’ve seen Laurie speak on RFID and hardware hacking (most recently Satellite Hacking) at Black Hat events in the past. The SecTor presentation included bits of his past presentations as well as a surprise.

Laurie told attendees to look at their conference badges and to open them up. Inside there was a hidden RFID tag. He then proceeded to demonstrate how he could read that tag (and potentially do whatever he wanted to do with it).

Laurie’s real passion though was a discussion about the risks of biometric security. That is items like fingerprints and retinal scans. To prove his point about the risks, he showed a litany of movie clips where the ‘bad guys’ get a hold of the biometric part to do bad things.

Overall his point was that breaking security models (for researchers of course) isn’t always about complex attacks either.

“I like to break things with simple tools,” Laurie said. “If you’re attacking crypto don’t try and crack the crypto just try the protocols underneath.”

News Around the Web