Hardware Vulnerable to Google RFID Keycard Door Hack Still in Use by Other Companies


Fully [H]
Apr 10, 2003
Google security researcher David Tomaschik discovered an exploit that allowed him access to any RFID keycard enabled door on the Google campus. By analyzing the seemingly random lock and unlock codes that his door sent through the Google network, he was able to discover the encryption key hiding the commands that were being sent. This allowed him to take full control of any RFID door on the campus in complete stealth as no record of his actions were recorded. Other corporations use the same Software House devices and the only known fix is a firmware upgrade that requires a hardware upgrade also.

But problems likely remain for others using the vulnerable Software House tech. Tomaschik said Software House had come up with solutions to fix the problem, though to switch to TLS, it'd require a change of hardware at the customer site. That's because the Software House systems didn't have enough memory to cope with the installation of new firmware, Tomaschik said. A spokesperson for Software House owner Johnson Controls said: "This issue was addressed with our customers." They didn't respond to a question on the need to replace physical devices.
so.. a networked device that is not capable of firmware upgrades??

That industry is more slipshod that you believe, considering that most companies depend on physical security of their assets as their first, an primary, line of defense. I know, I've worked in it. In my opinion, sending this type of data over the normal IP network is foolish. I told a previous employer this, but I was assured that it was perfectly "safe". After I showed how easy it was to snoop the (unencrypted) transactions via wireshark, they just basically told me to shut up and sit down. But that was the least of their problems, they had plenty of other security holes which I couldn't patch fast enough. Too bad they let me get away before I got them all.