The MIT ID card system is provided by the Indala corporation. Each card contains an antenna and RFID chip that allows contactless entry to buildings, labs, and other rooms on campus. The card readers emit a continuous 125 kHz sine wave, which at a range of 5-7 inches is just enough to power the RFID chip and cause it to emit a 224 bit AM broadcast identifying the card.
This is not a very secure system, as it's pretty easy to build or buy a card reader and "steal" IDs from other people. All MIT ID cards will happily broadcast their numbers when powered by the right signal. Card readers do not draw much power, so it's possible to build a small handheld device and brush it against someone's pocket or purse and harvest their card ID. With someone else's card ID, it's then an easy matter to build an ID emitter or duplicate the card. Although the card ID cannot be used to derive the MIT ID (i.e. the student ID), it can be used to gain access to restricted areas on campus and use the victim's TechCash account.
Richard Stallman, for example, has consistently refused to use his MIT-issued ID because of security concerns. To gain access to the Stata center after hours, he got a student to build him a special-purpose emitter that randomly broadcasts one of several valid IDs.
Also worth noting is that MIT maintains records of all card access attempts for two weeks. So keep that in mind if you're doing something on campus and don't want to leave a trail.
[1] http://swiss.csail.mit.edu/6.805/student-papers/fall04-papers/mit_id/
1 comment:
Established in 2008, ShenZhen XinYeTong Technology Co.,Ltd is Specializing in RFID Tags/Labels, NFC Tags NFC Labels, RFID Wristbands, Smart Cards, Inkjet Cards etc, We Have been Researching NFC technology team of well trained engineers. RFID tags
Post a Comment