1. March 2007, 16:27 | by WD Milner | Full Article |

It appears that business muscle flexing has once again muzzled the academic and research communities. In a deja vu repeat of the Cisco fiasco at the 2005 Black Hat conference in Las Vegas, a group of security researchers have cancelled a talk scheduled for Wednesday at the Black Hat DC Briefings and Training event in Arlington, Virginia on the flaws of RFID based building access badges, after receiving legal threats from a major manufacturer.

The group, from security services firm IOActive, had planned to demonstrate that the common identification cards can easily be duplicated, posing a serious risk for those relying on such systems for security. The talk was canceled the day before after IOActive said it received legal threats from HID Global, a major seller of access control systems.

While HID claims that it did not threaten IOActive to stop its presentation at the Black Hat event, IOActive, claims that HID informed them that the planned presentation infringed its intellectual property, U.S. patents 5,041,826 and 5,166,676 in particular.

Joshua Pennell, IOActive’s CEO, told reporters, “We can't go forward with the threat of litigation hanging over our small company.” A followup statement on the IOActive web site stated that, “As a consequence ... IOActive has withdrawn its presentation.”

The concept to be presented is not new and RFID security is regularly scrutinized. A presentation at last year’s Black Hat Briefings in Las Vegas showed how passports equipped with the radio tags could be cloned. The same researcher indicated this could be done with building access cards as well.

While companies are within their rights to protect their trade secrets that may have cost them considerable to develop, the public and the customers that use and rely on those products also have a right to know when probelms exist within those products and the implications those problems have for the public. The use of legal muscle and threats to silence such critics may (or may not) be legal, but it is certainly unethical, and most definitely poor public relations.

- 30 -

Categories: ,
Keywords: security,intellectual property,RFID,corporate coercion,research,Black Hat



Textile help
* Indicates a required field.

As a SPAM prevention measure, comments are moderated and will be posted once vetted.


Article & Comments

Comments are not enabled for all articles or documents.

Article Navigation


Internet and WWW
Music and Audio
Society and Culture
Stage and Screen
Tips and Tricks
Web Design
Web Site

The Birches - Support Child Safety Online


 Help to FIGHT spam!