Maybe the will just use an ID number that refrences the user info in the DB....
Has anyone successfully performed SQL injections usinf RFID tags? I looked at a few papers but know it's not widespread.
I'm thinking about getting an IPAQ and an RFID reader/writer to play around w/ this stuff.
JP
packetfocus.blogspot.com
www.packetfocus.com
On 6/1/06, Jim Popovitch <[EMAIL PROTECTED]> wrote:
Josh L. Perrymon wrote:
> So everyone is going to have this RFID embedded ticket with name,
> address, passport or driver license number?
From the article:
"an embedded RFID chip containing identification information
that will be checked against a database"
To me that doesn't imply that the chip will contain the items in your
list. It could be a checksum of the data in the DB, and security
officials just validate, against the DB, the full name on a physical
passport and the checksum on the RFID.
Now, the security of the DB could be a whole other thread of discussion. ;-)
-Jim P.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
