RFDUMP is a handy utility that claims to work with any RFID tags. I hope to get a chance to test early next year. A CTO from a security company just mentioned that he has perfected his T-Mobile scanner and now gets free wi-fi access at any of their hotspots. One can only imagine the incentives of gathering RFID passport information, compared to credentials for free bandwidth.

I know this is more about safety than security, but I just found the story somewhat shocking:

“Rev Kyle Lake, 33, was standing in a small pool used for baptisms at the University Baptist Church when he was electrocuted on Sunday morning. Rev Lake reached out to adjust a nearby microphone, which produced an electric shock, said church pastor Ben Dudley.”

Sad but true.

SecurityFocus reports today that US SCADA systems are finally getting the attention they deserve:

“Wary of the increasing number of online attacks against industrial control systems, the U.S. government has begun a major push to secure the systems used to control and monitor critical infrastructure, such as power, utility and transportation networks.”

I did some consultative/audit work with a utility company in the late 1990s and was surprised that networked systems had become so commonplace with so few controls. Fail-safes were everywhere for the critical infrastructure (most of which was heavily engineered and influenced by ideas that probably went back to the beginning of utilities themselves) so disasters seemed unlikely without some knowledge or access, but simple network devices (routers) and Microsoft software were spreading like crazy to “increase efficiency” for remote management and control systems.

To be fair, that all was before the Critical Infrastructure Project (CIP) was even started. I just checked their online files and it seems that progress is slow but steady.