Door (in)Security - Defeating HID iCLASS and company
Speaker: John Gordon
Most card access systems in use today are susceptible to known attack vectors. HID iCLASS, tauted as the cryptographically secure successor to the ubiquitous Prox rfid card access system, has a number of fatal flaws that make defeating it as easy as its unencrypted ancestors. In assessing the security of HID iCLASS, UT Austin's John Gordon has developed multiple practical tools to demonstrate how an attacker can surreptitiously compromise HID iCLASS and similar card access systems to gain unauthorized access to facilities. This presentation will cover these vulnerabilities and tools, with live demonstrations of the attacks.
About John Gordon
John is a security enthusiast who breaks things to see what makes them tick. By day he is a member of the risk management team at the University of Texas at Austin's Information Security Office, where he participates in everything from application and network security assessments to physical penetration tests. In his spare time John is a hobbyist and competitive lockpicker who has had a hand in running the Longhorn Lockpicking Club in Austin since its inception in 2006. He runs lockpicking villages and capture-the-flag hacking challenges at a number of security conferences every year, and in 2009 was named the U.S.
speed-lockpicking champion at the U.S. Open at DEF CON.
Joint Austin ISSA/InfraGard Extended Meeting
There will be a special meeting hosted by the Austin Infragard chapter and the Austin chapter of the International Systems and Security Association (ISSA) on Thursday, August 22 from 11:30 a.m. to 3:30 p.m.. The title of the meeting is, “Cyber and Physical Terrorism: Avoid being a Victim.”
The location will be at the Norris Conference Center at 2525 West Anderson Lane Austin, TX 78757, Suite 365. The Norris Conference Center is located on the south side of the old Northcross mall next to the Wal-Mart. Anderson Lane is on the north side of the mall.
Guest speakers and topics for the meeting are:
- Mary Ann Davidson, CSO Oracle Corporation: “War Made New: Changing the IT Battlefield"
- Congressman Michael McCaul , Chairman of the Homeland Security Committee: “Federal Coordination with State and Local Govt and Business to Reduce the Threat"
- Jim Brenton, CSO Energy Reliability Council of Texas (ERCOT) : “Cyber-Physical Threats and How to Stop Them"
- Phil Dolbow, CSSO CyberDefenders: “Critical Emergency Communications: Coordinating Local, National and Civilian resources when Terrorists Attack"
Lunch will be provided.
Infragard members will be entitled to the ISSA member price for the event which is $5.00, provided that you sign up before August 20 and bring your Infragard card to the event. The full $5.00 fee will be refunded within 36-72 hours after the event if you sign in. The reason for the fee is because ISSA has experienced a high number of “no-shows” at chapter meetings and the fee was initiated to offset the cost for the extra food. This registration accepts credit cards or PayPal accounts only.
You can sign up after the 20th but must pay a non-refundable fee of $20.00, either online or at the door. Change will not be provided at the door.
- Go to http://www.austinissa.org and select, “August 22 Joint Austin ISSA/InfraGard Extended Meeting” under “Next Events” in the center column. You will be directed to Eventbrite.
- Under “Registration Type” select the quantity for “Member (Purchase by Aug 20, full REFUND if you ATTEND),” top row.
- Select the green “Register” button and enter the appropriate information on Eventbrite. Select “Check out with PayPal” at the bottom of the website to continue registration.
NOTE: You will NOT be registered until you pay the $5.00 fee and you MUST sign in at the event to receive the refund.
A separate bio of the speakers is attached.
For more information, contact Larry Moore at firstname.lastname@example.org.
We look forward to seeing you on the 22nd.
|Joint ISSA Infragard Event Speaker Bios.pdf||182.52 KB|