Happy Post-Holidays and Pre-New Years, everyone.
I’ve been interested in biohacking on and off for a few years, but haven’t “taken the plunge” just yet, if only because there’s hasn’t been good reason (beyond basic technological curiosity, of course) to do so.
With the New Year upon us, however - I’ve just started a new job where I’m about to be assigned a HID ID badge, and I’m thinking that this is my time to take the leap and pop a chip into my hand.
This desire is muted somewhat, however, by a recent obsession over physical access security, which has lead my down a rabbit-hole of YouTube videos on security companies that perform physical penetration tests (shoutout to Deviant Ollam and his excellent videos - if you’re not familar, definitely check it out).
One thing that has stood out to me is the risks associated with a malicious attacker/bad actor cloning an RFID badge from around 18" away, then using that to gain access to whatever access control systems said RFID is intended to protect.
This has lead to me wondering about securing an implanted RFID tag.
With a traditional badge, I can (not that most do) slip the badge into an RFID shielded device/pocket/etc when it isn’t in use. I can leave it at home in a secure location when not in use, etc.
With an implanted chip - I’m carrying my credentials 24/7 - which is the point, but also is a new risk and attack vector if someone wants to clone my chip.
How does one account for and mitigate this risk? Do I need to sew some anti-RFID materials into my winter gloves? Or perhaps into my pants pocket and keep my hand in my pants at all times?
My examples are a bit tongue-in-cheek of course, but it is a topic that came up with some of my new co-workers. They have easy options with a traditional RFID badge to just leave the device behind or pop it into an RFID blocking wallet if they are worried over security.
With an implant, both of those countermeasures seem to be gone.
Love to hear what you all think about the risks and how to best minimize them going forward.
Thanks in advance!