Touchatag: An RFID Special

Touchatag (formerly Tikitags) are small (about 1 inch square) RFID tags. The Touchatag starter kit comes with a USB Touchatag reader and 10 Touchatags. The reader will read the tags from about 1 inch.

Extra tags are available in units of 25.

They come with software for Windows XP/Vista and MacOS 10.4+ (Intel only) which trigger actions when a tag is near the reader (i.e. it could be open the browser or open Word).

This is all fun (well in a sort of techie fun way), but there’s a lot more that can be done with them.

Adam Laurie has developed a set of RFID tools written in the Python language, he’s called the tools RFIDIOt as it’s witty (well he thinks so and he wrote the package, so he’s allowed to call it what he likes) and it also stands for RFID IO tools.

The tools support various RFID readers and can do various things with RFID devices.

Why would you want to have an RFID reader?
Lots of common place things are actually RFID based, such as London Transport’s Oyster card, things like hotel room keys, ski lift passes etc.

Touchatags: An RFID SpecialReaders usually cost hundreds of pounds and can be hard to get. A Touchatag starter kit can be had for 30 Euros which includes the USB reader and 10 tags.

So with a bit of hacking on Linux or Windows, a Touchatag reader and the RFIDIOt software, they can be used to do things they weren’t really sold for.

Alice and Bob
One of the interesting things about the Touchatag reader is that it can be written to and emulate an RFID device, therefore having two of them makes them perfect for a man in the middle attack.

They can be placed near a standard RFID reader between the real RFID device and then the Touchatag reader (in read mode) reads the RFID device and sends the data to the Touchatag reader (in write mode) which “talks” to the normal RFID reader (say an Oyster terminal).

The traffic can therefore be intercepted and maybe even decoded and changed on the fly. Top up your Oyster card with 1 and you get 100 on the actual card?

Obviously you shouldn’t defraud Tfl, but there’s lots of things that use RFID such as your new biometric passport (which can be read – though it’s meant to be quite difficult to change the info stored – which is quite lucky).