I'm constantly amazed at the "security problem? Perish the thought!" attitude that prevails across the entire IT sector. It seems that each individual person/business has to get slapped upside the head before awareness dawns. For the latest example, have a look at this PC World story on the security behind wireless car key systems and the ExxonMobil speedpass system:
ExxonMobile acknowledges the potential security problems with the Speedpass device. "Bottom line, we are aware of it," says Don Turk, a company spokesperson. Still, the company does not have any plans to change the internal Texas Instruments chip or upgrade their current security systems at this time, he says.
"There are additional security protections for our consumers in the Speedpass system," says Turk. Unlike a credit card, a Speedpass does not store consumer data, so thieves would not have access to personal information, he says.
ExxonMobil Speedpass also guarantees that consumers will not be held liable for any fraud committed against their accounts, Turk says.
According to Texas Instruments, consumers have little cause to be concerned. The company has made upgrades to the RFID chip that the Johns Hopkins researchers tested, says Gary Silcott, an RFID spokesperson for Texas Instruments.
"We're evolving beyond that product," he says. Additionally, Silcott says, "There's a much greater security threat and a much greater instance of fraud on magnetic-stripe credit cards."
Bah. Sounds like they'll have to have a serious incident before they wake up. It's not just them though; that's the way the entire industry thinks.