In the recent issue of 2600: The Hacker Quarterly (autumn 2006), there’s a writeup by Ghostie about spoofing the Singapore Library’s RFID and barcode checkout scanners. Note that this zine probably isn’t available in Singapore, so I thought it would be educational from a security perspective.
Frankly speaking, this form of tech-related crime has been around for a while. While it’s probably the first time I’ve heard of this in the Singaporean context, barcode swiping has been a popular crime in the States ever since barcode generating software (e.g. Barcode Magic) reached the hands of consumers. What’s disturbing though, is that our Singaporean I/C numbers are floating everywhere, whether on the web, tv or in print (e.g. announcing contest winners). Like the U.S. Social Security, that should be something that’s made private where possible.
Perhaps the Rambling Librarian could tell us the probability of carrying out this hack… then share what the library would do about it.