Schneier says, "How to build a low-cost, extended-range RFID skimmer," by Ilan Kirschenbaum and Avishai Wool. To appear in 15th USENIX Security Symposium, Vancouver, Canada, August 2006.

My question: When is someone going to start selling these at 2600 meetings? I want to buy one.

His other post – "Interesting paper on the security of contactless smartcards:"

Interestingly, the outcome of this investigation shows that contactless smartcards are not fundamentally less secure than contact cards. However, some attacks are inherently facilitated. Therefore both the user and the issuer should be aware of these threats and take them into account when building or using the systems based on contactless smartcards.