It is really important when evaluating RFID access control systems to understand that most of the card types are designed to be replicated. Most of the cards printed commercially are "fused" for write-once enumeration, but that pertains to the physical card only. Another card can very easily be written with the same number with the proper hardware, or a different sort of hardware may be made to broadcast the same identifier as the card.
A backdoor is one thing, but the technology is paper-thin when used alone.
RFID is an inexpensive thing-monitoring platform, great for tracking goods in a process (manufacturing or in some cases, warehousing) but it should not be relied upon as the only layer in a security solution.
Well, Mifare Classic has been known to be vulnerable for almost 15 years now. The technology isnt quite "paper thin" when using card types that arent trivially clonable (such as DESFire and iClass SE)
True, but MIFARE Classic is not an RFID system under that definition. It supports cryptographic mutual authentication (although notably the scheme has been pretty much completely destroyed from a security point of view over the years).
The title is quite misleading (at least for people in the field).
A backdoor is one thing, but the technology is paper-thin when used alone.
RFID is an inexpensive thing-monitoring platform, great for tracking goods in a process (manufacturing or in some cases, warehousing) but it should not be relied upon as the only layer in a security solution.