Slashdot Mirror
RFID Industry Confidential Memos
An anonymous reader writes "Cryptome has learned www.autoidcenter.org (RFID flak) has made internal memos available for perusal at their site. Those RFID people sure have some interesting plans for the future. Who needs conspiracy theories, when you can hear it from the horses mouth? Weeeeee!"
Will the clerk know what you aready are wearing down to your jocks size. I can see lots of good things with these tags but I can see lots of missuses too.
I wonder if govts will legislate to make it possible for us to op-out with these tags? Some tags maybe built into the products that it would be impossible for us to remove them. I think we need protection too.
Not really knowing all that much about the technology RFIDs use, this might be a stupid question (or I might be a stupid person :))...
Is it possible for end-users to easily disable an RFID? It seems to me some well-placed magnets, or hell, even the business end of a stable gun, should be able to knock out the RFID. How hard would it really be?
And yeah yeah, the evil government will make it illegal for us to do that. I'm honestly curious, not interested in conspiracy theory.
Pretend you're going to do something that's really, really, extreme then when you do something that is merely really extreme no one seems to mind because it's better what was going to happen before big brother became our friend and stopped the really, really bad stuff from happening.
I'm not paranoid I know they're after me.
Disabling an RFID will be tantamount to tampering with a product in a way it was not meant to be. Whether using the DCMA or some future bill it will become illegal to disable the RFID. You think I'm kidding, but I would not be surprised at all to hear this in the future.
Maybe though, the courts will recognize how utterly detremental the DCMA (and the like) are to this free society. Yes we give up a certain amount of privacy living in a free society(apologies for the American-Centric) but this does not mean that corporations have the right to track us or our products.
Bite me to any business that thinks I'll buy RFID products, I'll make my clothes out of hemp and be the nut in uncomfortable clothes if I have to be.
-- taking over the world, we are.
When I searched (minutes ago), and skimmed through the first half of the results, none of the documents was still confidential (newest one to expire ran through May 2003).
Admittedly, I'm too lazy to explore further, but it certainly appears that, at present, the "confidential" documents to be found aren't considered confidential any more.
That said, as I noted, I got 59 results; does anyone who hit it earlier recall more?
R David Francis
I view this technology much like the use of genetically modified foodstuffs, the technology itself has tremendous potential to make life better/easier, but I think that before we start intorducing these things to the market (a little late on the GM foods for that) we need a serious public awareness / education program. I simply don't trust corporations to use this sort of technology responsibly. Until there are serious and meaningful checks in place to prevent abuse, I strongly oppose the use of these technologies.
How hard would it be to build a RFID spoofing tool that emits gazillions of random RFID numbers whenever it is polled?
Oh well, what the hell...
If we can't avoid these silly things, is there a way to protect our privacy by flooding the receivers with data?
I mean data is only useful if it's correct. So if we could build little transmitters that operate on the same frequency and constantly sent out incorrect data. So I have a tag in my underwear saying I wear a size 32. The transmitter in my pocket will send out data that I'm wearing 172 pairs of underwear in every manufacturer, style and size. Not only men's underwear, but women's too.
They want data? Give to them! No one says it has to be right!
Is this technically feasible?
http://home.europa.com/~ruralite/energy%20topics/l aundry.html
Scroll to the bottom of the page.
Life is like surrealism: if you have to have it explained to you, you can't afford it.
Just require that manufacturers only use the RFID tags on things that can be removed from the product, such as an easily identified sticker or a common cardboard tag. This would make it RFID tags pretty much the same as the common Barcodes we use now.
Brian Ellenberger
That renaming bit works wonders. A (major) company I used to work for renamed a component of their data mining technology from "key" to "link", because what they were doing was illegal if the unique identifier for multisource consumer data was used as a key into a database table. Call it a "link", though, and you've bypassed the problem altogether.
The corporate legalists knew full well that anyone opposing a "key" would only know to refer to it by that particular name. If you change the name, the problem vanishes because now no one knows to object to it.
Now PR can be used for good reasons, to be sure. So I'm not knocking PR as such. It's a tool, and it can be used for good purposes and bad purposes. But when a company wants to push something that nobody wants, all they have to do is change the wording, create some planted stories, cook some polls, infiltrate opposed organizations, buy people off, uh well, use your imagination. When "...3. PROFIT!!" is your goal, PR can be a very effective tool at the hands of the unscrupulous. This story? Business as usual for PR.
As we say at work, "You know you're doing something right when both sides are mad at you."
This technology has so much potential. I want to be able to remotely pay and walk right out of the store without waiting 15 minutes to check out two items; but I know that they're just going to use my purchases to send me more advertisements. RFIDs can give us information on our environment and we give it to them.
And that's the problem, exchange of information. After reading that article, these RFID manufacturers are already showing their lack of concern and ignorance how to secure their networks -- it's like a company that installs IIS and never patches, they're that clueless. And this technology needs to be secured right the first time; the last thing I need is yet another report of a bungling tech company leaking credit cards. It's not an MMORPG, where you get 8 months to fix, rollback and patch. This time it's worse, because a crack will not only expose financial data, but expose your personal location.
Now I don't do much to attract the ire of governments or corporations; I pay my bills, buy my music, and live my life in security. I don't worry about the gov collecting my info, because the government isn't coordinated enough to figure out what to do with it even if they had it. As a small potato, I worry more about the honesty of my fellow citizens. Store employees get caught scamming credit cards, and now, do we get to look forward to the future criminal "warscanning" around the neighborhood with his radio sensor, instantly detecting what valuables you have inside your house...
Somehow, we the community need to express our concern that the proper precautions are taken. This technology is coming, and the market potential is great. As end users, we need to demand an open access system, so that we might provide the checks and balances to keep the system honest. What else can I say, but whether we need to demand the government regulates an open system, or we use market forces to drive it into oblivion, the public can't let this slide.
I think it is evident that Sun Microsystems likes this because they see it as a way to sell servers. They appear to have put their rubber stamp on this. Of course, wasn't it McNealy who said words to the effect of privacy is dead?
Sounds more like privacy stands in the way of profit.
Here is the text of a letter I wrote to them. Feel free to improve on the text if you're a lawyer so that it may actually work as a contract, and also to suggest any other changes that may force them to rethink their business strategy on the basis of our privacy not actually being free for them to use. .........
I hereby note my wholehearted objection to your complete and total disregard for
my privacy. Furthermore, should you plan to derive profit at the expense of my
privacy, I expect compensation. After all, the privacy is *mine*, not yours to
profit off.
Should I find that an RFID tag has compromised my privacy, I shall bill you at
an amount I feel is acceptable. Your issuing of RFID tags or the technology to
implement them to any company that will indiscriminately embed it in any kind of
product that I might purchase, through choice or otherwise, or be issued with,
by choice or otherwise, will indicate your acceptance of these terms.
if you do put in the cup of water, make sure you put a coffee stirrer or something in it. If you nuke water under the right conditions you can super-heat it and it will violently explode when you put something in it.
h tml#coffee
for those of you that are ready to go try this, don't (ok, now I am not liable for any stupidity)
http://www.amasci.com/weird/microexp.
You've fallen victim to some of the strategies outlined in the articles this whole story is about. You've been pacified into believing radio waves are severely limited in range.
Actually, they are. Like any other form of radiation, unless tightly focused(by, say a ham's antenna?), RF quickly disappears in all the background noise as distance increases.
If you want to think of it in a crude sort of way, you can think of a can of paint exploding on the space station. Who gets covered in more paint, the guy 5 feet away, or the guy 50 feet away? This whole idea is also why ENORMOUS radio dishes are required to conduct radio astronomy- you have HUGE amouns of surface area, and you still get really, really, really weak signals.
I believe the relationship is exponential- I'm probably wrong on the exact numbers(so grab a physics book), but I think that one radian is equal to the angle covered by one square meter at one meter- or 4 square meters at 2 feet, 9 square meters at 3 feet, etc. So as distance increases, the power available to an antenna, no matter how good it is, decreases radically. The energy needed to excite an RFID device, which is practically microscopic(and hence can't have that big an antenna!) has to be either VERY high, VERY focused, or VERY close. Then there's the matter of recieving the VERY weak reply from the RFID tag...
Please help metamoderate.
These are very similar to the "stun gun" or the horizontal output circuit on a TV. Except they are about another order of magnitude more voltage.. expect the sparks to fly about six inches or so. But not much current in it. Its enough to wake you up, but not much more, but it oughta do wonders for PN junctions in the micron range.
Speculation, anyone?
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
Then I discovered Wal-Mart's groceries. Most products that I buy are 20% to 40% cheaper than Bi-Lo's with the special discounts. And you don't have to join a tracking program.
Alas, Wal-Mart will probably be the first to use RFIDs wide-scale, so be ready to don the tin foil hat when pass by a store.
Yeah, what a great idea for hi-tech burglars..
Drive down a street with an RFID exiter and case every house of the street all the way down to brand name and model of every tagged item in the home.
Of course the taxman will love this also, just wait till you get your itemized property tax bill and any attempt to damage or remove the RFIDs is punishable as tax-evasion.
Starman97@Gmail.com (bring it on spammers)
Do we have any engineers in the house??
Three standard frequency bands (approx. 13MHz appears to be the longest range band) and a physically accessible antenna.
This sounds like a perfect opportunity for any engineers out there to create a tri-band transceiver with a "snort" function to cycle through the used bands, detect the feedback/absorbtion from the RFID antenna and then give it a very localised, high powered pulse or thousand at the appropriate frequency.
If you don't manage to fry the tiny componentry in a tag, it ain't turned on.
Any and all defensive mechanisms (micro-faraday cages, zener diodes, gas chambers, etc.) should either prohibitively raise the price per RFID or be easily overcome with a minor modification (slow ramp up times, gaussian (white noise) frequency distributions).
A far more interesting concept is surely the use of "throw-away" RF interference devices that could interfere with the use of RFID tags to such an extent that it is not viable for it's users (Walmart, I'm looking at you).
Perhaps you could even use their electrical wiring as your antenna (c.f. electronic vermin repellers).
Time to break out the soldering iron.
Quinkin.
Insert Signature Here
When will it become government policy to rountinely RFID tag people?
It's a common procedure for tagging dogs here in the UK especially if you wish to take your dog abroad. It's been used successfully in finding the owners of strays for some years now.
Perhaps the tag will be embedded under your skin, as part of a passport application, or maybe embedded into a hip bone or the skull at birth.
We already externally tag offenders on home curfew, why not go the whole hog and attach a RFID tag to the stem of the brain, try removing or microwaving that you sucker!
Someone in the office just opined that if cash (notes) had RFID tags in them, then there would be a good hole in the market for a "how much cash is person X carrying?" scanner - pickpockets would be able to pre-select you for their services!
Power is defined by the initiation of force. I'm sorry, but none of the examples you provide fall under the definition of power. You may not like the fact that your employer could fire you at a second's notice, but that doesn't change the fact that you and your employer entered a contract based on voluntary association, NOT FORCE.
But if there are not plenty of available jobs at similar compensation and without whatever restrictions you violated to get fired, they are applying force by firing you. They have impaired your ability to earn money (at least the kind of money you were earning), taken away economic freedom, restricted what political activities you can engage in (because you must earn enough money to live first, before engaging in politics), etc... all through economics. So there is such a thing as economic force.
Thinking of force as consisting only force of arms is naive. The federal government in the US regularly enforces regulations which it has no constitutional authority to make by tying funding to a states "voluntary" enforcement of those regulations. The 55 mph speed limit was an example (now defunct). The age limit of 21 for drinking is another. Both were conditions for receiving highway funding (which came from citizens of that and other states through the national income tax). Technically, force of arms was not applied. But there was force involved nonetheless.
Likewise, corporations apply economic force to their employees, as well as (and more importantly) governments. Especially when a large multinational corporation confronts a small bankrupt nation. They can (and have) caused changes of regime to benefit their own interests.
Corporations are probably the best example of concentrated economic force on earth, and that force *can* be bartered for the force of arms when necessary. The BSA enlists local police to raid companies for license violations. Various corporations spend millions of dollars annually to influence legislators (often giving to both parties), who then make laws which enforce the will of those corporations (DMCA & Sonny Bono copyright extension act being the ones
Force, power, freedom, voluntary, involuntary, etc.... these words have far deeper and more complex meanings than you seem to acknowledge.
http://pythonisito.blogspot.com/