Slashdot Mirror
RFID Industry Confidential Memos
An anonymous reader writes "Cryptome has learned www.autoidcenter.org (RFID flak) has made internal memos available for perusal at their site. Those RFID people sure have some interesting plans for the future. Who needs conspiracy theories, when you can hear it from the horses mouth? Weeeeee!"
Will the clerk know what you aready are wearing down to your jocks size. I can see lots of good things with these tags but I can see lots of missuses too.
I wonder if govts will legislate to make it possible for us to op-out with these tags? Some tags maybe built into the products that it would be impossible for us to remove them. I think we need protection too.
Not really knowing all that much about the technology RFIDs use, this might be a stupid question (or I might be a stupid person :))...
Is it possible for end-users to easily disable an RFID? It seems to me some well-placed magnets, or hell, even the business end of a stable gun, should be able to knock out the RFID. How hard would it really be?
And yeah yeah, the evil government will make it illegal for us to do that. I'm honestly curious, not interested in conspiracy theory.
Disabling an RFID will be tantamount to tampering with a product in a way it was not meant to be. Whether using the DCMA or some future bill it will become illegal to disable the RFID. You think I'm kidding, but I would not be surprised at all to hear this in the future.
Maybe though, the courts will recognize how utterly detremental the DCMA (and the like) are to this free society. Yes we give up a certain amount of privacy living in a free society(apologies for the American-Centric) but this does not mean that corporations have the right to track us or our products.
Bite me to any business that thinks I'll buy RFID products, I'll make my clothes out of hemp and be the nut in uncomfortable clothes if I have to be.
-- taking over the world, we are.
When I searched (minutes ago), and skimmed through the first half of the results, none of the documents was still confidential (newest one to expire ran through May 2003).
Admittedly, I'm too lazy to explore further, but it certainly appears that, at present, the "confidential" documents to be found aren't considered confidential any more.
That said, as I noted, I got 59 results; does anyone who hit it earlier recall more?
R David Francis
I view this technology much like the use of genetically modified foodstuffs, the technology itself has tremendous potential to make life better/easier, but I think that before we start intorducing these things to the market (a little late on the GM foods for that) we need a serious public awareness / education program. I simply don't trust corporations to use this sort of technology responsibly. Until there are serious and meaningful checks in place to prevent abuse, I strongly oppose the use of these technologies.
How hard would it be to build a RFID spoofing tool that emits gazillions of random RFID numbers whenever it is polled?
Oh well, what the hell...
http://home.europa.com/~ruralite/energy%20topics/l aundry.html
Scroll to the bottom of the page.
Life is like surrealism: if you have to have it explained to you, you can't afford it.
Just require that manufacturers only use the RFID tags on things that can be removed from the product, such as an easily identified sticker or a common cardboard tag. This would make it RFID tags pretty much the same as the common Barcodes we use now.
Brian Ellenberger
That renaming bit works wonders. A (major) company I used to work for renamed a component of their data mining technology from "key" to "link", because what they were doing was illegal if the unique identifier for multisource consumer data was used as a key into a database table. Call it a "link", though, and you've bypassed the problem altogether.
The corporate legalists knew full well that anyone opposing a "key" would only know to refer to it by that particular name. If you change the name, the problem vanishes because now no one knows to object to it.
Now PR can be used for good reasons, to be sure. So I'm not knocking PR as such. It's a tool, and it can be used for good purposes and bad purposes. But when a company wants to push something that nobody wants, all they have to do is change the wording, create some planted stories, cook some polls, infiltrate opposed organizations, buy people off, uh well, use your imagination. When "...3. PROFIT!!" is your goal, PR can be a very effective tool at the hands of the unscrupulous. This story? Business as usual for PR.
As we say at work, "You know you're doing something right when both sides are mad at you."
This technology has so much potential. I want to be able to remotely pay and walk right out of the store without waiting 15 minutes to check out two items; but I know that they're just going to use my purchases to send me more advertisements. RFIDs can give us information on our environment and we give it to them.
And that's the problem, exchange of information. After reading that article, these RFID manufacturers are already showing their lack of concern and ignorance how to secure their networks -- it's like a company that installs IIS and never patches, they're that clueless. And this technology needs to be secured right the first time; the last thing I need is yet another report of a bungling tech company leaking credit cards. It's not an MMORPG, where you get 8 months to fix, rollback and patch. This time it's worse, because a crack will not only expose financial data, but expose your personal location.
Now I don't do much to attract the ire of governments or corporations; I pay my bills, buy my music, and live my life in security. I don't worry about the gov collecting my info, because the government isn't coordinated enough to figure out what to do with it even if they had it. As a small potato, I worry more about the honesty of my fellow citizens. Store employees get caught scamming credit cards, and now, do we get to look forward to the future criminal "warscanning" around the neighborhood with his radio sensor, instantly detecting what valuables you have inside your house...
Somehow, we the community need to express our concern that the proper precautions are taken. This technology is coming, and the market potential is great. As end users, we need to demand an open access system, so that we might provide the checks and balances to keep the system honest. What else can I say, but whether we need to demand the government regulates an open system, or we use market forces to drive it into oblivion, the public can't let this slide.
I think it is evident that Sun Microsystems likes this because they see it as a way to sell servers. They appear to have put their rubber stamp on this. Of course, wasn't it McNealy who said words to the effect of privacy is dead?
Sounds more like privacy stands in the way of profit.
Here is the text of a letter I wrote to them. Feel free to improve on the text if you're a lawyer so that it may actually work as a contract, and also to suggest any other changes that may force them to rethink their business strategy on the basis of our privacy not actually being free for them to use. .........
I hereby note my wholehearted objection to your complete and total disregard for
my privacy. Furthermore, should you plan to derive profit at the expense of my
privacy, I expect compensation. After all, the privacy is *mine*, not yours to
profit off.
Should I find that an RFID tag has compromised my privacy, I shall bill you at
an amount I feel is acceptable. Your issuing of RFID tags or the technology to
implement them to any company that will indiscriminately embed it in any kind of
product that I might purchase, through choice or otherwise, or be issued with,
by choice or otherwise, will indicate your acceptance of these terms.
You've fallen victim to some of the strategies outlined in the articles this whole story is about. You've been pacified into believing radio waves are severely limited in range.
Actually, they are. Like any other form of radiation, unless tightly focused(by, say a ham's antenna?), RF quickly disappears in all the background noise as distance increases.
If you want to think of it in a crude sort of way, you can think of a can of paint exploding on the space station. Who gets covered in more paint, the guy 5 feet away, or the guy 50 feet away? This whole idea is also why ENORMOUS radio dishes are required to conduct radio astronomy- you have HUGE amouns of surface area, and you still get really, really, really weak signals.
I believe the relationship is exponential- I'm probably wrong on the exact numbers(so grab a physics book), but I think that one radian is equal to the angle covered by one square meter at one meter- or 4 square meters at 2 feet, 9 square meters at 3 feet, etc. So as distance increases, the power available to an antenna, no matter how good it is, decreases radically. The energy needed to excite an RFID device, which is practically microscopic(and hence can't have that big an antenna!) has to be either VERY high, VERY focused, or VERY close. Then there's the matter of recieving the VERY weak reply from the RFID tag...
Please help metamoderate.
Do we have any engineers in the house??
Three standard frequency bands (approx. 13MHz appears to be the longest range band) and a physically accessible antenna.
This sounds like a perfect opportunity for any engineers out there to create a tri-band transceiver with a "snort" function to cycle through the used bands, detect the feedback/absorbtion from the RFID antenna and then give it a very localised, high powered pulse or thousand at the appropriate frequency.
If you don't manage to fry the tiny componentry in a tag, it ain't turned on.
Any and all defensive mechanisms (micro-faraday cages, zener diodes, gas chambers, etc.) should either prohibitively raise the price per RFID or be easily overcome with a minor modification (slow ramp up times, gaussian (white noise) frequency distributions).
A far more interesting concept is surely the use of "throw-away" RF interference devices that could interfere with the use of RFID tags to such an extent that it is not viable for it's users (Walmart, I'm looking at you).
Perhaps you could even use their electrical wiring as your antenna (c.f. electronic vermin repellers).
Time to break out the soldering iron.
Quinkin.
Insert Signature Here
When will it become government policy to rountinely RFID tag people?
It's a common procedure for tagging dogs here in the UK especially if you wish to take your dog abroad. It's been used successfully in finding the owners of strays for some years now.
Perhaps the tag will be embedded under your skin, as part of a passport application, or maybe embedded into a hip bone or the skull at birth.
We already externally tag offenders on home curfew, why not go the whole hog and attach a RFID tag to the stem of the brain, try removing or microwaving that you sucker!
Someone in the office just opined that if cash (notes) had RFID tags in them, then there would be a good hole in the market for a "how much cash is person X carrying?" scanner - pickpockets would be able to pre-select you for their services!