Slashdot Mirror
The Trouble with RFID
wintermute42 writes "Simson Garfinkel, author of Practical Unix & Internet Security along with Gene Spafford and Alan Schwartz,
has an article in The Nation on RFID tags. They're not just for tracking stuff. They can track you too."
Beings aspergers AND pulling chicks... I enjoy the challenge!
Oh wait...
---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
So how feasible is a "zapper" that will render RFID's useless? The idea is you come home and run your new purchases throught some sort of scanner...and poof! Normal merchandise again.
Any EE types that are familiar with what it would take to do something like this?
Anyone can track you. Really. All it takes is a notebook and pencil.
Get over yourselves. Jeez.
I have been pwned because my
No kidding. Life takes on a similarity to the chessboard. There are no surprises in chess, just players not quite working out all of the move combinations.
Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
In Soviet Russia RFID tracks you. Wait... that's not right is it?
Great. We'll have inboxes filled with "Track your neighbour" and "Generic RFID removal" in no time.
What happens if you collect about 1000 RFID devices
and carry them around with you. Will the readers
be able to read that when you pass by a scanner?
You're thinking about this all wrong. Take off your tin-foil hats, nobody really wants to 'track' you.
Now, what companies will really be salivating over is the opportunity to market to you. If they can track all of the RFID tags on and around you, they can know so much about you that they can tailor advertising to you specifically. Just like Minority Report, only not so cool.
Just think of it as value adding. You're adding so much value to the coffers of manufacturers and advertisers!
Rules of conduct like those in the previous slashdot story here?
People say I'm crazy, I got diamonds on the soles of my shoes...
Who didn't figure that RFID tags will be used to track us- the consumers? Hell, that may be even a better use for them than inventory tracking... They get about the perfect picture of what products we use, when and to an extent how. The marketers wet dream. And of course the definition of propriety will be stretched, bent and broken during the courtship of RFID tags.
:)
Now, I on the other hand, have a want for them. I think they could be fun to hack around with. That is, I want my PDA to be able to read tags, and then I'll get a bunch of them. I'll tag my house up, so that I can get location-based alerts. The kind of thing GPS would be too big and clunky- and not accurate enough- to do. I can come up with all sorts of fun things to use RFID tags for in my own life that have nothing to do with being "targeted" better.
Working toward a usable PDA environment in the spirit of Newton OS: Dynapad
What is that quote? Man is born free yet everywhere he is in chains
I do not like the idea of having every last bit of privacy removed. Between the new camera's my state is installing on highways, with radar guns, that send you a ticket in the mail, to having banks sell personal information to thrid parties so they can call me at dinner to offer me a great price on a satelite dish, this is getting out of control.
While some may say that government will never, ever use any technology in an illegal way, I would just say they have done it in the past. Nixon broke into the dem's headquarters. Other presidents have bugged the phones of political groups like the black panthers. And this current president has the "Patriot Act".
It scares me to think what government could do. 1984 is looking less like fiction and more like a prediction.
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
Right, but nobody can track thousands of people simultaneously and find patterns and "alleged links with so-and-so" with a computer.
tasks(723) drafts(105) languages(484) examples(29106)
Happy Trails,
Erick
http://www.busyweather.com/
RFID on slashdot many times. Solution to this problem is simple. Avoid holding actual personal details on a central database. Yes, lets track what people buy and where they go, but only as an alias. IE, last month, 1287 people visited XYZ store in New York and purchased ABC jacket and then 376 of those people left the state. No need to log WHO they were. Simple really!
O'WONDERWe're working on it.
I'm a triathlete and runner, we've been using RFID to track athletes for years. The main company doing this is Champion Chip. It's a small plastic device that you attach to your shoe or put on an ankle strap.
The tracking lets them do severl things. First, they get accurate timing and immediate results. They can also track where you've been to make sure that people haven't cut parts off the course. Some people are too creative, a few years back a women hopped on the subway for part of the Boston marathon, but she went "too fast", they got suspicious and reviewed the surveillance cameras in the subway.
The latest cool thing was in Ironman Hawaii. They had video cameras setup on the course and the chip strapped to your ankle let them know your location all day. Then, you could order a personalized DVD with video of your race. Pretty cool idea, though I didn't personally buy one.
Some may see this as big brother, or a harbinger of things to come. Some of us, however, have been happily tracked by RFID for years - voluntarily! I wouldn't want this to be 7*24, without my permission.
Alan.
Now I need a tin foil jumpsuit, boots, gloves and helmet.
try { do() || do_not(); } catch (JediException err) { yoda(err); }
Why is everyone so paranoid about being tracked with RFID? I've got nothing to hide, so I couldn't give a monkies if everyone knows where I am or if a store knows my purchase patterns. Heck, most of them already have this info thanks to my loyalty cards, and I don't see anyone making a big fuss about that!
biopowered.co.uk - catalytically cracking triglycerides for home automotive use since 2008. Just say no to big oil!
If you gents keep screeching about the profound dangers of RFID for every single article, interview or news tidbit that comes out, folks are going to start ignoring your input.
Hell, I look forward to the day I can just load up my cart with groceries and head out of the store without bothering to stop at a cash register. My purchases are already matched to my credit card account in their internal inventory anyhow, and I'm openly 'opting in' by using the system.
I wonder what Slashdot would have been like if it had started on an FTP site and not port 80:
"Coming dangers of the World Wide Web! Cookies! Server Logs! URLs! Protest now while there's still time!!!!!!!"
The problem is (as always was and always will be) how people use a technology.
RFID (or any other technology) is not necessary for a police state as demonstrated by many examples in the past.
You privacy can be (or most probably: was) violated without RFID too.
To protect your privacy you need a society that values privacy and have laws that express this. If you do not have that then you are swimming against the flow and your are doomed to failure, no matter if RFID is used or not.
I would like to point out Europe: there are privacy laws that basically say the following:
If you have such laws (and have them enforced) then there is no need to fear RFIDs - but if you don't have them, RFIDs should be the least of your worries.
Real life is overrated.
What you fail to address is that takes a vehicle and one or two dedicated people per person being tracked. This is the way it should be.
... ) gone will be the days that people could walk into a large store, take something off the selves and return it to the sevice counter ( it was a gift and I don't have a recipt ).
With RFID we are now faced with situation where a simple globally unique tag is assigned to each RFID tag and can be tracked with simple electronics. A store can track your every movement with a dozen carefully placed receivers by tracking the RFID tag embedded in the soles of your shoes.
Malls could track walking patterns the same way, and by consolidating and minimg the data, they can probably match up anonymous tracking data with an individual by looking for things like credit card transactions.
This is not stuff of Sci-Fi or intregue novels, stores want this kind of information and they WILL be using it. Unfortunatly with my buisness hat on I know that RFID will never go away, it just has WAY WAY too many advangtages for stores ( inventory, shrink reduction, fraud protection,
like Simson Garfinkel. First of all, it's not exactly a common-sounding name to me. Maybe it is in other parts of the world.
Second, can I withstand the desire to crack a Simon & Garfunkel joke? I mean, almost all the letters are there...
Hello R-F my old friend,
I've come to talk with you again.
Because the data softly creeping
I am just lying here weeping
Because a hacker
Just stole my identity...
And now my bank account is silenced.
Those little strips they put in US bills can be detected through walls... not too far of a stretch to go the next step...
---- It puts the lotion on its skin or else it gets the hose again. It does this whenever it's told.
It would seem to me that all of the "take off your tin-foil hat" crowd are missing the obvious. Yes, I understand (and if you rtfa you'd see that the author does too) that the planned use of these tags are for very legitimate reasons, but hasn't anyone learned through history that abuse occurs? If some technology has the potential to be abused, then sooner or later, the government, spammers, advertisers or even Wal-Mart WILL abuse it and our privacy will be invaded. This isn't to say that laws governing the use of RFID tags will prevent abuse entirely, but lets at least TRY to prevent what we can before simply allowing these things to go into widespread use and abuse.
The big question, which, it seems to me, gets deliberately fuzzed in all of these discussions, is this:
Is it acceptable to invade your privacy as long as it is for the purpose of selling you stuff?
Privacy advocates tend to emphasize the danger that systems put in place for the purpose of selling you stuff might later be used for purposes of political repression. This is a real concern, but a relatively remote one. It's a slippery-slope, speculative, "if this goes on" kind of argument. Yes, I know (mostly from reading Slashdot!) that there have already been instances of such usage creep.
Let's suppose--implausible, of course, but suppose--that you could somehow guarantee that RFID tags, and all the information that companies gather on you in all sorts of ways, could be freely exchanged by companies for the purposes of selling you stuff, but could be perfectly secured against any other kind of use whatsoever.
Would that be all right, or not?
"How to Do Nothing," kids activities, back in print!
Oh, come now. You really haven't read up on RFID, have you?
The RFID tags that we're talking about DON'T have batteries. Only active RFID tags do, and those are an extremely small percentage. Do you really think they would place an expensive battery powered RFID tag in every shoe?
-------
technomad
In this case, you willingly put it on in order to operate and interact with your community of runners. Basically, to see who is the best among you and to see what your time is for personal reasons.
In the scary case, WalMart puts an RFID tag on my tighty-whities and then I go to Target and over the intercom comes a voice that says, "John Allman, Welcome to Target. We have tighty-whities for sale."
Personally, I am learning to sew.
Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
But you wouldn't know unless you need to roll them all the way to the end.
--- Ban humanity.
My understanding, based on earlier articles that have been posted on this website, is that the RFID tags are specifically built to withstand these sorts of problems.
They disconnect their antenna if they sense a surge to protect their circuitry.
And it makes sense -- if you're using these for tracking merchandice, you wouldn't want some shoplifter taking the RFID equivalent to a tazer with them, shorting out the RFIDs, and then walking out with your product.
(personally, I didn't see anything new from this article than any of the other articles posted before on the subject. I don't think there have been particular suggestions of targeting window shoppers, but the general proximity issues have mentioned repeatedly before)
Build it, and they will come^Hplain.
All I usually get is "Stores will build a database, and then Homeland Security will do, um, something." Followed by handwaving and dubious slippery slope arguments that usually imply a continent spanning sensor net that sounds like a cross between Tom Clancy and Vernor Vinge.
Someone connect the dots here. The article didn't do a very good job.
Or is this just modern mythology, like people hiding in their homes worrying about wererwolves and vampires and witches in centuries past?
--- Ban humanity.
Here's an idea for a new community project: Mega RFID Vest Library
Go to the dump where multiple people are throwing away RFID-laden products. Snag the lil suckers off discarded food products, garments, appliances, liquor bottles, baby food.
Sew them onto a vest.
Lots of `em.
When you walk through the scanner you'll be ...... 246 different people.
Then, trade vests with others in other cities, other countries!
"Provided by the management for your protection."
This group, CASPIAN - Consumers Against Supermarket Privacy Invasion and Numbering has information on RFIDs including Auto-ID: Tracking everything, everywhere. The group is also against loyalty shopping cards for similar reasons.
One of the high street stores in the UK (Marks & Spencer) has just completed a pilot test at one of its stores. Worryingly the Department for Trade and Industry actually subsidised the scheme, even more worrying was of the 50 people who were intereview about RFID no one seemed to care or be aware of the technologies issues.5 5,39118147,00.htm
The scheme used intelligent tags that "hold just the number unique to each garment. When scanned against an M&S database, the tag would only give information related to the product's size, style or colour." Check out the full story at http://www.silicon.com/software/security/0,390246
There are things we know we don't know and things we don't know we don't know. - Donald Rumsfeld
I apologize for, maybe, missing the point but after looking at a few portions of the article, I am beginning to wonder why. For instance:
:O
RFID isn't a household word today, but within the next few years manufacturers hope to put it into many household products.
Why would these be needed in 'household products'? I understand they want to track merchandise, but this could be accomplished by putting an RFID sticker on the bottom of the product. That way, you take it home and tear the sticker off when you take it out of the box.
Perhaps, for clothing, just put an RFID on the main tag. I've worked for a clothing store who used the locking pin security devices found in most stores. They work wonderfully, as you have to destroy the garment to steal it and it only costs a couple of thousand to enough of those things to last a lifetime. I do not see the flaw that needs a new product, not in regards to clothing.
Both Wal-Mart and the US military have already told their hundred largest suppliers that cartons and pallets must be equipped with unique RFID tags by January 2005.
This is what I would like to see RFID used for. This will really speed things up at distribution centers, as a forklift coming off a trailer will simple have to drive through the dock doors (assuming the sensor would be there) to put an entry in the company's database saying "this pallet entered the building", meanwhile the operator keys into the computer on his forklift the actual product count.
For people who will "bite" and say something about computers on forklifts, they have been around for over a decade. I know, I fabricated a prototype mounting platform for a small, wireless computer back in 92. They had blueish LED displays, and were shaped similar to an old RS Model 100 portable, but housed in a sturdy black metal case. I made a nice adapter for Crowne forklifts that allowed the operator to swivel, tilt, and adjust it to his/her most comfortable viewing position. Too bad I didn't know anything about patents back then. They started using this design at all their distribution centers, which equates to thousands of lift trucks.
I do not miss working for Kraft foods. We had weekly 'rallies' where the managers would have a guest speaker. The most memorable one was Penske (wealthy bastard) came to tell us what a great job we were doing, then proceeded to talk about efficiency for the next 45 minutes. More often than not, everyone left with a broken sense of pride due to wealthy investors talking to us like we were children. It seemed that after every meeting, new poop would appear on the bathroom walls.
Maybe now, but think down the road a few years. You have an RFID tag in your jacket, shoes, pants, cellphone, carkeys, and wallet. You walk by a sensor, and it ties all thoes things together.
Sure, you change clothes, but what about your phone? What happens when you wear the same pair of shoes with different clotes? The data warehouse ties that serial number in with your profile and builds a profile of all the items you own. There's not an easy way to eacape that.
I work in datawarehousing. We have a system that processes about a billion transactions a day. Each record is far mor complex than than a simple RFID and station ID. We also tie multiple records together into transactions. The scenaro above could be very real.
"Drug related crime" is a misnomer, "prohibition related crime" is the more accurate and correct phrase.
Cut off all your RFID tags and keep them somewhere safe. On a weekly basis get together with all your friends and put all your collective tags in one bucket. Take, at random, your share and carry them with you for that coming week. Repeat process next week. This way any data gathered through these tags would be a random assortment of movements from you and your friends.
Correlate that, bitches!
What happens when you wear the same pair of shoes with different clotes?
The fashion police haul you away.
To-do List: Receive telemarketing call during a tornado warning. Check.
There are some great new product opportunities in the new RFID-enabled world.
RFID Super Scanner - Scan your surroundings and your stuff for RFID tags. Pinpoints the location exactly.
RFID Mega Zapper - A high energy directed radio energy impulse designed to fry the electronics in your RFID tags. Great fun for vandals in stores! Smack your enemy's wallet!
RFID Spoofer - A programmable device that returns the RFID code of your choice. Great for making a copy of you luxury car key! Or your neighbours. Have fun in stores after Zapping (TM) a RFID tag and replacing it with a Spoof(TM)!
RFID Data Miner - Build your own database of RFID tasks. Now you can do your own surveillance and track people. Also good in parking lots when you want to know what RFID code to feed into your spoofer for easy access to that nice car.
RFID Jammer - A fun little DOS device that emits radio frequences to blind RFID readers.
RFID Database Feeder - This device emits thousands of new random RFID codes every second. Great for filling the databases of those eager RFID code collectors.
I think most of these tools can be built easily and are not science fiction. If they can be built, they will.
Seriously, do you think RFID techniques makes the society more or less vulnerable for attacks?
)9TSS
The 'myths' of RFID - from an industry group, but might be worth a read - even the people selling these things are only claiming ranges of 10-50cm.
I talked to one of the runners last year about it and we were laughing over the story. we also have a lot of ham radio operators in the city who broadcast results as they're anounced; i'm wondering what's next with RFID. Will hardcore athletes just have permanent chips in their bodies? Or will they be embedded in the sneakers?
"I'd say 'Have a good time,' but arson is still illegal.
Some are quick to say that the US Constitution guarantees no right to privacy.
But IMHO, the US Constitution embodies the 1793 State-of-the-Art of distrust of Government and other concentrations of power. That's the whole reason that there are three branches with checks and balances - mistrust of the institution of government. No matter how trustworthy those in power may be today, there's no guarantee that the next batch will be so. Checks and balances were put in place to provide trust - through mistrust.
Had the Founding Fathers been able to foresee the capabilities of electronic surveillance, they would have codified Privacy into the Bill of Rights. Instead, they did what they could, focusing on late-18th century concerns.
Had the Founding Fathers known of the potential concentrations of power known as multinational corporations, they would have codified some sort of separation of Business and State. Instead, they focused on what they knew, separation of Church and State.
The living have better things to do than to continue hating the dead.
It seems like a paranoid fellow can't even buy alumunum foil anymore without being monitored.
Now what'll I use to line my Official Area 51 Ball Cap?
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
Has anybody ever thought of making a RFID tag detector? Something that simply emits whatever RF it takes to trigger the tag and listen for a response. (It is not necessary to decode the response, only to note that it is present.)
With such a device you could scan your things and locate and remove the tags.
It shouldn't be too hard for the hardware hackers out there to come up with something like this.
As well as RFID jamming technology being in development, the makers of the tags themselves want to find a decent compromise, such as a kill command.
Automatic 'In' Door Scan Results:
Customer #4323423432 Scan Results:
Product: Jams, Size Medium: M, Style: 11, Color: Blue, Purchased at Target
Product: OP Sunglasses, Style: 13, Color: Blue, Purchased at Target
Alert!: Customer Has No Shirt On!
Alert!: Customer Has No Shoes On!
Security Dispatched
Computed Customer Loyalty Discount: -10%
'Out' Door Scan Results:
Customer #4323423432 Scan Results:
Product: Jams, Size Medium: M, Style: 11, Color: Blue, SN:1232mdsfskd2, Purchased at Target
Product: OP Sunglasses, Style: 13, Color: Blue, Purchased at Target
Product: Mens Medium T-Shirt Style 1404A, Purchased at Walmart
Product: Mens Burkenstocks Size 10 Style 14A, Purchased at Walmart
Shipping Time: 1h 14m. Last visit (By Jams SN) Oct 11, 2003. Approximate customer weight 140lbs. Customer Type: 'Surfer Dude'
Customized 'sufer dude' email and circulars flagged for next mailing cycle.
Slashdot's rate-of-post filter: Preventing you from posting too many great ideas at once.
Another trend to note is the use of RFID tags in public library items and in embedded in your library card. This allows for a very simple self-checkout and makes it quite simple to check items back into the library. Budgets are extremely tight for most libraries and this is viewed as an important way to reduce labor costs. A person would only have these tags for the short time that they have the item checked out, so its quite different than a tag that stays with you. Still there are privacy concerns as I see it. For instance, a hidden scanner just outside the door of the library could watch for particular items of interest and capture the card number of the person at the same time, all without the library's knowledge. Is this enough of a risk to be concerned with? I am still on the fence on this one.
We win together or suffer without.
As a third-party public warehouse, my company is constantly looking at technologies to streamline the process of receiving, storing, and shipping material for our customers. Currently we receive inventory to our docks in two ways: 1. Material is received at the dock and put away in location by warehousemen. They record exactly what came in on a form and turn it in to the office staff who enter the information into the database. This relies on the warehouseman to count the material correctly, fill out the form correctly, then for the office staff to enter the data correctly. The system works, but there are many opportunities for data entry errors. One misread, miscount, mis-type and the data is bad. 2. Material arrives at the dock and barcodes are scanned. The data is uploaded to the system without any human interaction besides the original scan and a later check against the Bill of Lading that came with the load. Much better than the first method, but it comes with its own issues. For one, if the material is put into location, stacked high off the ground, reading barcodes for inventory purposes can be problematic. Also, it relies on a good quality barcode. A lot of our material arrives after long truck/train rides with the material rubbing and jostling against its neighbor resulting in many unreadable barcodes. RFID is the next logical step for us. For the material to cross from the truck/train to our dock and be read by an RFID reader without the warehouseman having to aim a laser at a possibly unreadable barcode would be nice. The customer would also be able to follow that particular RFID all the way from manufacturing through the distribution process. I understand privacy concerns, but in regard to the logistics industry I see RFID as a positive thing.
Okay, when it's in the store, which the company owns, I can only say so much about it.
Moronic criminals? Not as much as you would think. They figured out very quickly that a shopping bag lined with duct tape would foil at least the early RFID readers. Car thieves in my area can break in & steal a car in a tenth the time a skilled mechanic can. Hell, they'll be the *ONLY* ones getting around this.
Long lines at checkout: Okay, throw away some more jobs. While we're at it, I see a pricing discrepancy at least every other time I'm at a grocery store...if you're just shoving a cart through the door, it's pretty hard to tell that you accidentally paid $22.47 for the Black cherry kool-aid (one of 39 packs in your cart).
Privacy is somewhat of an illusion, but that doesn't mean it's not worth TRYING to hang on to little bits here & there.
And think about just how far this can go. Eventually, there could be embedded RFID in every food we eat. As you're driving along, a roadside detector finds that the Big Mac & large fries have moved from the stomach to the small intestine, and changes a billboard ahead of you to advertise Wendy's, while activating a 1/4 watt FM transmitter to transmit ONLY to your car 'Getting hungry, Jim Farnagle? Wendy's is just half a mile ahead on the left! Make it in the next five minutes, get a free apple pie!
The issue is WHERE the line should be drawn. RFID is here to stay, and has some excellent uses. Pallets & tracking inventory - great use of 'em. But once I've purchased a product, the company that made the item, the company that distributed the item, the company that retailed the item, all of their 'business partners', and anyone else can (should) bugger off & mind their own business...go buy a congressman or something.
RFID scanner picks up the condom in his wallet
60inch Plasma Monitor: Greetings Mr. Smith, it's been 60 months since you last purchased that box of Troy Extra Super Ribbed, the one in your pocket has expired, would you like to purchase some more?
If you liked that item, you may find these appealing: Super Personal Lube 3000, Peanut Butter & Chicken Flavored body oil, Hustler Magazine, MIT:Technology Review, Kraft Macaroni & Cheese.
of course the only reason you came to the store in the firstplace, was to bring your grandma to get some fix-o-dent (of course she is seeing and hearing all of this as well, along with your local spiritual advisor, your wife(who never knew about the condoms), and who knows whom else.
Oh no! Then they'll know I was wearing the clothes I bought! With my credit card! In a store filled with cameras! In a metro area under heavy surveillance! Being photographed via satellite! Where anybody with working eyeballs can see me! They'll get my social security number! And my SAT scores! They are going to STEAL MY IDENTITY!!111! My girlfriend will start dating someone else! (oh wait, that already happened)... My dog won't recognize me! I'll be deported to Cuba or France because I voted for a Democrat once by accident! I will disappear! It will be like in the Matrix where I won't know what's real ever again!
Seriously, what's the problem here? Worried that someone will be able to detect that the red lace teddy you bought at Victoria's Secret wasn't really for your girlfriend?
No, really. Is this going to cause an undue increase in the cost of these items? Am I going to be arrested because an RFID detector figures out that I've got on brown shoes and a blue suit? How is this actually going to make my life worse?
A liberal from the Nation cries about how RFID tags might create a problem and we show no skepticism at all? He says all these things could happen-- if this and if that and only if something else. To me he sounds more like those kooks who say that all check R/T numbers secretly begin with the numbers '666' or that credit cards are a tool of the anti-christ than he sounds like a reasonable person worrying about reasonable things.
I do not have a signature
It's scary how much misinformation and FUD is spread around concerning RFID. The company I work for deals in it among other things. Reading tags isn't that easy, proximity is important. You can't just walk around with a scanner and scan the tags at even 20 feet or so without major difficulties. Too many tags in one area and they don't work right either as multiple signals screw things up. People seem to hear about the concept and they remember articles like this from people who really don't understand the limits of the technology. I like my privacy as much as the next person, but with it's limitations I see RFID far less of a threat than just about anything else. As mentioned in another post, it's how the equipment is used that's a problem, not it's existance.
As a sidenote, nearly every system I've seen intended for sales related uses kills the tags at the register when the item is sold by design. It's intended to help with inventory and keep theft down. If you stop and think, stores don't want to piss off consumers, and nothing pisses people off more than invading privacy.
I can see it now:
PHB: So, how's that big information thingy coming?
Dilbert: The RFID database?
PHB: Yeah, sure.
Dilbert: Well sir, we've got a whole lot of data. But it turns out that in the entire world, there is only one woman, and she keeps changing her clothes.
PHB: So I've only been rejected once. Good to know.
- The Amazina Llama
Given what a microwave does to a light bulb, I'd expect it would be pretty useful in destroying electronics. Note that a burnt-out lightbulb will still glow in a microwave, and for this reason I doubt that simply disconnecting the antenna from the RFID circuit will have any effect since the whole circuit will be getting irradiated. Also, don't forget to have the clothes in a pyrex pan full of water or something- unless you want there to be a burnt hole in the garment where the RFID tag was.
pi = 3.141592653589793helpimtrappedinauniversefactory7
The problem with this article is the simple fact that they start out by talking about passive rfids and then switch to ways they can be abused that would only work on ACTIVE rfids. The big difference? One has a battery and broadcasts its number a significant range.
-- botsex is {grep;touch;strip;unzip;head;mount}
Also of note, one of the leading critics of RFID, Katherine Albrecht, issued this press release today:
February 5, 2004
German RFID Scandal: Hidden devices, unkillable tags found in Metro Future Store Germans say, "Nein! We wont be your versuchskaninchen"
"We won't be your versuchskaninchen." That's the message German privacy advocates are sending to executives at the Metro Future Store in Rheinberg, Germany after discovering RFID devices hidden in the store's loyalty cards. They also found that RFID tags on products sold at the store cannot be completely deactivated after purchase, despite Metro's claims.
"Versuchskaninchen" is the German word for guinea pig, which is how German consumers feel Metro and its partners have treated them since opening the Future Store last year to test experimental RFID applications on live shoppers.
The revelations came just one day after Katherine Albrecht, founder and director of CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) toured the Future Store with a delegation of privacy experts from German advocacy group FoeBud, who sponsored her visit.
"We were shocked to find RFID tags in Metro's 'Payback' loyalty card," said Albrecht, after FoeBuD tested the cards with an RFID reader and discovered the tag. "The card application form, brochures, and signage at the store made no mention of the embedded technology and Metro executives spent several hours showing us the store without telling us about it."
"In retrospect, it's no wonder store employees appeared nervous when we asked to take a few of the cards with us," she added.
Vendors of RFID-enabled loyalty cards promote them as a way for supermarkets to identify shoppers remotely as they enter the store, using details of their identity and purchase history to pitch products to them and to track their movements and activities within the store. Prior to the Metro discovery, no major retailer had publicly admitted to using such cards.
In addition to the cards, Albrecht discovered that Metro cannot deactivate the unique identification number contained in RFID tags in products it sells. The use of unique, item-level ID numbers is one of the key privacy concerns surrounding the use of RFID tags on consumer goods.
"Customers are misled into believing that the tags can be killed at a special deactivation kiosk, but the kiosk only rewrites a portion of the tag, while leaving the unique ID number intact," she said.
Outraged German citizens are calling on Metro to put an immediate end to the trials.
"We are deeply disappointed at the Metro executives. They talked of an open dialog while hiding important facts from us," said Rena Tangens of FoeBuD. "We are calling for an immediate moratorium on further RFID testing as it is clear that Metro is not handling the technology responsibly."
Evidence of the RFID tag in Metro's "Payback" loyalty card, along with evidence of the incomplete deactivation of product tags, can be found on FoeBuD's website at http://www.foebud.org/rfid/.
I have a question: how long before this system becomes unwieldy. If we're going to track every product sold worldwide, how big will the string have to be? Furthermore, at what point will a database of said string's become unwieldy, and at what point will it become worthless to maintain all that data?
The retail RFID plans I've seen don't have a unique serial number for every item. They have a unique serial number for every type of item, kind of like a barcode. Granted, that may pose some minor privacy issues of its own. But those problems are minor, and no worse than paying with a credit card.
More to the point, RFIDs have the potential to save businesses billions -- kind of like barcodes did. And, like with barcodes, those savings will most probably be passed to the consumer.
Statistically speaking, there's a 99.998% chance that my IQ is higher than yours. Get over it.
Sales Pressure ...
...
... and you know that if they can, eventually they will. You only have to look at the ridiculous state of airline checks to see knee-jerk security at work (same name as known terrorist (even with different initial) - you ain't flying buddy). There are documented cases of this.
I don't have a problem saying no to sales people. I do take exception to being harangued, by name, from the moment I enter a store. My shopping day will be a lot more stressful if I have to say "Get the f*** away from me, I'm just looking" in every store I walk into. And if that sales person has been picked based on the type of salesperson you are most receptive to, it gets harder - I'm not talking the high schooler at radio shack here, but a well chosen personable salesperson, based on your previous buying habits (e.g. last sales were only with X, blew off salesmen Y, Z).
And it's the data sale that's not nice either. Bulk mail, UCE, will become more invasive, personalised to you, so you won't know off hand if it is spam.
Security
airline profiling - general purchase patterns (look, he bought fertiliser and gasoline), purchase locational patterns (look, he was in the area when these demonstrations took place). Don't accept luggage as gifts (traveller has bag that he didn't buy) -- I'm sure the Feds can come up with a few more.
Security reasons - bought "anti-american books" (anything by Michael Moore, Al Franken, etc), don't let into particular areas if the president is in town (such as his entire travel route for the day) - all they have to do is match you with any known RFID tags, and pull up a "book list" check (note that may include library books - thanks patriot act).
The list is endless
And it probably won't be intentional. The trouble is, these are generic patterns that a good agent will use to guide them. But you won't be dealing with a good agent. You will be arguing this with the minimum wage security guard who will follow directives blindly. You know it doesn't matter what you say or do, or whether it's obvious that the computer is wrong - they do what the computer says or lose their job, so you lose.
For a scant few bucks an hour, I will take your RFID tags out for a walk about the town. Spend a few more dollars, your RFID tags get to go to the opera, making you appear a very sophisticated gent. But skimp on the tip, and your tags spend a half hour in an alley known for prostitution and drugs.
This month's special - your RFID tags get a tour of the White House! And maybe even a chance to meet the president's RFID tags. Register soon as there are only a few openings available each year.
http://www.aimglobal.org/technologies/rfid/resourc es/articles/jan04/0401-roispy.htm
And please take special note of the scanning of RFIDs on drivers licenses while you are still in your car....
--*--*-- The Eagle sneers at the Peacock
In the U.S. it is against the law to own/operate a device whose sole purpose is to interfere with communication across the radio spectrum. The obvious exceptions are the military and other govt. agencies. I think that the "jammer" would violate the law. However, if the jammer wasn't really a "jammer" but a device that would generate a localised EMP pulse, you could permanently disable the tag. That oddly wouldn't land you in jail, as they would have to prove that the tag wasn't "broken" and that you did it.
To know is to have knowledge....to understand is to be enlightened.
As a previous poster noted the range for RFID tags is generally under 15" however range is limited only by the inverse square law.
f you can generate a RF field with sufficient energy to activate the RFID tag you can read it from almost any distance.
Example a small boat radar which costs less than 1500 US generates an X band pulse of 3.5 KW and the emitter is 8" in diameter by 3" high.
So with this in mind I do not buy the argument that one needs physical proximity to read RFID tags.
Technology is neutral it is the use of technology which determines whether an application is for good or evil. However the framers of the constitution realized that there is always a minority who lust for power and control and will use any means to achieve those goals hence the balance of power.
I have seen many of these "fear-mongering" articles now on Slashdot as well as other sites. Most oversimplify the matter without really considering the technical difficulties that make such tracking scenarios fairly impossible.
:)
During my internship the last 6 months, I was developing precisely such item-tracking software and RFID tags.
Firstly, the range on these tag readers is so low (~ 5-10 m) that tracking anyone or anything in the world outside the store/warehouse is not a trivial task. Neither are they very accurate in their sensing capabilities. This would require millions of these readers all interconnected and interfacing with the same database.
Secondly, in order for these stores to think of tracking customers (when they are in the store) based on the items they purchase, those items would have to be bought from the same store chain right? Obviously, Walmart does not have access to Sears' database!
Thirdly, and I think someone raised this point before, that current systems and pilots track on the pallet and case level. Item-level tagging raises the challenges of managing the huge amounts of data and network traffic. These concerns are so real and serious that many are raising doubts about the potential use of RFID tags in retail stores. Most of these tags do not work at all if they are in contact with some metal, as is the case in some shoes.
RFID tags have good application in warehouse scenarios, where the privacy concerns aren't that great.
I agree that RFID technology has some privacy issues, but most people seem content to object based on some imagined fears or paranoia. Look at the hard technical facts before bringing on the tin-foil hats