Slashdot Mirror
Hacking the RFID Network
An anonymous reader writes "The world's largest retailers are developing the EPC Network as the infrastructure for a global rollout of item-level RFID. In many ways this 'Internet of Things' resembles the ISBN system or CueCat's codes-to-content. But the network built for tracking consumer goods could also be used for intangible items: airline seats, music tracks or service calls."
http://news.com.com/Japan%20school%20kids%20to%20b e%20tagged%20with%20RFID%20chips/2100-1012_3-52667 00.html
i, for one, welcome our rfid tagged japanese overlords.
for a minute there, i lost myself...
.. Are Japanese school children anyway? (Japan school kids to be tagged with RFID chips) Just wait until a stalker hacks that RFID network!
One line blog. I hear that they're called Twitters now.
It's my understanding that a common practice these days is to have microships (which I assume to be RFID tags) injected under the skin of pets, so lost pets can be identified even if they're not wearing collars.
I think a good idea would be to make pet doors that can "learn" to unlock only when certain RFID tags are within 4 or five feet. You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in.
Also, if your pets didn't have the chips implanted, you could just get a chip on a collar.
Alaska Jack
I'll let the philosophers sort out whether the ability to track every object is a good or bad thing. However, I do know that if this system becomes too pervasive without security, this is going to be a big problem in a hurry.
I remember a commercial where a shifty guy walks through a store stuffing things in his jacket, and then walks out of the door to be stopped by security. The guard informs him that he forgot his receipt, hands it to him, and sends him on his way. I'm all for putting checkers out of work, but if such an environment existed, it would also be profitable to spoof the system.
As they are currenly used, I suppose the only profit would be to either disable the tags or somehow make the store think it has already been purchased. That brings me to the next issue. I assume most people have tried to walk out of a store with a purchased tagged item where the checker forgot to take off the tag. It is annoying and embarassing. Imagine if this could happen with every article of clothing that you own because the store database gets screwed up.
I don't practice what I preach because I'm not the kind of person that I'm preaching to.
What would be the easiest way to find and/or destroy an RFID tag? Put your new pullover in the microwave oven for 3 seconds?
Is there any way to destroy such a tag embedded in electronics? Would it be possible to make the tag a vital part of the electronics in such a way that its destruction would lead to immediate equipment failure?
Are the signals easy to spoof?
Geek rants since like... 2000 or something.
Maybe I'm just spoiled being a hardware engineer, but it seems to me that the people who are crying about these RFID tags and privacy are just plain ignorant.
I can tell you it will be trivially easy to build a jammer for them. Maybe a little harder to build an RF source with enough energy to burn out their cute little itty-bitty diodes. And until they get wise and start putting challenge/responce encryption in them, building a box to spoof them would be a weekend project for your average Radio Shack hobbyist.
Will someone please educate them about the technology so they can devote their time to something that really matters? (If they want something to bitch about, they can read my blog for ideas.)
I might just wait until they're manditory in license plates and walk parking lots blowing them all out, (but probably not being a grownup and all.) Perhaps I should have posted as AC just for suggesting it. (Damned Patriot Act bastards.)
I'm not sure about security on the password exchange, but with how little thought seems to have gone into the other "standards", I wouldn't be surprised if it was plaintext.
Hamster