Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hacking the RFID Network

Posted by michael on from the ubiquitous-tracking dept.

An anonymous reader writes "The world's largest retailers are developing the EPC Network as the infrastructure for a global rollout of item-level RFID. In many ways this 'Internet of Things' resembles the ISBN system or CueCat's codes-to-content. But the network built for tracking consumer goods could also be used for intangible items: airline seats, music tracks or service calls."

46 of 213 comments (clear)

  1. Sounds like they're working by Anonymous Coward · · Score: 5, Insightful

    on overusing this new system

    Track music downloads and service calls? That's billions of unique items every year. How many items do these RFID tags support?

    1. Re:Sounds like they're working by Anonymous Coward · · Score: 2, Informative

      It is possible for users to deploy up to 20 billion unique transponders.

      Google says that in here (maybe here?) there's a claim of supporting up to 550 billion unique ID codes with this manufacturer.

      It seems to vary significantly depending on which provider you choose, but that's 91.6 RFIDs per human being on Earth. It's about 1800 RFIDs per human being in the United States.

      (PSA of anti-slash)

    2. Re:Sounds like they're working by taniwha · · Score: 2, Interesting

      actually that sounds like really poor design on someone's behalf - these things are supposed to become ubiquitous - wait 'till McDonalds starts using them for order tracking and the post office for mail tracking/sorting - they'll run out after a few years

    3. Re:Sounds like they're working by Big+Smirk · · Score: 5, Informative

      Well, there is 96bits on info on the tag (the 64bit tags are already just about dead). The reprogrammable tags (unsecure) will have something like 196 bits of scratch space. Secure tags are laser programmed. Of those 96bits, some are dedicated to the same functions as the old UPC codes. But you can imagine 48 bits as a serial number. There are various EPC standards proposed that will dictate how many bits are dedicated to each data type.

      --
      TODO: create/find/steal funny sig.
    4. Re:Sounds like they're working by Qrlx · · Score: 5, Funny

      I propose we begin tagging RFID tags with RFID tags, and feed the data into a meta-tracking database.

    5. Re:Sounds like they're working by taniwha · · Score: 3, Insightful
      maybe not ... but unless the post office can distinguish between a letter currently being routed from the baked beans in a parcel (kind of implies a manufacturer portion to the number in much the way that MAC addresses are handed out)

      On the other hand selling RFID stamps kind of makes sense - they don't get postmarked, just used once, and can be used for routing along the way ... urgh - that means that junk mail doesn't even need to print addresses on the outside, just stick a stamp addressed to you .... the downside of course are privacy isues - now the govt has a complete record of everyone who send mail and who they sent it to

    6. Re:Sounds like they're working by Tongo · · Score: 2, Funny

      We can only hope. Having these things in an Access databse will be the only way to save our privacy.

    7. Re:Sounds like they're working by Jahf · · Score: 2, Interesting

      And yet I've known at least 2 people who claim to have had MAC address collisions (without doing things like changing the MAC via ifconfig). So even a manufacturer-doled-out system isn't going to be foolproof.

      What might make sense is to reserve a pool that expire every X number of years. Use that for perishables or disposables. Probably would need interim periods between expiration and re-activation.

      BTW the cost of putting RFID on mail, at least in the forseeable future, is prohibitive. Not for UPS style packages, but for the standard first class letter the RFID tag manufacturing costs are more than twice the selling price of a stamp. Enough people today have stopped sending postal letters because of the regular increase in the price of stamps, tripling cost (which would be the cost of the stamp today plus the RFID) would hobble the post office.

      --
      It is more productive to voice thoughtful opinions (reply) than to judge (moderate) others.
  2. So this means.... by mboverload · · Score: 5, Funny

    I can track my porn collection internationally?

  3. Airline seats are intangible? by Marxist+Hacker+42 · · Score: 4, Funny

    I knew they could be used as flotation devices- but now they're apparently virtual as well. That explains the problem with overselling flights I guess. They're selling VAPORSEATS (tm) (Patent Pending)

    --
    SJW: a person who perceives an injustice, and while correcting it, commits a greater injustice.
  4. Since the article summary is cryptic... by GillBates0 · · Score: 5, Informative
    this is what I learnt about the system from a cursory read of the article:

    What they're saying is that RFID can be applied to intangible information - content rather than the physical media - just like ISBN/Library_of_Congress system uses an identifier for a book rather than an instance of it.

    In other words: RFID can be extended to apply to an entire class, rather than instances of it, as is usually done.

    Bet somebody'll mention how this is great for pr0n in the next 5 minutes.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
  5. FINALLY by surreal-maitland · · Score: 4, Funny

    at least someone will be able to find my remote control

    --
    -ninjaneer
    1. Re:FINALLY by shut_up_man · · Score: 4, Funny

      Hey, I'm looking forward to be able to type "grep socks".

  6. Hmmm by Anonymous Coward · · Score: 3, Insightful

    RFID presents the same looming threat as bar codes.

    What does "hacking" have to do with any of this?

    1. Re:Hmmm by pilgrim23 · · Score: 2, Interesting

      Indeed. Does anyone have links to any sources for info on 1: eliminate or deactivate RFID chips in clothing and other itesm other then the old method of microwave which seems to have an adverse reaction to Andrew Jackson's eyball iirc from an earlier /. on this or: 2: how to tweak, hack, redirect, reprogram, re-tune, reset an RFID so that instead of denoting on the bill of lading that this airline seat is Joe Blow on his way to see his mistress in Newark, rather it is 1000 crates of pampers being shipped to the Wally World in Tampa.

      --
      - Minutus cantorum, minutus balorum, minutus carborata descendum pantorum.
    2. Re:Hmmm by Trailwalker · · Score: 2, Funny
      And what looming threat do bar codes present?


      The requirement for shirt, shoes and a minimum age of 18 to be served alcohol.
  7. So what happens .... by taniwha · · Score: 5, Funny
    if I make my own RFID object that pretends to be other stuff .... maybe lots of other stuff ..... ?

    "err sir ... you appear to be stealing an elephant from our store .... err um please turn out your pockets ... wait I was wrong you appear to be carrying the entire housewares department ..."

    1. Re:So what happens .... by taniwha · · Score: 3, Insightful
      Ok - I was being rather tongue in cheek there ... but seriously what's to stop me walking through a store with an RFID sniffer and playing havoc with someone's inventory system when I exit?

      Could anyone who understands RFID perhaps enlighten us about what sorts of security is built into the system?

    2. Re:So what happens .... by LehiNephi · · Score: 3, Interesting

      My first thoughts were exactly the same. What's to prevent you from building/buying/manufacturing + selling RFID denial-of-service devices? I can see Congress (or the FCC) quickly outlawing such devices, but how hard would it be to build one?

      Not only could you drive any Walmart's system into the ground (allowing someone to get away with shoplifting), but you could sabotage someone else, sending them into a no-cameras room for a visit with store security. I confess to some degree of ignorance here, but are there any mechanisms in place in RFID systems to prevent such sabotage/DOS attacks?

      One more point--what's to prevent ME from bugging the store and datamining everyone's shopping habits? I imagine an RFID detector would be simple to build, require little power, take little room, be easy to hide by the doors of a store, and would be able to intercept all radio traffic between the RFID tags and store equipment.(/me thinks for a second) Wow, that's kind of scary.

      --
      Help find a cure for cancer. Join the [H]orde
    3. Re:So what happens .... by taniwha · · Score: 2, Interesting
      might be a great basis for a harassment suit :-) .... "every time I go to Walmart their security people stop me when I leave ... search me in front of my friends .... this is slander of my good name!"

      A friend of mine got into a situation a bit like this and was about to sue someone (she just couldn't figure out who) .... people kept cutting up her credit cards and bank cards, BART (magnetic train) tickets would also stop working etc etc when she explained this to me at the movies once my immediate question was "did she have any magnets in her purse?" ... she pulled out a handfull of refrigerator magnets she'd been carrying around for a while ... which was an end to the issue

    4. Re:So what happens .... by hamsterboy · · Score: 4, Interesting
      I work kind of tangentially on my company's RFID products, so I don't know everything. From what I understand, Gen2 tags (shaping up to be the standard) support read, write, and kill operations. Reading can be done by anyone, but writing and killing may have password protection. If the password is not set, anybody can write or kill a tag.

      I'm not sure about security on the password exchange, but with how little thought seems to have gone into the other "standards", I wouldn't be surprised if it was plaintext.

      Hamster

    5. Re:So what happens .... by hamsterboy · · Score: 4, Informative

      Transmission ranges on these things are VERY short. Keep in mind that the FCC regulates how much power you can pump through a reader, and that the tag is powered entirely by this transmission. With an RFID tag mounted to the pricetag on a shirt, you'll be lucky to get 3 feet of transmission. Also, the tag will most likely be killed right after the customer's credit card is charged, so sitting outside the door won't get you any data at all.

      In answer to your first question, fairly difficult. You'd need an active device which listens for a query from a reader, and responds as though it were a tag. Also, the tag is just responding with essentially the same data as a barcode; any code that isn't in the master database in the sky will be ignored. And the readers can handle a large number of tags (read rate for some readers is >1000 tags/sec, and will only get better), so a DoS will be pretty difficult. Not something you'd wire-wrap in your garage.

      Hamster

    6. Re:So what happens .... by wrc · · Score: 2, Insightful

      Simple. Once it is ubiquitous, make it illegal to manufacture or sell any device that can interfere. Heck, make it illegal to even tell people how to make such a device.

      Hmm. How likely is that to ever happen?

  8. Their "Object Name Service"... by tcopeland · · Score: 4, Informative

    ...piggybacks on DNS to look up manufacturer info. The spec is here... nifty stuff!

    --
    The Army reading list
  9. And no doubt, trackable. by TyrranzzX · · Score: 5, Insightful

    The major shortcoming of RFID tags is not their rollout in stores, it's that they want to do things like weave them into clothing fabric or hide them so you've got to work to get them out. I don't know about you, but that's a bit excessive. Moreso, the range on the tags is an issue; the tag may be tiny, but you can still get a considerable amount of range out of that, look what's possible with GPS.

    Then we've got the registering everything idea. If we put RFID tags on everything that can go for 100 feet, and if everything has a unique identification code, then the government can ask for a list of which codes are associated with which objcts. Then, as stuff is baught, you swipe through your drivers lisence and a database is updated with what you have. Combine this with bank account data, wifi hotspots on poles that are constantly pinging devices, garbage trucks equiped with rfid scanning technology, and other pieces of information, and you've got one hell of a spying system. All those evil laws the people in power dream of would be possible.

    If there was a law that said the RFID tags could only be put on removable stickers, and must have a range limited to less than 5 feet, then it'd be ok. It's the "weaving them into products" thing that's got everyone upset. Infact, if that weaving thing didn't exist, I think RFID tags would be pretty neat; you could buy a bunch of food and query it through your house, which could download and update a database of recipe's which could be setup on some kind of whacky algoritm that figures out which is going to go bad first.

    The only problem there is that as the chips evolve, we'll be throwing small flash cards on em with advertising or more complicated systems of ensuring produce hasn't been tampered with, which if the laws don't change, will require licensing since you're copying; licensing to eat, not a good thing.

    AS far as tracking people is conserned, we all know of the mark of the beast, and we all know that tracking accounts with rfid tags is just plain stupid. If you're going to track a person, have them wear a wrist band or something; even the guys on star trek didn't have that little pin thingy embedded in their forhead.



    --


    Candy-Coated Knowledge

    1. Re:And no doubt, trackable. by DrEldarion · · Score: 2, Insightful

      The major shortcoming of RFID tags is not their rollout in stores, it's that they want to do things like weave them into clothing fabric or hide them so you've got to work to get them out. I don't know about you, but that's a bit excessive.

      Excessive? Consider some of the main usages:

      Anti-theft: Easily removable is a bad thing.
      Quick checkout: Easily removable is a bad thing.

      I don't think it's "excessive" when having them be easily removable defeats the entire purpose for which a lot of stores will use them.

    2. Re:And no doubt, trackable. by AnodeCathode · · Score: 5, Funny

      As long as we can continue to obtain rolls of aluminum foil without RFID tags, we should be good to go.

    3. Re:And no doubt, trackable. by drinkypoo · · Score: 2, Informative

      Please do not use GPS as an example. The signal for GPS is sent by satellites, presumably with large antennae. The signal for RFID is sent by the RFID tag (at least, the signal you're interested in reading) which has a small antenna and operates with very low power. The GPS [transmission] antenna only needs to handle a certain range of orientations of receiver to sender, and RFID must broadcast omnidirectionally because you cannot guarantee the orientation of the tag.

      What scares me is that eventually shoes will have RFID tags in them somewhere, and tires will have them too. This defeats the proxmity problem completely.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  10. intangible: airline seats and japanese children! by sxtxixtxcxh · · Score: 4, Interesting

    http://news.com.com/Japan%20school%20kids%20to%20b e%20tagged%20with%20RFID%20chips/2100-1012_3-52667 00.html

    i, for one, welcome our rfid tagged japanese overlords.

    --
    for a minute there, i lost myself...
  11. Re:intangible: airline seats and japanese children by TyrranzzX · · Score: 4, Insightful

    If there's anything to say about the japanese, it's "wow, they're screwed up". If tagging your kid everywhere they go says something, it says "I don't trust you"; and the longer kids aren't trusted with responsability, the less they will be responsable, and if the world is filled with irresponsable people....

    Dear lord...that'd be one screwed up place...

    --


    Candy-Coated Knowledge

  12. Just how intangible .. by AndroidCat · · Score: 5, Interesting

    .. Are Japanese school children anyway? (Japan school kids to be tagged with RFID chips) Just wait until a stalker hacks that RFID network!

    --
    One line blog. I hear that they're called Twitters now.
    1. Re:Just how intangible .. by character_assassin · · Score: 3, Funny

      Fortunately, pedophilia and rape fantasies are practically unheard of in Japan.

      --

      If you mod me down, I shall become more powerful than you can possibly imagine.
  13. RFID identity dilution by nekoniku · · Score: 3, Insightful

    How long are RFID tags (or the databases' links between a person and their stuff) supposed to last?

    When people get tired of or wear out their RFID clothes and then give them to Goodwill or sell them through consignment stores, tracking systems will think they're in multiple places at the same time.

    So does this mean I should or should *not* start buying all my clothes at the second-hand store when RFID rolls out? :P
    nn

    --
    "It's a wonderful idea. But it doesn't work." -- Tad Danielewski
  14. intangible seats? by scabbers · · Score: 2, Funny

    why on earth should airline seats be intangible? last time I sat in one it wasn't. I further imagine that the seats not get lost too often and therefore do not need to be tracked..... This whole idea is just nonsense...

  15. Instead of RFID tracking everything why not.. by Tandoori+Haggis · · Score: 3, Funny

    simply dictate where you send your products and keep the consumer in one place, like a vat of amneotic fluid. Come to think of it, all those carbon based units churning out 100W of heat and only using less than 10% of their processing power...

    Imagine a super beowulf cluster of those...

    Er wait...

    --
    My hyperlinks aren't worth the paper they're printed on.
  16. Open Source RFID by winavr · · Score: 2, Interesting

    If anybody wants to do something constructive, then help "hack" on the open source RFID C library on Savannah.

  17. A good use for existing RFID tags by Alaska+Jack · · Score: 5, Interesting

    It's my understanding that a common practice these days is to have microships (which I assume to be RFID tags) injected under the skin of pets, so lost pets can be identified even if they're not wearing collars.

    I think a good idea would be to make pet doors that can "learn" to unlock only when certain RFID tags are within 4 or five feet. You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in.

    Also, if your pets didn't have the chips implanted, you could just get a chip on a collar.

    Alaska Jack

    1. Re:A good use for existing RFID tags by E-Rock · · Score: 2, Informative

      Damn, that's a good idea. Not necessarily for RFID, but in general. Too bad someone already beat us to market:

      Magnetic

      Infrared

    2. Re:A good use for existing RFID tags by The_REAL_DZA · · Score: 2, Insightful
      "You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in."
      Uh, I think you meant "You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in unescorted ." Those of us with those big, friendly (but gullible) dogs would still come home to a "party" every day...
      --


      This space intentionally left (almost) blank.
  18. Security at the beginning by Blindman · · Score: 4, Interesting

    I'll let the philosophers sort out whether the ability to track every object is a good or bad thing. However, I do know that if this system becomes too pervasive without security, this is going to be a big problem in a hurry.

    I remember a commercial where a shifty guy walks through a store stuffing things in his jacket, and then walks out of the door to be stopped by security. The guard informs him that he forgot his receipt, hands it to him, and sends him on his way. I'm all for putting checkers out of work, but if such an environment existed, it would also be profitable to spoof the system.

    As they are currenly used, I suppose the only profit would be to either disable the tags or somehow make the store think it has already been purchased. That brings me to the next issue. I assume most people have tried to walk out of a store with a purchased tagged item where the checker forgot to take off the tag. It is annoying and embarassing. Imagine if this could happen with every article of clothing that you own because the store database gets screwed up.

    --
    I don't practice what I preach because I'm not the kind of person that I'm preaching to.
  19. Seek and destroy by Hannes+Eriksson · · Score: 4, Interesting

    What would be the easiest way to find and/or destroy an RFID tag? Put your new pullover in the microwave oven for 3 seconds?

    Is there any way to destroy such a tag embedded in electronics? Would it be possible to make the tag a vital part of the electronics in such a way that its destruction would lead to immediate equipment failure?

    Are the signals easy to spoof?

    --
    Geek rants since like... 2000 or something.
  20. Those activists aren't too bright. by Positive+Charge · · Score: 4, Interesting

    Maybe I'm just spoiled being a hardware engineer, but it seems to me that the people who are crying about these RFID tags and privacy are just plain ignorant.

    I can tell you it will be trivially easy to build a jammer for them. Maybe a little harder to build an RF source with enough energy to burn out their cute little itty-bitty diodes. And until they get wise and start putting challenge/responce encryption in them, building a box to spoof them would be a weekend project for your average Radio Shack hobbyist.

    Will someone please educate them about the technology so they can devote their time to something that really matters? (If they want something to bitch about, they can read my blog for ideas.)

    I might just wait until they're manditory in license plates and walk parking lots blowing them all out, (but probably not being a grownup and all.) Perhaps I should have posted as AC just for suggesting it. (Damned Patriot Act bastards.)

  21. Re:"Excessive? Consider the usages" by nusratt · · Score: 2, Insightful

    "Consider some of the main usages . . . Anti-theft . . . Quick checkout . . . 'easily-removable' defeats the entire purpose for which a lot of stores will use them."

    It's not the merchants' _ostensible_intended_ usages which are excessive, Virginia; it's the _potential_ uses, by corporations, hackers, private snoops, governments, etc.

    Jeez, things are going way beyond Ben Franklin's famous saying about trading liberty for security. Lately, I've been seeing way too many of these examples of people being naively willing to short-sightedly throw away privacy, the safety of anonymity, and safeguards against the Ashcrofts of the world -- irreversibly -- not for "security", but MERELY for fscking temporary CONVENIENCE!!

  22. Re:RFID for finding all those misplaced things. by Anonymous Coward · · Score: 2, Insightful
    The tags may be tiny, but the 4" antenna attached to each may be somewhat easy to spot.

    Assuming for the moment that we're talking about the passive RFID tags (such as those produced by Alien and Matrics), then the tiny chip on the tag gets its power by receiving the RF signal generated by the transmitter, and uses that power to send back a signal saying "here's my data".
    Now assuming the usual inverse square stuff, and allowing that the signal back from the chip is being sent with about 30 dB attenuation, then some simple math (left as an exercise to the student because it's been a while since I did it) should give you some real-world ideas as to the range and reliability of these damned tags. And the size/power of the transmitter needed to energize them. And that's assuming a clean read in the first place, and not having to disambiguate Avogadro's Number of tags in the immediate vicinity of the transmitter. And that doesn't count the tags within 6" of the transmitter that have melted!

    Sorry, mate, but I've been working with some of these tags and readers in an industrial environment for a while now. I'm alternately amused and frustrated by the tin-foil-hat brigade and the assertion that someone with a hand-held battery-powered minature device could scan tags reliably from across the room/across the street/from low-earth orbit and figure out where you bought your underwear.

    I'd love to tag the cat myself and then track it round the house/neighborhood, but I suspect that the Tesla-esque transmitter on the roof would cause some comment among the neighbors/Dept of Homeland Security (-:

  23. better than hacking, would be simply more tags by CFD339 · · Score: 2, Funny

    No need to shoplift OUT of the store -- walk in and start tossing rfid emiters in coat pockets, bags of socks, other shoppers' carts .....

    Overwhelm the system and it becomes useless.

    --
    The problem with quotes on the internet, is that nobody bothers to check their veracity. -- Abraham Lincoln
  24. Re:RFID Database by RossS-G · · Score: 2, Interesting

    Why not? The idea with the ONS is that someone (VeriSign, per the contract that EPCglobal let) will run a fairly small (and replicated by others) root service to say, "If you want to know about EPC=XXXXXX..., you need to look over there," and give a pointer to PepsiCo. At PepsiCo (or some agent of PepsiCo's choosing, say IBM, or GXS, or whomever), there'll be services to further parse the request, and direct it to an appropriate target. PepsiCo could choose to construct a single huge database with entries for every tag (associated with every product) it creates, though it need not... that might be broken up among various bottling units, etc... we need to think of "EPC space" as a vast, federated landcape of services.

    The elegance of the EPC is that it parses into parts: a part will say, "This EPC was assigned by PepsiCo," a part will say, "It corresponds to this PepsiCo product," and a (fairly large) part will say, "For this PepsiCo product, this particular EPC represents this specific unit."