Slashdot Mirror

← Back to Stories (view on slashdot.org)

Open Source RFID Project

Posted by michael on from the rfidstumbler dept.

Anonymous Coward writes "With all the press RFID is getting, I was looking for an open source solution to Wal-Mart's RFID compliancy mandate. I stumbled open the RadioActive project. I think these guys have the right idea. Eventually, RFID will be everywhere. Could an open source project like this bring rapid deployment of RFID like Apache did to the net?"

21 comments

  1. I don't see how... by dhakbar · · Score: 1, Insightful

    I'm not sure what the point of an open source RFID project would really be.

    Shortly put, I don't think the situation is at all analogous to Apache's.

    1. Re:I don't see how... by RadioActiveHq · · Score: 2, Insightful

      There are lots of details about RFID that most people don't see.

      The way in which Walmart, DOD and the EPC wants to deploy RFID is very similar to the internet. In a sense, each item will have its own IP address (unique id) and data can be resolved from that ip (information about the package).

      The standards set are full of specific software and services that companies need to have to deploy a EPC compliant system.

      Just like how Apache uses standards to communicate with browsers, the RFID world is heavily based on standards. Also the fact that RFID will most likley be everywhere in the next decade or so i think there will be a need for open source systems analogous to how there is a great need for apache.

    2. Re:I don't see how... by TheRunningBoard · · Score: 1

      I'm not sure what the point of an open source RFID project would really be.
      This is easy, to help support the new standards that are being set by EPC Global. Also to fuel faster development and deployment to help move the technology quicker. I read a lot of posts about gonig to the grocery store, and walking out with all of your products and have it billed to your credit card. The reality of the situation is that this is a long way off, Wal-Mart is only now beginning to tag only pallets and cases - and that is only from a small amount of suppliers as it is. An open solution will speed up the reality of the 'cool' applications of RFID.

      Shortly put, I don't think the situation is at all analogous to Apache's.
      Internet - Needs webservers to exist. OS webservers make growth very fast.
      (EPC) RFID - Needs middleware and ONS to exist. OS can provide this and fuel this growth.

  2. Um correct me if I'm wrong by IshanCaspian · · Score: 1

    but isn't a situation where RFID is as ubiquitous as apache one of the things we slashdotters truly fear and hate?

    Why would we want to contribute to such a project?

    --

    But there is another kind of evil that we must fear most... and that is the indifference of good men.
    1. Re:Um correct me if I'm wrong by Jahf · · Score: 3, Interesting

      2 reasons, both predicated on the idea that it will happen with or without us.

      1) If Open Source is a major player in the software for such things, we all have a better understanding of it.

      For instance, do you really trust proprietary software to say "yes, I fried your tag, you may leave in peace" and actually do it, or do you wonder if it said that, but really just threw a "be silent when this guy walks out the door" to the tracking station that goes off if you leave without paying?

      2) If Open Source is a major player, then the community has a much higher visibility for things like standards boards and oversight commities.

      If GNU, Apache, Linux, etc and the very vocal proponents of such did not exist, I strongly doubt you'd see geeks and unix beards sitting at as many of the various levels of these things as you do now. It would be back to the backroom anticompetitive negotiations.

      So do we just cave and accept RFID (or monopolistic software) wherever and whenever and however it creeps in? No, we continue to be active. But the world is grey. Good and Bad happens. Better than we are involved both ways than to give an inch.

      --
      It is more productive to voice thoughtful opinions (reply) than to judge (moderate) others.
    2. Re:Um correct me if I'm wrong by Anonymous Coward · · Score: 0

      ..one of the things we slashdotters truly fear and hate? Why would we want to contribute to such a project?

      because some of us are capable of independent thought.

    3. Re:Um correct me if I'm wrong by Anonymous Coward · · Score: 0

      Coming soon: an open-source project dedicated to developing a trojan horse that scans the user's hard drive for pirated songs and movies and transmits this information directly to the RIAA and MPAA!

    4. Re:Um correct me if I'm wrong by Anonymous Coward · · Score: 0

      ....because it's part of the
      Open Source (tm) Repression v1.0
      suite of software tools for tyrants
      to use to suppress the masses ...

      "Oh, now we see the violence inherent in the system!"

      --Dennis, in "Monty Python and the Holy Grail"

    5. Re:Um correct me if I'm wrong by Rick+the+Red · · Score: 2, Interesting
      do you really trust proprietary software to say "yes, I fried your tag, you may leave in peace" and actually do it, or do you wonder if it said that, but really just threw a "be silent when this guy walks out the door" to the tracking station that goes off if you leave without paying?
      Actually, the latter is exactly how it's going to work. We've had posts to earlier stories with links to experts claiming their RFID chips cannot be "fried."

      RFID is simply a radio readable (proximity, contactless) serial number. When you buy that item at Wallwart the scanner at the cash register just identifies the item. The central computer then tells the cash register how much to charge, and when the cash register says it's been paid for the computer then tells the inventory control system to remove it from the inventory. When you get to the door, the RFID scanner will tell the computer everything you've got -- including the underwear you bought there six months ago, the shoes you got from LL Bean, and the pack of gum in your pocket from the 7-11 down the block -- and the computer will check it all against inventory to see if you're stealing anything.

      They pointedly do NOT want to fry the RFID because they need it for returns, to verify that you really bought it and what to pay you. They can tell not only what store sold it and when it was sold but also who bought it, how they paid for it, and what they paid. So if you bought it on sale you won't get a full refund; if you bought it with a credit card you won't get a cash refund; if you didn't buy it you get to explain yourself to the police. How they plan to handle gift returns I don't know. But I do know they have no plans to "fry" the RFID chips, and some RFID chips claim to be "un-friable."

      Since all the code that does the grunt work is totally separate from reading the RFID, I don't understand how making any of this "Open" is going to do anything except potentially lower Wallwart's costs.

      If you really want to fight RFID tags, start a rumor that they're radioactive and cause cancer.

      --
      If all this should have a reason, we would be the last to know.
    6. Re:Um correct me if I'm wrong by Jahf · · Score: 1

      Yeah, because that worked so good for combatting televisions and cellphones :)

      --
      It is more productive to voice thoughtful opinions (reply) than to judge (moderate) others.
  3. Same technology as proximity cards... by stienman · · Score: 4, Insightful

    RFID is ther same technology as proximity cards used to access many buildings.

    And here - also cached at - is a proximity/rfid copier and spoofer. It can read cards passively (while another reader interrogates them) or actively, and can later pretend it's the card when interrogated.

    Of course, this can be defeated by a challenge/response system, which is available, but lower costs will probably dictate the cheaper ID only rfid.

    I've known it can be done, and have had a desire to do it, but this guy already did. Now if this becomes common enough then the manufacturers will be forced to use more secure RFID mechanisms.

    -Adam

    1. Re:Same technology as proximity cards... by swillden · · Score: 2, Informative

      RFID is the same technology as proximity cards used to access many buildings.

      Not really, because there isn't one technology used for these things, except at the most abstract level of "small devices that use radio to communicate".

      Some prox cards have no intelligence at all. They're essentially just a coil with a "tuned" resistor. When you hit them with a signal, they reflect that back, somewhat shifted due to the presence of the resistor in the circuit. Other prox cards are more sophisticated and more similar to RFIDs (of which there are also several types, see below). Others are more sophisticated yet and fall into a category more accurately described as contactles smart cards, which have full-blown microprocessors (4, 8, 16 or even 32-bit) with some RAM, some EEPROM or FLASH, a bunch of ROM and even a tiny operating system.

      RFIDs come in various types also, based on capability, range and security features. Most are simple read-only devices that do nothing other than respond with their ID number. Others are read-write, but with varying amounts of storage and varying levels of security against unauthorized writing. Different tags use different radio frequencies, which impacts their range and usability in various environments.

      And that's just passive devices. There is also a large field of active devices, tags that have their own power supply, rather than being powered by the field generated by a reader. The EZ-Pass devices used for automated toll collection on toll roads are a widely-recognized example. Active tags also come in a wide variety of capabilities, from simple "beacon" tags that just periodically transmit a signal (possibly with timing data, to permit location), to devices that are essentially a small, solid state PC in a different form factor. Some even have integrated cellular telephones and GPS receivers so they can identify their current location even without any kind of tag sensor in range (unless you consider a cell tower a "tag sensor").

      RFID is more of a general concept than a specific technology.

      --
      Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
    2. Re:Same technology as proximity cards... by stienman · · Score: 2, Informative

      You seem to have placed heavy focus on my mis-statement, where I should have written,"Many prox card systems are simple RFID." and then pointed out that a huge variety of generic RFID read only or read/write systems could be read and spoofed by this simple system.

      RFID is not just a general concept, but a relatively narrow field of wireless communications. I would take issue with your claim that a cell phone and GPS unit could be considered RFID, though I'm sure many companies will purposefully mis state that something is RFID when it is not, such as your example.

      RFID does come in many 'flavors' and capabilities as you have otherwise well summarized.

      Regardless of the definiton of RFID, my primary point was that most cheap tags are read only or read write with no intelligence, and that they can easily be copied and spoofed. My hope is that manufacturers will not choose cheap where security should be used. If they use better challenge response tags then they will become cheap and there won't be a reason or need to use the easily spoofed tags.

      -Adam

  4. Please Explain by bay43270 · · Score: 1

    Other than the hardware invloved (readers and the tags themselves), I was under the impression that RFIDs were just like bar codes. Don't they just store a serial number and require a more advanced system to look up any data involved? If so, what would this middleware do?

    1. Re:Please Explain by Anonymous Coward · · Score: 2, Informative

      Not necessarily... Some rfid tags do only store a serial number, but there also exist tags that store data on them... for that matter, most 2d barcodes store a lot more on them than just a number. For instance, there is this tool that slashdot mentioned earlier that'll let you keep track of what's recorded on the barcode you have on the back of your drivers license...Barcodes are used a lot more places than just on the upc, and they often store a lot more information...

      Anyhow, back to what this software does (and forgive me, I'm familiar with some RFID stuff, but not the EPCGlobal standards work)...more than likely the enterprise system that's keeping track of your inventory doesn't have the faintest idea how to ask a reader for information about tags or how to read the information that comes out. Nor is the information you get back going to be exactly set up to be dumped directly into your database. That' s what this is supposed to do (?).

      Feel fee to correct me if I"m wrong...

    2. Re:Please Explain by stoborrobots · · Score: 1

      Some have entire programs: check out http://www.offshore.com.ai/arms-trafficker/rsa2d.h tml

      more interesting factoids at http://www.adams1.com/pub/russadam/stack.html

      --
      "Go to CNN [for a] spell-checked, fact-checked summary" -- CmdrTaco
  5. Apache anf RFID? by Chasuk · · Score: 0, Offtopic

    Could an open source project like this bring rapid deployment of RFID like Apache did to the net?

    Apache brought the rapid deployment of RFID to the net?

    Really? This must be a development I missed...

    --
    Neopets - the best free game on the Int
  6. hold your horses by Glog · · Score: 1

    You are making one huge assumption here - that the blind masses don't mind your "enthusiastic" deployment of RFID. Long live the Big Brother spirit! The people and companies who have a vested interest in deploying RFID *will* do it sooner or later. But why help them make money? Unless YOU are the one who wants to benefit from the *open-source* efforts of others.

  7. Smart use of open-source by MobyDisk · · Score: 1
    Re:Um correct me if I'm wrong (Score:0)
    by Anonymous Coward on Tue Aug 03, '04 03:05 PM (#9870771)
    Coming soon: an open-source project dedicated to developing a trojan horse that scans the user's hard drive for pirated songs and movies and transmits this information directly to the RIAA and MPAA!

    I would like to address this measly coward's point, since I think this thought process comes up often. We should not object to an open-source project that scans for pirated software. Nor should we object to an open-source missile-control program, or an open-source minority-beating police simulator. Or any other improper or politically incorrect software. It is all in how you use it.

    The problem isn't the software, it is how it is used. Let's call this proposed open-source project "PirateScan 2000!" Would you object if the RIAA went to court, proved probably cause, and got a warrant to run PirateSCan 2000 on someone's PC to determine if they were pirating? I would not object to that any more than I would object to the authorities bringing a bomb-sniffing dog into my house given a warrant and appropriate evidence. We don't blame the dog for the privacy violation. And we don't blame the software either. Heck! I would be LOTS happier if they used an open-source application, so that I can be sure it doesn't install a monitor, or delete files, or misreport the results.

    But the fearmongers would have us deny the government appropriate tools - so they can never use them, only mis-use them. This is counter-productive. But addressing the issues openly, and showing them that open-source isn't about piracy, it is about keeping things cleanly on the up-and-up, we might make some headway against the FUD campaigns.

    BTW - Anyone who thinks the "how you use it" argument isn't any good should also be arguing that disclosing security holes is bad. Because those eeevil pirates could use it! And guns are bad! And knives! Especially open-source knives! And open-source guns that fire knives!

    Stop blaming the tools. Stop the laws that let government misuse them.

    (Booyah!)
  8. This would be really neat... by Ayanami+Rei · · Score: 2, Informative

    except that RadioActive seems to be mostly dead, and all the links to the involved standards are broken.

    Not a good start!

    Frankly there isn't very much to an RFID system. You have your reader, which is just some XYZ device with a serial interface (or USB-serial interface) that spits out data like a barcode reader. You don't have to think about things like modulation schemes or frequency unless you're building your own reader, otherwise you're buying a kit with reader and tags.

    So then you just have to map those serial numbers into an index in a SQL table, and uh, go from there...
    SQL, application servers, USB-serial device drivers, all that's done already.

    Maybe what they're saying is there isn't any good open-source inventory/point-of-sale packages that sit on top of an inventory database for the user (besides some kind of thrown-together PHP deal and web interface), or that are used to feed is present at location/is not present into said database in real time.

    --
    THIS THING CAN TURN ON A DIME, MACROSSZERO STYLE ALSO FUCK BETA, ~NYORON
    1. Re:This would be really neat... by RadioActiveHq · · Score: 1

      Thats not true at all, RadioActive is very much alive. Please check the links again, EPC has recently taken them down and i have placed them on the website. RFID middleware, or what used to be called a "Savant" is far from an easy database system. It has to deal with sychronization, data cleansing and scheduling.