Slashdot Mirror
RFID Drivers' Licenses Debated
meganthom writes "How would you feel about having an RFID chip in your driver's license? Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there. Civil rights advocates are obviously unhappy with this turn of events, and it seems the ACLU has already taken the case. Proponents claim it would help law enforcement determine that you are who you claim to be and would make forgeries less common. The Federal government is also considering uniform 'smart card' standards."
How soon until you can buy a pocket ID sniffer/cloner? Or the plans become available on the latest 'warez' site? Great. Just by walking down the street 20 people can steal my identity...
I don't particularily like the Big Brother idea, but I have no qualms about this. You carry your licence so that people know who you are, and this would just provide a better way to verify that information. It would also be a nice way to lower the costs of corporate identification systems. I have a few workstations I manage for students to use at my college in the Physics office. I had gotten some old card readers and just set people's passwords to the raw string of text that their driver's licence would read out. It worked really well to keep them secure and the make it easy for people to log in, and if RFID tags were in our driver's licences it would make keyless entry systems and RFID based computer security systems a lot less expensive to get started with if there was enough secure information on the RFID tag.
Of course there are problems with the fact of how much data would be on there. Could I walk past a pillar in a mall that would read my address and phone number off my licence and sign me up to receive unsolicited calls and mailings? Also, would the data be secure enough if it were to be implemented in a security system? If these concerns were taken care of (well, the security system one less so, probably actually not that feasible, that's just the old hobbiest ticking inside me), then I wouldn't have a problem at all with a more secure and harder to forge driver's licence.
A pickpocket's dream come true! You can steal from a passerby without laying a hand on them.
Can you imagine how quickly wallet manufacturers would come out with new wallets that either sandwich your drivers license between two pieces of metal (aluminum foil I guess) or shield the entire wallet? I don't usually get too excited about privacy issues because I don't believe we have any these days. But, it is way too easy to imagine thieves walking around with readers and harvesting drivers licenses numbers and info in crowds. A drivers license often has all you need to get a credit card, especially if your state uses your social security number as your drivers license number (do any states do that anymore?).
http://www.busyweather.com/
www.infowars.com
It's all there
Will now be a New and Improved Canadian.
*sigh*
Anybody got some tin foil?
The House Between - Original Sci-Fi Series
How would you feel about having an RFID chip in your driver's license?
Yeah we all know how secure those RFID chips are, smart-card or not. I mean, no one would *ever* tamper with them, would they? A magic marker and a bic pen, and the thing is sputtering profanities at whoever accesses it! Better... I can see the expression on the officer's face now when he pings mine and sees I have installed Linux on it.
The dangers of knowledge trigger emotional distress in human beings.
Does that mean I will have to leave my driver's licence at home before robbing a bank ?
I doubt an RFID in a drivers licence is any kind of deterrent when you're prepared to hijack a plane and kill yourself and everyone else in it by crashing it into a building.
I think that RFID for some reason just always triggers a negative response from the
You'd think that the possibility for walk by ID theft would stop them from considering this. Either way, RFID tags aren't exactly difficult to counterfiet, and they do nothing more than take another step towards massive civilan survelience.
FUD time...
Proponents claim it would help law enforcement determine that you are who you claim to be and would make forgeries less common.
Yeah? It would make it easier for me to know who you are too. One enterprising geek on the subway could snag everyone's identities. You thought cell phone cloning was a problem? Hoo buddy.
Joe Geek might not be able to forge an ID, but he doesn't have to in order to snag someone's identity.
Might want to tin-foil coat that wallet...
Another non-starter. If you havn't done anything wrong, you don't have anything to worry about. Only criminals and terrorists should worry about this.
Nothing to see here, hippies; move along.
Virginia government officials need to keep reading this until they get it:
THE 9/11 HIJACKERS HAD VALID DRIVERS LICENSES.
THE 9/11 HIJACKERS HAD VALID DRIVERS LICENSES.
THE 9/11 HIJACKERS HAD VALID DRIVERS LICENSES.
THE 9/11 HIJACKERS HAD VALID DRIVERS LICENSES.
Stop using the hijackings to justify your pet police state!
yeah all this may be great, but who is to say if the police pull you over and they scan it, well it is a computer and it is always right. so when people clone this could it be more "trusted"
I mean they are already proposing chips so you can breeze through airport checkin, but how long before that is cloned and people buzzword("terrorists") can breeze on through...
trusting technology to solve all problems is a problem
Or at least I wouldn't feel any worse than being required to carry around picture ID in the first place.
For this, privacy invasion, it will work just fine. And not only the FBI. Very quickly you'll have devices on the market that will let you read these tags just as easily. Now a mugger can scan identities as he goes down the street and zero in on someone known to be wealthy.
Besides the obvious privacy issues, how does this help? If you apply for a driver's license, and get one (as many of the 9/11 guys did), it means you beat the system. You got an official ID even if you weren't supposed to. They did it. And now they want to add an RFID tag to that license? OK, so now that they have (incorrectly) identified you as someone who is supposed to have a license, and put down whatever name you wanted them to put down, they now add an RFID tag to the mix so that the FBI officer can read it and say, "Yup, that's so-and-so" even if you aren't.
I can see working harder to prevent ID fraud in the first place, but once you have a license, how does tacking an RFID tag onto it improve things? I see it as a surveillance tool, not an ID-theft preventative service. Am I missing something here?
I would not personally prefer this idea..
"RFID tags are computer chips attached to tiny antennae that are capable of broadcasting their data wirelessly to anyone with a RFID reader."
soon there'll be laptop cards and people walking around stealing others' identities with their PDA's..
this is a new type of War as opposed to war[dialing/driving]
wow.. what a great concept
Is there some simple (metal?) case that you could slip your RFID-equipped license into that would block snoopers from scanning you until you deliberately removed the license from the case?
Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there
And as far as I heard, the 9/11 hijackers had legit ID. So how does this change anything?
I see almost no issue in including RFID tags in this instance - you carry the thing to show who you are, and that you're allowed to drive this car.
The only issue I see is the potential for snooping, and I'm not sure why that's really a big risk.
I do take issue with the 9/11 thing being dragged in - why is it that you lot are letting the government push through all this crap? None of it has any bearing on 9/11! The hijackers were already in the country, had valid visas etc. etc. What the hell do drivers licenses have to do with it?
fortune -o
This is a bit paranoid. In Va. (Where I live) the license does not display my SSN. It also has holographic elements, and barcodes on the back. People under 21 have their picture taken using a side view. If I want to use it a proof of identity, it adds legitimacy. The RFID only needs to confirm the name and drivers license number. You have to write the license number on checks when presenting them. It's hardly a state secret.
It seems like the rfid would be kind of useless and just open up more possibilities of abuse, considering the possibility of people copying the data and using it for various purposes (what data do they need to store anyway, besides a DL number to look you up in the system?). What's wrong with the current trend of just having a nice little 2d barcode on your license that can be scanned ? I don't see where rfid would be any better than this.
Also, what happens when you microwave the card for a couple of seconds...do you get arrested b/c your id is broken ?
All these efforts to craft technical defenses to terrorism will only go so far (if anywhere) in preventing terrorists from operating.
Smart, determined terrorists will always be able to assume the identities (and obtain the documentation) they need to operate. They may need more time to infiltrate, but that's about it. There's just too many overworked DMV workers out there for an unremarkable, prepared person to socially engineer a driver's license (or whatever) out of.
So, if you make falsification harder, you'll just encourage social engineering in its stead; something (IMHO) that we're still very vulnerable to and also much harder to effectively combat.
I'm not saying such a step is useless, just that I question the return for the investment and the hassle it confers on everyone who's NOT a terrorist.
(Not that I have any fantastic alternatives to offer right now - after all, if the problem was easy to solve, *someone* would have done so by now)
Xentax
You shouldn't verb words.
Just the other day I went to Beverages and More to buy some booze. The cashier asked me for ID, so I showed him my license inside the clear plastic flap of my wallet. He asked me to take it out, so I did so and handed it to him, not realizing what he was about to do... He swiped it through a mag strip reader! I have no idea what's on the strip, but now BevMo's computers have that information. If my street address is in there, it's probably going to be used to spam me with junk mail. But who knows how slimy they are? They might sell that information to life and health insurance underwriters, or worse. The possibilities are endless.
Anyway, I promptly ran my license through a degausser after that incident. If they start embedding RFID tags, I guess I'll have to take similar measures.
Loading...
200,000 volt stun gun will tune that puppy up.
I took my current DL and bulk erased the mag stripe, then threw it on the concrete and stood on it and twisted my foot, grinding the barcode up so that it is no longer machine readable.
Visually, my DL still functions, it shows my ID correctly, it just can't be read by a machine.
If they want to check it against some DB, they have to call it in the old fashioned way.
"Sir, your DL is damaged, you need to have it replaced" "Gee, imagine that, I guess I better do something about that huh?" and that's that.
Resistance is NOT futile.
Time to start making aluminum foil wallets.
You could still just borrow somebody else's driver's license! No, the only way to make this truly effective is to embed the RFID chip within our own bodies, so that it cannot be removed. For instance, implant it in everybody's forehead at birth... hmm, that sounds strangely familiar!
"Freedom means freedom for everybody" -- Dick Cheney
too simple to post here.
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
More direct attacks on privacy and tracking all Americans, in the name of 9/11, with something that would have had absolutely no effect on preventing the 9/11 attack at all.
Perhaps a better idea would be to not give terrorists drivers licenses at all, or maybe not to give illegal alliens drivers licenses at all. Instead many states (including mine) have gone out of their way to make it easy for known illegal alliens to obtain drivers licenses! But somehow at the same time this is being used to justify making people cary one more thing that will make it extremely easy to track them.
Kind of makes you think that all those crackpots who question how and why World Trade Center Building 7 collapsed when it wasn't even hit by planes, the only skyscraper to ever collapse from such a fire before or since, might be on to something.
I'm an American. I love this country and the freedoms that we used to have.
If it's active, such as an ignition interlock that prevents your car from powering up unless the RFID reader embedded in the seat detects a licensed driver, we've got a problem -- but that's not what's being proposed.
Passive RFID drivers' licenses cannot be used to track citizens' whereabouts 24/7 unless the government is willing to spend trillions to bury several gigawatts' worth of transmitters into every road in the State.
Why is it that every increase in ease of personal identification is justified by the 9/11 crew? They obtained them legally, right? What will this prevent?
Ryan
How, EXACTLY, would the 9-11 attackers been stopped if they had been issued RFID drivers licenses? There is no sane connection. I can't think of any easier examples to prove that government and businesses are taking advantage of the 9-11 fear to lock us down. PATRIOT acts, car transponders, GPSed cell phones, RFID armbands, implants, RFIDed ID cards, biometrics... NONE OF THESE THINGS would have stopped those men from crashing those planes into the towers. But that attack is used to justify every possible wet dream of a police state.
Now, onto Project TinFoilHat. If issued such a card, I will build a Faraday cage into a belt pouch, and there their assine tracking device can sit until a POLICEMAN asks to see it. I know damned well they can build RFID detectors that can work at great distances; I will not cooperate and being tracked on a giant Ms. Pac Man screen by whomever can afford the equipment.
As for those of you who don't care about this, you are good Germans. What else can I say.
As it stands, I can walk into my local supermarket, purchase any number of items(using cash), and walk out. No one ever need know who I am. RFID Identity scanning would allow any number of people to know not only WHO I am, but WHERE I've been. That is the significant risk in allowing technology like this in place without proper security measures, both for the government, and for my personal protection. Iron out the security, make me feel safe, and I'll think about sticking an RFID tag in my wallet.
BUT, the licenses that the hijackers had were LEGAL licenses (i.e. they went through the process of getting a license and were granted one). The problem isn't the fact that the license itself is not secure, but the PROCESS which grants the license is NOT SECURE. FIX THE PROBLEM NOT A SYMPTOM.
That is just my 2 cents.
We were all warned a long time ago that MS products sucked, remember the Magic 8 Ball said, "Outlook not so good"
Technology will be more and more pervasive in the governments "accreditation" programs. Passports and DL are just the start - wait until DNA profiling is portable. It's up to the citizens to hold the government accountable for their use of this information. After Canada's purchase of the British (crap) subs - now I really think we have to hold these people responsible. It has to be an open system. Open source!
The quick brown fox jumped over the lazy dogs back 123456789
I think that RFID for some reason just always triggers a negative response from the /. hivemind, whether merited or not.>/I>
of course it's meritted. When you have a strip of information on your card it has to be swiped first, i.e. no-one can steal my information simply by brushing against me in the street.
"goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
All that they would store on the card would be some sort of unique ID which could query your information from a secure DMV database
So if someone were to sniff my RFID driver's license and find out that I'm "00983a02f0724e902c83b704"....big deal, it's not like they can create fake ID without access to the secure database on which all the data would be stored.
In my opinion, unless Diebold is bidding on this contract, there doesn't really seem to be that much of a risk to you and me.
When photo's, bar codes, and signature lines failed to stop them? It's just another thing to be forged or dependent on the accuracy of a verification process performed by a bureaucracy that is hardly near the top of anyone's efficiency list. Government's idea of homeland security is spending more taxpayer money no matter the effectiveness.
This reminds me of a kind of awful movie I saw late at night in a hotel room. The movie, which I think was called X Change, had that blond-haired Baldwin brother in it, and he had this special card that he had to keep in a little pouch or else this tiny little robot airplane would find him and blow him up. He needed the card for ID purposes, so he couldn't ditch it, but every moment he had it out the people who were after him would get one step closer. So the little black pouch was a tinfoil hat for his ID card. As far as RFID driver licenses, I think it's an awful idea. It doesn't even sound good on paper to me, and in reality I think it's going to be a disaster. The fact is that the government people aren't as up on the technology as the criminals are who are waiting in the wings to exploit it, as is often the case, and once people start suffering as a result, all RFID technology will be seen by the general public as questionable, and by the religious nuts as a sign of the End Times.
You are in error. No-one is screaming. Thank you for your cooperation.
You put RFID in licence plates and give it a good range, Police could automatically find stolen cars, ones who's registration is up, even potentially who's driving without insurance.
God spoke to me:
www.geocities.com/James_Sager_PA/love3
God spoke to me.
Went over like a lead ballon. Nobody want's to live in the sticks when they are geeks. The residental net is terrible and there isn't any good Sushi.
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
How would a hijacker with a vaild D/L, be less capable of terrorism than a hijacker with an RFID tag on/in their license? I have yet to see an RFID tag with stopping ability.
RFID is a bad idea simply becuase the communications channel between card and reader can be eavesdropped upon. Also given the right equipment information on the card can be disclosed w/o the holders consent or knowledge. It would be much better to use a card that requires physcial contact to transfer the information on the card.
US Federal officials announced today that, since some of the 911 hijackers were found to have used Route I-95 during their preparations for their terrorist attack, this highway would be permanently closed from 11am Tuesday to prevent its use in future atrocities.
Similarly, Oldsmobile saloons would also become proscribed items on the same date. Current owners of Oldsmobiles have until 15 October to hand them in to a Federal car pound.
On the other hand, the governemnt has a resonsibilty to develop ID systems so that it's citizenry can feel confident in both law enforcement/government agencies, and also with commercial transaction. RFID, however, is not the way to go about this.
Any technology that can even POSSIBLEY transfer data about the ID carrier without the carriers explicit permission is a terrible idea, and probably unconstitutional(sp?). I more reasonable solution would be some for of "SmartChip" like they use in Amex cards, military IDs, and cell phones. It can contain a good deal of data in an excrypted format (difficult to forge), but is only read when the card is placed in physical contact with the reading device, protecting the citizens privacy. Perhaps a PIN or biometric style decryption system could be used as well, so even if you read the card, you need to bearers interactive permission to read the data.
I would argue, in fact, that something like this could be better than a regular ID card. The printed material on the card could be limited to a picture, name, and signiture, allowing people to positively idetify that they are who they say they are, via signiture and picture. The rest of the data (address, citizenship, whatever else is going to be on there) could be viewable only via a reader, so it's not exposed to prying eyes as easily. Combined with the PIN/biometric idea above, you could even limit it by data type... writing a check? Show the ID, picture, name and signature all match on the check, you're good to go. Opening a checking account? Put yout card in the reader, and enter a PIN. That autorizes the reading agent to get some mroe info, such as address, SSN, DOB, etc. Trying to get a HAZMAT endorsement or a pilots license? Insert card and put left index finger on the reader, authorizing the other party more disclosure, up to whatever levels end up on the card.
The point of this while diatride is that a good ID system for both citizens and the government is one that is difficult to forge AND requires active authorization of of the bearer to view the data.
Isn't it pretty easy to fry an RFID chip?
"What, the chip on my license doesn't work? I wonder how that happenned..."
If you had super powers, would you use them for good, or for awesome?
I've always thought a national ID would be a good thing. We have drivers licenses issued by states. Why not centralize it? Changing residence and drivers license would be a matter of filling out a form at a kiosk and swipping your card to re-localize it. Actually, we should have that now anyway. Why does some slow wit have to process my paperwork?
We don't really have the technology and infrastructure set up for a national ID (I can't imagine the goverment is ready to handle every citizen right now like this) but in the future I can't see why not.
As for the RFID part. Why not? The only bad part is the illusion of safety and the fear of public access to the signal.
Safety:
Cops begin relying on a valid RFID to ID someone. counterfeiting becomes easier when the code is cracked.
I don't see it as a problem. We have fake IDs now that are pretty good and with a secure method of generating the IDs and training cops, counterfeiting would probably be LESS of an issue. Of course this relies on secure RFID and in the end isn't any more of an issue than current fakes.
Public access:
Yeah, walking along the street with a scanner in the area to steal your tag is a fear. So issue sleeves for the cards that block the signal. That way it's only accessible when the card is taken out.
I fail to see the real privacy issues here. We already have state IDs so RFID isn't an invasion of simply being a way to ID you. If a cop can ask for your RFID-less ID, why does the RFID ID pose a problem? Public identification via scanning is kin to the fear that walking around with your license stuck to your back with tape is fearful. You don't do that because you keep your ID secure. Keep the RFID secure by blocking it in public or with some other system that doesn't activate the signal unless requested by an authorized system.
It all comes down to the issue of whether we're at the point were RFID can be secure. I honestly don't know enough about how this works to say for sure, but I'd bet that in order for this to be put into action there will be methods to secure it.
-- i am jack's amusing sig file
In Virginia, where several of the 9/11 hijackers obtained driver's licenses, state legislators Wednesday will hear testimony about how radio frequency identification, or RFID, tags may prevent identity fraud and help thwart terrorists using falsified documents to move about the country. /sarcasm Improve security through the technological breakthrough of RFID tags! That's right folks! Prevent terrorism today by adopting this fantastic technology! Pay no attention to the man behind the curtain!
It doesn't really spell out in the article why RFID tags would improve security. In fact, it only mentions ease of use "The RFID tags would make the licenses a "contact-less" technology, verifying IDs more efficiently, and making lines at security checkpoints move quicker." The "security" comes from the biometric data imbedded in the card.
So, if I'm understanding this correctly, they'll increase security through biometrics, but then make it easier to use with RFID. And thanks to RFID, the card itself will become less secure because now I don't have to physically touch the card that I'm stealing from.
This is such a sham. Who is coming up with these half-assed ideas and passing them along to legislators?
"Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there. "
I'm having trouble making the connection between putting an RFID tag in an ID card, and how this STOPS TERRORISTS FROM GETTING THE CARDS IN THE FIRST PLACE....
---------------------------
What would having an RFID tag in your license accomplish? At that form factor, it's too small to generate enough signal strength to be picked up by anything not in very close proximity, so its use as a tracking method is negated. Even if some kind of network could be set up, if you're going to go hijack a plane- you could leave the damn thing at home that day or throw it in the garbage somewhere along the way.
Using it for a unique identifier or for authentication (at airport entrances? truck rentals?) could be done just as easily with a smart card and you don't get the paranoia overhead associated with RFID. There are a thousand better things you could do with RFID than this, I think it is impractical for such an application.
R(k)
Another thing to do would be to make a reader-detector, to see who is trying to scan your cards surreptitiously. That would be a great way to embarass people and businesses trying to play Big Brother, and you might even be able to get such snooping prohibited by law.
Sustainability and energy independence essay
1: Anything that makes a license harder to counterfeit is a good thing. Unless, that is, you are an illegal alien seeking identification, an underage kid who feels he (or she) has some Constitutional right to do whatever you d@mn well please, including underage drinking, or currently in the business of providing counterfeit documents to the above.
2: These things are not exactly long-range transmitters. Three feet would be pretty good for a lot of the ones I've seen. So the federal government doesn't have some satellite in LEO tracking you as you race across the desert from one dirty deal to the next. Your self-powered cell phone tells more about your location than that.
3: Everyone who really cares about his or her privacy is simply going to wrap theirs in aluminum foil when they're not using it for its identification purpose anyway. (Will aluminum foil soon be against the DMCA as foiling a technological protection measure? Right up there next to the Shift Key?)
So get over it. There's just nothing here to get excited over, unless you are a criminal to start with. And if you are a criminal, or potential future criminal, I really don't care about protecting your privacy anyway!
Just remember this: Aluminum Foil -- it's not just for hats anymore.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
This would be going way too far. If the Government is suppose to be of the People, let the People decide. Let them vote, state by state. Require a 60% supermajority for it to pass. If by some far off chance that 3 out of 5 people in a given state vote yes, include RFID chips in the licenses, fine, go away.
Think about this scenario. You go to a protest, where a bunch of undercover cops sweep the crowd with RFID readers. You're now on a police watch list as a potential troublemaker.
Or, you're not involved at all, and you happen to walk by the protest. You're still on the list.
It's good to use your head, but not as a battering ram.
Exactly how does adding a RFID chip make this any better? Since the hijackers didn't do anything prior to the hijacking to raise an alarm how would it have helped to have this kind of techonology in place?
OK, so maybe you're against this.
But why is it that no one ever questions the need to get the government's permission (a license) to do something as ordinary as drive your own car?
What is the purpose of these licenses? Do they ensure there are no bad drivers? Do they convey the physical (or mental) ability to drive? Do they reserve the roads to a select group of individuals? Exactly what purpose do these licenses serve in a free society?
In a command-and-control society, they make perfect sense. Control the roads, control the movement of goods, services, and people, and using that control, rule your subjects.
But I was told this was a free society. So what's the deal?
Screw the driver's licences. Let's just embed a chip in everyone's neck (arm, wherever) at birth. As you grow up and obtain new rights/licences, the government can update your status in the central database. So when you turn 18, your "Voter" flag can be activated. Pass your driving test, your "Driver" flag goes active. Talk too much at the movies, your "BannedFromMcCinema" flag comes on.
Sure, the government and private companies can track your every move. But isn't that a small price to pay so that no one can forge a driver's license?
Fight the power people! And KNOW YOUR RIGHTS!
Peace
P utting
A mericans
T hrough
R idiculously
I nvasive
O bscene
T orture
Sure, put a chip in it to prevent forgeries, yadda yadda yadda....
But I'll protest to high heaven if anyone can read it or even detect it while it's still in my back pocket!
The threats to privacy by both "authorized" sniffers and bootleg sniffers is JUST TOO HIGH.
If this thing passes, I'll buy an EMF-blocking wallet.
Or better yet, "accidently" walk past an EMF field that's of the right strength/frequency to fry the chip, much like large magnetic fields disable the magstripes.
Yes, Tin Foil ;)
Werent the 9/11 hijackers in this country legally, and with the proper 'papers'?
So how would this new tracking of citizens help this?
I'm sure the corner drug store wont have them, so how will they know its a fake id...
It only works if you stop everyone on the street randomly with no provacation.. And last i heard thats not legal..
its just a ruse for more surveillance of honest citizens...
---- Booth was a patriot ----
I applaud the general concern for the right to privacy.
However, there is a simple solution to the RFID in a driver's license problem. An X-acto knife. A little hacking with some licenses and a reader, even if that reader cannot decrypt the information, would be sufficient to destroy the information and/or antenna characteristics and prevent RFID use. As a bonus, you still have the license, and it still identifies you, so there's essentially no chance of being arrested for failing to identify yourself.
Until RFID ID is tied into something that I wish to do (airline travel) or must do (a must-carry RFID law? possible, but not nearly as easy to legislate as an essentially executive decision to provide a new type of license), it is disposable.
Not to restate the blindingly obvious, but this wouldn't stop a conspirator from getting a license and giving it to somebody who might be on a list.
Peace
People will slap that thing in a microwave for 2 seconds, and cure that little fucking issue right off the bat. If they made the license "invalid" if the RFID wasn't intact, that shit would go right into court. Someone could fry their RFID with a faulty cellphone or a leaky microwave at work. There would be thousands of people having to PAY to get a new licence.
ohhhhhhhh...
Cali doesn't impress me. I don't want to make it too easy for them. Same with barcodes on the back, a little bit of black pen action and you just ruined somebody's day.
As to the merit of the RFID tags being bad, there isn't anything about it that's good for the person who's carrying it. If you need to show ID, show it. If they pick it up from the air then that is unreasonable search. Most of the slashdotters are in the US, but I recall Police elsewhere can't just randomly go thru people pockets either. And if the little maggot gets reelected I will be moving to Canada like someone in another thread suggested. And not just because of this sort of foolishness.
Sorry about the writing. Robot fingers, you know? Cliff Steele in DOOM PATROL #23
"Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there."
And how will RFID chip prevent hijackers from getting a driver's license? The problem is not the lack of RFID chip in the current license but the faulty procedures used to issue the license.
Sounds just like an excuse to start building the Big Brother state.
Isn't the first thing the Gestapo always said was "show us your papers"?
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
Difference between magstripe and RFID readers. The magstripe reader needs the card in the reader for it to work. The RFID reader needs to be close to the card (ie: in your wallet as you're walking by.). Completely different. I sure as hell don't want want somebody to be able to read my driver's license as I'm walking by.
No, putting it in a passport would be a different story. The reason: people don't generally walk around with their passports. A driver's license is necessary in everyday use; I always have my driver's license on me, as do you. That's a major security risk if anybody with an RFID reader can read my license.
I never thought it would be possible, but now I'm even more glad that I'm carfree by choice.
While I don't live in Virginia, this wouldn't affect me even if I did drive, but mark my words: this will very quickly spread to the other 49 states. As soon as this passes, you're going to see the federal gov't threaten to withold highway funding from states until they adopt it...
I support the Center for Consumer Freedom
According to numerous polls the majority of the population in the US is against RFIDs to begin with. RFIDs have an inherent and horrifying potential of abuse and this if probably the worst scenario you can imagine. If our government is actually oppressive towards the democratic opinion it would be acting more like a totalitarian government and not like a democratic one. I hope we will not loose any more civil liberties than we have lost already under the current administration.
You know almost all of the 9/11 terrorist had valid state issued ID? Why would adding a RFID tag help stop terrorists? The can still go up and apply for a valid id just like everyone else.
When we had mag stripes on the DLs here in VA I read the tracks and then erased it. Now we have barcodes on the DLs and I have filled in a couple of blanks spots on the barcodes. When we get RFIDs I'll disable those too.
"I guess my ass broke it"
I wonder if the inclusion of a driver's photograph on a license generated this much "panic". Was the very idea of putting a person's picture, address and data of birth on the same state-issue card interpreted as a trampling of civil liberties? Using a smart card as a driver's license and including things like driving, citizenship or criminal record on the card would make sense for law enforcement, provided some effort was made to hinder access. Getting this information for anybody is a trivial matter in the US. If every attempt to ensure some level of security is met with gnashing of teeth by the ACLU/EFF/et al these organizations are going to be completely ignored by policy makers (more than they already are)
RFID in drivers licenses means that the license information can be read from a short distance away, say in a turnstile or any other narrow entrance. This would enable someone to determine everyone who attends events, night clubs, etc. Someone with an appropriate RFID receiver could walk through a crowd and record who is present.
While such a system would make life easier and safer for police, it would make anonymity a thing of the past. How long would it be before our current representatives, who are completely gung ho on helping business, would allow businesses to use the RFID to identify customers entering and leaving businesses? The businesses could use the information to run credit checks. Businesses could determine how much money you have to spend the moment you walk in the door.
I don't know about the rest of you, but I think the potential abuses of this technology far outweigh the benefits.
It is a shame that we in the U.S. have reacted to 9/11 the way we have. The world is a dangerous place and it makes sense to put reasonable security procedures in place, but no amount of protection will protect us 100%. There will always be a risk, especially in a free society. Personally, I accept that risk and embrace it. That risk is the price of freedom.
The terrorists that attacked us sought to destroy our way of life and make us afraid. They win each time we accept another limitation on our freedom in the name of security. Don't let them win.
-All that is gold does not glitter - Tolkien
www.ra
let's brand everybody while we're at it! i'm not talking about something small and hide-able. no, buddy. i mean something huge. preferably on the arms, face and back.
"what about people who wear masks or long sleeved shirts?" you ask? the only answer here is radioactive chemicals. they'll bind to your body, glowing (at first) and burning (after a bit) through clothing.
this way, everyone will be easily identifiable.
would be to use the RFID to store visa expiration dates as a part of the license.
Sounds to me like the ACLU is trying to defend obstructing law enforcement's unobfuscated access to information that can be useful in determining who has obtained lawful entry/residence into the country.
Game: Player 'Donald J Trump' now has AI skill level 'experimental'.
The idea of seeing who is snooping your data by listening for retching noises is entertaining.
Sustainability and energy independence essay
now the standard cop/citizen interaction will include waving an RF emitting gadget at my ass!
no way...i'll cut the chip out of my license if need be.
As I recall, the hijackers all had legitimate id in their own names. No fancy RFID chip is going to improve on that. Merely knowing who they are doesn't help a bit. Furthermore, if I were a known terrorist, I'd ask the government which was sponsoring and sheltering me to issue me a passport in some common name. Then when I got here, I could get a legitimate id in that name. The RFID would be great for that: everyone knows it's secure, so no one would doubt it.
See what I've been reading.
what makes you think that the people passing this law won't also make it illegal to purposely block or interfere with the signal?
It seems to me that the proper course of action would be to prevent this from becoming law in the first place.
Proponents claim it would help law enforcement determine that you are who you claim to be and would make forgeries less common.
Hogwash. I'm a cop (and a Libertarian, believe it or not) and an RFID chip would not make one, single bit of difference with regards to verifying that someone is who their ID says they are. All an RFID chip would do is verify that the signal given to the RFID reader matches what the reader expects. Given than any signal can be intercepted and copied, that doesn't tell me anything.
Plus, I don't think we need to get any further down this slippery slope of training new police officers to rely on technology! My rookies learn how to talk to people, how to interview people, and how to try and determine whether or not people are being truthful! Good interviewing skills are what find deception, not good technology.
Besides, do you know how many very worn, very damaged driver licenses I get? They're legal, they're vaild and I can still use them to check ID.
THIS law enforcement officer neither NEEDS nor SUPPORTS the use of RFID chips.
This would not have helped prevent 9/11, as the summary claims. All the hijackers had successfully obtained legal ID, and did not use forgeries. It's already significantly easier to forge the source documents (Birth certificate, SSN card) that will get you a license, anyway, so making licenses more complicated (hence expensive) to produce and verify will solve nothing.
He slowly drew out from the wallet a single and insanely exciting piece of plastic that was nestling amongst a bunch of receipts.
It wasn't insanely exciting to look at. It was rather dull in fact. It was smaller and a little thicker than a credit card and semi-transparent. If you held it up to the light you could see a lot of holographically encoded information and images buried pseudo-inches deep beneath its surface .
It was an Ident-i-Eeze, and was a very naughty and silly thing for Harl to have lying around in his wallet, though it was perfectly understandable. There were so many different ways in which you were required to provide absolute proof of your iden- tity these days that life could easily become extremely tiresome just from that factor alone, never mind the deeper existential problems of trying to function as a coherent consciousness in an epistemologically ambiguous physical universe. Just look at cash point machines, for instance. Queues of people standing around waiting to have their fingerprints read, their retinas scanned, bits of skin scraped from the nape of the neck and undergoing instant (or nearly instant - a good six or seven seconds in tedious reality) genetic analysis, then having to answer trick questions about members of their family they didn't even remember they had, and about their recorded preferences for tablecloth colours. And that was just to get a bit of spare cash for the weekend. If you were trying to raise a loan for a jetcar, sign a missile treaty or pay an entire restaurant bill things could get really trying.
Hence the Ident-i-Eeze. This encoded every single piece of information about you, your body and your life into one all- purpose machine-readable card that you could then carry around in your wallet, and therefore represented technology's greatest triumph to date over both itself and plain common sense.
Ford pocketed it.
Not every attempt to more effeciently and accurately exercise legitimate state functions, such as establishment of legal identity and documentation of qualification to drive, is inherently evil. Certainly reasoned public dicussion and consideration of such proposals is a great benefit of our society, and should be exercised to it's full degree. Sufficient safeguards and checks must be thought through and included by necessity. Having said that, it would be nice if the Sept 10 crowd would at least wake up a bit, perhaps read the 9/11 report, and accept their is legitmate motivation for some of these proposals.
I WANT ONE!
::Digitac
Ok, so I'm not pro-Big Brother or anything, and I like being anonymous most of the time, but on the other hand think of the uses for this.
You buy a car, code in the RFID tags of the drivers who you want to drive the car and leave the keys at home! It'd be like those smart keys on Prius and other cars. I know not everyone would like this, but I'd love to be able to get rid of my key chain and replace it with a (hopefully secure) RFID tag. Doors, cars, computers! As long as I have control over it and who/what uses it, I want one.
On the topic of copying the card, can't they be "finger printed"? I remember old analog cell phones used to get cloned a lot until the cell phone companies started looking at the variations of the signal that each phone put out. Apparently due to imperfections in the chips each phone would transmit just a little bit differently, off frequency or something. Couldn't something similar apply to RFID? I know they don't transmit per-say but maybe there is something there to use as a fingerprint.
"Putting a chip or biometric data on a driver's license doesn't change one iota the rules under which that information can be used,"
True, the rules stay the same, but all this will do is add another method of breaking these rules. Identity theives don't care about the rules. That's why they are considered criminals.
I'm sure it would be difficult to amass a database that will connect the RFID code to the persons' information, but it still poses a major problem.
Now, you attach 9/11 to it. No matter how disconnected. Fight it, and you clearly support terrorism.
How long until the first driver's license virus makes it to the wild. All it would take is one card infected with malicious code that would corrupt the reader software and make that reader pass it on to other cards. If RFID becomes the standard would something like this be able to be transmitted by the checkout counter at a grocery store? It could have the potential to become an epidemic, crippling the economic infrastructure of the nation. Or is this something impossible like a couple of planes being flown into two of the largest office buildings in the world.
I figure that the vast majority of people are law-abiding citizens. If you don't like the law of the land, work to change it. I have, quite literally, traveled around the round. We American citizens have more freedom than any other country, including all of Europe, and especially anywhere in Asis, near or far.
I remember, in the 60's, Nixon trying to weasel anyone who did not agree with him and his. The system (us citizens) took him down. The system works. If you work with it, in it, and keep improving it, it'll be something our children can live in, too. Worth a shot. (NOT that kinda shot.)
Couldn't you just toss it in the microwave oven for a while to deactivate the RFID?
https://gmail.google.com/gmail/a-b0ab39f1a8-517235 8b19-6f45f145ca [google.com]
https://gmail.google.com/gmail/a-b0ab39f1a8-13556c 0563-18969179a8 [google.com]
https://gmail.google.com/gmail/a-b0ab39f1a8-bc9b11 50e2-0bef3ba2a4 [google.com]
https://gmail.google.com/gmail/a-b0ab39f1a8-d6f302 cd83-e0644e7ef5 [google.com]
https://gmail.google.com/gmail/a-b0ab39f1a8-62e3c6 9d32-22621daaff [google.com]
https://gmail.google.com/gmail/a-b0ab39f1a8-6c3f07 c84e-b9e70ce4cd [google.com]
If a cop was on the corner outside your favorite establishment asking to see everyone's papers, how would you feel? They could put reader on a pole and it would do the same thing. You want to visit AA, your insurance company may know. You want to listen to Louis Farrakan, FBI knows. You visit 42nd street, the cops know. Now when you know something, but don't want to roll over on your brother. The cops know about your visits to 42nd and offer to tell your wife. If you are cleaner than a priest, OK great. If you take the long way home, do you want a trail?
We are already seeing viruses that target cell phones, whats to stop someone from using this to create mini viruses that target the police and or other scanners that will be looking at the ID? And if the card has any writting capability at all be prepared to get the virus yourself... I have to agree with masses here, this is a horrible idea. I frown on any kind of National ID system aswell. The better the system the easier it is to track us. Do you want every big company and the government to have access to your every habit, right or wrong? Do you want them to know where you shop when you shop there and how much you spend? How about the exact amounts of time that you spend at work? The privacy implications are staggering. Write your congressperson and/or local rep... Its all great to talk about but if you don't get out and do something its a worthless waste of time!
Free Google Secrets
would it be possible to spoof these and report a fake i.d. a la bugmenot? that way anyone randomly scanning you w/o your permission would get a rediculous i.d. like elvis presly or mother teresea, and anyone who legitimately needed your i.d. could get your actual i.d. when you handed them the true liscence.
...?
Cell phone already have manditory GPS systems in it now just put RFID recievers in them and wham. you can locate everyone in an area with a license with a phone call...
Virginia law requires that you either a) carry your driver's license or b) present it to either the officer, a magistrate or at court after the fact or c) pay $10.
The DMV will tell you you have to carry it with you while driving. As far as I can tell, they misstate the truth.
46.2-104 "Every person licensed by the Department as a driver or issued a learner's or temporary driver's permit who fails to carry his license or permit, and the registration card for the vehicle which he operates, shall be guilty of a traffic infraction and upon conviction punished by a fine of ten dollars. However, if any person summoned to appear before a court for failure to display his license, permit, or registration card presents to the officer issuing the summons or a magistrate of the county or city in which the summons was issued, before the return date of the summons, a license or permit issued to him prior to the time the summons was issued or a registration card, as the case may be, or appears pursuant to the summons and produces before the court a license or permit issued to him prior to the time the summons was issued or a registration card, as the case may be, he shall have complied with the provisions of this section."
The simple fact is here that, gasp, law enforcment actually BELIEVE this help.
Just as you believe in Open Source, or some believe Allah. Misguided and the wrong step it may be, but give the boys in blue a break. Paranoia has gotten to such a level that people actually think the police WANT a police state. All they want are tools to help them do their jobs - such systems would require HUGE amounts of trust, and a proper political system in place to enforce checks and balances.
What you all fail to understand is that by using a credit card, or debit card, or phone card, or cell phone, or Safeway card, or Car insurance, or Broadband connection, etc, etc, etc...YOU CAN ALL BE FOUND IF THEY WANTED TO FIND YOU
SDon't misunderstand me...I'm not for this at all...but the words "Police State" were dropped too often in other replies.
Just as Bush actually believes he's doing whats best for the country (whether his choices are the best or not), law enforcement officals ACTUALLY believe this will help them do their job
So in conclusion...get a life, and stop feeling watched, followed, oppressed and that your liberties are being stepped on for a malcious cause.
I carry my drivers license so I can drive. I have no interest in other people knowing "who I am".
Indeed. I opposed fingerprinting not because I mind the govt having my fingerprint, but because I knew it would lead to things like this.
The Driver's License / State ID has become required to do many everyday things such as cashing a check or buying a beer. This is being used to force us to keep getting these ID cards even with things like this attached to them that we don't want.
Now they want to force me to carry a signal emitting chip to do these things? That'll be the day.
The problem with this and all other National ID card ideas that have been proposed is that they are inherently secure, because they result in people treating a single piece of information as both public information and as a secret. As an example, concider your Social Security Number. This number is used for two purposes
1) It is a unique identifier that the government (and others) use to differentiate you from others.
2) It used as a means of authenticating that you are who you say you are.
This creates a problem, because in order for the SSN to be usefull as an identifier it will be handled out in view of the public, but in order for it to be used as a means of authentication it must be kept secret - which it is not! It frightens me how many entities act as though anyone who can rattle off my SSN, must be me.
What you are doing is exactly the same. My drivers license number is not private information, and using it as a password is highly insecure!
I would really like to see a standardized authentication system worked out that used a public key / private key / password system, on a smart card. Technically it could work the same as PGP signatures. The public key is is associated with a unique ID, and available on public servers. The encrypted private key exists only on a smart card and cannot be read off the card, and therefore all computation must be done on the card.
The entity wishing to recieve authentication (say safeway) would read my unique ID off the card and send it to the authenticator (say VISA) who would send back a challenge. I would then enter a password (likely pin number) into the local machine. Then the challenge and password would be fed into the card which would use then use the password to decrypt the private key and then sign the challenge with it, and feed out the response. Then safeway would send the responce to VISA who would check it with the public key and securely return their decision.
If computers came with a slot for the card, standard, it would provide for an easy-to-use secure method of authentication for anything that needs it. I could have a card the proves that I am Citizen #123-45-6789 and another that proves I am allowed use VISA card 1234-5678-9012-3456, and other that proves that I am gate_keeper2345@example.com. And having a standard secure method of authentication, could even increase privacy because then entities could choose to athenticate you on criteria other than knowing who you are so they can sue you if things go wrong.
You want to talk about FUD? Do slashdotters even think about how this will be implemented? Yes, there may be some reduction in privacy, on par with having a unique ID for people who don't block/destroy the RFID, but this whole "identify theft of everyone who walks by" wouldn't work. It's not like the RFID will be transmitting all your personals details, merely a unique identifier. If someone has access to the DMV database, they could look up your info.
But wait, if someone has access to the DMV DB, then they can already look up your info, including that same unique ID. Besides identifying unique individuals (useful for advertisements, repeat customer checking, etc), how will this cause identity theft?
... sell wallets with shielding built in so that the RFID can not be read while your license is in your wallet.
Ditto for purses.
I'd have a problem with it, for one simple reason: currently, if someone requests my license, I get to decide then and there if I will show the license to them. I *know* they are asking me. If they are an authority that should see it upon demand (e.g., the police), then I say "fine", and hand it over. What greatly concerns me about RFID reading is the potential for it to be done surreptitiously without my knowledge, and not necessarily with any authority. The key thing is: a potential loss of choice about releasing your personal information to anybody. There should be a big button on the license that disables reading it, unless I visibly hand it to a relevant authority, or choose to swipe it through what ever equipment may need it.
I'll put it this way: would you want a license in your pocket whereby someone could read your personal information from across the room, or even within a much shorter range, without you knowing it had happened? Yes, info can be encrypted. Yes RFID has limited range. But as we all know, technology has a tendancy to overcome such obstacles if there is a motivation to do so, and anyone familiar with identity theft should know that there is such a motivation.
then someone can scan you, clone your identity, and get credit cards, all in one script.
Thomas Jefferson would be proud of Virgina's capitol wiping their collective ass with the piece of the consitution that makes unreasonable search and seizure illegal.
If you really want an RFID/police-state solution to the problem, then require non-citizens to carry RFID -enabled id cards/visas.
Possibly with an optional driving "privilege", for responsible immigrants.
Real citizens have rights, and should not be required to carry "passive remote" identification.
better yet...a billboard that yells out "hey , couldnt you go for a Pepsi/Morgtage/Viagra right about now", as you walk by
DANGER! 10,000 Ohms
That's a factor of the reader far more than it's a factor of the RFID tag. With more power there's more noise to filter, but I doubt that there's anything preventing creation of a reader that'll pick up tags at 20+ feet. Even if there's not one out there right now, there'll be something within a few years.
fencepost
just a little off
I thought RFID would only transmit some unique identifier. In other words, the identity information is not stored in the RFID chip, but in a database in a server somewhere; the RFID only supplies the index key to the (presumably) correct record in the server.
So, I don't see why RFID suddenly makes stealing people's identities so much easier as half the posts on here are claiming. You'd still have to hack into the db to know what the details of that person are if you randomly stole the code from the RFID chip.
--RJ
It seems from reading the article that the writer can't distinguish between a contactless smart card and an RFID tag. Too bad, because the distinction makes a big difference.
Lasers Controlled Games!
The hijackers got their licenses from the DMV office at the Springfield Mall through fraud.
More important than RFID, they need a quick way to identify aliens. In most states, minors have their driver licenses superimposed with big red letters that say "MINOR", which is a quick way to filter people by age. When issuing licences to non-citizens, all states should be required to have the word "ALIEN" likewise superimposed. That way, it would be a quick and easy to filter people who need a higher level of scrutiny.
I'm personally getting very tired of our elected officials exhibiting less outward courage than the average hamster, and routinely using 9/11 as their excuse-all in the name of "Security", whenever their pushing some pork barrel project that their looking to profit off of.
The question these people should've been asking is, how could we have prevented this with our current in place licensing procedures? *Not* how can we add something totally ineffectual into our licensing procedures that some company of mine will make more money from...
[Now, I'm off to lift my le... Um, visit... at another place.]
On the contrary, all of this gives me a very real sense of insecurity. Things feel like they're out of control while opportunists use a terrorist attack to raise prices, impose restrictions, make new laws, reduce/remove freedoms...
And in light of all the anti-terrorist activity, did they actually catch ANYONE? No one in the U.S. that I have heard or noticed. There have been some mysterious raids and stuff but again, nothing that required these new measures. Instead, what we hear about is abuse of the new anti-terrorism measures against ourselves... which is exacrly what they promised it wouldn't be used for.
Is it time to hold the lawmakers accountable? You 're damned right it's time.
All licenses issued from Roswell, NM have that already. And instead of the proper state motto, it says "We come in peace."
Here is a excerpt from the link below talking about a bill in congress about this topic
d =3 7296
> In the Senate Wednesday evening, the "National
> Intelligence Reform Bill" was passed overwhelmingly
> with 96 yeas, 2 nays, and 2 absent. This bill was
> amended last Friday [McCain-Lieberman amendment #3807]
> to include security requirements for State issued
> identification; some of these requirements discussed
> are biometric identification, and a readable magnetic
> strip.
>
> These new cards will need to be issued by the states
> within two years, assuming the House passes the bill
> also, along with the President's signature if a
> super-majority is not met in the House.
http://releases.usnewswire.com/GetRelease.asp?i
Virginia government officials need to keep reading this until they get it:
THE 9/11 HIJACKERS HAD VALID DRIVERS LICENSES.
I agree; RFID licenses won't help.
That said, what do you (and the rest of the "I'm too cool to worry about terrorists" crowd) propose? The same people who are against measures like this are also generally against anything that would have prevented them from getting valid licenses.
I'm genuinely curious. I don't believe for a million years that the Kerry crowd is going to tighten up borders or anything substantive like that after they revoke Patriot Act stuff, so what exactly do they intend to do?
After reading through other responses, the use of RFID appears to cut both ways. (Much like our personal use of firearms, it's all in the application.)
On the good side, reliable RFID could speed your way through computer-mediated transactions, particularly in authenticating access to facilities or systems, paying bills, driving through toll booths (EZpass comes to mind) and similar transactions.)
On the bad side, if someone steals your token (either physically or through cloning), they can do all these things, too. Also, instant ID could be used to exclude you from events if the gatekeepers have access to the database.)
"I'm sorry sir, but you can't come inside. Our system shows that you attended a Kerry rally this morning, so I'm afraid the Secret Service now considers you a threat to President Bush('s re-election)."
As with any good security schema, you need more than one element to make it secure. RFID in your driver's license is only a physical token; you need either a password/PIN or some biometric (or both) to provide additional authentication..)
What will be crucial is what information the RFID system stores and transmits and under what circumstances. For commercial transactions, maybe the RFID DL will just contain your name and a link to a database with the rest of the info needed to complete the transaction. If you've buying something at Radio Shack, they should only get verification of who you are, not your phone number or address (though they will most assuredly lobby for access to that info). If you're applying for a mortgage, the bank would probably be authorized access to more detailed information..)
And you should have the absolute right to both control how much autonomic access anyone has to your Privacy Act protected data and to turn off the RFID function whenever you want..)
However, as with any form of ID, people don't have to transact business with you if you won't provide the authentication they want. Life is full of distasteful little trade-offs.
TLR
A man no more knows his destiny than a tea leaf knows the history of the East India Company
Correct me if I'm wrong but in the world of 1984 terrorism wasn't an issue was it? I guess it was a Perfect World(r)
But... the future refused to change.
Sounds like your keycard and reader aren't talking with RFID.
Hint: if your keycard has a large embedded coil of wire in it, it probably operates through magnetic induction.
HF RFID has a range of at least a couple feet and UHF RFID is more like 10-20 feet.
There is no need to make it RFID. A smartCard offers substantially more control over the presentation of the information. Either way you need a smartcard reader or an RFID reader so specialized hardware is required in both cases, but smart cards can't be read accidentally. Or without your consent (unless you loose them, just like regular licenses)
Version 2.0 New and Improved!
On the other hand a smart card would be ok depending on the type of info on it. I don't see anything wrong w/ having a smart card that holds the data no my drivers license so I can insert it in somethign instead of holding it while the casher tries to figure out where the "date" field is to see if I'm ok to buy the beer. My first worry on this front is that the data on the smart card would be too trusted. People would assume that because it is electronic and possibly encrypted it would be more valid than the info on the front of the card. The other worry is that power hungry law makers and law enforcement would want to store more data on the card just because they had the additional space that is much less visible than the printed front. I don't care if my card has digitally stored anything that is on the front or back of the drivers license in human understandable format, but if my drivers license now carries, say, my fingerprint, my mental health, my criminal record, etc, then I would be strictly against it.
I do security
So what? Someone sniffs my wallet and gets #14960315. As long as they put stuff on there like just the DL number (not SSN), someone would need the rest of the DL to be able to make a fake, which would have allowed them to do it before. Or, they'd need access to the DMV database to get info, in which case they could have done it before.
From what I see, as long as they don't list SSN, DOB, address, or other personally identifying information on it, there are no privacy problems. It lets someone see a mostly useless number from a few feet away.
Learn to love Alaska
I can't see why they could possibly think that RFID tags in official documents is a good idea. Their reasons (increased security and harder to forge) just don't hold water; how can it be more secure to have your details passed to anyone within range with a reader? If they want to add extra security to cards what's wrong with a bar code or embedded chip that can be read using a handheld reader at very close range? Having the ability to read the cards at a distance is a liability unless used for nefarious purposes; i.e. put a reader next to every intersection and track every driver's movements.
Input error. Replace user and press any key to continue.
More important than RFID, they need a quick way to identify aliens. In most states, minors have their driver licenses superimposed with big red letters that say "MINOR", which is a quick way to filter people by age. When issuing licences to non-citizens, all states should be required to have the word "ALIEN" likewise superimposed. That way, it would be a quick and easy to filter people who need a higher level of scrutiny.
So, just because I am not American, I automatically deserve more "scrutiny" huh? Out here in TN we get different coloured "driving certificates" which are specifically marked as "not ID" so that they know that they are dealing with a vicious thug like me.
Do you know what the funny thing is? By lumping me - a completely law abiding person - together with the likes of Atta all they have succeeded in doing is piss me off. If you piss off enough people this way eventually you will piss off somebody who will feel more sympathetic to their cause.
On a side note, do you think Timothy McVeigh should have gotten a different ID?
OK, hypothetical question: let's say that there was a way to make an RFID unreable by random passers-by (ie: you actually had to hand someone your card). One possible way I'm thinking of would be to have a reader that is a slot into which you insert your card. This would prevent some random dude from reading your card using a portable reader in the subway.
Let's also say that all the card stores is an ID number (ie: not your address, birthday etc; all that would have to be securely queried from the Dept of Transportation).
If both of these hypotheticals were in place, would you feel that this was still unreasonable? I'm neither trolling nor starting a flame war, I'm just curious if people object more to the perceived lack of security or the potential abuse of power from "the man".
If you are worried about "the man", please explain why this is worse that a barcode or magnetic stripe (again, assuming the security measures mentioned above).
"Reality is merely an illusion, albeit a very persistent one " -Albert Einstein
Finally we can attain the privacy advocate's dream?
No longer will we have to show our driver's licence for all the crazy purposes people ask to see it today.
Has it been over a year since you last donated to the Electronic Frontier Foundation
"Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there." Which "hijackers" are we thinking about here? The ones who never were on the passenger lists? The ones who lived across the street from the NSA? The ones who were double agents working for the FBI, infiltrating arab groups in the U.S.? I will settle for ONE of these persons who have not ever been proven to be involved with 9/11 short off playing their part in the staged "terrorist attack". Time to wake up and smell the oil!
Cavity Search
"The object of war is not to die for your country, but to make the other bastard die for his." - Patton
Anyways, if want they really want is the ability to elimiate forgeries smart chips would do just that. But why do these chips need to broadcast over the air? Zero not intrusive reasons can be given.
It may cut back on counterfeit IDs for awhile, until people figure out how to counterfeit the RFID.
Initially, like a couple of years ago, RFIDs could only store and transmit a few bytes of information. For simple inventory and indexing applications, this is enough.
However as the technology has improved, the RF tag capacities have increased. Contactless ID cards are very easy to get and would be great for driver's licence applications. They could easily contain and transmit all of the data that one could legibly print on the surface of both sides of the card.
So, a reader would not just get your number, but everything else on the card. That is easy ID theft!
If you want an example of this, cut out a small piece of aluminum foil, one inch by four or so. Tune a hand-held AM radio to a strong station. Now put the foil over the housing near the loopstick antenna; the reception will die. Doesn't take much, does it?
Sustainability and energy independence essay
Hey! there goes Catbeller! This map's busted.
Can an RFID transmission wipe out my credit card strip? (also carried in my wallet)
Of course, that would prevent me from using it, which would be better for me...
"Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there."
because wouldn't everyone agree that it would have been just so much better if the 9/11 hijackers had Virginia drivers licenses with RFID chips embedded in them when they flew into the WTC. Sigh. Putting RFID chips in drivers licenses doesn't make it any harder for someone (terrorist or not) to get a drivers license. It wouild make just about as much sense to say "Virginia is considering just such a measure because tasty smoked ham is made in Virginia. There's no correlation between the two, but every effect must have a cause, so we'll use ham." I'm thinking that the "logic" here is that if they know someone is a terrorist, they can use RFID chip scanners to find them more easily. But if you know someone's a terrorist, then maybe you should arrest them when they come to pick up their driver's license in the first place, or when they get their airline ticket, or when they get pulled over by a cop for speeding, or at any other time when they actually present their driver's license and/or name. This is a solution to a problem we'd love to have. If someone could solve the problem of figuring out who's a terrorist, and the only obstacle was in finding them, then maybe this would be usefull. As it is, this is a solution to a problem that doesn't exist.
Pound! Bang! Bin! Bash! is this a shell script or a Batman comic?
DNA is a Turing machine. You, however, being dynamic and emergent, are not.
You might as well just get 666 burned into your forehead and get it overwith.
3 words: Public key cryptography
And the situation where the reader can validate the card's ID against a database of valid cards in real time.
Or even hold a list of valid cards in secure memory updated daily.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
They're much more uniform than driver's licenses. They are my ID of choice.
I would not mind if they used some kind of credit-card magnetic strip system which had your Liscense # and birthdate on it (so both police, and stores that 'card' people could swipe--but the latter only for the birthdate info, not to track purchases)
but No, I don't want the guy in the car next to me to figure out who I am, or the guy I'm standing in line next to at some store to gather my RFID info...
remember the three slogans of the Party
-War is Peace (attack Iraq)
-Ignorance is Strength (do not question the president)
-freedom is slavery (just do what you are told)
This is were we call on crackers to crack the system and tell us how...thereby rendering rfid's useless...and suddenly not worth the money.
I know you can crack them, but I want a wizard
-- A cat is no trade for integrity!
Story title: The Modern Invisible Man
One day, Joe snaps. thats It, he's had It.
So, he burns all his clothes, wanders out of his house wearing his grandfathers antique garb, and starts wandering around town, laughing manicially to himself.
People who see him call the Police to report a crazy man. But the police detection systems don't see any radio tags there, so they assume it's a mass hallucination.
Other people start blogging having seen him, and the connection between the police proving that noone was really there, and so many people having seen him, turns it into a ghost story.
VA Senators
VA Delegates
You can use the "Whose my legislator?" page to find out your employees, I mean representatives, if you don't know.
considering how easy it is to rewrite RFID information, as demonstrated at defcon this year.
You know, they ought to put the RFID chips in the Driver's Licenses, and pair it with one implanted in your brain. Bury it deep enough though, so that if somebody tries to circumvent this wonderful technology by removing it from their head, irreperable brain damage will occur, maybe even death.
:-)
It's so simple... it would be pretty much impossible to fake one's own identity at that point, unless of course you could change the chip out in your head.
Maybe I could even write a book about this, and sell it on the Internet (sic if you're Wired.com), and make billions of dollars, and start my own government, no, wait, religion, because of course, religion is the answer!
If you have your card out of your pocket, might someone not scan it without your permission? If you have it in a pocket, might someone not use an IR scanner to read it through your pocket?
I'll grant you that RF makes an RFID tag easier to read without your permission than a visual bar-code, but it's not a clear-cut thing. If you have an RFID tag on a card in your wallet, it's unlikely anybody will be able to read it at any great distance. The RFID tags I use to get into my building have to be rubbed up against the reader for it to read them, and have to be positioned in the wallet so that the reader is close enough. I'll give you that a bar-code based id would actually have to be taken out of the wallet to be read, but it's not a major difference.
The paranoia over RFID tags is not at all justified based on how similar they are to bar codes.
A lot of people are saying that this is no better than the mag strips or barcodes already on Driver's Licenses. However, does anyone actually know what a Virginia License looks like? Is everyone just assuming that it has a barcode and/or magstrip because your's does? I'm from New Jersey. My driver's license looks like a laminated piece of paper with a pretty hologram imbedded in the lamination in order to make it harder to forge. There's no barcode nor a magstrip. Until a couple years ago,(after 9/11), it wasn't even required to be a photo ID. Assuming my mother hasn't had to renew her license since the last time I checked, her license doesn't have a photograph.
As someone pointed out earlier, driver's licenses are hardly a uniform US ID.
Additionally, I'm almost positive that in New Jersey you are required to have your license with you when driving, just like your required to have you registration with you.
Sorry, doesn't fly.
First of all, RFIDs don't have much, if any, processing capability. They respond to a magnetic field and spit out a number. Yes that number my be encrypted with a private key, but the number itself always stays the same. If someone can get the encrypted number from my license then they can pretend to be me without ever decrypting it.
If the RFID simply stores a random unique ID that identifies "Fred", then encrypting it will only result in a different random unique ID that identifies "Fred".
Another option would be to encode the actual data, or a hash of the data, into the number. (Name, address, SS, etc) But the result would still be a static identifying number that anyone could collect. In this case the encryption may make it harder to forge the card, but the same thing could be done with a barcode without the same privacy concerns. So really RFID isn't making forgery difficult, the encryption is.
Think of the fun that someone could have if they got a hold of the private key used to encrypt everyone's ID. Yes it might be practicaly impossible to find it by brute force, but that doesn't prevent human error or corruption from letting it leak.
The only reason for RFID is convienence because nobody has to touch the card to verify your ID. But if nobody touches the card, RFID by itself is way to easy to forge.
I could get all the information I need to forge your ID just by walking past with a scanner. If someone bothered to look at my forgery they could compare the printed information to the information in the database and I may be caught. But if someone is going to handle the ID anyways, why not use a barcode or a magnetic strip?
Encryption is no magic bullet for privacy, and RFID does nothing that can't be done just as well or better with other means.
XML is the best data format; unless your data needs to be read or written by a human or a computer.
Put an RSA-8192 signature using the 288 bit hash "SHA1|MD5" and PKCS-2 padding on the magnetic stripe. That would both contain the information on the front as well as sign the data as legitimate.
a c4 *file1.datb cc *file2.dat
Only a secure black box (a la nCipher) at the state DMV would contain the private key. The public key would be given out publicly, especially card scanner manufacturers. The FBI or NSA could have a root certificate, and could countersign the public keys of each of the 50 states and other agencies issuing drivers' licenses.
We really need the federal government demanding a particular standard for the mag stripe system. Let the states design the fronts as they please, but at least make them all electronically readable. Don't build a central federal database with the information, as the public haaaaates that. Keep data storage the same, just make it possible to authenticate the data on the cards.
How much data can be stored on a mag stripe? Maybe you could fit a 10k image of the person on the mag stripe for a card reader to display. Like the other data, this would be hashed, identifying the photograph as authentic.
(Operator | in traditional cryptographic notation means "concatenate"; IE, attach the 128 bit MD5 hash to one of sides of the 160 bit SHA-1 hash to make a 288 bit hash function. SSH uses this. The MD5 algorithm has been shown insecure, as this output shows:
$ md5sum file1.dat file2.dat;sha1sum file1.dat file2.dat
a4c0d35c95a63a805915367dcfe6b751 *file1.dat
a4c0d35c95a63a805915367dcfe6b751 *file2.dat
2783c4ff4a3f20d25f2598a8b052b890c37dc
3c35410823ef00b12d020981c1cf8564c0f89
Click me for a site talking about this MD5 collision
SHA1 is also suspect. So combine the two for security. The fact that SHA1 and MD5 use opposite byte orders makes things even more secure.)
... even if they require all terrorists to carry a flashing neon sign proclaiming them to be terrorists, they still have to try and see them!
So far as I can tell, there was adequate information available to identify the plot and perps, but there was no organization in America trying to bring the pieces together.
I've got to believe that with all the search engine technology designed to associate items with clues, and the wealth of off-the-shelf database technology available, it shouldn't be that difficult to glue them together with a simple AI or neural net that could adaptively highlight potential threats and be immune from human stupidity (it would still have machine stupidity, but that's another matter) and politics.
Instead, we have an administration Hell-bent on tagging and tracking everything in the US. But with apparently no analysis of the data, I don't see how they can be effective.
Why not just have a smart chip or something where they can put the card into a reader.
That way, no-one can read the info on it unless they have the card in their posession.
Why should there be no RFID tag in your driver's license? The current administration is working hard to get RFID tags into the passport of every foreigner. Worldwide. Nobody cares about that in the US. Same about fingerprinting etc..
When issuing licences to non-citizens, all states should be required to have the word "ALIEN" likewise superimposed.
Ohhh..that's a very bad idea. See, at least under the current system, where citizenship/residency is not indicated on the license, there is no particular benefit for anyone getting the license if they are trying to use it for citizenship purposes.
Once the license indicates citizenship/residency, it could only cause a huge spike in fraud...because then people will want the document in order to work or vote or whatever the case may be.
Think about it this way, driver's license fraud did not exist until the photograph was added. Now imagine what will happen to driver's license fraud when a passport/green card is added.
Its important to remember this, otherwise our plan to take over the world will fail. (Oops, did I say that out loud?)
Voting someone out of office is more difficult. It's almost easier to simply not elect them for another term. But I still believe in the initiative process.
I would love it! This is a great idea. The main thing about RFID is that it is contactless, so I can buy cheap readers and get the ID number from the people entering my store, without them knowing it. Then I can cross-link to their credit card info when they buy stuff and - voila! - I can get very precise statistics of which customers come in when. Perfect for flagging potential thieves or these annoying people who never spend any money in the store.
Plus, I'm sure I could sell that information for good money.
1. Hammer. 2. Smash. 3. Anonimity.
I've got your sig, right here.
I'm posting this AC because I don't actually have a /. account.
A lot of people are saying, "oh, I don't care, it's just like a barcode, etc." The fundamental problem with an RFID is that it's *not* a secure form of identification.
For one, RFIDs can be read from a great distance. Even RFIDs that are designed to be read from a reader 4 inches away. If you want to read it from a greater distance, you can just build a bigger reader coil, put more power through it, and excite the RFID from farther away. Granted, there is a practical limit to this (you'd probably have to build a car-sized coil with hundreds of amps going through it if you wanted to get more than 30 foot range or so), but it is fairly feasible to get range of a few feet- making it simple for anyone walking by you on the street to steal your credentials. (beware of people carrying oscilloscopes and hula hoops)
Another big issue is that *most* (not all) RFIDs are vulnerable to replay attacks. They simply output a string of bits whenever they are excited (the reader sends emits a carrier frequency, which charges a capacitor onboard the RFID), and it's always the same string of bits. These RFIDs can be effectively spoofed with $5 of electronics from rat shack. In addition, fake driver's licenses could be made with rewriteable RFIDs (for example, Indala Flexpass RFIDs) to eliminate the need for active electronics. Realistically, RFIDs would not make faking IDs significantly harder.
There are some exceptions to this- some RFIDs incorporate a cryptographic challenge-response scheme so they are not directly vulnerable to replay attacks. However, even these RFIDs are vulnerable to similar attacks as smart cards- for example, brute forcing, side-channel attacks (monitoring power consumption, stray RF emissions, etc).
It's also interesting to note that people haven't made a fuss about the US gov't quietly rolling out passports with RFIDs in them...
30 years ago in VA, your driver's licence number was your Social Security number.
I don't know if they changed this, but they still sound stupid in VA.
gewg_
"it could have (and probably would have) prevented 9-11 and saved the lives of 3,000 Americans."
I've got a better licensing change. Don't give out driver's licenses at all. That could, and probably would have, saved the lives of *millions* of Americans. Keep them off the roads, the most dangerous situation any American faces.
What's this? People would just drive without a license, and wouldn't have had to pass a course? Quiet, you.
I have been closely watching the US House on passage of HR10 as put forth by the House of Reps. They are proposing some draconian measures that states have to implement if their driver's licenses/ID cards are to be accepted when dealing with Federal agencies.
Buried in the measures is a requirement that states must participate in the Driver License Agreement (DLA). The DLA requires information to be exchanged between states on traffic violations and driver history records. It is also mandated that state must keep record of ALL violations and assess point penalties for out of state tickets as well. Canada and Mexico is included as well. More information can be found through Google.
Some states like Colorado (where I live at) does not deal with an out of state ticket as long as it is taken care of (paid) and it is not a major violation like a DUI. I would hate to see that change.
There were attempts to take the driver license provisions out but unfortunately, they failed. I will check tomorrow when the information is up on the House web site.
Also make sure your tinfoil hat is securely attached to your cranial cavity
Quidquid latine dictum sit, altum videtur
The truth is that you are wrong. The equations are symmetrical; whatever gets in can get out (and vice versa), and grounding is irrelevant. Yes, I am a double-E and I studied wave mechanics and waveguides.
Sustainability and energy independence essay