Slashdot Mirror

← Back to Stories (view on slashdot.org)

RFID Drivers' Licenses Debated

Posted by michael on from the mylar-wallets-suddenly-popular dept.

meganthom writes "How would you feel about having an RFID chip in your driver's license? Virginia is considering just such a measure, largely because several of the 9/11 hijackers were licensed there. Civil rights advocates are obviously unhappy with this turn of events, and it seems the ACLU has already taken the case. Proponents claim it would help law enforcement determine that you are who you claim to be and would make forgeries less common. The Federal government is also considering uniform 'smart card' standards."

19 of 514 comments (clear)

  1. Re:Oh great... by Dr+Reducto · · Score: 4, Informative

    Just pop your license in the microwave. I think that kills RFID.

  2. Even easier by Engineer-Poet · · Score: 5, Informative
    Laminate some aluminum foil to card stock with spray glue. Fold in half. Keep your RFID cards inside unless they're in use; the pair of ground planes will make it effectively impossible to get signal to or from the cards. If you want to be able to flash your card/DL without allowing it to be read without extreme difficulty, put foil on one side of a clear envelope or card holder and keep the card inside.

    Another thing to do would be to make a reader-detector, to see who is trying to scan your cards surreptitiously. That would be a great way to embarass people and businesses trying to play Big Brother, and you might even be able to get such snooping prohibited by law.

    --

    Sustainability and energy independence essay
    1. Re:Even easier by dgatwood · · Score: 2, Informative
      Laminate some aluminum foil to card stock with spray glue. Fold in half. Keep your RFID cards inside unless they're in use; the pair of ground planes will make it effectively impossible to get signal to or from the cards.

      No, it won't. A faraday cage has to be grounded. A piece of aluminum foil in a cloth pocket is not. Don't get me wrong, it will dampen the signal somewhat, in much the same way that a layer of anything will dampen it. To some extent, it may also act as a wave guide, resulting in hot spots and dead spots. And because it will oscillate with the RF signal, it might even scatter it enough to make it hard to get a clean copy of the signal. (Does RFID have multipath interference robustness built into the design?) What it will not do, however, is completely block the signal. Not by a long shot.

      --

      Check out my sci-fi/humor trilogy at PatriotsBooks.

    2. Re:Even easier by HeghmoH · · Score: 2, Informative

      Faraday cages have to be grounded to keep signals that are inside from getting out. They don't have to be grounded to keep signals that are outside from getting in.

      --
      Mod down posts with a "Free Mac Mini/iPod" sig, they're spam!
  3. Re:fried chips by tty21 · · Score: 2, Informative

    About 2 seconds on re-heat should do it....

    --
    The quick brown fox jumped over the lazy dogs back 123456789
  4. Re:not for me..... by Apollo+Jones · · Score: 2, Informative

    But, let's say you are in a state the the DL# =SS#. The barcode is now toast, making the police use a standard unencrypted radio (in most areas). So basically, your name, address, SS#, and bio-features are sent over open air. Equally scary. Screwed either way.

  5. Re:I'm Born 'n' Bred Virginian by aardwolf204 · · Score: 5, Informative

    Who modded this funny? Maybe it was the tin foil keyword filter. I'm a Virginian thats seriously thinking about moving way up north if things get much worse.

    --
    Im dreaming ofa big bndwdth, That can resist the /.crowd.May ur days b merry & bright & may al
  6. Re:Ummmmm... by perdu · · Score: 2, Informative
    Alot of them had valid licenses from different states and duplicates of those. From Complete 911 Timeline
    April 12-September 7, 2001
    At least six hijackers get more than one Florida driver's license. They get the second license simply by filling out change of address forms.

    1. Waleed Alshehri: first license May 4, duplicate May 5.
    2. Marwan Alshehhi: first license, April 12, duplicate in June.
    3. Ziad Jarrah: first license May 2, duplicate July 10.
    4. Ahmed Alhaznawi: first license July 10, duplicate September 7.
    5. Hamza Alghamdi: first license June 27, two duplicates, the second in August.
    6. the sixth man with a Florida duplicate is not named. [South Florida Sun-Sentinel, 9/28/01]

    --
    You only use 2% of your DNA
  7. Re:I wouldn't mind by the_demiurge · · Score: 2, Informative

    If you're driving a car and you get pulled over by a police officer, if the officer asks to see your driver's license and you don't produce it, the officer can arrest you.
    If you driving and you can't produce a license, you're driving without a license, which I assume is a crime in every state, although there might be some exceptions.

  8. Re:I wouldn't mind by NeoSkandranon · · Score: 2, Informative

    ...as he walks to your car

    As opposed to taking your license and registration back to his car and getting all the info then? Please.

    By the way, take some time to actaully read other people's experiences with RFID. They don't work unless you are close to the reader, which implies the officer has your license already.

    --
    If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
  9. Re:Oh great... by Anonymous Coward · · Score: 2, Informative

    Schneier has a thing about RFID passports (same sort of thing) in his blog, his arguments might clarify the situation. www.schneier.com/blog/

  10. RFID range by rcw-work · · Score: 2, Informative
    I use an RFID chip in my keycard at work that kive sme access to the building and server room. It doesn't work any further than an inch from the reader.

    Sounds like your keycard and reader aren't talking with RFID.

    Hint: if your keycard has a large embedded coil of wire in it, it probably operates through magnetic induction.

    HF RFID has a range of at least a couple feet and UHF RFID is more like 10-20 feet.

  11. Re:I wouldn't mind by soft_guy · · Score: 2, Informative

    None of the 9/11 hijackers had fake IDs. They all had legitimate driver's licenses issued by some US state.

    --
    Avoid Missing Ball for High Score
  12. Re:Read distance depends on the reader by dgatwood · · Score: 3, Informative
    A lot depends on the antenna (i.e. the RFID itself) not just the reader.

    Not really. To a limited extent, yes, but not as much as you might expect.

    I use what I suspect are the same key cards that the grandparent (great grandparent?) poster uses at work. Most of the readers require nearly physical contact. The ones on the garage downstairs, however, to avoid people having to get out of their car, can read those same badges from... I believe 24 inches, if memory serves. Basically, as soon as I get my badge near the car window, it beeps.

    The device is passive. It reacts to an RF (or in the case of most badges, magnetic) signal by modulating that signal and bouncing it back. The range, AFAIK, is limited mainly by the transmission power of the reader. Granted, there are other issues, like the ability to get something resembling line-of-sight to the RFID tag (i.e. curvature of the Earth limits), the ability to distinguish between a potentially large number of RFID tags within that range, and multipath distortion problems, but those still won't prevent a range of several feet under most conditions.

    There's probably also some fairly high power limit beyond which you would smoke the card if you got too close to the reader, but if you lower that limit enough on your cards to force all RFID readers to only work in close proximity, odds are the devices would have a high failure rate just from "natural" phenomena... like standing too close to your microwave or even walking outside on a day when you can see the aurora borealis.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  13. Grounding is not required by Engineer-Poet · · Score: 4, Informative
    A faraday cage has to be grounded. A piece of aluminum foil in a cloth pocket is not.
    Wrong. A Faraday cage does not have to be grounded to isolate anything inside, any more than a dipole antenna has to be grounded to radiate. What the foil surfaces would provide is a pair of "image planes" which suppress currents in anything nearby; a pair of them spaced closely is going to provide a very large amount of attenuation.

    If you want an example of this, cut out a small piece of aluminum foil, one inch by four or so. Tune a hand-held AM radio to a strong station. Now put the foil over the housing near the loopstick antenna; the reception will die. Doesn't take much, does it?

    --

    Sustainability and energy independence essay
  14. VA General Assembly Pages by bezuwork's+friend · · Score: 2, Informative
    For those VAians who want to let their commonwealth general assembly critters know how they feel:

    VA Senators

    VA Delegates

    You can use the "Whose my legislator?" page to find out your employees, I mean representatives, if you don't know.

  15. Not a great idea by SCHecklerX · · Score: 2, Informative

    considering how easy it is to rewrite RFID information, as demonstrated at defcon this year.

  16. Re:I wouldn't mind by dlmarti · · Score: 2, Informative

    The readers you are talking about are extremely low power devices.

    My company manufactures part15 devices that read passive tags at 12 feet. If you weren't worried about FCC legalities, there is no reason that you couldn't read a tag at 100ft.

  17. Re:Arizona Too! 3 Words by Tinidril · · Score: 2, Informative

    Sorry, doesn't fly.

    First of all, RFIDs don't have much, if any, processing capability. They respond to a magnetic field and spit out a number. Yes that number my be encrypted with a private key, but the number itself always stays the same. If someone can get the encrypted number from my license then they can pretend to be me without ever decrypting it.

    If the RFID simply stores a random unique ID that identifies "Fred", then encrypting it will only result in a different random unique ID that identifies "Fred".

    Another option would be to encode the actual data, or a hash of the data, into the number. (Name, address, SS, etc) But the result would still be a static identifying number that anyone could collect. In this case the encryption may make it harder to forge the card, but the same thing could be done with a barcode without the same privacy concerns. So really RFID isn't making forgery difficult, the encryption is.

    Think of the fun that someone could have if they got a hold of the private key used to encrypt everyone's ID. Yes it might be practicaly impossible to find it by brute force, but that doesn't prevent human error or corruption from letting it leak.

    The only reason for RFID is convienence because nobody has to touch the card to verify your ID. But if nobody touches the card, RFID by itself is way to easy to forge.

    I could get all the information I need to forge your ID just by walking past with a scanner. If someone bothered to look at my forgery they could compare the printed information to the information in the database and I may be caught. But if someone is going to handle the ID anyways, why not use a barcode or a magnetic strip?

    Encryption is no magic bullet for privacy, and RFID does nothing that can't be done just as well or better with other means.

    --
    XML is the best data format; unless your data needs to be read or written by a human or a computer.