Slashdot Mirror
You Need Not Be Paranoid To Fear RFID
An anonymous reader writes "A story at the Boston Globe covers extensive privacy abuses involving RFID." From the article: "Why is this so scary? Because so many of us pay for our purchases with credit or debit cards, which contain our names, addresses, and other sensitive information. Now imagine a store with RFID chips embedded in every product. At checkout time, the digital code in each item is associated with our credit card data. From now on, that particular pair of shoes or carton of cigarettes is associated with you. Even if you throw them away, the RFID chips will survive. Indeed, Albrecht and McIntyre learned that the phone company BellSouth Corp. had applied for a patent on a system for scanning RFID tags in trash, and using the data to study the shopping patterns of individual consumers." I think they may be going a little overboard with their stance, but it's always interesting to talk about.
Whenever you purchase something, just fry the RFID chip by putting the stuff for 15 seconds in your microwave. Problem solved.
(Or just use cash).
Patent tin-foil garbage bags.
paintball
Don't you realise this is essential to stop terrorism????? Think of the children for a change instead of these stupid "rights" or whatever they're called.
The Good News:
1) BellSouth is a huge company that can't figure out what to do about PTSN loses, much less how to deploy RFID scanners.
2) This is just a patent to be added to their war chest. Every large company is likely to be sued, so they need methods to fight back. Patents are often the most cost effective manner, since getting them is cheaper than mounting any defense against of a real lawsuit.
...for RFID-killers. Shouldn't need more than a watt or so at the right frequency to kill the chip.
-jcr
The only title of honor that a tyrant can grant is "Enemy of the State."
Surely this is nothing a drill*/pair of scissors/giving up smoking/strong high-frequency magnetic field couldn't solve. After all, it's your RFID chip. So destroy it!
*You probably shouldn't try this if the chip is on a condom.
Already the scenes from 2002s movie Minority Report, where your retinas are scanned and "personalised" advertising is beamed at you, seems quaint. Now we know you'll be RFID scanned, and up-sold on the shoes you're wearing, as the brand, size and age of your shoes will be instantly known. And cash won't help, because RFID chips will be in that too.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
What's so bad about studying them?
Like with Google ads, if I have to live with ads, I much prefer directed ones with at least some research behind them than undirected ones. In other words -- in this case with shoes, if they wished to send me ads by mail, I'd rather only get ads for men in my age than women and kids.
Of course, connecting these studies to other databases from other companies could make it very wrong, but that's another problem I think need other laws (unless there aren't any already -- IANAL).
And at least where I live, there are already laws against storing personally identifiable data in a database, such as your social security number. I guess age, gender, and other purely statistical data don't fall under this law, and I don't see a compelling reason to why it should. Is it really such a big deal?
Beware: In C++, your friends can see your privates!
Looking at the way the **AA are carpet-bombing all and sundry with outree requests in support of their business model - in the hope that the odd one will stick - once RFID tech is used widly, I foresee a future where first major brands, then other retailers and law enforcement will be making similar requests, more or less "because it's technically possible".
=> EULA when you buy a Ralph Lauren shirt, making it illegal to disable the tag?
=> Extra tax if you nuke your trash before putting it by the roadside? ("WallMart has a right to know!")
=> Automatic searches at the airport when a scan of your luggage turns results that deviate from the norm?
=> A new "coming of age" rutual, whereby you have your mandatory kiddy-goes-to-school tag removed when you turn 18 21?
yes, we have no bananas
I mean really. Right now, anyone can go through my garbage and recyclabes and see:
- what my spending habits are like (empty product boxes along with the other trash)
- what my diet is like
- what my consumption rate is
- what my interests are (above mentioned product boxes, tossed junk mail, etc)
- what my personal timeline is like (how much trash is developed at various times)
- samples of my dna (various personal care item cast offs, hair, finger nails, etc)
- samples of my finger prints
and lord knows what else. Really, all we're really talking about here for the average person is that they can do several of the above without getting really messy and stinky.
I think you may be confusing RFID with womens beach volleyball.
...but this already happens WITHOUT RFID. I work for a marketing company (who will remain nameless, and hence why I'm posting as an AC) who's work is partly geared toward this sort of work. You go to a store. You pay with a credit card. It stores your CC # (in an undecryptable hash format of course) and what items you bought. It looks for patterns and even gives competitors a chance to gain your marketshare. If Pepsi wants Coke marketshare they can pay us to print a coupon for the guy who buys Coke everytime he goes to the grocery store. We don't need RFID for someone to be monitoring our purchases.
*You probably shouldn't try this if the chip is on a condom.
;)
/.'ers, dreams) their date has :)
Duh, just wait until after your done with it
Actually, now that I think about it, I could see an interesting market for personal rfid scanners. You can sell it to women to take on first (or 2nd or 3rd) dates and it can scan for the product id's for condoms. That way they can catch a bit of a glimpse of what types of intentions (or hopes, or in the case of most
Don't leave that empty pack of smokes at the bar. They'll show up at the crime scene later.
Ok, you buy a second hand jacket. I wouldn't, but a lot of people do. The tag has been connected with a child rapist by the FBI. You go to the train station. You get scanned.
Suddenly, 15 FBI agents slam your face into the dirty floor and take you away for questioning in hand cuffs. You submit to a DNA test (no, not like the CSI TV show, it really does take a long time). It will take days if not weeks to prove they got the wrong person !!! In the meantime, there is no way they are going to let you out.
Since perception is reality, you lose your job, your wife, your friends, etc...etc... because you're a deviant child molester. I mean, you must be, the evening news said you're a suspected deviant so it must be true.
Perhaps a little bit extreme for an example but not out of the range of RFID possibility.
Indeed, Albrecht and McIntyre learned that the phone company BellSouth Corp. had applied for a patent on a system for scanning RFID tags in trash, and using the data to study the shopping patterns of individual consumers.
I seem to remember that, back in the day, a large portion of the information used in phone phreaking was gathered through dumpster diving for internal manuals at Ma Bell. I guess turnabout really is fair play.
Er...no. The RFID tag can carry a unique code for every individual item, not the same code for every item of that type (as a barcode does). That means YOUR new shirt has a different code to all those others on the rail.
When I am king, you will be first against the wall.
Since RFID tags are so useful to corporations, I see any "RFID Killer" being classified as illegal as soon as it hiss the market.
After all, it could be used to steal items from a store, or interfere with the RFID chips that people DON'T want deactivated!!!
It'll be classified as a burglary tool or something worse in short order, if there aren't aspects of such a devise that aren't already illegal.
"Live Free or Die." Don't like it? Then keep out of the USA
His organization has a code of ethics
In other words, the RFID maker claims to have a code of ethics, but doesn't want to be held to that code.
That smells to me like his code of ethics is going straight out of the window the instant it suits him.
Here's a short list of things that you might not want everyone knowing:
All of these things can be used against you by your employer or insurance company.
You only think you want targeted ads. Imagine your wife getting ads for the wrong brand of tampon at just the right time. That's how invasive and awful your phone company's snooping can be. The grocery store comes close right now. The targeting works as intended and is as annoying as hell because the stupid coupons are always for the wrong brand.
Finally, ask yourself what snooping through your garbage has to do with phone service. Is this why federal, state and local laws protect incumbent phone providers from competition? BellSouth, thank you for a new low.
Friends don't help friends install M$ junk.
They don't need RFID to collect anymore information than they already.
I've seen the amount of information they collect at these POS systems. You use a credit/debit card, your card encodes your zip code, first name, last name. Your purchase is collected already by scanning the item into the register.
Your info is then sent to the 3 credit bueraus and your infor is merged with those large databasese. If you give your email to the retailer, your email is attached to your credit report. Through those credit reports the credit bueraus then sends back your address to the retailer and all other information the retailer can afford.
Your information is already available in catalog dealers, your internet info is available at experian online (yup experian started an internet division). How much you make and how much own is already available at experian, transunion and can't remember the last one.
The retailer already got the information they need, RFID is just a way to track inventory, really no joke. RFID does not add any additional information that the retail/catalog industry does not already have. Oh yea, they used to be able to get large amount of info through the DMV before 9/11.
Experian will sell your info to ANYBODY at the right price, private detective already have this ability, without license. Now the funny thing is the only person that has a hard time getting your info, is yourself! Oh yea don't get me started on the 2 files they keep, one public one that you see, and one that is hidden, that keeps every single transactions you've made in your life. the law says some items fall off the report, but the hiden one is available to anybody with money and can make your life horrible. There are no laws saying that your bank need to tell you they based their decision on this second file. So you think your report is clean, but the hidden one says otherwise. Oh yea that second one contains all your purchase habbits too.
God where's my hat? I can't see an after market of people scanning garbage from a particular locale/district etc. The marketing drones already have this information. Retailers routinely sell their lists to each other. Catelogs company give them to each other as "gifts". Or worse TRADED like comodity. You people are not paranoid enough!
Soon we'll see laws against making 'precursors' to 'circumvention devices'; just you watch it happen.
[100% ISO 646 Compliant]
SVM, ERGO MONSTRO.
Nobody has ever developed an RFID chip that's mallet-resistant,
And if you have way too much time on your hands, you can swap them with your friends and neighbors for hours of fun and enjoyment.
You would be surprised who would care. Many businesses ask for permission to run a credit report on applicants before hiring them. They will then pay a fair amount of money to get a fairly detailed report that tells them a lot more about you than you might be comfortable with them knowing. By the same token, once they have that permission, they never need to ask for it again. Performance at work dropping off? Let's run another detailed report and see what's going on in his life outside of work, before we decide how to approach this. I have even known (particularly unpleasant) women who would run a detailed credit report on a guy before deciding if they wanted to get serious with him! I also know several people who rent properties they own, and you would be amazed at the detail they can (and do) get before deciding if they want to rent you a house. I have a friend who lived at my apartment for quite some time, simply because a good job, plenty of money, and a clean-cut appearance wasn't enough to get him over some irregularities on his credit report. He couldn't rent an apartment in any decent part of town, he couldn't buy a house, he couldn't stay in a hotel (no credit card for them to hold). He was a grown man forced for years to live with friends, simply because of his credit report. If that isn't ruining someone's life, then I don't know what is. Sure, if you own a house in the suburbs, never plan on moving, have a stable job, and plenty of money in the bank, I suppose you can be cavalier about how everyone is being paranoid. But if your life is at all out of the norm, then the amount of information being tracked about up can actually cause some very real problems in a society that is evermore leaning towards treating a credit score as an indication of how good a person you are.
Oh look, an Anonymous Coward who has absolutely no concept of statistics. Modded up to +3 too. Impressive and/or sad.
RFID on EVERYTHING means that anomalies like that become less and less significant. Cross-reference enough data and you can spot patterns without having the faintest idea why they're there. (There's actually a famous psychiatric test based on this principle, though the name escapes me. Basically, it's a bunch of crazyass questions designed to give the shrink a statistical probability that you're suffering from a mental disease. The individual answers themselves are irrelevant; only the statistical whole counts. Thus, the potential for an individual to purposefully alter his answers is in effect built into the final percentages--there's really no way to cheat.)
You've missed the point completely. How often do you send shoes to someone living 3,000 miles away? Do you think Nike or Reebok care about the handful of people who've done such a thing? Marketing people only care about the fat, juicy center of the bell curve. Yeah, there are also those niche markets at the edges, but the instant you change your focus to that niche, then it becomes the center of the bell curve.
On the whole this isn't all terribly evil so long as it's used for relatively non-obnoxious advertisements, but the potential for abuse by insurance agencies, banks, law enforcement, etc. is very, very high. If you're not in the statistical norm for the targeted advertisement, who cares? You ignore the ad. But if you're far out of the statistical norm for "law abiding citizen" and the local PD finds out, you can bet your ass you'll be hounded until the day you die (or move to a saner country.) It won't matter if you're an exception; it won't matter if there's only a 55% chance you're a criminal. They'll do it because it's efficient. It'll be like racial profiling except it will apply to every single minority conceivable, from Yanni fans to gays to diehard otakus to atheists. Your difficultly in the world will be inversely related to your conformity. Stray too far out of the norm and your insurance rates will skyrocket, you credit rating will plunge, and cops will look at you that much harder next time they've got an unsolved crime on their hands.
It's not bizzare; it's not even inherently evil. Living by statistics is just an efficient way of doing things. The problem is that greater efficiency is bought with something far more precious; individuality. For now, I can ignore the ads, but for heaven's sake let's not get complacent.