Slashdot Mirror
Privacy Threat in New RFID Travel Cards?
DemolitionX9 writes to tell us ZDNet has an interesting article rehashing the problems with privacy in future RFID-equipped travel documents and ID. The piece focuses on a recent speech given by Jim Williams, director of the Department of Homeland Security's US-VISIT program. From the article: "Many of the privacy worries center on whether RFID tags--typically minuscule chips with an antenna a few inches long that can transmit a unique ID number--can be read from afar. If the range is a few inches, the privacy concerns are reduced. But at ranges of 30 feet, the tags could theoretically be read by hidden sensors alongside the road, in the mall or in the hands of criminals hoping to identify someone on the street by his or her ID number."
..think of how this will protect your FREEDOM! and LIBERTY!
Starsucks
This ability would make it well worth these RFID ids being mandated.
This is all very intriguing, but how exactly could someone exploit this RFID range to make my life worse? I can only think of things that would make it better. Could someone explain less abstractly than "Didn't you read 1984?"
If the range is smaller, all the identity thieves have to do is get closer to you. Brush past you, and they have identified you. Isn't easy identification the idea behind it?
...What is to stop someone from "accidentally" bumping into you with their scanner in their pocket?
I don't preview or spellcheck.
I did this today and it made me insanely happy for about 15 seconds.
Find a BT landline phone. Send a text message to it reading "The time space continuum is about to collapse." Wait by the phone. A few seconds later it will ring - and Tom Baker will read your message out to you!
"Speaking the Truth in times of universal deceit is a revolutionary act." -- George Orwell
Give me a yagi and I'll read your tagy.
Take the cheese to sickbay, the doctor should see it as soon as possible - B'Elanna Torres, "Learning Curve"
Set off a Bomb when person id code 46465456456489715678984 walks by
identity frottaging.
Eloi are stupid, throw morlocks at them!
The FOIL'ID AGAIN is a humourous example of how to prevent the Department of Homeland Insecurity from messing up your privacy:
http://www.angelfire.com/mt/woodmtn/insight.html
Oh You POS
Now all we need is a grid of these RFID readers and an interface to Google Maps... so, you know, you can run a real-time radar of the current location of all friends, enemies, and heretics.
Not with my RFID Blocking Kit RFID Blocking Kit Shirt!!
In undeveloped countries, the consumer controls the market. In capitalist America, the market controls you.
...the fact that they don't have the database to match the "ID" in the RFID, perhaps?
I mean, how useful would it be to you to have a list of all the social security numbers of everyone in a baseball stadium if you didn't have any of the names? Hell, you might as well just randomly generate the numbers.
Wouldn't be to terribly risky for me to say that my SSN is 872-46-2392 (it's not) if there's no way for you to get any other identifying information with which to match it as by itself it is totally useless.
They could Use the information to Change ads. For example You visit a "popular" store often. The marketing company contracts with that store to track how much you visit. The marketing company could have billboards on the side of the street, or in a mall, and they read your ID tag. They could then change the ad to target it towards your shopping history. I say no to the whole Idea.
In other news, walking around with a bizzare skin disorder that makes microscopic copies of your passport flake off and fall on the ground may be a risk to your identity.
(I choose such an odd analogy because rfid readers are about as hard to obtain as microscopes. Not everyone will have one on them but it's not exactly mil-spec hardware)
I am one of many. My idea is not unique, nor do I expect my voice alone to sway you. I speak in a chorus of opinion.
Person id code 46465456456489715678984 has very vocally expressed negative opionions about us, let's stage a little accident for him.
Please hurry the development of space tech so I can move to another planet, should it be necessary.
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
A passport that emits RFID information from any distance more than a few inches would be a serious danger to Americans traveling. Criminals can set up a cluster of RFID readers on a busy street and identify Americans by the RFID signals received. Then these people can be targeted for kidnapping, robbery, extortion, or murder specifically because of their nationality.
Even a RFID passport that emits only a few inches can be a danger if the criminals use more powerful amplifiers on their RFID receivers.
This idea is totally insane from the standpoint of individual security for travelers using a USA passport. But of course the nitwit fucks that run the USA 'Homeland Security' Department can't understand this. I'll be the first to buy a lead-threaded passport cover.
Even if its a few inches, in a crowded mall, couldnt somoene walk right up behind someone and scan the rfid card in their wallet, in their back pocket?
RFID would be awesome if the governments werent trying to control us and the criminals werent trying to abuse us.
They can also get viruses you know... the reg had an article on it a few months ago where they proved it could be made... very worrying
Give everyone the ID number 12345.
And yes, some terrorist groups do have the capability to build custom electronics. You can see examples of IRA custom circuit boards in the Imperial War Museum, London.
Unless the Feds are going to come up with an air-tight encryption scheme, this is a recipe for disaster. This isn't like the EZPass I have on my car, which is only linked to my account and determines if I have enough to pay the toll. These chips will potentially carry a lot of personal and very useful information, especially if you're a crook looking to use somebody's id to get across the border or to create fake identity documents for sale.
Frankly, this whole idea is mainly a panacea. If it works, the bad guys will simply sneak across the thousands of miles of undefended and unmonitored border we have in the US. Others will start turning innocent people into mules by swiping their identities and using them to get things across. Instead of making the borders of this nation more secure, the government is creating even more insidious ways for someone to come into this country. I think it's time to go back to the drawing board.
GetOuttaMySpace - The Anti-Social Network
How that's different than the current situation, where I don't even need to steal your RFID information to steal your identity?
"The government grants you rights, not the other way around."-- beav007. Yes, these people really exist...
You'd have a point if people walked around with one, and possibly more barcodes visible upon their person.
Could more powerful or modified scanners be used to read the RFID chips only designed to be read from a short distance?
;)
IANARFIDE (I Am Not An RFID Engineer)
Please I beg to ask you why the parent is offtopic? It shows how rediclous arguments against RFID are.
Your hair look like poop, Bob! - Wanker.
Why not put a switch in the antenna's path? To use the card, you have to push a contact button to turn it on? That would stop passive scanning, right?
Weaselmancer
rediculous.
Even a RFID passport that emits only a few inches can be a danger if the criminals use more powerful amplifiers on their RFID receivers.
Transmitters are powerful, receivers and preamps are sensitive.
"Eve of Destruction", it's not just for old hippies anymore...
The U.S. gov't will start issuing RFID-equipped passports this fall. How long until we see the first U.S.-citizen-triggered bomb?
You're actually thinking about this, and because of that, I would guess you also read the article.
In either case, you're not qualified to comment as long as you are actually using your brain to process this information.
Once you've stopped doing that, you may give input. We don't want anyone to see that the sky isn't actually falling, so keep your informed, intelligent, well thought out opinion to yourself.
"The government grants you rights, not the other way around."-- beav007. Yes, these people really exist...
It's the mark of the beast! 666!
Mastercard and their PAYPASS cards? https://mbe2stl101.mastercard.net/hsm2stl101/publi c/login/ebusiness/mobile_commerce/paypass/index.js p/
Its RF also .. The range is about 2 inches... Im able to pull up to a gas pump, swipe my wallet next to the scanner and off im go. heres the documentation on their stuff https://mbe2stl101.mastercard.net/hsm2stl101/publi c/login/ebusiness/mobile_commerce/paypass/document ation/index.jsp/
-- I Dont Deserve A Sig I Have Bad Karma
Remember this gadget?
Who says there won't be a RFID-Sniper in the future?
Fsck that. Scan my bar code instead, plebeian!
My RFID chip suffered an unfortunate accident when it met a pair of vice grips.
Agreed. This echoes what I think is sound policy for, say, voting machines--avoid trusting the software. If something is really important, it's gotta have an electrical-level control.
In the case of passports, ID cards, etc, just put in a thin air-filled blister on the card with conductive inner surfaces--pressing it completes a necessary contact, and then the RFID'll be active.
Of course, I bet DHS would prefer to have the ability to do their own scanning regimen even if the carrier would rather avoid it.
Why not a temporary "token" card, which can be linked to stored documents (picture, etc) that are entered into a database ahead of time, valid for a week or month? The token card itself is only a reference to stored data, and you can have a "fast-track lane" for people who set one up ahead of time...
Uh. Just RTFA'd a bit more. They're already considering that. Oops.
Seriously, if I get an RFID card, it's going inside a Faraday cage wallet. I don't mind RFID, but I'm going to control who I display to.
You can just put a transceiver in a fanny pack and some antennae in some strategic locations and then bump into people. Pickpockets do it all the time. I bet this would even work with the new RFID credit cards.
There is no "-1 offended" or "-1 you don't agree with me" mod options for a reason.
That ID is tied to biometric data and corroborating identification -- e.g scans of foreign passport/visas/drivers license etc. etc. Oh, and PHOTOGRAPHS.
All that is on that damned card is an index number. So, sure, you go right ahead and swipe that baby at customs and have a good time with SGT Ufia.
Honestly, do you people really think these things through? Cripes. The ID by itself is totally, 100%, COMPLETELY USELESS to anyone but the person associated with it unless you have madd haxx0r $|<i||z and can alter the central database that actually contains something other than a single number.
Damn tinfoil weenies!!
Faith: n. -- That human impulse that drives them to steal appliances when the power goes out
Let's clear a few things up, because there is a little FUD here... IANAL, but I am in the RFID business for commercial use (inventory management and the like)
1. RDID tags come in a HUGE variety of types. You have to choose the right tag for the job. For example, is the item liquid? Is it metal? Is it a large crate? A small one? Etc. My guess is for a passport, the RFID tag would be a very short range (2-3" read type).
2. There are active (like those attached to your toll tags, or to large pallats & containers). These have batteries in them. A passport won't have a battery in it.
3. There are passive tags. These get charged by the antenna, that makes the circuit work. Think crystal radio here... same sort of concept. It charges the circuit, then the reader reads the tag.
4. The tags generally (although they can) carry only a serial or lookup number. NOT specific information. The more info, the more expensive the tag. Some newer tags CAN carry things (like product expiriation dates, inventory dates, etc.)
5. There are tags that can be both programmed and are read only. Depends on the type of tag. Both active and passive tags can do this. This means the reader can also program the tag.
6. Readers are NOT hard to get. It's a commerical device. However, in most cases, the reader is specific to the tag type. There are SOME standards coming out now with the gen2 tags, but they are not in wide deployment. The readers are NOT CHEAP.
So, here's my guess of what they would (or SHOULD) do:
--very short range passive tag (would require the passport to nearly touch the reader)
--Read only tag
--Tag would only contain some sort of authentication string that would be read, decrypted, and authenticated to see if passport is real.
--Tag would contain some sort of lookup string, which would be read, then queried on the backend systems to make sure the tag matches what's on the passport.
ALL this can be done with protection of privacy, IF DONE RIGHT! It's being done today, specifically in the pharma industry.
History has proven that. You can't force all American employers to jump through yet more hoops to simply employ people without hurting the economy. As long as you have the economic the imbalance between what millions can make in Mexico vs. what they can make in the US, black markets will insure that labor will move across, over, under, or around said border or great wall. This black market will also corrupt both the US and Mexican governments to the extent the labor needs to flow. RealIDs will be purchasable along with SS cards or whatever is needed. The corrupt bureaucrats that enable fake SS cards will add a new document to the price list. All the walls and rules and massive sinkholes of American taxpayer money will do is change the pricing.
Until Mexico grows a bigger middle class and a government that provides opportunities at home, we will have a problem at our southern borders. If they move in a more socialist direction, things will only get worse at home and more will go El Norte. Why shouldn't they. No stinking law would have kept my English and Irish-German dog roots out of the promised land, and a new great wall for America won't change that for Latin Americans.
Like the failed drug war, the war on the southern border will end as a spectacular failure. It will end up as a war against ourselves, our businesses, and ultimately our freedoms.
If it creates a problem, all the more a reason for stricter laws and more surveillance. For your safety, of course.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
At defcon 2005 some guys set a record for reading passive tags at 69 feet. With pics :)
Your sig(k) has been stolen. There is a puff of smoke!
Why do they have to be broadcasting RFID tags? Why can't they have a physical interface? You know, like the magentic strip on the back of everything? I don't see why we can use a physical contact patch on it instead of a broadcasted signal. After all, we've been using physical contact for interfacing devices for decades in the computer world and for centuries in other walks of life.
I wouldn't have a bit of a problem if a contact patch were used instead of a broadcasted signal. Not like it would be hard to make a small unit you slide the card into that puts it into position to be read, then kicks it out when it's finished.
From what I was reading on this awhile ago, there was a proposal to reduce this threat in two ways:
1) Drop some biometric information and images in the RFID tag.
2) encrypt the data on the rfid tag embedded in the passport, and checksum it with an obscure algorithm.
3) put a pgp key (or some other key), maybe on a barcode, on the passport that allows the security official to decode the data, and verify that the checksum matches the data, and verify the biometrics to see if X is really who he says it is.
That way, somebody would have to eavesdrop with an RFID detector, brute-force the data out, chop off your finger, surgically implant it on yourself (or change the fingerprint embedded in the RFID tag), rechecksum it, etc.
Now, this is still possible to forge, but the problem is no longer RFID related, and requires a lot more work to forge. Any takers on why this wouldn't be OK?
Sparing the details, there are only 771M possible SSNs currently out there. If you came from, say, Vermont, the odds of guessing your SSN correctly, in order, the first time would only be a 1:2M. It's easier to calculate a valid SSN than to harvest one by any means.
What's NOT easy to do is match the other _necessary_ information to make that number useful and that is no different for this or any other number, whether stored in an RFID chip, printed in a barcode or tatooed on your butt.
"What we're putting in the card is possibly nothing but a 96-digit serial number that is random and would do nothing but point back to a database...someone would have to hack into our database at the same time,"
Again, total ignorance marked as "informative."
You'd also have to have the same finger prints and iris geometry...and that isn't on the card.
The amount of work you'd have to go through to make this ID useful as a "forgery" is so ridiculous as to make it possible only for those who have access to a government intelligence agency's resources...or a checking account large enough to simulate such.
Sorry, but RFID just seems like so dumb.
Now border guards just scan the barcode. What's wrong with that???
One potential threat for American travellers carrying this kind of chip is a sniffer weapon. The hi-tech version is an RFID sensitive smart missile and the dumber version is an IED in Cairo that sits and waits for Joe Sixpack to walk by. If you think I'm full of it, the Russians used a cell-phone sniffing missile to kill a Chechen general. For US RFID passports in other countries, all the munition needs to do is detect the chip's presense.
I want my "papers" to stay paper, please. Bar code them or whatever, but don't delibrately make it prone to identity theft, hacking or IEDs.
Josh
gigantino.tv - Heavy but weighs nothing.
Nearly everyone carries them and they broadcast a number that just as well identifies you--but even better, you can call it up to make sure the right person is carrying it at the time.
Based off of The RFID Blocking Wallet anyone?
TFA says nothing about the database containing biometric data, nor does it say that any other biometric data will be checked*. And quite frankly, if the border does start getting iris and/or fingerprint scans for everyone
What would be the benefit compared with a carried paper passport with your picture and a bar code?
*Except for the last line in TFA, where it says some such data might be needed to make the broadcast happen - but this is different from it being stored in the database....
If you think imaginary property and real property are the same, when does your house become public domain?
...would protect me!!!
Slashdot - Where the slash is most definitely to the left.
1) Drop some biometric information and images in the RFID tag.
The RFID tag is already unique to me. Putting more information on would allow more data mining, if nothing else.
2) encrypt the data on the rfid tag embedded in the passport, and checksum it with an obscure algorithm.
I hate obscure algorithms. Might as well use the Ceasar Cipher +4 like the Mafia Boss. Its not used much - for good reason. Assuming you do use a secure algorithim, someone would only have to steal the decryption key to make it useful to them. Considering it will likely be widely used by authorities, this should be easy.
3) See in #2 above the issues with allowing any authority to decrypt -- assuming they are all using the same key.
That way, somebody would have to eavesdrop with an RFID detector, brute-force the data out, chop off your finger, surgically implant it on yourself (or change the fingerprint embedded in the RFID tag), rechecksum it, etc.
Assuming everything else was air-tight and that someone really wants to impersonate someone else. I suspect we'll be seeing a few people who are missing fingers. The only plus to this is that if you have your identity stolen you can walk into the local police station and show them that you are missing a finger. It may not solve the case, but they sure as heck will start right away.
Proof by very large bribes. QED.
Judging from the moderation on my post it seems like the \. Sheeple have been to ingrained with "RFID is EVIL!". My post was hardly anything flamebait worthy, I'd like to see a valid criticism against RFID besides "OH NOES OUR RIGHTS!".
Your hair look like poop, Bob! - Wanker.
I witnessed a hit and run. It took photos. The local city council doesn't want to slow traffic through this perticular residential neighborhood, as they are using it as an unofficial alternate route for the state highway. They are doing this because the local money doesn't want a new freeway built. (the land for the freeway is already owned, and cleared. The local police tell the victims of the hit and run that they don't take reports on hit and runs, as it is a civil matter. I report this to the city mayor, and local media. The mayor tells me that she will speak to the police chief, and I will recieve a call. A few days later I get a call from the police. The police threaten me with violence if I don't drop the issue.
Now, that I've detailed what has ACTUALLY happened, lets talk about what the RFID can do to get me killed. I go to the movies, and while walking to my car, my RFID tag informs a local police officer that I am in a dark parking garage by myself. I never make it out alive, and the subsequent investigation never finds the "unknown" assailent.
We know that we already have a problem with corrupt cops. It isn't a debate about IF we have police corruption. It is a debate about how bad the corruption is. Consider the ramification of cities putting up sensors on every intersection. You know like the cameras they are putting up now. This gives a few people the ability to track you as an individual anywhere you go. You better hope that you pay your proper kickbacks to your local police.
If you've done nothing wrong you have nothing to fear This wonderful new technology will enable us, your benign and caring government to protect you from identity theft/terrorists/child molestors Unfortunately, its not really effective if those pesky terrorists/id thieves/child molestors can simply chose not to carry any RFID tags.. so of course you won't mind if we embed this RFID tag in your baby's cranium while its still soft ? Its for your protection.
I filed a patent for my tin foil suit back in 1986.
Anger has its uses. Here, let me show you.
So keep your ID cards in a lead wallet. First there were tinfoil hats, then lead wallets. What will be next?
v4sw6PU$hw6ln6pr4F$ck 4/6$ma3+6u7LNS$w2m4l7U$i2e4+7en6a2X h
What will they say when someone starts reading the IDs of government agents?
That is a pretty easy way to assassinate someone, just take out the whole building/plane/car whatever they are in. Then it's not an assasination, it's a "random terrorist event". Governments even do it overtly, we are always hearing about the US or israel "targetting" someone and just demoloshing the house or village they are in. that's not called terrorism though, that is targeted assassination with collateral damage, but it's the same thing really.
Now say some group doesn't like "collaborators", people who work "for the enemy". so they set off a device where all these collaborators are. Is that terrorism, legitimate (assymetrical) warfare, or group assassination? It's not random, the place was picked out for a particular purpose (say the collaborators puppet police station entrance), although the setters don't really care exactly who they get, as long as they get some of them.
Semantics nowadays, just depends on which side of where you stand to assign a noun to an event. The Boston Tea Party-terrorists, freedom fighters, cheap and drunk holligan tax dodgers? It all fits, doesn't it?
http://www.rpi-polymath.com/ducttape/RFIDWallet.ph p
I've tested it with a new proximity door access system we now have at work and it does block the signal. Note that you should modify the wallet to create a passport or PASS holder as needed.
zenray
i don't know why human beings have not figured this out yet .. it's not like we are at the beginning of the industrial revolution ..
..
.. will have just as many potential downsides as potential upsides .. the developer .. the advertisers .. those advocating it's use .. those looking to make a profit from it .. seldom if ever .. are willing to admit this .. and never want to discus it .. they/we just don't ask enough "what if" questions at the beginning of anything we are developing/changing in the modern world ..
.. this will always be the case ..
.. that the large scale use of automobiles burning fossil fuels .. may lead to dangerous levels of pollution and/or catastrophic climate change .. that having large numbers of people using cell phones while driving .. is like having a large number of drunken drivers on the road .. or that weapon systems developed to defend someone can just as easily be used against them .. the list goes on .. and on ..
..
..
.. will be used for nefarious purposes by someone .. it is just when .. by whom .. to what extent and to what end ..
personally i think it has a great deal to do with generational amnesia
that any and all technologies that are developed
as long as there is a self interest or a profit motive
just for example
What If
the bottom line is that there are just as many possible downsides as upsides in all cases
and it is not whether some technology that is developed
This whole RFID thing is stupid.
To protect it's citizen's liberties, the US should erect a giant steel-reinforced concrete wall at least....say, 50ft high, 30 feet deep and 30 feet thick around all of it's land borders. It should be manned 24/7/365.25 by no fewer than 2 armed guards per 100 yards, with anti-air/missile turrets every 500 yds. All non designated approaches should be mined and monitored by snipers and flamethrowers. The ground beneath it should be seismically monitored for digging and the air above it should be patrolled by aircraft, drones, radar and satellites...preferably with lasers that can lance flying objects.
To protect against oceanic ingress, special weapons platforms should be built. On each platform (spaced no further apart than 1 mile) there should exist a small arsenal of tactical nuclear and conventional naval missiles, air-to-air interceptors, helicopters, all with a standoff range of no less than 100 miles. All non designated shipping lanes should be mined.
At all designated ingress points (gates in the Wall, shipping lanes, airports) every single person entering the US should be fully searched (inc body cavities), de-loused, given a full medical exam and background check, fingerprinted, and pumped full of antibiotics. After a mandatory 1 week quarantine, they can be tagged and released back into the general population with government approved coveralls and footwear, *provided* they check in with their designated state chaperon every 24 hrs. After a thorough search of their shipped belongings (taking no longer than 2 weeks), all of their approved personal effects will be delivered to the address of their choosing. All currency, credit cards and other means of monetary trade would be exempt from this search---they can use those immediately.
All incoming media of any kind should also be fully controlled by the governemnt. Books, movies, music, internet content; all must pass strict regulatory guidelines before being heard by the general public.
I think my plan will make us all so very safe. In the meantime I'll lie awake at night agonizing over my frail mortality,and the most certain fact that I will likely die of a terrorist attack instead of a car crash, cancer, stroke, AIDs, diabetes or global climate change.
They seem to suggest that they only want it so that they can identify people stopped at border checkpoints.
Free Software: Like love, it grows best when given away.
No, it's not in the article, but it IS part of the USA-Visit system and the ID is just the index number to the data they collect. This article is not the definitive source of information on that program. I would suggest you search Google News for the "missing" information.
I'm not arguing the merits of RFID, I'm arguing the asinine absurdity of thinking that access to that ID number is any more dangerous than any of the plethora of similarly [pseudo]-random numbers that are associated with us already.
I'm as paranoid about Big Brother as anyone, but let's be rational about what can actually come of this.
People are responding that all this crap is on the card and that someone will be able to get a home loan, access their bank records and whatever other assorted "identity theft" issues--and that's a crock. As for why the biometric source _and_ the ID?
How much do you know about identity systems and databases in general? It is MUCH easier to grab an index and do a 1:1 comparison to verify identity than to do a pattern match on a 1:500000000 scale.
Get it now?
Not only that, this is discussing doing that while the RFID equipped form is in the possession of the person in a moving car...
A couple of inches? Yeah, right.
--
Tomas
From the article:
RFID chips are already going to appear in U.S. passports starting in October 2006, the Bush administration ruled last October.
a) That's gonna seriously screw up some american tourist's habit of wearing maple leaf emblems on their clothing/backpacks so they can claim to be Canadian.
b) Congrats - you just enabled every wanna-be terrorist to be able to track down and find an american in any crowd. Gonna make it much easier to figure out which foreign tourists you want to kidnap, don't you think?
Goddamnit, these things echo out a single 96-byte number. Period. End of story. That's it.
No one, without linking to the central database, can determine SQUAT from that number.
We use RFID. But we don't use the cheap ones like this.
We have Active RFID. They are password protected, encrypted, and only transmit data when a properly encrypted password protected SEND DATA command is transmitted. We use a special encoding, not off the shelf encoding. A standard reader cannot read these tags.
The batterys last 5 years on average. 3 on heavy use, 7 on minimum use.
We've been doing this for 10 years now.
To me, this seems to be the solution. And if anyone trys to hack this, the DMCA would be the way to lock them up and throw away the key, right?
panacea (pn'-s'):
A remedy for all diseases, evils, or difficulties; a cure-all.
You have a big random number, like having someone's public key. BFD. Unless you have access to The Big Government Passport Database.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
One of the main points of mandating RFIDs in things is to help out the Bush Administration's friends in the business, but another major point is to get people to start carrying around RFIDs to be more trackable. So yes, lying about how far they can *really* be read is part of the point.
Bill Stewart
New Fast-Compression-only CPR http://preview.tinyurl.com/dy575ks
Get step-by-step instructions for contructing such a wallet as well as background information about RFID in consumer objects.
I'd love to be able to buy one at thinkgeek.com (they already sell a duct tape wallet).
Yup!
Even in 'safer' environments where IEDs are not as likely, the value of legit US papers might make it worthwhile for 'black hats' to quickly sort out who is carrying what, so that those actually carrying a passport, or other RFID'd papers, can be tagged for special attention...
Now that even a common MasterCard advertises its presence, and almost waves a "steal me, I'm right here!!!" flag, well shielded wallets and purses are almost a necessity.
The future is here, and as usual it arrived sooner than we expected and in the wrong order...
--
Tomas
You just kidnap the tourist with the maple leaf emblem. No real Canadians wear these in case they're mistaken for Americans....
If you use RFID, your data is as good as public domain. Another tech designed with no (serious) thought to security. The only thing that's going to be more pathetic/amusing (depending on your alignment) are the new pin-less "proximity" credit/debit cards. Won't be very long before a clever criminal makes a fortune by walking around the mall with a small black box emptying the accounts of every luser with one. Unless you want to be one of them, just say no to this moronic idea. Still can't believe it made it off the drawing board.
Let's consider the following that could happen with RFID in a passport, or DL, or ID, or body part, or whatever...
... or better yet - crook drives down the block in his car, and scans the HOUSE to see what you have inside... Correlate the home address with the owner and determine when the owner is out of the house and rob it. Or determine that the owner doesn't have any firearms and go rob it now...
* Travel records are generated and kept in a database on behalf of some entity. Someone working for said entity is coerced into forking over the data on a particular person, or someone who owns a particular item. Then when that person is out, the crook goes in and gets what they want. Or they know precisely where the person will be to commit some bodily harm to the person...
* Wife thinks husband is cheating on her. Wifey hires a lawyer. Lawyer subpoena's all records relating to husband. Discovers that he's at a food store half way across town buying condoms and beer on saturday. Interestingly enough, the suspected girlfriend is at the same store buying ky jelly and wine at the same time... (oh, did I mention that this happens with those grocery store discount cards already?)
* Someone is looking to track someome. So they determine what the RFID number of their vehicle's tires are... Sensors in the road keep track of where this person is going from and to... Even better, once that information is trended out and the someone has a good idea of where the target is going to be, they set up a device to 'handle' the situation for them...
* Person A travels from point B to Point C in less time than they could legally do so if they were going the posted speed limit. It's enough out of whack that the road management entity sends a ticket to the owner of the vehicle... And what's out of whack "dials in" until you have to be dead on with the speed or you get a ticket... Too fast? Ticket. Too slow? You're impeding the flow of traffic = ticket.
* RFID proves that you buy certain kinds of beer each weekend. You slip and fall in a store. Store subpoenas the records and "proves" that you could have been drunk, and that's why you slipped...
* RFID records are correlated and it's discovered that you prefer a certain brand of toothpaste. As you walk past the other brands, they lower their price to become more attractive to you. As you approach your brand, the system realizes that you haven't bought the toothpaste for a while and you're probably out and need it now - so it raises the price.
* RFID records of what you passed by in a store, what you stopped and looked at in a store, and what you bought in a store are all correlated and sold to marketers of goods of things that you bought and didn't buy. Junk mail, phone calls, etc. are all a never-ending deluge... Even better, insurers notice that you're buying a lot of OTC items for colds, suspect that you're a Meth cooker and report you to the cops, or screw with your insurance because you have a cold every year, or
* You travel to Country X. Country X and the US are on good terms when you leave and arrive. While you're there, a cou-de-ta (sp?) occurs... The new regime decides that the US is the Evil Empire and rounds up all the US Citizens and kills them, or takes them hostage, or
* You're walking down the street, minding your own business. Your watch, shoes, wallet, and clothes all have RFID tags in them. A crook who has a friend working in the manufacturing industries has a reader programmed with the prefix codes of what the various tags are linked to... A reader set up down the block tells him when someone with the 'good stuff' is walking by... They then target you for a criminal act.
* You're going to pick up your child at daycare and have a DVD in your car... Barely Legal Bimbos Gone Wild!!!! Scanner picks up, and nosey daycare worker feels that "barely legal" means you're pretty much a pedophile and calls the cops... Cops pull up at your house and determine you have an
simple solution guys - add a foil layer to the passport cover inside - when its closed it can't be read - when its open it can transmit to the sensor!
No, that was Brian Doyle, Deputy Press Secretary.
And the DHS doesn't have a "Directory", it has a Secretary, Michael Chertoff.
Don't know why you'd belittle them, first disaster that wipes out your ass, I'll bet your standing in line bitching about not getting any free cheese from the gov't just like everyone else.
Give a man a fish and you have fed him for today. Teach a man to fish, and he'll say "WHERE'S MY FISH, YOU IDIOT?"
We will all have satellite dishes sticking out of our ass like Cartman.
For the first person to patent a small, sturdy, wallet sized faraday cage that you can use to carry your ID cards around in so they don't get "chatty". You could put a clasp and hinges on it to open it upon request.
Or are they going to make it illegal for you to be selective about who gets to spy on your personal details?
I am government man, come from the government. The government has sent me. -- G.I.R.
i guess you should wrap in emi shielding bag around the rfid to prevent unwanted readings. i read before of products available (like wallets) that are insulated to prevent just this from happening. maybe this is a practical solution to take at the moment.
Live your life each day as if it was your last.
My wife recently renewed her Australian passport and the new one came with an RFID tag in it. What's more, they charged extra for the privilege :(.
Me lost me cookie at the disco.
I don't want to block it, I want to destroy it. I read once in someone's blog that you could zap it in the microwave for 10 seconds, but don't know if it's true or not. Does anyone else here? So I take 90 seconds to get past the Border Patrol instead of 45. Big freaking deal.
"Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
Pretty good (for a pun). For the non-HAMs, look here.
Fun fact: the Yagi-Uda antenna was more the work of Uda, but since Yagi did the English translation of the paper, he ended up with the bulk of the fame. Ah life.
$META_SIG_JOKE
Those tags will take ALL of our privacy away. There will be no way for anyone to hide when those tags come out. Soon they will be selling those identifier's online to anyone who wants them. A major prize for paparazzi, and hoodlums alike. In the past the elite, and the famous could put a wig and sunglasses on and hit the streets. Those days will soon be over. Another thing to think about is the security of people that are hiding from abusive relationships, Undercover Personel, etc.
And what about thieves looking thru your room/house/car for that "hidden" passport you have tucked away?
I bet the Pentagon has a use for mines that won't blow up until all Americans have left the scene.
Reduce, reuse, cycle
At that point, why not just use a barcode or magnetic strip, like current documents? It ends up the same as a shielded RFID tag: official/clerk must open document and pass over scanner. Sure, that may require connection to a central database, but the main drawback is that there are no high-tech taggy thingies!
The disadvantages of being RFID tagged are easily subverted with a small piece of aluminum foil. I've said it before, and I'll say it 'til the end of time: no matter what the government/RIAA/MPAA/Oprah tries to pull, if it's in my hands it's going to get hacked!
HDCP will be cracked, HD-DVD will be cracked, RFID is easily jammed, for everything else there's sledgehammers.
-Billco, Fnarg.com
Not to worry. My Faraday Cage Wallets are almost ready for production. Quantum encryption to be available with version 2.0.