Slashdot Mirror

← Back to Stories (view on slashdot.org)

RFID Guardian Protects Your Privacy

Posted by CowboyNeal on from the don't-look-at-me dept.

An anonymous reader writes "A new device devised by Amsterdam graduate student Melanie Rieback is designed to serve as a portable firewall for RFID tags. The portable battery-powered RFID Guardian uses an access control list to filter RFID queries, blocking queries that aren't approved. Rieback, who is also known for being the first researcher to develop a proof of concept RFID virus, hopes to offer version 3.0 of the RFID Guardian to the public at cost."

8 of 65 comments (clear)

  1. RFID Guardian Website by achillean · · Score: 3, Informative

    Here's the link to the official RFID Guardian website:

    http://www.rfidguardian.org/

  2. Dupe by KillerCow · · Score: 2, Informative

    RFID Personal Firewall Dec 07, '06

  3. Re:Back-compat? by KillerCow · · Score: 2, Informative

    Is this like some sort of "jacket" you put your already existing RFID card into that blocks signals unless told otherwise, or is it something that would have to be added to new cards?


    It is an active, selective jammer for existing cards.
  4. Re:Back-compat? by Sowilo · · Score: 3, Informative
    Is this like some sort of "jacket" you put your already existing RFID card into that blocks signals unless told otherwise, or is it something that would have to be added to new cards?

    From TFA:

    Eventual plans call for the Guardian to be incorporated into cell phones and PDAs, but the current model is a pocket-sized device that runs on its own battery and provides a circular 1m field of control over RFID tags, jamming any tags that the user does not want read.

    TFA goes on to explain exactly how it does it, but in a nutshell it has an internal list of RFID tags along with what it should do for each tag - block everything, only allow certain readers to access it, etc. If it's not allowed, then it blocks the RFID tag's response by jamming the signal.

    But since it works by detecting and jamming the signals sent, and not by any physical connection or link to the RFID tags themselves, it should function with any pre-existing RFID tag.
  5. Re:proof of concept RFID virus by apathy+maybe · · Score: 3, Informative

    Here http://en.wikipedia.org/wiki/RFID#Viruses is a nice little bit, and a link to the original article. http://arstechnica.com/news.ars/post/20060315-6386 .html

    ArsTechnica links to http://www10.nytimes.com/2006/03/15/technology/15t ag.html?_r=5&th&emc=th&oref=slogin&oref=slogin&ore f=slogin&oref=slogin and to the real original webpage http://www.rfidvirus.org/index.html

    Basically, it uses buffer over flows to insert nasty code into a computer. The RFID chips contain the code and when read exploit problems in the reader. You can use commercially available tools to write your own RFID chips. Have fun.

    --
    I wank in the shower.
  6. Re:Betcha by plover · · Score: 2, Informative

    They don't have to. It's already illegal to use one for shoplifting in Minnesota, and I assume that most states have similar laws. All they have to do when they find one in your pocket is accuse you of trying to shoplift. Not only is the device itself pretty strong evidence, but you get 3 bonus years in jail if you're convicted.

    --
    John
  7. Re:Interesting (and not so legal) uses for this... by plover · · Score: 2, Informative
    I assume the GP meant to say it this way: "Nobody is using RFID exclusively for inventory control" which is a correct statement. 'Inventory control' is the retailer's phrase meaning "shoplifting detectors", and if all you're interested in is stopping shoplifting, resonance tags (Checkpoint, et al) are a fraction of the price of RFID tags. All the stores using RFID that I'm familiar with are using it for much more than inventory control: logistics and transportation, warehousing, stock replenishment, and point of sale. (Although I will agree that Walmart's use has been focused primarily on high-value shoplifted items such as Gillette razor refills.)

    And not all chipped car keys use RFID. Some keys use the Dallas Semiconductor 1-wire technology, and require electrical contact to work. They can't be jammed by this little device.

    --
    John
  8. Melanie @ WhatTheHack by gbnewby · · Score: 3, Informative

    I saw Melanie's talk at What The Hack in summer 2005, and got to speak with her a little afterwards. That was before the virus made news, but her interests in RFID were in strong evidence. Here's the abstract: program.whatthehack.org Here's video (MP4) of her talk, "Fun and Mayhem with RFID:" rehash.whatthehack.org You can find other videos from WTH at the same site (disclosure: I'm there, too!)