Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security

← Back to Stories (view on slashdot.org)

Help a Journalist With An NFC Chip Implant Violate His Own Privacy and Security

Posted by Soulskill on Tuesday October 28, 2014 @04:12PM from the what-could-possibly-go-wrong dept.

An anonymous reader writes: His wife thinks he's crazy, but this guy got an NFC chip implanted in his arm, where it will stay for at least a year. He's inviting everyone to come up with uses for it. Especially ones that violate his privacy and security. There must be something better to do than getting into the office or unlocking your work PC.

He says, "The chip we are using is the xNTi, an NFC type 2 NTAG216, which is about the size of a grain of rice and is manufactured by the Dutch semiconductor company NXP, maker of the NFC chip for the new iPhone. It is a glass transponder with an operating frequency of 13.56MHz, developed for mass-market applications such as retail, gaming and consumer electronics. ... The chip's storage capacity is pretty limited, the UID (unique identifier) is 7 bytes, while the read/write memory is 888 bytes. It can be secured with a 32-bit password and can be overwritten about 100,000 times, by which point the memory will be quite worn. Data transmission takes place at a baud rate of 106 kbit/s and the chip is readable up to 10 centimeters, though it is possible to boost that distance."

93 of 142 comments (clear)

Min score:

Reason:

Sort:

Small Government Mandate by howzermyhamit · 2014-10-28 16:15 · Score: 4, Funny

I'm sure our local superhero cold fjord can tell us why a Small, Libertarian-Approved State should mandate the installation of these on all citizens and civilians.
Well? We're waiting, my friend.
1. Re:Small Government Mandate by Anonymous Coward · 2014-10-28 16:24 · Score: 2, Funny
  
  Bennett Hasselhoff, a frequency counter, will be along shortly to provide Insight.
2. Re:Small Government Mandate by JazzHarper · 2014-10-28 16:26 · Score: 2
  
  A libertarian state would never permit, much less mandate, such a thing.
3. Re: Small Government Mandate by Anonymous Coward · 2014-10-28 16:50 · Score: 3, Insightful
  
  "Why not. It's her money."
  Because principles, motherfucker. If you spent your life whining about how money was taken from you in order to provide yourself a retirement in your old age then you should at the point of old age prove how right you are by completely living without it.
  Retiring by your own bootstraps.
4. Re:Small Government Mandate by Spy+Handler · 2014-10-28 17:15 · Score: 1
  
  No libertarian wants that. Libertarianism is the exact opposite of big government surveillance. Hell, even Obama and Nancy Pelosi probably wouldn't approve of gov't implanting chips on citizens.
5. Re:Small Government Mandate by AK+Marc · 2014-10-28 17:33 · Score: 4, Insightful
  
  A libertarian state would pass laws banning people from having the freedom to implant themselves with an RFID? What a totalitarian distopian libertarian world you long for.
  
  --
  Learn to love Alaska
6. Re:Small Government Mandate by JazzHarper · 2014-10-28 17:40 · Score: 1
  
  Are you being obtuse deliberately?
7. Re:Small Government Mandate by AK+Marc · 2014-10-28 17:42 · Score: 1
  
  Why is Nancy Pelosi the demon of all conservatives? I just saw the NRA campaign against Staci Appel. Plastered all over the conservative blogs. Why do the conservatives hate women? I haven't met a conservative that didn't hate Nancy Pelosi or Hillary Clinton. Women should stay home with the kids?
  
  --
  Learn to love Alaska
8. Re:Small Government Mandate by Capsaicin · 2014-10-28 17:42 · Score: 4, Insightful
  
  Hell, even Obama and Nancy Pelosi probably wouldn't approve of gov't implanting chips on citizens.
  Hell, who needs implants when people voluntarily carry around Android and/or iOS devices everywhere they go?
  
  --
  Better to be despised for too anxious apprehensions, than ruined by too confident a security. --Edmund Burke
9. Re:Small Government Mandate by Anonymous Coward · 2014-10-28 17:49 · Score: 2, Insightful
  
  Conservatives hate Nancy Pelosi and Hillary Clinton.
  Nancy Pelosi and Hillary Clinton are women.
  Therefore, conservatives hate women.
  Additionally,
  the conservatives I know hate Nancy Pelosi and Hillary Clinton.
  Therefore, ALL conservatives hate women.
  You, my friend, are going into my lecture about logic. I suspect my high school students will do better than you did just here.
10. Re:Small Government Mandate by AK+Marc · 2014-10-28 17:57 · Score: 1
  
  Every comment about libertarians is obtuse, yours included.
  
  --
  Learn to love Alaska
11. Re:Small Government Mandate by AK+Marc · 2014-10-28 17:58 · Score: 1
  
  Conservatives single out the women in congress to attack. Why?
  
  --
  Learn to love Alaska
12. Re:Small Government Mandate by Anonymous Coward · 2014-10-28 18:16 · Score: 3, Insightful
  
  Actually the US has a "pay-behind" Social Security system. Each generation pays for the previous generation's Social Security benefits, so no, it wasn't "her money".
13. Re:Small Government Mandate by stephanruby · 2014-10-28 20:39 · Score: 4, Insightful
  
  A chip embedded in your arm is meaningless without context. Take for example, an Holocaust survivor with a tattooed number on his arm. Or take a person with a safety tattoo listing all the things he's deadly allergic to. Neither of those things are the same as a journalist being tattooed with a meaningless number on his arm.
  If those ten volunteers were really serious about testing the technology in a negative light, they should just spent some time as prisoners in a real prison where everything gets tracked and counted by NFC readers at the very least. The Type II tag itself has such a small amount of memory, it can't really be used for any serious authentication outside of a closed loop system like a prison environment.
  At best outside of prison use, this NFC tag could link to a shortened url, or contain such information as a Twitter handle, or a LinkedIn user name.
14. Re: Small Government Mandate by Altrag · 2014-10-28 20:56 · Score: 2, Insightful
  
  Being a hypocrite doesn't invalidate what he was saying.
15. Re:Small Government Mandate by gbjbaanb · 2014-10-28 21:10 · Score: 2
  
  possibly group bias - same reason women get attacked on twitter.
  If I know there are people out there who will attack women for no reason, then I can happily attack women knowing that I will get a ton of others joining in. It validates my sense of importance within a group and gives me the sense of safety from my actions because they are shared by a large number of others.
  This self-fulfilment is why I think it happens, and why the bully only attacks the weak - they know they will get other bullies joining in. If they attacked someone popular, they know they wouldn't get the same level of support, so they don't.
  I'll leave it to you to decide if politicians are of the same maturity level as school bullies :-)
16. Re: Small Government Mandate by PhilHibbs · 2014-10-28 22:14 · Score: 1
  
  The money's gone. It was given to the previous generation. How do you stop a pension system where each generation pays for the previous one, without one generation getting a raw deal (they paid for the previous generation, but don't get anything themselves)?
17. Re:Small Government Mandate by Anonymous Coward · 2014-10-28 23:23 · Score: 1
  
  Hell, even Obama and Nancy Pelosi probably wouldn't approve of gov't implanting chips on citizens.
  Hell, who needs implants when people voluntarily carry around Android and/or iOS devices everywhere they go?
  This.
  Never in the history of the agency has work been so fucking easy for the likes of the CIA, FBI, and NSA. It's rather sad they still have to break so many laws to do their job.
  It's downright disgusting how much We the People give a shit that they do.
18. Re:Small Government Mandate by Charliemopps · 2014-10-28 23:36 · Score: 1
  
  There is no "permit" in Libertarian ideals. You're free to be stupid enough to install such a thing. But likewise you're right, there would be no mandate either. And before anyone jumps to the obvious conclusion, yes, if corporations indirectly mandate it by insisting you need one of these installed to buy services or goods, that's still a mandate and should be opposed by the Libertarian party. Chains are chains. The wall they secure you to is irrelevant.
  The fake Libertarians in the Republican party may have other ideas, I wouldn't know.
19. Re:Small Government Mandate by Charliemopps · 2014-10-28 23:37 · Score: 1
  
  It's easy to troll anyone. You just have to know what they care about / are sensitive to and attack that.
20. Re: Small Government Mandate by Anonymous Coward · 2014-10-28 23:47 · Score: 2, Insightful
  
  I demonstrates he doesn't believe what he is saying.
21. Re: Small Government Mandate by azereal · 2014-10-28 23:47 · Score: 1
  
  Consuming a smaller amount of fossil fuels to prevent the use of a larger amount of fossil fuels is not hypocritical. I would call it good maths.
22. Re:Small Government Mandate by Joe_Dragon · 2014-10-29 00:01 · Score: 1
  
  and then the mark of the beast people will sue to stop that from happening.
23. Re:Small Government Mandate by benjamindees · 2014-10-29 00:21 · Score: 4, Insightful
  
  Actually, Rand was almost exactly in the middle of the generation that paid for Social Security twice. The first benefits began in 1940. The first generation of retirees were paid directly out of the treasury. The actual SS taxes that Rand paid went into the "trust fund," which was later loaned out to other government agencies, to pay for war mostly.
  
  --
  "I assumed blithely that there were no elves out there in the darkness"
24. Re:Small Government Mandate by Wootery · 2014-10-29 00:24 · Score: 1
  
  No-one is being obtuse. You really did suggest that a libertarian government would ban such devices.
  
  A libertarian state would never permit, much less mandate, such a thing.
  Remember?
25. Re:Small Government Mandate by Wootery · 2014-10-29 00:26 · Score: 4, Insightful
  
  The fake Libertarians in the Republican party may have other ideas, I wouldn't know.
  Sure you do. You've heard of the Iraq War, right? The principle of minimal government ceases to apply when it's a cause you happen to like, such as pre-emptive war or corporate subsidies.
26. Re:Small Government Mandate by skids · 2014-10-29 00:48 · Score: 1
  
  As long as the contents can be linked back to the individual, it just takes NFC communicators next to places where people put their hands to track the individual's actions. The short range gives you a bit more information than just tracing their smartphone -- e.g. if you have an NFC collector tacked to the bottom of a public keypad, you can be pretty sure that person was using that keypad, as opposed to just standing around in the region. Granted given most places can also be covered with a camera and nobody will complain, there are other ways to obtain such information, but this way can be fully automated.
  
  --
  Someone had to do it.
27. Re: Small Government Mandate by fche · 2014-10-29 01:57 · Score: 1
  
  "money was taken from you in order to provide yourself a retirement in your old age"
  That relationship is only putatively causal. The money taken from "you" has already been spent, several times over.
28. Re: Small Government Mandate by misterthirsty · 2014-10-29 02:08 · Score: 1
  
  Do I contradict myself? Very well then I contradict myself, (I am large, I contain multitudes.) Walt Whitman
29. Re:Small Government Mandate by ganjadude · 2014-10-29 02:45 · Score: 1
  
  a libertarian state would never do such a think. you have libertarian and totalitarian mixed up
  
  and cold is no libertarian, he is an authoritarian
  
  --
  have you seen my sig? there are many others like it but none that are the same
30. Re:Small Government Mandate by ganjadude · 2014-10-29 02:55 · Score: 1
  
  do you not remember all the sarah palin hate? why do democrats hate women???
  
  the rand hate above, why all the women hate???
  
  long story short, just stop. you sound like an idiot when you make disingenuous statements to try and prove your point
  
  --
  have you seen my sig? there are many others like it but none that are the same
31. Re:Small Government Mandate by ganjadude · 2014-10-29 02:58 · Score: 1
  
  do they? I had no idea bill clinton was a woman... or obama... or harry reid...
  
  --
  have you seen my sig? there are many others like it but none that are the same
32. Re: Small Government Mandate by Archangel+Michael · 2014-10-29 03:30 · Score: 1
  
  Being a Hypocrite doesn't support what he was saying either. In fact, it lends itself to the opposite (not proof, but evidence), Al Gore was in the AGW game for personal gain, an not to save the planet. Even though he might actually believe he was saving the planet, but flying around in big planes and heating mansions with Natural gas (CO2 gas producer) simply means he is trying to make OTHERS save the planet, while he does more harm in a month than I do in a year (assuming he is right about CO2 emissions and Greenhouse gases) .
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
33. Re: Small Government Mandate by Archangel+Michael · 2014-10-29 03:32 · Score: 1
  
  And heating his mansions with Natural Gas is what? Carbon Trading is nothing but a sham investment scheme he is also benefiting from ... economically, so don't bother claiming that either.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
34. Re:Small Government Mandate by Archangel+Michael · 2014-10-29 03:41 · Score: 1
  
  Or how about the "'Escort whore out the door'..." comment recently made by Democratic gubernatorial candidate Vincet Sheheent about Republican Gov. Nikki Haley (the "whore").
  Where is NOW? Where is Eric Holder looking for violations of Civil Rights Laws? Where is the front page outrage on the NYT? Where is "war on women" battle cry?
  Democrats don't care about women. They care about Liberal Women, and only liberal women. All others are not worthy. The most sexist people I know are liberals who view women as objects of sexual desire (like Bill Clinton), but liberal women love being sexually desired, so it is symbiotic parasitical relationship.
  
  --
  Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
35. Re:Small Government Mandate by Charliemopps · 2014-10-29 05:12 · Score: 1
  
  The fake Libertarians in the Republican party may have other ideas, I wouldn't know.
  Sure you do. You've heard of the Iraq War, right? The principle of minimal government ceases to apply when it's a cause you happen to like, such as pre-emptive war or corporate subsidies.
  You basically just restated what I'd said. They pick and choose whichever political affiliation suits their current knee jerk reaction. My point was that, often when discussing Libertarian principles, people get the party confused with the republicans who seem to support some of these principles when they suit their agenda. For example they'd like to free us from big government but seem to have no problem with control by big business.
  And don't pretend like the democrats are any different. If you hadn't noticed, we're right back to bombing Iraq under Obama. We'll continue to mettle in Middle East affairs until we run out of money or we get the (D)/(R) party out of office. There hasn't been any real difference between the parties for nearly 100 years.
36. Re:Small Government Mandate by Jane+Q.+Public · 2014-10-29 06:56 · Score: 1
  
  Bennett Hasselhoff, a frequency counter, will be along shortly to provide Insight.
  I knew he was a frequent contributor, but I didn't know he was a frequency counter too.
37. Re:Small Government Mandate by Jane+Q.+Public · 2014-10-29 07:06 · Score: 1
  
  My point was that, often when discussing Libertarian principles, people get the party confused with the republicans who seem to support some of these principles when they suit their agenda. For example they'd like to free us from big government but seem to have no problem with control by big business.
  Pretty much this. The problem is that many people who talk about Libertarians wouldn't know an actual Libertarian principle if it bit them on the ass, because the other parties have deliberately distorted what those principles are.
  
  The worst offenders in that respect are clearly the Democrats, because Libertarians will never, ever, agree with them about big government. In that respect Republicans have at least some overlap of views.
  
  But the Democrats shoot themselves in the foot by demonizing Libertarians, because the Libertarians are "on their side", more or less, when it comes to social regulation.
  
  The largest voting block in the United States right now (~ 40%) is "Independent", most of which are Libertarian-leaning to some degree. There are reasons for that. It didn't "just happen"... people are waking up to what the Reps and Dems have been doing. But the Republicans definitely did muddy the waters by swallowing up and then subverting some movements that started out libertarian, like the Tea Party.
38. Re:Small Government Mandate by JasonGoatcher · 2014-10-29 07:43 · Score: 1
  
  Once again proving how easy it is to troll libertardians. Libertardian queen Ayn Rand also whined and complained about socialism and welfare but then had no qualms pulling social security when she got older.
  It's not hypocritical of her at all. If I can benefit from a government program, then I will, but that doesn't mean I approve of it's existence. It would be like cutting off your nose to spite your face.
39. Re: Small Government Mandate by JasonGoatcher · 2014-10-29 07:46 · Score: 1
  
  The money's gone. It was given to the previous generation. How do you stop a pension system where each generation pays for the previous one, without one generation getting a raw deal (they paid for the previous generation, but don't get anything themselves)?
  Give the higher ups in the IRS the death penalty and I think most of us will be willing to move on from there.
40. Re:Small Government Mandate by stephanruby · 2014-10-29 07:51 · Score: 1
  
  -- e.g. if you have an NFC collector tacked to the bottom of a public keypad, you can be pretty sure that person was using that keypad,
  Actually, in this case you couldn't. With RFID yes, but with NFC no.
  Even if the user was actually left-handed and even if the keypad NFC scanner was really powerful, with the small geometric size of the tag, the tag would need to be placed at the finger tip for that kind of thing to work (without the user knowing that he was being scanned), or the embedded tag would have to be bigger.
  Either, your main point still remains. All you would need is indeed a unique id.
41. Re: Small Government Mandate by The+Ickle+Jones · 2014-10-29 11:10 · Score: 1
  
  No, it doesn't. It could mean that he's too lazy to act, or that his priorities need adjusting, but it does not necessarily indicate that he doesn't believe what he's saying.
42. Re:Small Government Mandate by strikethree · 2014-10-29 17:40 · Score: 1
  
  Actually the US has a "pay-behind" Social Security system. Each generation pays for the previous generation's Social Security benefits, so no, it wasn't "her money".
  Well, actually, until 1980, it was NOT a pay-behind system. It was not until congress looted the Social Security in 1980 that it became pay-behind. It is criminal. It was her money.
  
  --
  "Someone needs to talk to the tree of liberty about its ghoulish drinking problem." by ohnocitizen
43. Re:Small Government Mandate by skids · 2014-10-30 02:54 · Score: 1
  
  Well, IIRC it is stated in TFA with the right equipment the range could be extended up to several centimeters or perhaps more. Not sure how accurate that statement is though.
  Enough to, say, be pretty disturbing if coupled to a sensor for metabolites in a urinal.
  
  --
  Someone had to do it.
44. Re:Small Government Mandate by anyGould · 2014-10-31 04:04 · Score: 1
  
  Yep. Remember her premise was that only the weak needed socialism and welfare, and that it was evil. I would respect her a lot more if she hadn't shown her hypocrisy at the end, and had accepted her end (and obvious failure to take care of herself according to her libertarian principles.
  (For comparison, consider if Ghandi had raised an army in his later years. Kinda ruins the point of non-violent resistance, yes?)
888 bytes is a pretty fair amount. by wierd_w · 2014-10-28 16:33 · Score: 5, Interesting

It seems small, when we think about data these days being in the multi-gigabytes, but 888 bytes is AMPLE to completely destroy the security of your legal identity.
Say, a social security number: 9 bytes.
A telephone number, with area code: 10 bytes
Full name, assuming a null padded, 3 entry struct with 15char max strings and 2 delimiter bytes: 47 bytes
Address, assuming 4 lines with 20 chars each (with null padding as needed)-- 40 bytes.
All that, and we are only about 1/7 to 1/8th of the data memory, or about 106 bytes.
One could squeeze a shortened URL to a facebook page, and quite a bit else in that space, such as DL number, credit card number, cellphone number, email address, and whatnot.
888 bytes can hold a LOT of very dangerous information.
1. Re:888 bytes is a pretty fair amount. by wierd_w · 2014-10-28 16:35 · Score: 1
  
  Correction--- 4 lines, 20 chars each is 80 bytes, not 40. So, about 146 bytes. About 1/6th the space.
2. Re:888 bytes is a pretty fair amount. by Vellmont · 2014-10-28 16:43 · Score: 1
  
  With the exception of the SS#, most of that data is publicly available on the internet for most people. If you know someones name, it's very easy to find someones phone#, address, birth date, relatives, former addresses, etc.
  We don't live in as private a world as you're assuming.
  
  --
  AccountKiller
3. Re:888 bytes is a pretty fair amount. by wierd_w · 2014-10-28 16:52 · Score: 1
  
  Oh, I know most information is available with much digging online. The point here, was that the journalist WANTS to advertise his personal data, to create a story sensation.
  Putting a live credit card number ( for a prepaid card, obviously) and some other interesting tidbits on that thing, with a tinyURL shortened web address to basically an otherwise unpublicised hit counter that then forwards again to a facebook page would let him get not only some analytics on how many actual people have accessed his NFC chip, and the records for credit card abuse would let him see how foolish putting clear text card info out, no matter how short range, is.
  888 bytes is a lot of space for some damaging data.
4. Re:888 bytes is a pretty fair amount. by beelsebob · 2014-10-28 17:02 · Score: 1
  
  An SS number is 9 digits. That's 30 bits (round to 4 bytes if you want), not 9.
  A telephone number is 34 bits (5 bytes if you want to round)
5. Re:888 bytes is a pretty fair amount. by wierd_w · 2014-10-28 17:20 · Score: 1
  
  You're not thinking about all possible intended use cases for this.
  One major one, would be "Identify discovered dead body", for the EMS. Say, for a drowning victim that has washed down a river during flooding, and clothing and other identifying documentation has been lost. In which case, you want to store useful information about the corpse, such as name, address, telephone number, etc. That's why I encluded it. URL entry could point to a national database entry for additional queries. The coroner just needs to NFC scan the corpse, and he has a positive ID.
  Well meaning government regulators may require the implantation of such permanent identification measures, and like all government projects, would become subject to "Lowest bidder" restraints on quality and security controls.
  If enough people have these things implanted, there would be interest in harvesting their identity data, both for faking identities, and just for tracking and analytics purposes (Say, as you walk in through the door at that department store in the mall, and walk through the RFID anti-theft sensors)
  You are thinking "Personal security token"-- I am thinking "Result of government cockup by people who feel first and think never."
6. Re:888 bytes is a pretty fair amount. by mysidia · 2014-10-28 17:50 · Score: 5, Interesting
  Let's change that up slightly, to use 3715 bits out of the 7104 available, approximately 50%:
  
  E-mail address = 40 bytes
  Social Security Number binary encoded - 9 digits = 29 bits.
  Health Insurance Provider Name - 16 alphanumeric characters = 12 bytes
  Health Plan ID - Encoded 6 bits per symbol 8 symbols = 48 bits.
  ZIP CODE of City of birth = 15 bits
  GPS Latitude and Longitude of current primary workplace (two 32-bit floats) = 64 bits
  Employer company name - 16 alphanumeric characters (encoded 6 bits per character) = 12 bytes
  Driver's License Number - 10 digits = 32 bits.
  Driver's license State (number from 00 to 49)= 6 bits
  Driver's license Expiration date (Number of days Since Jan 1, 1970) = 15 bits
  Current vehicle license plate 9 alphanumeric characters (encoded 6 bits per character) = 54 bits
  Current vehicle VIN number 17 alphanumeric characters (encoded 6 bits per character) = 102 bits
  Job Title - 16 alphanumeric characters = 12 bytes
  Annual Income in US Dollars - 1 to 14 digits = 47 bits
  Mother's maiden name (max: 20 characters) = 15 bytes
  Date of birth = 15 bits
  Telephone number with area code - 10 digits = 34 bits
  Full name - Encoded using 6 bits per character, Uppercase alphabetic characters, digits, spaces, field separator, and NULs only 50 characters = 37 bytes
  ZIP CODE of Previous residence = 15 bits
  Date moved into current residence = 15 bits
  ZIP CODE of Current residence = 15 bits
  GPS Latitude and Longitude of current residence (two 32-bit floats) = 64 bits
  Street name and house number of current resident Address (6 bits per character ) = max 20 bytes
  Apartment number or suite number = max 20 bytes
  Bank1 - Account number = 29 bits
  Bank1 - Routing number 12 digits = 37 bits
  Bank2 - Account number = 29 bits
  Bank2 - Routing number 12 digits = 37 bits
  Credit card 1 - primary account number - 12 digits = 37 bits
  Credit card 1 - CVV number - 3 digits = 10 bits
  Credit card 1 - Track 1 data 79 alphanumeric characters = 60 bytes
  Credit card 1 - Track 2 data 40 digits = 17 bytes
  Credit card 2 - primary account number - 12 digits = 37 bits
  Credit card 2 - CVV number - 3 digits = 10 bits
  Credit card 2 - Track 1 data 79 alphanumeric characters = 60 bytes
  Credit card 2 - Track 2 data 40 digits = 17 bytes
  Credit card 3 - primary account number - 12 digits = 37 bits
  Credit card 3 - CVV number - 3 digits = 10 bits
  Credit card 3 - Track 1 data 79 alphanumeric characters = 60 bytes
  Credit card 3 - Track 2 data 40 digits = 17 bytes
7. Re:888 bytes is a pretty fair amount. by AK+Marc · 2014-10-28 17:56 · Score: 1
  
  A SSN is between 1-1,000,000,000. Code the number as an integer, a 26 bit integer. No delimiter needed, and under 4 bytes. There are less than 700 valid area codes, and many fewer than that in use. If one were to "encode" the phone number, one could compress the phone numbers into fewer bits. Efficient packing in fixed length would work for everything but open strings, like addresses, unless you want to code against the USPS database of addresses. I have no idea how many are in that database, but if you had the UID for each of those and numbered those sequentially from 0, you'd probably have the smallest form a complete and valid address, for any address, can fit.
  
  But that'd take some work. Violating his privacy doesn't need nearly that much work.
  
  --
  Learn to love Alaska
8. Re:888 bytes is a pretty fair amount. by rvw · 2014-10-28 21:34 · Score: 1
  
  Regardless of your US centric view, it is interesting to see what is possible. It reminds me of the days of the ZX80 and the 1KB program challenges.
9. Re:888 bytes is a pretty fair amount. by gbjbaanb · 2014-10-28 21:44 · Score: 1
  
  really? My name is Jonathan Smith... go ahead punk, find me.
  You need a bit more information that that, usually a partial address to narrow things down, but other item such as phone number will readily identify you (but if you have the phone number, you're pretty much uniquely identified already, who needs name)
10. Re:888 bytes is a pretty fair amount. by wierd_w · 2014-10-29 05:02 · Score: 1
  
  Randomization requires active processing, which requires more persistent power supply.
  NFC devices (like this one) take a coupled energy flow from the active nearby antenna, and use that to send their own return signal.
  Because of this, they cant really do strong crypto functions with randomization, and are kinda limited to just "Burp back what's in my memory".
11. Re:888 bytes is a pretty fair amount. by Jane+Q.+Public · 2014-10-29 07:15 · Score: 1
  
  888 bytes can hold a LOT of very dangerous information.
  Not only that, but people are misled by comments such as this by OP:
  
  and the chip is readable up to 10 centimeters, though it is possible to boost that distance
  Nonsense. The chip is readable at any arbitrary distance, dependent primarily on your ability to build a big enough antenna.
  
  Security researcher Christopher whats-his-name showed, even before NFC was very common in phones, that $200 of equipment, concealed on your person, can read sesitive NFC data from chips in phones from several feet away... including intercepting financial transactions.
12. Re:888 bytes is a pretty fair amount. by mysidia · 2014-10-30 02:25 · Score: 1
  
  P.S. Alternatively, the information can be uploaded in encrypted format + Base64 to places such as Pastebin, or Freenet, or other massively distributed publication platform.
  The card can then contain just a few 40-character URLs followed by 512-bits worth of cryptocurrency wallet addresses.
  Then a couple of 256-bit decryption keys for the coded messages and the rest of the card can be used for a list of randomly generated initialization vectors that will be used for further encrypted messages.
  So the website can contain an arbitrarily large amount of information which can then be decrypted using the data on the card.
  Also, additional information can be added later by creating a spend transaction to one of the cryptocurrency addresses listed on the card, and publishing the information in the public blockchain, but on the public blockchain the text can be encrypted with the key and one of the initialization vectors on the card can be used. More random initialization vectors and additional addresses and crypto keys required to be provided inside each Nth encrypted message uploaded to the blockchain.
Re: Microwave by Anonymous Coward · 2014-10-28 16:39 · Score: 1

The arm or the chip? I'd go for the formet, the latter will probably still work.
And limited utilities to take advantage by s.petry · 2014-10-28 16:50 · Score: 1

I agree fully that 888 bytes is enough to cause someone damage via identity theft. The problem with this phase of trying to "test" the security of these devices is that there is very little to interface with, which is going to create a false sense of security (I'll argue this is part of the reason for the early advertising and testing)
888 bytes is enough to hold your gender, religion, ethnic background, political affiliation, and at least your last few coordinates. Lots of stuff to discriminate, or tamper with to make it appear that you were in places not visited. Not a huge concern in the US currently (at least with most of that kind of data), but how about the Middle East, or China, or pick a country in Africa. The landscape can change very drastically depending on where you are, let alone who gets into power.
Did Facebook and Google teach the masses nothing in terms of "bad things that can happen with technology?" Probably not, because you know.. even if you could read/write fast enough to heat this gadget up and burn the carrier's arm you probably won't hear about it on the "News".

--
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
1. Re:And limited utilities to take advantage by wierd_w · 2014-10-28 17:05 · Score: 1
  
  The "limited utilities" statement relies on "obscurity". It does not make the data any less secure. This device transmits clear text data, and attacks against NFC devices are well known to exist in the wild.
  This device is a type II NFC device, which is fully readable by smartphones, and other NFC readers. There is already profusion and interest in this technology by credit card companies, and credit card thieves, as the same NFC technology is used in NFC enabled credit cards.
  This device is fully readable by smartphones, and the manufacturer for the device even has an app for it.
  https://dangerousthings.com/sh...
  If the use of these things became pervasive, then this device would no longer be obscure, and the "limited utilities" argument evaporates.
  This device is clearly NOT intended to be a security device of any sort, and is intended as a novelty for tech enthusiasts.
  However, the transmit speed would put limits on the realistic capabilities of a device using this technology that actually *IS* designed for secure cryptographic function. A key of sufficient length, with a proper response and challenge arbitration cycle would take several seconds.
What his wife thinks by macraig · 2014-10-28 16:58 · Score: 1

Why does it matter what his wife thinks? And if she truly did suspect he is crazy, wouldn't he divorced right about now and caring a lot less about the chip in his arm?
1. Re:What his wife thinks by Anonymous Coward · 2014-10-28 17:13 · Score: 2, Insightful
  
  Crazy is pretty low on the "reasons to divorce your spouse"big totem pole after a while. We're all a little crazy by spousal standards, and I've not had papers served to me for thirty years and countin!
2. Re:What his wife thinks by bobstreo · 2014-10-28 17:20 · Score: 2
  
  Why does it matter what his wife thinks? And if she truly did suspect he is crazy, wouldn't he divorced right about now and caring a lot less about the chip in his arm?
  You didn't read the part where he put an NFC controlled chastity belt on her.
3. Re:What his wife thinks by Rashdot · 2014-10-28 20:33 · Score: 2
  
  Maybe his wife has a chip on her shoulder.
  
  --
  This is not the sig you're looking for.
Wrong Hand by BlackHawk-666 · 2014-10-28 17:08 · Score: 3, Interesting

Dude's doing it all wrong, it's meant to go in your right hand or your forehead! ^-^

--
All those moments will be lost in time, like tears in rain.
Re:10cm range? Using what reader? by wierd_w · 2014-10-28 17:30 · Score: 2

Maybe he has a very large active antenna?
Even then though, it wouldn't be true NFC-- because the near field is the first 1/4 wavelength of the broadcast frequency.
Which in this case, is 13.5 mhz-- that gives a total wavelength of about 22meters for the full wave, and 5.5 meters for the 1/4-wave Near Field.
A large actively coupling antenna could conceivably communicate over that distance by measuring signal drop in the active antenna due to the active coupling with the near field.
http://en.wikipedia.org/wiki/R...
you might not be able to tell what the NFC chip "sent", but you could definitely tell that one was nearby.
can chip implants cause cancer? by the_Bionic_lemming · 2014-10-28 17:38 · Score: 1

There's a couple schools of thought about chipping pets - one is the cancer risk is minimal, the other is that it isn't minimal.
So I'll say that a good use of his chip will be to see if he gets cancer.

--
_ _ _ Go for the eyes Boo! GO FOR THE EYES!
1. Re:can chip implants cause cancer? by profplump · 2014-10-28 17:53 · Score: 1
  
  Do these schools of thought know that the chip is inside a piece of glass? Are they suggesting that glass causes cancer? They can't possibly be thinking of effects related to the radio emissions, as the chip has no local power source -- it is only active when powered by a fairly strong emitter and most pets spend well less than 0.0001% of their time in such a situation even if their chip is read many times each year.
2. Re:can chip implants cause cancer? by Anonymous Coward · 2014-10-28 18:19 · Score: 1
  
  RF is non-ionising and is incapable of interfering with your biology in any way that causes cancer.
3. Re:can chip implants cause cancer? by Anonymous Coward · 2014-10-28 20:00 · Score: 2, Insightful
  
  The radiation to activate the chip comes from outside. If you get polled 100 times per day by different RFIDs (intended for your phone) it matters very little if the chip inside of you responds 2 of those times. The big source of radiation (which isn't dangerous to begin with) will hit you ragardless if you have a chip implanted or not.
4. Re:can chip implants cause cancer? by geekmux · 2014-10-28 23:29 · Score: 1
  
  There's a couple schools of thought about chipping pets - one is the cancer risk is minimal, the other is that it isn't minimal.
  So I'll say that a good use of his chip will be to see if he gets cancer.
  The RFID chip just pulled a number.
  It's 37.
  His body is still serving cancer to #4 on the list (diet sodas). Get in line.
  And good luck proving who or what killed him in the end.
5. Re:can chip implants cause cancer? by LWATCDR · 2014-10-29 00:41 · Score: 1
  
  But it can cook you. But then water can drown you as well.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
journalist in need of by Anonymous Coward · 2014-10-28 17:40 · Score: 1

You mean help this journalist come up with some stories to write about
easy by roman_mir · 2014-10-28 17:51 · Score: 2

Just install a reader for this chip in the wife and you'll get all of your privacy and security and many other things violated...

--
You can't handle the truth.
Huh by Hognoxious · 2014-10-28 20:02 · Score: 2

Didn't some guy (a university professor) in the UK do this about ten years ago? He was a bit of a publicity seeking knob too, IIRC.

--
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
Dem speaker of the house, 3rd in line for potus by raymorris · 2014-10-28 20:20 · Score: 2

Nancy Pelosi was Speaker of the House, and generally considered the second most powerful democrat behind Obama. You can't figure out why conservatives might have a problem with top democrats? You may have noticed Obama wasn't very involved with the drafting of the ACA, that was spearheaded by Pelosi. It would be more accurate to call it Pelosicare rather than Obamacare. The first draft, the last time the Democrats controlled the White House, was called Hillarycare.
For those conservatives of a more libertarian bent, they may be unimpressed with Bush and Cheney and may see some good in some democrats. Pelosi, however, supported the Patriot Act, currently supports the NSA dragnet, No Child Left Behind - she's the figurehead for the Democrats, except when the republicans have an even worse idea, in which case she gets on board with them.
Just wait by mwvdlee · 2014-10-28 20:54 · Score: 2

Just wait 364 days, until he's locked all his authentication to the NFC, then some chloroform and a scalpel will give him all the privacy and security violation he's asking for.

--
Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
Please take a MRI scan. by Anonymous Coward · 2014-10-28 23:03 · Score: 1

I want to visually see that chip, together with the other one implanted at birth.
--ac
1. Re:Please take a MRI scan. by wierd_w · 2014-10-30 06:07 · Score: 1
  
  an MRI scan is .... ill advised.
  MRI == Magnetic Resonance Imaging. anything metallic will develop EM eddy currents in them, will heat up, and or-- be yanked forcibly out of the patient by the very strong oscillating magnetic fields being employed to produce the image. Yes-- the NFC chip contains metallic components in the wound wire antenna that is all spooled up inside that glass bead.
  You want a PET scan instead.
  PET == Positron Emission Tomography
  It uses injected radioactive glucose (uses carbon 11 atoms in the glucose structure, which is a positron emitter) and a scintillation particle detector/ Xray film (captures the resulting 2 high energy gamma rays that are produced when the emitted positron collides with electrons in the patient's body) to create a mapping of the patient's soft tissues.
  Or, just a simple X-Ray.
  an MRI would rip the implant out of his arm at worst, and cause severe burns at the implant site at best.
Why doesn't he use a Cattle Ear Tag? by world_citizen · 2014-10-28 23:44 · Score: 1

Why doesn't he use a Cattle Ear Tag then everyone can read it even when they doesn't have a nfc capable device. Seriously, I think it's not smart to give up you privacy like this, via an NFC tag.
Re:Dem speaker of the house, 3rd in line for potus by azereal · 2014-10-29 00:01 · Score: 3, Informative

Technically Obamacare IS Rommneycare, a Republican alternative to a single payer system (single payer is a much better system BTW). When the Democrats proposed it the Republicans simply lurched further to the right and declared it terrible.
No fly list by DocSavage64109 · 2014-10-29 00:28 · Score: 3, Funny

If we can get the reporter's uid on the no-fly-list it should be pretty entertaining to listen to his rants.
Welcome to 10 years ago by Enry · 2014-10-29 01:29 · Score: 4, Informative

http://geekdoctor.blogspot.com...
1. Re:Welcome to 10 years ago by Chelloveck · 2014-10-30 07:49 · Score: 1
  
  That's completely different. That was an RFID chip. This is an NFC chip. Totally different!
  
  --
  Chelloveck
  I give up on debugging. From now on, SIGSEGV is a feature.
Re:Dem speaker of the house, 3rd in line for potus by ganjadude · 2014-10-29 03:00 · Score: 1

no, its not. stop being disengenious. Romney care was a single state issue, which makes it constitutional according to the 10th. This is not the same thing at all.

now, if another state implemented it (not the fed) you could still call it romney care

--
have you seen my sig? there are many others like it but none that are the same
Getting back to the original question by LeadSongDog · 2014-10-29 03:03 · Score: 1

So just what uses can we contrive? I kind of favour using it as a proximity sensor in or near steering wheels that disables his mobile phone if the car is running, while leaving the passenger's phone functional. Of course Big Wireless may not like the hit on their bottom line.
The storage issue is a red herring. It just needs enough to store a short URI where everything else can be found. Probably want a private key too, to be used only for generating signatures within the chip.

--
Oh, I'm sorry sir, I thought you were referring to me, Mr. Wensleydale.
Re:Gender Neutral Language 101 by The+Ickle+Jones · 2014-10-30 13:35 · Score: 1

Putting aside the obvious sexism
The nonexistent sexism, you mean. Using "man" to mean "people" is not sexism, and words often have multiple meanings depending on the context. There is no problem if you just use your brain.

"Man is born free, but lives everywhere in chains," does man there include women? You wouldn't know, would you?
You could read more about that person to hopefully find out. But in the end, it doesn't matter, because you're missing the greater point anyway.
Re:Gender Neutral Language 101 by The+Ickle+Jones · 2014-10-30 16:25 · Score: 1

It is deeply sexist. You just haven't used your brain enough to comprehend why.
Making useless statements isn't going to help you.

You see I can "argue" just like you too, relying on barefaced statements unsupported by thought, insight or argument.
You've been doing that all along. You have never once gave a rational explanation for why using a certain word that means a certain thing in the context it's used in is sexist merely because it can be used to refer exclusively to a certain gender. Again, words can have multiple meanings. Quit being a mental midget.
Re:Gender Neutral Language 101 by The+Ickle+Jones · 2014-10-30 17:49 · Score: 1

Now seriously though. The very existence of these multiple meaning is what is so deeply sexist in fact it is so deeply embedded that many, yourself included, are unable even to perceive the problem.
Now seriously though. The very existence of the word "multiple" is deeply racist, and it's so deeply embedded that many, yourself included, are unable even to perceive the problem.
Has it ever occurred to you that people can have different opinions than your own without being unconsciously brainwashed? Here's a shocker: I actually believe that this is not a problem in the least, even when I imagine as you want me to. Stop trying to suggest that I've been indoctrinated somehow.

It is not ideologically innocent to posit one gender as (default) human and the other as other.
That's not what is happening. People are just using a word that has multiple meanings. There's no problem here.

Precisely! You would need to read more about that person simply to understand a simple English sentence.

Taking things out of context often makes it difficult to understand. This can happen with any word that has multiple meanings. Too bad.

Now imagine yourself a woman swimming in this sea of linguistic ambiguity, never knowing precisely (without further inquiry) whether you personally are included or excluded in a statement. Are you able to grasp the problem?

You can also ask. Many women I've talked with about this sort of thing have said they don't care. Of course, yes, some do care, and they make mostly the same arguments you do. It's not a settled matter among women.
I hope you're not going to suggest that they're just indoctrinated or something, because then there's no point in asking me to imagine anything, as you just want me to agree with you and anything short of that is 'incorrect.'

English is moving on.
Language evolves, but the old meanings stay and can still be used. Furthermore, common usage won't always go away so easily, even if universities resist hard.
But hey, maybe people will stop doing this. And... I don't really care one way or the other. I care more about the person's intent and whether their message can be understood. Which, despite what you've said, I have no problem understanding the point others are making even when they use words like "men" to refer to "people." To me, language is about communicating ideas, and that's what I care about.

(apart from the "they" situation ... yuck).
What?
Re:Gender Neutral Language 101 by The+Ickle+Jones · 2014-10-30 19:36 · Score: 1

OK, explain how. I understand what think you're doing, but look, you do you argument no service with a preposterous move like that.
Why not? I can arbitrarily decide that any word is racist, sexist, etc. based on subjective perceptions. It's quite easy, and I could even create all sorts of stories about how and why those words make me feel bad as a member of race X, since anything can be offensive to anyone.

Or do you disagree?
I don't think it even matters, since people can consciously figure out the difference even if I assume that is the case.

Again, it's possible to believe something and still be wrong.
Yes, but this is a completely subjective matter. Whether or not it is a problem is 100% subjective, so I cannot be objectively wrong for believing it's not.

Of course you've been indoctrinated (in the wide sense of that word).
So wide it's almost meaningless, since I don't think mindlessly believing things you've heard is quite the same as the usual type of indoctrination. Given enough time and education, you will start to question your culture and your beliefs. As a child, maybe "indoctrinated" would fit, but for free thinkers, it's much less of a problem. I know you later said that you didn't mean we can't transcend the "indoctrination."

As demonstrated, you have a problem absent sufficient context
Of course. I can completely confuse people by taking just about anything out of context; context matters. This has little to do with the language under discussion. But when I read that guy's comment, I fully understood what he meant. I don't think it's all that ambiguous, or at least not anymore so than normal language.

Why would one not prefer a more communicatively efficient language to one beset with ambiguity?
I wish we could, but even formal university speak is littered with ambiguity and nonsense. I doubt human language will ever be efficient or logical.

She thought we should write "he/she"
What if someone doesn't identify as either a he or a she? You need to ask about their preferred gender pronoun first. Some feminist...
Re:Gender Neutral Language 101 by The+Ickle+Jones · 2014-10-31 08:00 · Score: 1

Because it's impertinent. It would be a arbitrary decision based on subjective perceptions.
Much like the ambiguity you speak of. Even though you are talking about ambiguity, you also mentioned sexism.

I did not ask you whether you thought it mattered, I asked you if you disagreed that most people in hearing the sentence "a lawyer must ensure the he maintains the highest levels of ethical probity" would visualise the lawyer, --who is in fact not a lawyer at all but any member of the set of lawyers described in imprecise language --as a man. And if they do, as I think we must admit, doesn't this idiom foster sexual (feminists would probably have me write gender) stereotypes?
I don't think envisioning a certain gender for a certain profession is sexism. Again, I don't think it's a problem at all. I'm sure lots of people do that (including with nurses), but I see no reason why that would be sexism.

Two things, first it was you, not I who introduced the somewhat hyperbolic "brainwashed" and "indoctrinated" into the conversation.
Maybe, but your implication was there. When you claim that something is so deeply embedded in a culture that the people in it can't even recognize the problem, I'm going to exaggerate and use "indoctrination" as a form of mockery.

Secondly, I now recant, it's not the wide meaning at all, but the old meaning. Taking the earliest example (1635) we find the word originally means "to imbue with learning" or (1656) "to instruct in a subject, principle, etc." Thus T Fuller (Worthies (1662) Mddx. 177) wrote "The Lord Treasurer Burleigh..was indoctrinated by a Cobler in the true Tanning of Leather." (OED)
Great.

precision of language is a requirement for clear thought.
If that is so, then I'm not sure anyone has clear thoughts, given how much of an abomination the English language is. Fortunately, humans have brains and can generally figure out what is being said, even if someone isn't trying to be precise in their use of language.

In any case, this matter is not at all subjective, it's about the inbuilt presumptions of a language that existed even prior to any individual subject acquiring that language.
Yes, it is. Here's how it all went down:
"I actually believe that this is not a problem in the least"
"Again, it's possible to believe something and still be wrong."
"Yes, but this is a completely subjective matter. Whether or not it is a problem is 100% subjective, so I cannot be objectively wrong for believing it's not."
Regarding whether or not something is a problem, which is what you quoted and responded to, that is 100% subjective.

Of course context matters. Absolutely! However that particular example has everything to do with the language under discussion.
So declaring victory because it's slightly more difficult to figure out what someone was saying without context seems silly. And again, this doesn't just apply to the language under discussion, but a large amount of words with multiple definitions.

After all, neither in the German, (nor indeed in a gender-neutral English) was there any ambiguity requiring more context to resolve.
Nonsense. They might be using completely different definitions of words (perhaps ones that they made up). Without context, you wouldn't see that.

So I'd ask again "Why would one not prefer a more communicatively efficient language to one beset with ambiguity?"
Generally I do. But as I said, I don't think doing as you suggest would truly improve the situation all that much. I don't mind a bit of 'inefficiency' every now and then, either.

Now I wonder if your obviously dearly treasured preference for man over person or perhaps mankind over humankind is perhaps some kind of marker of tribal membership?
I never said that I dearly treasured it, just that I don't think it's sexist or all that difficult to figure out what someone is saying.
Re:Gender Neutral Language 101 by The+Ickle+Jones · 2014-11-01 12:50 · Score: 1

I disagree, but that's perhaps a matter of definition, and as you like to point out, words can entertain a variety of range of meanings. I think the presumption that a nurse must be a female and a doctor a male, for instance, clearly to be peddling sexist stereotypes.

Unless someone is telling men that they can't be nurses or acting against their ability to do so, I don't think there's any sexism. Just having an image of a female nurse pop into your head hurts no one and I do not see how that is sexist.

Observing that language may convey unspoken assumptions, or that there exist cultural assumption unrelfective taken for granted, implies brainwashing?!
I don't think it's absurd. Telling me that I don't even realize the existence of a problem that supposedly exists due to some nonsense in my culture makes it sound like I've been brainwashed to me.

I'm well aware of how it went down. However since the "problem" is not in the least subjective no amount of repetition will cure your statement of its want of relevance.
But whether something is a problem or not is subjective. You replied to my statement saying that I do not believe there is a problem saying that someone's beliefs can be wrong, making it sound as if you're saying that my belief that this isn't a problem can be wrong. If that was not how you intended to sound, I would've phrased it differently.
But even the problem itself is clearly subjective, or at least up for interpretation. Whether something is ambiguous or difficult to understand is subjective. Some people will understand it instantly, and others won't, regardless of how many possible interpretations (an interpretation is subjective of course) there are.

Indeed much ofn yours has been done using it, or?
Yes, but only because it's necessary. I live in a country where English is the primary language. If I had a choice to change it to something more logical, I would. I don't use it because I think it's beautiful, but because it still technically serves its purpose as a language (which isn't a very high bar anyway).

Perhaps there is some insight in there somewhere, but unlike OP's original misuse of man, I'm unable to grasp what you're getting at ... who is "they?"
The person who wrote the text. They might be using familiar words, but might have defined them differently somewhere else, and so you couldn't just quote a random part of the text they wrote and fully understand it.