Slashdot Mirror
RFID-Blocking Blazer and Jeans Could Stop Wireless Identity Theft
An anonymous reader writes A pair of trousers and blazer have been developed by San Francisco-based clothing company Betabrand and anti-virus group Norton that are able to prevent identity theft by blocking wireless signals. The READY Active Jeans and the Work-It Blazer contain RFID-blocking fabric within the pockets' lining designed to prevent hacking through radio frequency identification (RFID) signals emitted from e-passports and contactless payment card chips. According to the clothing brand, this form of hacking is an increasing threat, with "more than 10 million identities digitally pick pocketed every year [and] 70% of all credit cards vulnerable to such attacks by 2015."
If you build radio signal blocking into all of your pockets, doesn't that also screw up your cell phone from getting a call? And wouldn't it muck with my keyless entry system on my car where I just carry the fob in my pocket and the car will know when it is me trying to get in or start it?
I'm an American. I love this country and the freedoms that we used to have.
Why not trousers+condoms all built-in...this has to be the more stupid informercial I have seen here for a while.
People will replace all their clothes, rather than buying one tinfoil case/pouch per device. Makes total sense.
Confucius say, "Find worm in apple - bad. Find half a worm - worse."
For full garment
That's what I do.
I've decided to stop wasting my time responding to AC trolls/sockpuppets... so if you want a response from me... login.
What the users need is a manual lock on the various over-connected over-communicating devices.
It can be an e-passport or a payment card, but it does not have to be open door all the time. A pressure captor or any kind of switch would do. A toggling switch would let the user choose to stay in open mode as today or to secured it when not used, a pressure captor or similar would require the object to be handled to communicate.
.... an RFID blocking wallet. Personally, I have no interest in contactless payment and would like to entirely block the system that the bank installed on my new credit card without asking me if I wanted it.
Paid extra for an RFID blocking wallet. Tested it out the next time I had to pay for lunch with my RFID card.
Placed wallet on reader, card is somewhere in the middle, beeep, thanks for you payment - fuck.
My wallet is a "Protact" with the A written like a German AE. 100% rip off, hope these pants are better.
Everyone who buys Wild Hunt will receive 16 specially prepared DLCs absolutely for free, regardless of platform.
This is utterly useless. I won't even walk outside without donning a full head-to-toe TEMPEST-shielded suit...
You know what could completely stop identity theft? Holding banks responsible for the loss when they were tricked by some thief pretending to their customers. You will see them tightening their authentication and fraud detection overnight.
You know why some countries don't have any identity theft at all? They held banks and companies responsible when they were defrauded, and won't let them pass the loss to their customers by claiming "identity theft".
Oliver.
Its humourous, in a sad way, that so many buy themselves into "solutions", instead of dealing with the problem itself.
An RFID card is easy to leech from ? dump the fsh*cking card!
Refuse it when your bank tries to push it upon you and you will not be hit by that kind of attack, and do not need to implement the bulky and/or costly solutions to begin with.
How about we stop using RFID to transfer important (identity theft type) data?
...with matching MLB-proof tin-foil hat.
.... I'd hang out in a store where a load of people were actually using them, and hence they'd be out of the wallet / jeans ready for use.
Remember when journalists used to check their facts?
The linked article has no mention of:
1. Where the figure of 10 million comes from?
2. If it's a quote from Norton, what steps were taken to independently verify their claims? Obviously, as both a project stakeholder and vendor of security software, Norton stand to benefit from what might be politely termed "digital scaremongering".
3. How many of these "digital pickpocket attacks" are performed through clothing (which the proposed jeans would protect against) as opposed to when the user's card is out of their pocket (and thus not protected by these jeans). How did they determine this ratio?
So there is clothing that makes it easier to steal clothing by blocking the RFIDs of the theft detection systems?
Of course news about a fake are Fake News.
Well great idea. First, I chip me, my clothes, my belongings, my accessories. And then I use a tinfoil jacket and trousers to block them all. Great idea. On a second thought. Such clothes are the perfect addition to my tinfoil hat. However, for complete protection I would recommend tinfoil underwear, socks, and - because this is slashdot - condoms to be absolutely safe.
When you're wearing the jeans your legs will only move at two-thirds normal speed. You have to have the blazer dry cleaned, and specifically by Norton, once a year otherwise it and the trousers may cease to function and leave you naked out on the street one day.
If RFID is making things so insecure that the only safe default location is inside a tiny Faraday cage, that's probably a sign that the use-case demands a different kind of technology.
For things like passports, why doesn't someone make an *optical* version of the same basic technology? Projected visible light gives enough power to activate a tiny built-in LED, which quickly flashes a signal. You still wave your card over a reader, but humans have a built-in sensor to detect exploits, and signal availability/blocking follows intuitive rules.
There was an article not so long ago where a national is card in south Korea was used as target. If I remember correctly that over 50% of the population suffers from identity theft.
Honestly, why bother?
Since people are forced into using RFIDs why should they suffer when someone takes advantage of it's poor security?
Keep using those RFID things, keep a close eye on your accounts and if/when something happens have the bank/company pay for damages.
Every time this come up, its RFID ePassport this and RFID credit card that. None of these use RFID at all, the technology used is NFC. As for the RFID blocking jacked, pants, wallet etc. I have tried a number of these and yes they are good at blocking RFID access tags, but do only a little to reduce the range of NFC.
This also will help to block anti-theft RFID tags attached to shop goods.
These clothes will be easy to steal, because you can just wrap them up in a wad and they will block their own theft tag. And once you've stolen them, you can use them to steal other items, because they will block theft tags. Sounds awesome for theives and like total wankery for everyone else.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
That's what I do.
"And that's why I no longer fly anywhere..."
To have a right to do a thing is not at all the same as to be right in doing it
Just stop with all the RFID bullshit on credit and debit cards! Really, is that extra few seconds taken to insert and enter a PIN such an onerous burden? People in that much of a hurry aren't likely to use that precious sliver of time to stop and smell the roses anyway.
For those worried about cell phones and the like, I suspect the new-style duds will do little or nothing to impede those signals. They're a couple of orders of magnitude higher in frequency than the current RFID payment systems, and they use far-field RF, whose intensity falls off with with the square of distance. The intensity of Near-Field Communications falls off with the cube of distance, and is more 'magnetic' than 'electro' in nature, so the shielding mechanism tends to be different.
For myself, I plan on de-activating all of my contactless payment cards by breaking the antenna loop with a drill, as soon as I can get them imaged so I know where the antenna traces are. I've already had my banks disable the feature, so in theory I shouldn't be able to make contactless payments, but that won't stop info theft via unauthorized readers.
And yes, I DO wear my tinfoil hat proudly...
'The Economy' is a giant Ponzi scheme whose most pitiable suckers are the youngest among us and the yet-unborn.
None of my credit cards are RFID. The only cards I have ever had that are RFID/NFC are hotel keys, and conference cards. My passport cover itself blocks RFID scanning - US passports only work if open.
And of course the sensationalism of the quote "more than 10 million identities digitally pick pocketed every year [and] 70% of all credit cards vulnerable to such attacks by 2015" - really? There are many problems with statements like this - but I am sure the Marketing group came up with them:
- stealing a credit number and maybe name is not an identity
- 10 million is a big number - every year since when? So 20% of the US has been compromised in the last few years?
- credit cards are being issued with chip and pin - RFID credit cards will become obsolete
The same people that buy these pants should buy shirts and hats that protect them from Unicorns and other fictional creatures.
I wear a nylon sweater to build up some static charge. Zaps any RFID readers that try to steal my identity in a brush-up attack. I don't half go through a lot of phones though.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Especially ones lined with Original Reynolds(tm) material? They will have a huge market.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Blazers and jeans, sounds like comedians from the 90s knew about this decades ago.
keeping a wallet in a back pocket is a silly thing to do anyway - easy for (physical) pick pockets to lift stuff from there.
I would like to buy a simple RFID blocking wallet. I can find a lot of them on Amazon, but none seem to have a coin compartment. I currently use a Lifeventure wallet, and I would like to get something similar. Ideally it would have the outside blocked, the inside not. So when you open it, you would be able to hold the card to an RFID scanner, without having to take it out.
All suggestions are welcome!
TSA search at the airport
The truth shall set you free!
They have both bifold and trifold. Don't know how well they work, though.
It is only the pockets that are protected. Good luck getting that pair of jeans in your pocket.
Are you only planning on stealing ladies underwear?
The truth shall set you free!
Until you get charged with "Going equipped for stealing" an offence under the Theft Act. Since blocking RFID will block most shop security devices. Perhaps Blazers will become the new uniform for shop lifters.
... this hardly has the cachet of tinfoil.
You know you can request Credit cards and IDs without the RFID chip in it. I do this all the time with Visa and AMEX. I request cards without the Chip.... problem solved.
Stupid idea, instead just make wallets, phone sleeves or other small item carriers with the lining.
"If any question why we died, Tell them because our fathers lied."
Just knock out the credit card's RFID chip using a hammer and center punch. Easy to do, free, and 100% effective. I live in a large metro area and have yet to come across a business that could not process a transaction because the RFID chip was not functioning. Plus it leaves a cool little hole in the card that often leads to extended conversations with cute waitresses and bar tenders.
If the RFID chip on credit cards, bank cards, and passports is so easy to read that we need to design signal blocking clothes and wallets, then RFID is not ready to be used for such important things. It needs to go away and only come back when it is secure.
... I'm not an early adopter.
It little behooves the best of us to comment on the rest of us.
Wouldn't this be a shoplifter's dream? I've seen "Theft Bags" made by thieves by lining the shopping bags with thick foil so items they steal will not set off the theft detectors at the store exits. This clothing would enable shoplifters to steal even more easily, and the rest of us will pay higher prices because of it. How will the stores combat this? TSA style pat-downs at each exit? I already have a problem with the "Show me your receipt or else" when I exit Walmart. RFID Blocking wallets are one thing. RFID Blocking clothing goes too far.
I can see someone putting small stuff into a pocket and walking out the store with it. No alarm.
Most libraries w/ security systems will get screwed over by this. We use RFID sensors inside books to provide some measure of anti-theft security (along with automated return systems, and in some cases catalog information). RFID blocking clothing will bypass this, no?
If the card companies are depending on the cardholder's pants for improving security, then their system is broken.
I thought this was a tech site, and everyone is complaining about RFID and saying it's stupid and worthless and all that.
Well first of all, I use some form of wireless payment at least several times a day, and have for most days since around the year 2000.
I use Japan Rail's Suica train pass to get to and from work, and to buy stuff at convenience stores like 7-11 and even to pay for taxis and stuff at the supermarket sometimes.
To my knowledge Suica cards (Felica) never been hacked in the sense of a real life useful hack. Since it stores all of the value on the card itself, the back-end system is really mainly just for auditing and detecting if it ever does get hacked.
Suica cards only have features on them for increasing and decreasing value on the card, so far as I know, so I am not sure what the hacker would gain by reading my card? They go to all the trouble to build a high gain directional antenna and then maybe they could tell what train stations I've been to lately, if they're outside of my normal commuting path, that's about it. Even if they could steal from my balance, it's usually under $100 USD, in fact Suica maxes out at $200 USD per card.
EDY cards are based on the same Felica technology and are also prepaid.
I also have an "iD" card, which is something more like visa touch or whatever is used in the US, in that it isn't prepaid in the same way as Suica. I don't know what information can be read from that without encryption, but probably not much.
Then there is my passport. This uses American style NFC instead of a Felica chip. That has personal data, but it's encrypted with a key that is in the OCR data on the front, plus two PIN codes. Good luck with that. (They even had me put it into the computer and verify the data on it when they gave it to me).
Finally there is my "Juki" card (common ID card). This one apparently uses NFC instead of Felica. I tried to read this one with an app on my phone, but it only has a number on it. I suppose that number is a key to a database. There is an option to add a PKI certificate for tax payments, etc., as well, but I'm assume that's at least reasonably secure, since it is intended for.. security purposes.
Now... I've never had data stolen from any of my cards... or if they stole it, they never used it.
I've had great benefit from being able to ride the train and bus at will, without having to look up prices and buy paper tickets every time. I've had great convenience from not having to count through the change in my pockets every time I buy a drink or pack of gum at the store - and more to the point, when there's 10 people in front of you, you hope they are using e-money so they take 10-15 seconds each, instead of 1 minute each.
I've heard about systems getting hacked in the US and other places, but it seems those systems weren't even designed with security in mind.
(Maybe Sony should use their Felica chips to protect their computer network from hackers...)