RFID Industry Confidential Memos 617
An anonymous reader writes "Cryptome has learned www.autoidcenter.org (RFID flak) has made internal memos available for perusal at their site. Those RFID people sure have some interesting plans for the future. Who needs conspiracy theories, when you can hear it from the horses mouth? Weeeeee!"
So when you walk into a store... (Score:5, Interesting)
I wonder if govts will legislate to make it possible for us to op-out with these tags? Some tags maybe built into the products that it would be impossible for us to remove them. I think we need protection too.
Re:So when you walk into a store... (Score:5, Insightful)
So just dont buy anything you're not willing to throw in the microwave for 10 seconds.
Re:So when you walk into a store... (Score:5, Funny)
Re:So when you walk into a store... (Score:5, Funny)
Re:So when you walk into a store... (Score:4, Funny)
Just turn the tin-foil hat inside out after you buy it. That way the mind-control device is on the outside and you can control the world.
Re:So when you walk into a store... (Score:5, Funny)
that rules out pet shops...
'sorry timmy, poor lassie didn't make it through the deactivation procedure'
Pulsed EMF (Score:5, Interesting)
Do we have any engineers in the house??
Three standard frequency bands (approx. 13MHz appears to be the longest range band) and a physically accessible antenna.
This sounds like a perfect opportunity for any engineers out there to create a tri-band transceiver with a "snort" function to cycle through the used bands, detect the feedback/absorbtion from the RFID antenna and then give it a very localised, high powered pulse or thousand at the appropriate frequency.
If you don't manage to fry the tiny componentry in a tag, it ain't turned on.
Any and all defensive mechanisms (micro-faraday cages, zener diodes, gas chambers, etc.) should either prohibitively raise the price per RFID or be easily overcome with a minor modification (slow ramp up times, gaussian (white noise) frequency distributions).
A far more interesting concept is surely the use of "throw-away" RF interference devices that could interfere with the use of RFID tags to such an extent that it is not viable for it's users (Walmart, I'm looking at you).
Perhaps you could even use their electrical wiring as your antenna (c.f. electronic vermin repellers).
Time to break out the soldering iron.
Quinkin.
Re:Pulsed EMF (Score:4, Funny)
What stops me from walking through Wal-Mart wearing one of these things zotting tags left and right?
(***) [I am kidding and fully aware that the E/M waves radiated by this thing would be difficult to absorb in sufficient quantity at frequencies that would pose much of a health risk, so please, no flaming the cancer ref.]
Re:Pulsed EMF (Score:4, Insightful)
Re:So when you walk into a store... (Score:4, Insightful)
So just dont buy anything you're not willing to throw in the microwave for 10 seconds.
I can assure you that soon they wil starting putting metal strings in clothes to render them 'damaged' if you try to expose them to microvaves ...
And if the practice becomes common thw US will pass a law forbidding the act of damaging RFID tags (To fight crimes and terrorism, you understand ...)
Re:So when you walk into a store... (Score:3, Insightful)
-vp
Re:So when you walk into a store... (Score:4, Funny)
And what if there is not opt-out?
Or you actually need to walk into the store to opt-out. But by walking in you opt-in?
Re:So when you walk into a store... (Score:5, Insightful)
The problem with opt-in is that nobody would ever opt-in. Even if you don't they will just say you did. Take all the opt-in spam I get. I never opted in for penis enlargement e-mail yet it says I did. Who are they to believe? The spammer said I opted in so I must've right? Yes, yes, I know, that's the point. Nobody would opt-in so the thing dies, but tell that to businesses. That's why opt-in will never be accepted by THEM.
Re:So when you walk into a store... (Score:4, Insightful)
We as consumers probably would have the best luck getting congress to require a RFID tag to be clearly marked or in some way removable, like most bar codes are now. I myself wouldn't have any problem with them while inside the store, but they should be disabled like the security tags are now when I check out.
I can see a lot of 'urban myths' popping up about this technology. It'll take rational (read non-paranoid crackpots) citizens contacting their congressmen or anything to get done tho.
I've been wondering if there would be HIPPA problems if this kind of technology ever is applied to healthcare.
Re:So when you walk into a store... (Score:3, Funny)
N.
Re:So when you walk into a store... (Score:5, Interesting)
Such a device would be illegal under the DMCA. After all, a RFID tag is a technological measure that effectively controls access to a work, and burning them would be circumvention. Your "bug scanner" doesn't even have substantial non-infringing uses.
Re:So when you walk into a store... (Score:4, Insightful)
As broken as the DMCA is, it only discusses circumventing controled access to copyrighted works. Last time I checked you couldn't really copyright a bottle of laundry detergent. And another thing, the RFID tag couldn't possibly provide controlled access to anything it was attached to, it's embedded into the item, not surrounding it, so there's nothing to circumvent.
Destroying the tags would be a simple case of property rights. If you own it, you can destroy it, and although I would expect a bit of "you didn't really buy the tag, but you are leasing it forever" slipperyness here, that won't hold up in the courts for long.
Seems like the new "a Beowulf cluster of these" tagline is becoming "would be illegal under the DMCA"
Re:So when you walk into a store... (Score:4, Interesting)
I've been wondering if there would be HIPPA problems if this kind of technology ever is applied to healthcare.
That is a damned good point. The HIPAA regs require encryption of electronic patient information. This would mean that if RFID tags are used for normal hospital operations, the data must be encrypted or the hospital is criminally liable.
Re:So when you walk into a store... (Score:3, Interesting)
The laws Congress passes are very different when Congressmen (and -women) are affected by them. When the DMCA passed, how many of them do you think were interested in alternative ways to distribute or listen to music, or that encryption would be used to secure business methods instead of senstive data?
Rest assured, when they start worrying if their is a wireless tracker buried into the heel of their shoe, or they start getting angry letters from the eldery that start with "I voted in every election since
Fulltext of post (Score:5, Informative)
July 7, 2003
RFID Site Security Gaffe Uncovered by Consumer Group
CASPIAN asks, "How can we trust these people with our personal data?"
CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) says anyone can download revealing documents labeled "confidential" from the home page of the MIT Auto-ID Center web site in two mouse clicks.
The Auto-ID Center is the organization entrusted with developing a global Internet infrastructure for radio frequency identification (RFID). Their plans are to tag all the objects manufactured on the planet with RFID chips and track them via the Internet.
Privacy advocates are alarmed about the Center's plans because RFID technology could enable businesses to collect an unprecedented amount of information about consumers' possessions and physical movements. They point out that consumers might not even know they're being surveilled since tiny RFID chips can be embedded in plastic, sewn into the seams of garments, or otherwise hidden.
"How can we trust these people with securing sensitive consumer information if they can't even secure their own web site?" asks CASPIAN Founder and Director Katherine Albrecht.
"It's ironic that the same people who assure us that our private data will be safe because 'Internet security is very good, and it offers a strong layer of protection'
http://cryptome.org/rfid/questions_answers.pdf
would provide such a compelling demonstration to the contrary," she added.
Among the "confidential" documents available on the web site are slide shows discussing the need to "pacify" citizens who might question the wisdom of the Center's stated goal to tag and track every item on the planet,
http://cryptome.org/rfid/communications.pdf
along with findings that 78% of surveyed consumers feel RFID is negative for privacy and 61% fear its health consequences.
http://cryptome.org/rfid/pk-fh.pdf
PR firm Fleischman-Hillard's confidential "Managing External Communications" suggests a variety of strategies to help the Auto-ID Center "drive adoption" and "neutralize opposition," including the possibility of renaming the tracking devices "green tags." It also lists by name several key lawmakers, privacy advocates, and others whom it hopes to "bring into the Center's 'inner circle'".
http://cryptome.org/rfid/external_comm.pdf
Despite the overwhelming evidence of negative consumer attitudes toward RFID technology revealed in its internal documents, the Auto-ID Center hopes that consumers will be "apathetic" and "resign themselves to the inevitability of it" instead of acting on their concerns.
http://cryptome.org/rfid/cam-autoid-eb002.pdf
Consumer citizens who are not feeling apathetic will be pleased to learn that the site provides names and contact information for the corporate executives who oversee the Center's efforts. Since the phone list isn't labeled "confidential," we're assuming that Auto-ID Center Board members are open to calls and mail that might help them better understand public opinion on this important subject.
Anyone interested in speaking with Dick Cantwell, the Gillette VP who heads the Center's Board of Overseers, for example, can find his direct office number listed on the Auto-ID Center's website here:
http://cryptome.org/rfid/226691160-list_board_of_
To experience the Auto-ID Center's security holes firsthand, simply visit the web site at http://www.autoidcenter.org and type "confidential" in the site search box. The Center encourages such site exploration: "Our website has Research Papers and other information that anyone can download for free. There is also a Sponsors Only area of the site, which includes information and materials not available to the public at large. We encourage you to visit our site frequently to stay up to date with the Center's many activities."
Download ALL PDFs from MIT by yourself! (Score:5, Informative)
Hopefully, the psyche will be turned-around... (Score:5, Insightful)
And MAYBE they will take back democracy from those who have stolen it.
Re:Hopefully, the psyche will be turned-around... (Score:3, Funny)
Yes, those damned croporations will be the downfall of us all.
Re:Hopefully, the psyche will be turned-around... (Score:5, Insightful)
This is not the fault of corporations, but of governments, which have decided to offer up portions of their power to the highest bidder. One way they have done this is to charter corporations. This allows the ownership of companies to be diluted to the point of meaninglessness, so that the owners' accountability for their companies' actions are zero.
p.s. This is not a US problem, but a world problem. The two richest women in the world are European heads of state with nationalized petroleum corporations.
Re:Not true at all. Who modded this insightful? (Score:3, Insightful)
Power is defined by the initiation of force. I'm sorry, but none of the examples you provide fall under the definition of power. You may not like the fact that your employer could fire you at a second's notice, but that doesn't change the fact
Re:Hopefully, the psyche will be turned-around... (Score:3, Insightful)
I just don't understand why they can't, or won't, do it.
Amish Folk == Textile Pirates! Run for the hills! (Score:5, Funny)
Well, the original article did say that...
Now, I was just about to post something to the effect that while it may well be a privacy negative, anyone who thinks it's a health hazard has probably caught Alzheimers from the aluminum in their tinfoil hat. (Which would be pretty hard, considering the Aluminum-Alzheimer's link has been largely debunked, but never underestimate the power of the placebo effect on a dedicated conspiracy theorist!)
But reading your post... I just realized... who are the real clothing pirates? Who's the greatest threat to WalMart and Chinese Hegemony? Who's the biggest threat the CIAA (Cotton Industry Association of America, oh what an appropriate acronym!)
My God! The friggin' Amish! Of course! The Amish are engaged in the rampant PIRATING of TEXTILES, and they're doing it RIGHT UNDER OUR NOSES, RIGHT HERE IN AMERICA!
So yeah, if the research company did the polling in Pennsylvania, you can bet your ass that 61% would fear the health consequences of RFID tags. Hatch! Utah! Mormons! It's a MORMON CONSPIRACY to ERADICATE the AMISH! Gotta get the word out on Slashdot! Hey, check out that horse and buggy across the street, but that's weird, it's got two clean-shaven young drivers in white shirts, damn nice buggy, but the drivers sure don't look Ami{$4[[4][NO CARRIER
disabling? (Score:5, Interesting)
Is it possible for end-users to easily disable an RFID? It seems to me some well-placed magnets, or hell, even the business end of a stable gun, should be able to knock out the RFID. How hard would it really be?
And yeah yeah, the evil government will make it illegal for us to do that. I'm honestly curious, not interested in conspiracy theory.
Microwave oven. (Score:5, Informative)
Hopefully the thing the device is embedded in won't be harmed by the microwave.
Re:Microwave oven. (Score:5, Insightful)
Be careful what you nuke.
Re:Microwave oven. (Score:5, Funny)
WARNING: Do NOT microwave shorts before removing them from body. Side effects could include actually reading those spams that offer to help you grow larger body parts.
Re:Microwave oven. (Score:4, Informative)
Mr Microwave (Score:5, Funny)
- recommending other nutritious meals from our corporation
- Retrieve the warranty text for your microwave and shorts from the corporate web site
- Call the authorities to help educate you about the benefits of the RFID EULA you agreed to.
- Retrieve information about the penalties for violating the DMCA
- Suggest other apparel made from al-foil worn by kooks like yourself"
Xix.
Re:Microwave oven. (Score:5, Interesting)
I view this technology much like the use of genetically modified foodstuffs, the technology itself has tremendous potential to make life better/easier, but I think that before we start intorducing these things to the market (a little late on the GM foods for that) we need a serious public awareness / education program. I simply don't trust corporations to use this sort of technology responsibly. Until there are serious and meaningful checks in place to prevent abuse, I strongly oppose the use of these technologies.
Are you kidding? (Score:5, Interesting)
Maybe though, the courts will recognize how utterly detremental the DCMA (and the like) are to this free society. Yes we give up a certain amount of privacy living in a free society(apologies for the American-Centric) but this does not mean that corporations have the right to track us or our products.
Bite me to any business that thinks I'll buy RFID products, I'll make my clothes out of hemp and be the nut in uncomfortable clothes if I have to be.
Re:disabling? (Score:3, Interesting)
If Wal-Mart implements self-destructing RFID tags, and Target doesn't, where am I shopping? But how can I know? The clerk certainly can't tell me, and managers are often misinformed about technology issues. (He may think I'm a tinfoil hat guy when I ask.)
So is it feasible for consumers to purchase RFID scanners? Can I tell if my own (o
Re:disabling? (Score:5, Funny)
Nah... too easy.
What I want to do is reprogram the suckers so when they scan my clothing I will be wearing a alarm clock on my head, have a 12 pack of Gillete Razors hidden in my shoes, answer to the name of Rover, have my shots for distemper, but due for a booster on rabies.
~Z
Caveats for implementors (Score:3, Informative)
2) Scanners only work at personal-space encroaching range unless the RFID has a power source (which becomes easy to find). So at most you can be scanned in situations where you might find a metal detector.
3) Won't work from the outside of your car reliably, so toll booths are probably safe. ("Smart Tag" uses a battery and is on your windshield.
Re:disabling? (Score:5, Informative)
With your logic, a 2 watt cellphone would have a range of about 4 feet.
Just to put things into further perspective, radio enthusiasts have contests to see how far around the
You've fallen victim to some of the strategies outlined in the articles this whole story is about. You've been pacified into believing radio waves are severely limited in range. And you believed it. Even going so far as to try to convince other people that a half watt of power is insignificant for distances greater than a meter, which is completely absurd.
You're repeating a meme. You have been "pacified" according to the gameplan set forth in the memos.
Re:disabling? (Score:3, Informative)
Re:disabling? (Score:4, Insightful)
People really are hammering on this meme that "it's unconcievable RFID's can transmit with any range"
It does seem to work in pacifying people. All kinds of chickenheads now trying to "debunk" the concept of RFID past a couple feet. It's pathetic because this continues after the RFID people came right and spoke at length about several disinformation campaigns that are being implemented.
someone doesn't understand radiation... (Score:4, Interesting)
You've fallen victim to some of the strategies outlined in the articles this whole story is about. You've been pacified into believing radio waves are severely limited in range.
Actually, they are. Like any other form of radiation, unless tightly focused(by, say a ham's antenna?), RF quickly disappears in all the background noise as distance increases.
If you want to think of it in a crude sort of way, you can think of a can of paint exploding on the space station. Who gets covered in more paint, the guy 5 feet away, or the guy 50 feet away? This whole idea is also why ENORMOUS radio dishes are required to conduct radio astronomy- you have HUGE amouns of surface area, and you still get really, really, really weak signals.
I believe the relationship is exponential- I'm probably wrong on the exact numbers(so grab a physics book), but I think that one radian is equal to the angle covered by one square meter at one meter- or 4 square meters at 2 feet, 9 square meters at 3 feet, etc. So as distance increases, the power available to an antenna, no matter how good it is, decreases radically. The energy needed to excite an RFID device, which is practically microscopic(and hence can't have that big an antenna!) has to be either VERY high, VERY focused, or VERY close. Then there's the matter of recieving the VERY weak reply from the RFID tag...
Re:disabling? (Score:3, Insightful)
--Dan
www.doxpara.com
umm (Score:5, Funny)
Well, I can't now, thanks to Slashdot. Good job Slashdot, covering up RFID tag conspiracies.
Exactly! (Score:5, Funny)
They forgot something (Score:5, Funny)
- Identify potential consumer road blocks/fears.
- Construct a proactive framework to minimise negatives arising.
- Assess consumer reaction if press develop scare stories and develop best messages to pacify.
Sounds like they forgot one step: PROFIT!
Re:They forgot something (Score:5, Insightful)
This may have been modded "Funny" but it's actually quite informative. Of course us anti-corporatists have known this all along, but it's interesting to see these guys being so open and honest about their intent to "PACIFY" the "CONSUMERS". Look at any and all marketing today. It's all designed to pacify us in one way or another... to stun us, blind us, or numb our minds to what is really going on. The goal is to get us to be a bunch of nice passive cows, buying and believing everything we are fed.
When someone brings up a concern, or protests the action of a large corporation or government, the powers that be go into spin mode, "developing the best message to pacify" the people.
I'd love to see these Adolf Hitler try to run for president today. I imagine he'd hire these very same people to "construct a proactive framework to minimise negatives arising" and try to best pacify the pesky human rights folks...
Not so bad (Score:5, Insightful)
Some people will happily ignore reasonable explanations and cling desperately to their paranoid delusion. These people cannot be convinced otherwise. Rather they need to be brain-washed to get that stupid idea out of their head.
The "green tag" idea sounds like genius.
But an RFID conspiracy seems a little far to jump. The technology is in its infancy. It's not in everything, the opposite is true. But rest assured that an RFID Tag Canceler is in the works to milk money from the privacy obsessed.
I may get one myself...
I wonder if there's a patent.
-tom
Yeah, like cigarettes... (Score:5, Insightful)
That's why I fully place my trust in governments and corporations to tell me what's healthy and what's not.
After all, everyone knows that smoking is good for you [worlded.org]. And there's no danger in mining uranium [canadiancontent.ca] or genetically modified food [purefood.org] or syphillis treatments [virginia.edu] or the drinking water [erinbrockovich.com], etc.
Yep, if a big organization says it's safe, that's good enough for me.
W
Re:Not so bad (Score:5, Insightful)
Grocery stores give dicounts for those willing to have there purchasing patterns tracked.
Re:Not so bad (Score:3, Interesting)
Then I discovered Wal-Mart's groceries. Most products that I buy are 20% to 40% cheaper than Bi-Lo's with the special discounts. And you don't have to join a tracking program.
Alas, Wal-Mart will probably be the first to use RFIDs wide-scale, so be ready to don the tin foil hat when pass by a store.
Re:Not so bad (Score:5, Insightful)
According to their own memos, the RFID has learned people do not want RFID. And their plans are to bludgeon people into accepting them until they become to prevailant to resist.
In this task, they've assembled a long list of people, including government officials.
Also, they mention specifically the usefulness of leveraging apathetic people, such as yourself, in forwarding the acceptance tags. They know the kinds of personalities in this game, and have a strategy for each of them. Personalities like yours are a piece of cake. Some people are just born to wear the brown shirt.
Re:Not so bad (Score:5, Insightful)
Re:Not so bad (Score:4, Insightful)
Prospective employers like to do background checks, current employers often cut employees, stores can collect information that is not personally identifying individually, but aggregators can tie identifications together to high probability hits.
For example:
You go to the gap and buy new clothes, pay for them with a credit card. You could be buying them as a gift, or not, the purchaser info and RFIDs are linked and sold to direct marketers and credit aggregators like Equifax.
Equifax (we'll make them the bad guys just for point of argument) binds the sale and the ID in your record.
A few days later someone walks into Wallgreens wearing the clothes and buys a pregnancy test. The person pays cash, say, but the purchase ID enters a data cloud with the clothing ID's, and the batch lot are reported - no personally identifying information is, just a temporally connected cloud of RFID points.
Equifax does a fuzzy search and ties the cloud of clothing points to your SSN, and flags the pregnancy test.
An prospective employer calls for a background check and decides you're a high risk, and rescinds their offer. Too bad you already quit your last job.
Maybe the pregnancy test is for a friend, maybe the clothes were a gift, who cares? You're a risk. Sorry.
Say you buy a 1.5L of JD at the local supermarket. Two of them in a month.
Say you go out to see a band on a Thursday and show up late for work on Friday, sniffling.
Say your company is having a strategic workforce realignment and looking for potentially career limited individuals to pare from the workforce.
Say the alcohol wasn't for you, or the late night out was a one time thing, or the clothes that went past the RFID reader at the bar were on your roommate. Does it matter? Should it matter any way? America is a meritocracy - right? We're all judged on our abilities, not our religion/morals... Can a company dumping 3000 employees out of 30,000 in a week bother with each employees personal story?
I see, Mr. Johnson, that you wear that overcoat on the job and off. I note that you were carrying a Workers Daily on your way home in that coat. Mr. Johnson, this is a conservative company and we have no place for troublemakers like you. These men will escort you out of the building....
In every historical case where records were kept of information that revealed individual's private lives and proclivities, that information has been abused, from the Stasi, to the Nazis, to Hoover.
"Fascism should rightly be called Corporatism as it is a merge of state and corporate power." - Benito Mussolini
Re:Not so bad (Score:5, Insightful)
Warm and toasty (Score:5, Informative)
Don't forget to put a cup of water in there too, to prevent mucking up the magnatron.
Re:Warm and toasty (Score:3, Interesting)
for those of you that are ready to go try this, don't (ok, now I am not liable for any stupidity)
http://www.amasci.com/weird/microexp.
More info (Score:3, Informative)
If you want to see them, go to www.autoidcenter.org
and type "confidential" into their site search engine.
Not sure if they're still up but that's the condensed version of the cryptome story.
Mirror (Score:5, Informative)
The mirror is here:
http://krypton.mnsu.edu/~workmj/cryptome.org/rfid
More from the horse's mouth...wheeee (Score:5, Funny)
Well I went a-exploring:
Search for "1.Earn Trust 2. Collect Info 3.??? 4. Profit"
1 to 5 of 100 results for: "1.Earn Trust 2. Collect Info 3.??? 4. Profit"
Search for "We think we absolutely rock"
1 to 5 of 92 results for: "We think we absolutely rock"
Search for "You can't trust us with your personal data"
1 to 5 of 100 results for: "You can't trust us with your personal data"
God this is awesome... (Score:5, Funny)
To experience the Auto-ID Center's security holes firsthand, simply visit the web site at http://www.autoidcenter.org [autoidcenter.org] and type "confidential" in the site search box.
This actually works!
Color me convinced-- I sure can trust these masters of technology with embedding "green tags" in my clothing! I'm sure the info will never be abused or fall into the wrong hands...
W
Current contents don't show stupidity (Score:5, Interesting)
Admittedly, I'm too lazy to explore further, but it certainly appears that, at present, the "confidential" documents to be found aren't considered confidential any more.
That said, as I noted, I got 59 results; does anyone who hit it earlier recall more?
Re:Current contents don't show stupidity (Score:3, Interesting)
The "expiration dates" on the files were hastily added TODAY as a bit of damage control.
No expiration dates were included on any of the Auto-ID Center's confidential documents before this afternoon.
To verify this, you can find a mirror of the original search done this morning (before we went public with this) at:
http://krypton.mnsu.edu/~workmj/cryptome.org
You didn't look at the pages closely... (Score:5, Informative)
From the website search engine:
(Bold emphasis mine...)
Notice that this sample says "Confidential until September 2002". Now, unless you know for a fact that they were available for reading prior to September of last year, then there's really no problem unless they're talking about some sort of big-brother-esque system.
Now, this isn't saying that they're not. But, as seeing that Cryptome's
Re:You didn't look at the pages closely... (Score:5, Insightful)
According to this article [com.com] the 500million tags that Gillette purchased "Alien Technology says its RFID tags can be read up to 15 feet away". And that is with the LEGAL readers the store is using. How far away can they be read with my illegal jiggawatt reader and directional antenna? How long will it take people to decode the 64-bit codes to determine which bits are brand/model/size/etc. and read the codes from great distances?
They do not plan on disabling the tags when you leave the store either since one of Wal-Mart's listed benefits for RFID tags is "hassle-free returns".
How long until I can point a directional antenna at your home and fire up my jiggawatt reader to determine if you have anything worth taking?
Re:You didn't look at the pages closely... (Score:3, Interesting)
Drive down a street with an RFID exiter and case every house of the street all the way down to brand name and model of every tagged item in the home.
Of course the taxman will love this also, just wait till you get your itemized property tax bill and any attempt to damage or remove the RFIDs is punishable as tax-evasion.
Old trick (Score:3, Interesting)
I'm not paranoid I know they're after me.
Wow, if you were looking for a smoking gun... (Score:3, Informative)
Try http://www.autoidcenter.org/media/sarma.pdf
Look at page 21 (its a slide presentation).
The slide says:
---------
For privacy:One word
* Annihilate
* (obliterate, destroy, auto-destruct, kill
---------
I guess that neatly sums up their feelings on the privacy matter.
The rest of the presentation similarly outlines more of their evil plans for "World Domination".
Take it easy.
Or (Score:5, Insightful)
"For privacy, we can make the RFID chips annihilate themselves."
The word "auto-destruct" leads me to this interpretation... It doesn't make sense to talk about the "auto-destruction" of privacy but it makes perfect sense to talk about RIF chips destroying themselves.
Tim
Spoofing/Jamming? (Score:5, Interesting)
Re:Spoofing/Jamming? (Score:4, Informative)
Granted that in realtive comparison to a regular FM station (anything from 5k up to 50k Max ERP, usually) it may not seem like a lot; but in fact, 100 watts is quite a bit of juice to be throwing around. Besides, the FCC watches the broadcast band more closely than any other.
The amount of energy emitted by RFID tags is in the milliwatts, if that. Depending on what band they are in, they could easily go unregulated. For example, most 900MHz cordless telephones operate in the middle of the amateur 900 MHz band. The amateur 900 MHz band is not regulated below 2 watts, therefore this is perfectly legal. (If I recall all this correctly.) For another example, most of those remote temperature sensors operate dead smack in the center of the amateur UHF band (~450MHz), also unregulated below a certain wattage. Hell, some of them dive straight in the middle of the UHF broadcast band without worries. (Don't quote me on any of this - it's been a while since I've studied my rules
data flood defense (Score:3, Interesting)
If we can't avoid these silly things, is there a way to protect our privacy by flooding the receivers with data?
I mean data is only useful if it's correct. So if we could build little transmitters that operate on the same frequency and constantly sent out incorrect data. So I have a tag in my underwear saying I wear a size 32. The transmitter in my pocket will send out data that I'm wearing 172 pairs of underwear in every manufacturer, style and size. Not only men's underwear, but women's too.
They want data? Give to them! No one says it has to be right!
Is this technically feasible?
Feasable, possibly- practicable, no way. (Score:3, Informative)
Inductive
Pulsed
Backscatter
Rebroadcast (differing frequencies for transmit and recieve...)
Etc.
Each one's completely different from the other in it's operation. And that just covers the RADIO portion of the systems. It doesn't cover the modulation or the encoding. There's a bazillion of those out there.
Yes, you could come up with a system that could jam/confuse each and every RFID reader nearby. But, it'd end up being something like
Good RFID Article (Score:5, Informative)
RFID chips are being embedded in everything from jeans to paper money, and your privacy is at stake.
By Scott Granneman Jun 26 2003 09:15AM PT
Bar codes are something most of us never think about. We go to the grocery store to buy dog food, the checkout person runs our selection over the scanner, there's an audible beep or boop, and then we're told how much money we owe. Bar codes in that sense are an invisible technology that we see all the time, but without thinking about what's in front of our eyes.
Bar codes have been with us so long, and they're so ubiquitous, that its hard to remember that they're a relatively new technology that took a while to catch on. The patent for bar codes was issued in 1952. It took twenty years before a standard for bar codes was approved, but they still didn't catch on. Ten years later, only 15,000 suppliers were using bar codes. That changed in 1984. By 1987 - only three years later! - 75,000 suppliers were using bar codes. That's one heck of a growth curve.
So what changed in 1984? Who, or what, caused the change?
Wal-Mart.
When Wal-Mart talks, suppliers listen. So when Wal-Mart said that it wanted to use bar codes as a better way to manage inventory, bar codes became de rigeur. If you didn't use bar codes, you lost Wal-Mart's business. That's a death knell for most of their suppliers.
The same thing is happening today. I'm here to tell you that the bar code's days are numbered. There's a new technology in town, one that at first blush might seem insignificant to security professionals, but it's a technology that is going to be a big part of our future. And how do I know this? Pin it on Wal-Mart again; they're the big push behind this new technology.
Right now, you can buy a hammer, a pair of jeans, or a razor blade with anonymity. With RFID tags, that may be a thing of the past.
So what is it? RFID tags.
RFID 101
Invented in 1969 and patented in 1973, but only now becoming commercially and technologically viable, RFID tags are essentially microchips, the tinier the better. Some are only 1/3 of a millimeter across. These chips act as transponders (transmitters/responders), always listening for a radio signal sent by transceivers, or RFID readers. When a transponder receives a certain radio query, it responds by transmitting its unique ID code, perhaps a 128-bit number, back to the transceiver. Most RFID tags don't have batteries (How could they? They're 1/3 of a millimeter!). Instead, they are powered by the radio signal that wakes them up and requests an answer.
Most of these "broadcasts" are designed to be read between a few inches and several feet away, depending on the size of the antenna and the power driving the RFID tags (some are in fact powered by batteries, but due to the increased size and cost, they are not as common as the passive, non-battery-powered models). However, it is possible to increase that distance if you build a more sensitive RFID receiver.
RFID chips cost up to 50 cents, but prices are dropping. Once they get to 5 cents each, it will be cost-efficient to put RFID tags in almost anything that costs more than a dollar.
Who's using RFID?
RFID is already in use all around us. Ever chipped your pet dog or cat with an ID tag? Or used an EZPass through a toll booth? Or paid for gas using ExxonMobils' SpeedPass? Then you've used RFID.
Some uses, especially those related to security, seem like a great idea. For instance, Delta is testing RFID on some flights, tagging 40,000 customer bags in order to reduce baggage loss and make it easier to route bags if customers change their flight plans.
Three seaport operators - who account for 70% of the world's port operations - agreed to deploy RFID tags to track the 17,000 containers that arrive each day at US ports. Currently, less than 2% are inspected. RFID tags will be used to track the cont
Let 'em know how you feel (Score:5, Insightful)
Now, if you're actually upset about this, take 5 minutes and drop them an e-mail, or better yet, send them a letter (like, on real paper). Or call them. There's several feedback addresses and mailing addresses. That's what I'm going to do. Don't think "oh, 50 other people are writing, I don't need to", because those 50 other people are thinking the same thing.
Politicians don't read slashdot. Hundreds of +1, Insightful posts don't mean anything in the long run, but if a politician receives several hundred letters telling him why this is a bad idea, he might just give it a second thought. Heck, call your local news program if you want. If it's a slow day, (or if it's FOX News) I bet they might be interested...
Not to spoil anyone's fun, (Score:4, Informative)
Yes, the potential implications of RFID are creepy, but their planning for a marketing campaign sounds pretty much par for the course.
The expirations dates were tacked on today (Score:4, Informative)
They did NOT say "confidential until [fill in date]" like they do now.
The Auto-ID Center's first response this morning was to pull nearly all the documents with "confidential" in their descriptions off the site, then slowly replace them one by one, with new "confidential until" designations tacked on. We have not yet had a chance to verify if the documents have changed in other ways than the new "sell by" dates they now carry.
Many other documents vanished and have not yet reappeared (nor are they likely to, considering their content).
Cryptome has listed the original 68 "confidential" search results, as they appeared this weekend. As soon as the Cryptome site recovers, you can verify that there were few or no expiration dates on any confidential documents until well after the story broke today.
You've got to hand it to the Auto-ID Center for working overtime on damage control. The "confidential until" thing was a nice touch.
p.s. Until it crashed, Cryptome had all 68 original documents available for downloading on its website.
Problem solved. (Score:5, Interesting)
Scroll to the bottom of the page.
Simple enough solution to problem.... (Score:5, Interesting)
Brian Ellenberger
Re:Simple enough solution to problem.... (Score:3, Insightful)
Re:Simple enough solution to problem.... (Score:3, Insightful)
Let's see...who's got more lobbying money/access? Us (as individuals), or Walmart/Sears/Kmart/Target/Asda/Tesco?
Who do you think will win?
With that kind of attitude... (Score:5, Informative)
Who do you think will win?
I guess you haven't heard of the ACLU, NRA, NAACP, AARP, or the various other special interest groups in this country. Special interest groups represent a group of people gathering their resources to fight for a particular cause. They can wield power as great or greater than any corporation. I'm not aware of any single organization that can completely turn an election like the NRA or AARP can. Corporations can only give money, but special interests can directly give VOTES.
You personally will not stop Walmart or Sears from implementing the tags directly in items but the EFF may! So donate and get involved!
Brian Ellenberger
Renaming strategy (Score:5, Interesting)
The corporate legalists knew full well that anyone opposing a "key" would only know to refer to it by that particular name. If you change the name, the problem vanishes because now no one knows to object to it.
Well, one thing's for sure... (Score:3, Funny)
~Philly
Conspiracy theories? This is well-known PR stuff. (Score:4, Interesting)
Now PR can be used for good reasons, to be sure. So I'm not knocking PR as such. It's a tool, and it can be used for good purposes and bad purposes. But when a company wants to push something that nobody wants, all they have to do is change the wording, create some planted stories, cook some polls, infiltrate opposed organizations, buy people off, uh well, use your imagination. When "...3. PROFIT!!" is your goal, PR can be a very effective tool at the hands of the unscrupulous. This story? Business as usual for PR.
Torn (Score:5, Interesting)
This technology has so much potential. I want to be able to remotely pay and walk right out of the store without waiting 15 minutes to check out two items; but I know that they're just going to use my purchases to send me more advertisements. RFIDs can give us information on our environment and we give it to them.
And that's the problem, exchange of information. After reading that article, these RFID manufacturers are already showing their lack of concern and ignorance how to secure their networks -- it's like a company that installs IIS and never patches, they're that clueless. And this technology needs to be secured right the first time; the last thing I need is yet another report of a bungling tech company leaking credit cards. It's not an MMORPG, where you get 8 months to fix, rollback and patch. This time it's worse, because a crack will not only expose financial data, but expose your personal location.
Now I don't do much to attract the ire of governments or corporations; I pay my bills, buy my music, and live my life in security. I don't worry about the gov collecting my info, because the government isn't coordinated enough to figure out what to do with it even if they had it. As a small potato, I worry more about the honesty of my fellow citizens. Store employees get caught scamming credit cards, and now, do we get to look forward to the future criminal "warscanning" around the neighborhood with his radio sensor, instantly detecting what valuables you have inside your house...
Somehow, we the community need to express our concern that the proper precautions are taken. This technology is coming, and the market potential is great. As end users, we need to demand an open access system, so that we might provide the checks and balances to keep the system honest. What else can I say, but whether we need to demand the government regulates an open system, or we use market forces to drive it into oblivion, the public can't let this slide.
Sun Microsystems (Score:5, Interesting)
Sounds more like privacy stands in the way of profit.
Letter to these guys (Score:3, Interesting)
I hereby note my wholehearted objection to your complete and total disregard for
my privacy. Furthermore, should you plan to derive profit at the expense of my
privacy, I expect compensation. After all, the privacy is *mine*, not yours to
profit off.
Should I find that an RFID tag has compromised my privacy, I shall bill you at
an amount I feel is acceptable. Your issuing of RFID tags or the technology to
implement them to any company that will indiscriminately embed it in any kind of
product that I might purchase, through choice or otherwise, or be issued with,
by choice or otherwise, will indicate your acceptance of these terms.
Your id: shirt w, slacks x, briefs y, socks z (Score:3, Insightful)
Most of the devices I have read about have sufficient storage to uniquely identify every single item of clothing ever sold (which really doesn't require many bits at all). Current devices such as those we heard about with Benneton [boycottbenetton.org] are not visible unless you either know where to look or have special equipment.
The devices seem to have a rane of 1-10m, and probably on the lower end of that for clothing items, but certainly that range will be improved with time.
While I trust that there would be sufficient public backlash to prevent this level of tracking and identification, we shouldn't feel comfortable even once we have stopped this precise level of unique identification.
Consider instead that each item of clothing you wear: shirt, slacks, briefs, and socks do not have an identifier unique across all items of clothing or even acorss all items of clothing of that type, but have only a unique identifier for the brand and 'model' (e.g. "Dockers Fall 2003 tan polo shirt") of the item.
It is still quite trivial to track you even in this case. Where in the past law enforcement agents might issue an alert for a man wearing "blue jeans, white t-shirt, orange cap", now they can issue an alert for a man wearing "slacks brand/model 3000023153, shirt brand/model 2000893912, cap brand/model 42330000251".
How many people do you suppose there are in an average large U.S. city wearing the same brand/model of 4-6 items of clothing? A lot fewer that we might think, I suspect. Probably few enough that it would be trivial to track all such individuals if necessary.
The more unique you dress, the more you stand out in a crowd (and not necessarily to the naked eye), the easier it is to track you.
There is no need to trust our privacy to legislation, although that would be a valuable step.
Simply encourage individuals opposed to these measures first to destroy these tags in their own clothing and to make a market for clothing without such tags.
Swap the tags, cause confusion (Score:4, Funny)
I suspect you could quickly mask your "signature" by carrying a wide swath of tags with you when you go shopping. I'd love to see the database which has a customer walking in wearing a woman's left shoe, hiking boot, 14 boxes of oatmeal, a child's tanktop and four library books.
What about a "Reasonable Expectation of Privacy"? (Score:4, Insightful)
RFID -- good and bad (Score:5, Insightful)
It's all the other tracking. We're talking about a potential record of everyplace a person goes. The government is clearly willing to abuse such information -- organizations like the FBI have abused just about every other piece of information they are given, and have never made any attempt at reform. And there's a resurgence of suppression and punishment of dissidents, including arrests and who knows what else.
I wonder if there is a way that we could safely use this, though. Off the top of my head, here's the laws I might propose:
First, all items with RFID tags must be prominently marked. I don't care if it's a "green tag" or whatever -- so long as there's no variety, and it's directly on the item (not on a label somewhere). Second, all RFID reading machines must be in plain site of any place that they can read, and must be prominently marked. Maybe a blinking green light too, or something -- make it a little obnoxious, and make the reader's intent very clear.
Violation should result in heavy fines, but more importantly, a revokation of the RFID license -- the license to tag things with RFID sensors, to use readers, and all of that. You should not be able to simply risk it with not labeling the items properly -- because in doing it you risk being shut out of the game entirely. And obviously creating these tags should be carefully monitored, as should be fairly easy to do, since RFIDs are all about monitoring -- unauthorized ID numbers should be easy to track. The readers, though, would be harder to track... I imagine it won't be too long before you could rig up your own reader if you wanted.
So... destruction of the RFID tag should also be fairly easy. All of these would be fairly reasonable, I think.
Of course, this doesn't keep the government from breaking these rules on its own. And any law the government makes against itself will be ignored and grossly violated, because that's what the Justice Department does. So maybe this wouldn't work.
"Confidential until" dates on Auto-ID site are new (Score:5, Informative)
The Real Question People Should Be Asking. (Score:4, Interesting)
It's a common procedure for tagging dogs here in the UK especially if you wish to take your dog abroad. It's been used successfully in finding the owners of strays for some years now.
Perhaps the tag will be embedded under your skin, as part of a passport application, or maybe embedded into a hip bone or the skull at birth.
We already externally tag offenders on home curfew, why not go the whole hog and attach a RFID tag to the stem of the brain, try removing or microwaving that you sucker!
War pickpocketing... (Score:4, Interesting)
Something else bothers me... (Score:4, Insightful)
But each RFID tag is a disposable piece of electonics. To manufacture this product, a wide variety of chemicals (including powerful acids and so on) have to be used. By employing them in such a ubiquitious manner aren't we polluting the environment needlessly? I have to imagine if 50% of all products sold had RFID tags in them that we would add hundreds of tons of dangerous chemicals into the environment every year!
Perhaps the RFID tags should be obvious and recoverable so that they can be recycled! Maybe a deposit could be put on them so that the consumer can return them and get a few cents per unit back.
My big worry (Score:4, Insightful)
I really do not care if a store knows that I was one of fifty people that came in wearing size 38 briefs. The big worry is when the can track me just about anywear I go. I would not even have to buy anything in a store for them to know I was there.
The commercial apps are really big. Lets say I go to Sears and look at fridges three or four times because I might need a new one. Sears will know it and start sending me fridge adds.
Don't worry about the products so much. Worry about your credit cards.
You can use these frequencies, too. (Score:5, Informative)
Any operation that takes place with RFID tags takes place under Part 15 of the FCC rules and regs. That is the same part that gives us permission to use 802.11${version} wireless networking, but requires that the general public take a back seat on these frequencies to ham radio operators (because we have licenses for these frequencies, and the general public doesn't)
Part 15 comes with two provisions:
In other words, by using the unlicensed section of the spectrum, the users of these devices are setting themselves up for interference from other users of the spectrum.
What I personally would like to do then is construct a set of 13MHz walkie talkies. Not really very practical devices on the whole, but they should work well enough at short range. You and a friend go shopping and just happen to key up the radio each time you pass through the door. You have the legal privilidge to do this, as long as you don't mind the interference to your signal from theirs. They must accept the interference to their signal from yours.
Technical note: The modulation on your walkie talkies should be something that is guaranteed to take up the entire 14 kHz width of the band specified under Part 15. Perhaps some form of digital voice. You need to occupy 13.560MHz +/-0.007MHz inclusive.
Re:Weeee! (Score:5, Funny)
Re:Interesting stuff (Score:5, Funny)
Whoo hoo! Now I'll have an easy means to do my thesis!
My topic: Tracking the migratory patterns of trailer-park-dwelling white trash with radio signals.
The meteorology people are probably thrilled as well... no more trying to put instrument packages in a tornado's path, just zero in on the RFID tag in Cletus S. Yokel's sneaker, and track it when the tornado sucks him out of his double-wide.