Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Privacy

Verisign to run National RFID Directory 194

Posted by CmdrTaco
from the we've-seen-this-before dept.
JamesD_UK writes "Verisign has been given the contract to develop a national RFID directory by EPCGlobal. Under the directory scheme each company will maintain an Object Name Service analogous to DNS with Verisign running the root server. Verisign has already setup the infrastructure at six different global sites."
This discussion has been archived. No new comments can be posted.

Verisign to run National RFID Directory

Comments Filter:
  • lol... (Score:5, Funny)

    by REBloomfield (550182) on Tuesday January 13, 2004 @08:06AM (#7961669)
    PeopleFinder is on it's way then :)

    'The person you are trying to find does not exist. Did you mean....'
    • Re:lol... (Score:5, Insightful)

      by Dilbert_ (17488) on Tuesday January 13, 2004 @08:11AM (#7961688) Homepage
      Heh, that means we'll soon get all-kinds-of-stuff.google.com ;-)
      Imagine entering a query to retrieve your car keys... the possibilities are endless.

      • Re:lol... (Score:3, Funny)

        by REBloomfield (550182)
        Actually, that would be kind of cool. I'm always losing stuff...
        • " Actually, that would be kind of cool. I'm always losing stuff..."

          Except if you lost your car keys, how long do you think it would be before spammers manage to work their pages near the top with things like "Lost your car keys?!?! Buy a new car!!!!!!"

      • Re:lol... (Score:5, Insightful)

        by quigonn (80360) on Tuesday January 13, 2004 @08:17AM (#7961723) Homepage
        Yes, the possibilities are indeed endless. I'm wondering when the terrorists will catch up and build booby traps that only explodes when the RFID scanner attached to the booby trap detects an e.g. US-american citizen nearby (which wouldn't be too difficult to build, since the passports will have RFID tags, too). "RFID tagging supports terrorism"?!

        Or the criminals that check whether it's worth to rob out a bank or a store by using an RFID scanner that detects all banknotes and calculates how much money is in the cash register. "RFID tagging supports delinquency"?!
        • Re:lol... (Score:3, Interesting)

          . I'm wondering when the terrorists will catch up and build booby traps that only explodes when the RFID scanner attached to the booby trap detects an e.g. US-american citizen nearby

          Better still, if it was really clever it could read the tags in their clothing too. So a bus-load of obese american tourists turns up, the rfid reader detects 40 US citizens with waist sizes of more than 80 inches and BOOM!!!!!!!!!!!!!!!!

          Oh well, there goes my karma

          HH
          --
          • Actually the issue is not that silly

            Better still, if it was really clever it could read the tags in their clothing too. So a bus-load of obese american tourists turns up, the rfid reader detects 40 US citizens with waist sizes of more than 80 inches and BOOM!!!!!!!!!!!!!!!!

            Not very likely that the RFID signal gets through the bus...

            The recent Al Qaeda attempt to assasinate President Musharraf, current military dictator of Pakistan onetime Taleban/Al Qaeda aly used a radio controlled charge set to dest

        • Re:lol... (Score:3, Interesting)

          by ReelOddeeo (115880)
          I'm wondering when the terrorists will catch up and build booby traps that only explodes when the RFID scanner attached to the booby trap detects an e.g. US-american citizen nearby

          Someone could even set us up the boom such that it only explodes when brought into proximity of a specific RIAA CD, or a specific Gilette razor. Highly targeted.
      • Re:lol... (Score:5, Funny)

        by Lord of Ironhand (456015) <arjen@xyx.nl> on Tuesday January 13, 2004 @08:19AM (#7961735) Homepage
        > Imagine entering a query to retrieve your car keys... the possibilities are endless.

        Indeed, why restrict yourself to your own car keys?
      • Re:lol... (Score:5, Funny)

        by El_Muerte_TDS (592157) <elmuerte AT drunksnipers DOT com> on Tuesday January 13, 2004 @09:16AM (#7962099) Homepage
        Imagine entering a query to retrieve your car keys... the possibilities are endless.
        Imagine somebody else entering a query to retrieve your car keys... the possible locations of your car are endless.
    • Re:lol... (Score:2, Funny)

      by Illserve (56215)
      PeopleFinder is on it's way then :)

      And Google will soon provide us with Poogle.

      Or maybe Stoogle

      (St for Stalking)
  • by Anonymous Coward on Tuesday January 13, 2004 @08:07AM (#7961672)
    you get a nice Verisign advertisement.
  • Does it defualt to telling you that it's a McCheeseBurger when it can't find the item you were looking for in the database?
  • by BigHungryJoe (737554) on Tuesday January 13, 2004 @08:10AM (#7961682) Homepage
    Did anyone else run into trouble with Verisign using Microsoft's code signing last week? A bunch of Verisign's certs expired, which shouldn't have mattered if you were using the API correctly, but WinVerifyTrust() was blocking for minutes at a time. (I'm not sure why the certs belong to Verisign and not MS)

    The CryptoAPI mailing list was claiming that "verisign was running slow".

    Anyhow, if its true, I don't trust Verisign for to provide infrastructure for squat.
    • by BenBenBen (249969) on Tuesday January 13, 2004 @08:16AM (#7961710)
      One of the grand-daddy certs expired. [theregister.co.uk] Screwed everything from websites to Norton Antivirus
    • Seek [google.ie] and ye shall receive [slashdot.org]
  • Hey, Alright! (Score:3, Insightful)

    by robpoe (578975) on Tuesday January 13, 2004 @08:11AM (#7961686)
    So, when you need to change something, or fix an error with your registered RFID tag, you can attempt to make the change via their web interface, then wait a week and a day, or you can call in and fax in the form and have someone never get anything done with it, too?? Then, right in the middle of it all, they'll switch out how things are done and you'll have to conform to their backward standards..
  • Great... (Score:5, Funny)

    by jasonfncsu (735876) <jason@oldos.org> on Tuesday January 13, 2004 @08:12AM (#7961692) Homepage
    now verisign has the ability to erase me.

    Please remember me when I'm gone...
  • by nuclear305 (674185) * on Tuesday January 13, 2004 @08:12AM (#7961694)
    The ./ community has released an update to patch this "issue."

    Simply wear the provided tinfoil hat to nullroute this new service.
  • Renewal fees (Score:5, Insightful)

    by vpscolo (737900) on Tuesday January 13, 2004 @08:12AM (#7961697) Homepage
    Just wait until the implement wildcard RFID als site seeker and start charging $70 a year to renew a tag. It wouldn't surprise me a bit

    Rus
    • Yea, but I won't want to renew the tag for my out-of-style pants, so thats a bonus! The scanning system will even tell me when I can't wear my pants anymore.

      Who needs style when technology can do it for me!

  • More standards, new methods... and what about embedded systems... surely this will not be compliant with old systems in 5 years time... You will need Windows 2006 to be able to use this. Just seems like the web is getting more and more bureaucratic, not good... America: where liberty is a statue and patriotism is trusting the government.
  • what about UPC? (Score:3, Insightful)

    by Mazzie (672533) on Tuesday January 13, 2004 @08:18AM (#7961727)
    Found it very odd that they didn't mention UPC even once in the article. Wouldn't it make sense to have support for UPC while EPC is phased in over time?
  • by WebTurtle (109015) <derek.blueturnip@com> on Tuesday January 13, 2004 @08:19AM (#7961731) Homepage
    It seems that this is just a slightly different implementation of an old idea. The only really interesting thing is that they are searching for RFIDs using the same redundancy as DNS.

    What are the similarities between CueCat and the EPC Directory project? It seems to me that the only difference is the scale of the implementation.

    Is that accurate?
    • Cue cat logged the serial number of the scanner taking the scan as well as the code being scanned. I presume you can buy a scanner to suit your needs and do all lookups in-house if needed. It required hacking the cat to do that. However you do have a valid point, to interface with the bigger world (Is that a candy bar in your pocket?, when was that tire sold, rotated, car milage etc.) would need external data to be returned to you.
    • by Tackhead (54550) on Tuesday January 13, 2004 @10:33AM (#7962698)
      > What are the similarities between CueCat and the EPC Directory project? It seems to me that the only difference is the scale of the implementation.

      CueCat: Privacy-intrusive, shaped like a dildo so you could go fuck yourself with it, and run by a useless bloody looney who was first against the wall when the last tech revolution ended.

      VeriSign: Privacy-intrusive, is useful only for telling you as a customer to go fuck yourself, and run by a load of useless bloody looneys who will be first against the wall when the next tech revolution starts.

      So in answer to your question... really not much difference at all.

      Q: How can you tell your sysadmin's got a Verisign rep on the phone?
      A: You hear someone screaming "YOU STUPID FUCING COCKSUCKERS!" into a phone every ten seconds, from six cubicles away.

      • CueCat: Privacy-intrusive, shaped like a dildo so you could go fuck yourself with it, and run by a useless bloody looney who was first against the wall when the last tech revolution ended.

        Yes, but now you can buy one on eBay for $5 and have a fully functional barcode scanner by using replacement drivers.
  • by wongqc (555152) on Tuesday January 13, 2004 @08:19AM (#7961734)
    Mabbe it's juz me....but I am extremely uncomfortable of them running both the RFID database, and the DNS database. Too much control by one company.....I would prefer it's runned by a non-profit org. But I don't really like the idea of RFID in the first place.
    • Sounds like you need to crawl back under a rock and hide from the future, then!

      EPC is simply a reference for finding the producer of a given item - you pick up an RFID tag with the appropriate data, it refers you to Gillette, where you can use more specific information to find that it's a case of Mach 3 razor blades, shipped from such-and-such warehouse on such-and-such date. What exactly are you afraid of???

      It disappoints me to see how many supposedly tech-savvy readers around here react with such fear.
  • by Anonymous Coward on Tuesday January 13, 2004 @08:19AM (#7961736)
    For at least two reasons, choosing Verisign for this project is as bad a choice as picking SCO to safeguard free/open-source software -- a direct analogy, not just because SCO is flavor of the month.

    Not only do they lack the technical competence to do it properly and flexibly, but they also lack the professional integrity to be doing this work. It is a company that rejoices in its commercially-led myopia, at every opportunity making the "wrong" decisions on the basis of perceived market benefits to itself alone.

    This is going to end in tears.
    • by polyp2000 (444682) on Tuesday January 13, 2004 @08:30AM (#7961803) Homepage Journal
      Sometimes I wonder who makes these illogical decisions. Certainly not people who have a clue about what they are doing , thats for sure. Why are there not more savvy people in higer places?
      • by jaaron (551839) on Tuesday January 13, 2004 @10:54AM (#7962914) Homepage
        Why are there not more savvy people in higher places?

        Because savvy people avoid the temptation of higher places. They're happy coding, studying, exploring, inventing, and recognize that getting involved would mean sacrificing much, if not all, of that. There are some "savvy" individuals who feel driven enough to put aside personal pleasures and take up a cause, but often they feel that in the end, it's not worth it. Let the idiots who crave power, fame, wealth or whatever waste their lives in petty politics and schemes. The savvy are often savvy enough to just not play those games.

        That's not to say it's morally right or wrong to get involved. It's a choice about how one wishes to live life and contribute. But you'll often know a good leader by the one who turns down the offer. I'm in an organization right now in which the current leader is stepping down and finding a new one is hard. Everyone who is truly qualified doesn't really want the responsibility or trouble. A savvy individual who is willing to play the game of "higher places" is rare indeed.
      • Sometimes I wonder who makes these illogical decisions. Certainly not people who have a clue about what they are doing , thats for sure. Why are there not more savvy people in higher places?
        Its called failing upwards.
      • Why are there not more savvy people in higer places?

        If you mean "tech savvy" (which I assume you are, we are bitching about techology), then it effectively negates your original thought of making it big in business. (Yes, there are the VERY FEW, play along.)

        Those that are "tech savvy" are usually not "business savvy" (go ahead, one person, reply and say "but I am both"). Those who are "tech savvy" got that way from tinkering/trying and/or building/destroying. You get business savvy by sitting in me
      • Because nobody with a functioning prefrontal cortex would actually want those jobs.
  • Great... (Score:2, Interesting)

    by kcbrown (7426)
    <sarcasm>
    I can't think of anyone I'd trust more...
    </sarcasm>

    Seriously, it's a wonder anyone trusts them with anything anymore, especially with the way they've abused their position as DNS registrar and TLD maintainer. I certainly don't. They'll have to do a complete 180 for an extended period of time (many years) to ever get my business again.

  • by polyp2000 (444682) on Tuesday January 13, 2004 @08:21AM (#7961750) Homepage Journal
    Sounds like a great job for a company we can trust.
  • Thats nice. (Score:5, Insightful)

    by torpor (458) <{ibisum} {at} {gmail.com}> on Tuesday January 13, 2004 @08:23AM (#7961759) Homepage Journal
    But we should have an open, public, maintainable database which is -not- under the exclusive domain of Verisign for these things.

    I can think of plenty of private uses of RFID which I would not want Verisign to be involved in, in the slightest.
    • Verisign does not have the market yet, so if you feel we should have an open/public DB, which I also feel, then it is imperative for us to act at once and implement our own DB. If there is an open alternative, people will use it! But if we let Verisign grow rather quickly, then they will win by first movers advantage.

    • I can think of plenty of private uses of RFID which I would not want Verisign to be involved in, in the slightest.

      You just keep that to yourself. Nobody wants anything to do with your pleeasure-seeking shaved cyborg gerbils.
    • Re:Thats nice. (Score:4, Interesting)

      by ajs (35943) <ajsNO@SPAMajs.com> on Tuesday January 13, 2004 @10:43AM (#7962795) Homepage Journal
      I always assumed that Verisign was a US government front company. I guess this makes it pretty clear.

      Think of it this way, if you were in the FBI, advising the White House about upcoming threats to domestic security, what would you say about a growing global network of computers that it's pretty clear all business will rely on within the next 100 years? Would you advise that the government find a way to have a controling hand close to the heart of such a beast? Would you allow the military to give up control of such a thing whithout maintaining some sort of back-door power?

      It's not so much about conspiracy, as about the way you manage resources. Verisign has either been involved in or bought the companies involved in the technologies most likely to scare the government (PGP, DNS, RFID, being a CA). This combination of interests and amazingly lucrative and monopolistic contract awards is fairly damning.

      To jump back to topic, adding in RFID means that whoever has access to Verisign now has access to a giant database of what amount to tracer bugs planted (soon) in most of the items that you buy. Just think of the harm caused by the most obvious uses....

      I really think that a national database of RFIDs should not be allowed. We should have a national allocation scheme like we do with Ethernet cards, based on industry standardization, but NEVER a database of final numbers.
  • by pergamon (4359)
    As anyone who has had to deal with Verisign knows, this is bad news.
  • by Pompatus (642396) on Tuesday January 13, 2004 @08:27AM (#7961789) Journal
    all in one story is not quite enough for a flamewar. If they were running this new service on SCO licensed servers donated by Microsoft in order to find oil on Mars, THEN you would have a story.
  • by winchester (265873) on Tuesday January 13, 2004 @08:28AM (#7961793)
    Given the fact that this sounds like a directory in X.500 or LDAP format, which are both extremely vulnerable to ASN.1 vulnerabilities, hackers will have a field day exploiting this directory.

    Also, since ASN. is very non-trivial to program, it will be interesting to see how many programmers will be able to use this succesfully... i am referring to the ASP.NET generation :-)
    • Uh, No, not ASN like at all. RFID tags respond with EPC codes. Once you read the EPC, you take it to the ONS (Object Naming System). The EPC has a header (fixed length), Manufacturer Code (fixed length), product code (fixed), and a serial number. The ONS works by taking the Manufacuring Code ONLY and going to a "root" ONS server. This points at that manufacturer's ONS... which is then queried to see what the product code means, is that serial number valid and if so for what object, etc. Verisign is
  • by markov_chain (202465) on Tuesday January 13, 2004 @08:30AM (#7961801) Homepage
    Imagine the outburst on here if FBI was to run directory!
  • Surprised? (Score:4, Insightful)

    by Raven42rac (448205) * on Tuesday January 13, 2004 @08:35AM (#7961838)
    Is anyone actually surprised by this? I was just as shocked when Oracle's Larry Ellison said that he would help set up the National I.D. card database. These companies are just profiting from stealing away what little chunks of our privacy we have left, after congress and the government have taken their share. I guess that in this economy they will do anything to survive. Sad.
    </conspiracy theories>
    • These companies are just profiting from stealing away what little chunks of our privacy we have left

      As long as personal data continues to be a commodity, profit will go over privacy.

  • by Shoten (260439) on Tuesday January 13, 2004 @08:36AM (#7961845)
    I have to say that they've proven that they're a good choice for this. Keep in mind what the #1 priority is for maintaining TLDs, particularly the big ones (.com, .net, .org) that Network Solutions/VeriSign handled for most of their lives. VeriSign's idiocy and abuse with regards to non-existent domain handling and misleading 'renewal' notices are despicable for sure, but while all that was going on, they also kept things up and running quite well, even weathering out the largest DDoS on record without going down.
    • I have to agree, much as I hate Verisign's modus operandi, I can't recall any instances where, for example, the entire .com heirarchy was off line. From my understanding of the planned implementation of RFID, Verisign is only going to be providing resolution up to RFID's equivalent of ".com" and it's up to the other "registrars" to support their own RFID domains.

      If you want to use Verisign instead of one of the alternates to register and manage your RFID domain then I'll be offering no sympathy if the le

    • by Anonymous Coward
      Which means...

      Nothing really since they are only the second company to be allowed the oppertunity.

      As you stated, they do have a history of being abusive. Honesty and morality are the essential issues when selecting a company to maintain something as big and as controversial as this RFID database.

      There are MANY companies who manage to maintain systems more complex than top level DNS and certs... Many of those companies do not have Verisigns abusive track record...
      • Actually, it means quite a bit. For one, they did it right the first time...when did it become the assumption that the FIRST company to try something had an easy time of it, anyways? And besides, it doesn't matter how many companies have had the chance to try; keeping critical infrastructure secure and available is hard, especially for a high-profile target like VeriSign. They've had attack after attack, and have weathered them all, which I have to say is a remarkable thing. They're also one of the very
  • by Craig Ringer (302899) on Tuesday January 13, 2004 @08:43AM (#7961888) Homepage Journal
    Just think what fun you could have with cache poisoning.
  • If verisign is running this, does that mean that at any given point my RFID enabled electric razor will start going really, really, slow?

  • Free Groceries (Score:3, Interesting)

    by fuzzybunny (112938) on Tuesday January 13, 2004 @08:46AM (#7961905) Homepage Journal
    Cool, does this mean that when their intermediate root RFID numbers expire, we get free stuff? Or does it just mean that the cash register will pop up error messages when they try to verify my purchases?
  • by TygerFish (176957) on Tuesday January 13, 2004 @08:46AM (#7961907)
    The company that thought trying to swindle *everyone* who didn't know the market price of domain registration by sending out pseudo-bills is the company that the Gov'mint thinks is worthy of keeping tabs on, well, on everything?

    Okay, I got it.

    I understand the future: no company will be entrusted with sensitive, and potentially vital security work unless they combine incompetence with malfeasance.

    Lovely...

    • Um, I don't think epcglobal is the 'guvmint'

      I think the guvmint gave verisgn domain registration, and a consortium named epcglobal gave them everything else..

    • Remember that this is also the same company that redirected all typo's to their own service/servers/...

      "Hello, the tag you scanned does not exist, but we supplied the info of some other product..."

      VeriSign would be the last company I would give this mandate to. Only choosing them on hardware terms is plain stupid...

  • by lww (323019) on Tuesday January 13, 2004 @09:29AM (#7962199)
    We put the 'F' in RFID...
  • by tacocat (527354) <tallison1 AT twmi DOT rr DOT com> on Tuesday January 13, 2004 @09:39AM (#7962254)

    Think of the possibilities!!!!

    • All plasmas screen advertisement screens will automatically change according to the demographics represented by my RFID tags I'm wearing, or based upon a demographic RFID type DNS lookup against my RFID tags.
    • Anyone can track anyone elses stuff
    • Want to know what your SO is doing? track them via RFID and identify all RFID's within range of them
    • Walk into a store and they'll be able to not only identify you, but obtain a complete financial records and shopping tendencies.

    In short, the data that we carry with us via RFID will precede our every action in society.

    Imagine having BLOGS based on RFID's. "I dated a guy named Joe with an RFID tag of XYZ and he's a real loser/winner".

    Makes Minority Report and Gattica seem pretty likely in our lifetimes.

    If I microwave my clothes, will it destroy the RFID's???

  • Credit for This Idea (Score:2, Interesting)

    by tspauld98 (512650)
    Any credit for this idea has to go to George Orwell. Who would've guessed that he was just 20 years too early on his prediction?

    I remember reading 1984 in 1983 and thinking, "Well, thank God that could never happen." I don't think it's funny anymore. Somebody stop the madness.

    tims
    • by geoffspear (692508) on Tuesday January 13, 2004 @10:10AM (#7962463) Homepage
      I bet you were worried when they started putting barcodes on everything in the grocery stores, too.
    • Um, in 1984 Mr Reagan was president, telling us that we had plenty of money and the economy was great - mostly because he was deficit spending TRILLIONS and pumping it into his buddies' defense companies.

      Nicaraguan terrorists were our friends as were El Salvadorian dictators. We had yet to begin, fully, the "War On Drugs" (sent up as a distraction to "Oh, Ollie North *did* siphon drugs to pay to fund the Contras explicitly against Congressional Mandate" and "you have no hard proof that as a candidate tha

  • I imagine that stores would already know what rfid's they had in inventory. So, it's not clear why they would need a EPC root server or who actually would be using this service. I'm more worried about the stores forgetting what they have in inventory vs. what they sold, given how good companies are at correctly maintaining databases and backing them up. Could make for some interesting store exit scenes. Make sure that you have all your receipts for everything that you are wearing.
    • It's what the mega corps like Walmart want. The "wheelers and dealers" want a system where everything can be tracked by barcode/RFID so they can get more market share....That way they can handle more diverse product mix without actually having to know what it is or who they got it from...the computers just figure it out. And the best part is all the paperwork [+ verisign hassle!] is forced on the little guy...so the big guys can beat them up over price!

      You do have a great point about tag activation...I m

  • by kidMike (627686) on Tuesday January 13, 2004 @09:57AM (#7962386) Homepage
    Please write to Jack Grasso, Director of Public Relations, at mailto:jgrasso@uc-council.org.

    My letter is below:
    (hpoe my facts are mostly accurate)

    Good morning Mr. Grasso -

    I am writing this morning to express my extreme dismay at the selection of VeriSign to run this RFID registry. As a professional in the technology field, I have dealt with VeriSign on many occasions, and have decided that I never will again, if at all possible. VeriSign has a history of putting the company first before all else, including privacy, not a great attribute for someone who will organize a system to track millions of things and people.

    VeriSign has engaged in deceptive business practices, for example the "fake" invoices they sent out to clients of competing registrars, giving the false impression that the client had to pay VeriSign in order to renew their domain (VeriSign lost many lawsuits over this deceptive practice, and the FTC even got involved).

    VeriSign most recently used the monopoly position on maintaining the .COM and .NET "Top-Level Domains" to bring web surfers that made a typo in a URL to a VeriSign-owned search engine, which sold advertising to other companies and promoted specific search results based upon their paid advertisers. In the process, the technological changes they made to do this caused the malfunction of millions of programs, primarily many anti-SPAM utilities.

    In all these cases, VeriSign acted greedily to further the company's aims over what's good for the people who must use the services that VeriSign administers. Their track record of deception and the world-renowned sluggishness with which their company operates should be a red flag for anyone who understands the types of technology involved and the effects that VeriSign's moves has had on the Internet.

    Please consider some additional viewpoints. There is a website known as SlashDot, located at http://slashdot.org, which has one of the largest user bases of any web site. Most of the users are tech workers, and the discussions on SlashDot are some of the most intelligent discussions I have ever read. A discussion on your organization's decision is in progress right now. Please read it at http://slashdot.org/article.pl?sid=04/01/13/125721 2&mode=thread&tid=158&tid=99

    And please pass along to your management the unhappiness this move has brought to the vast majority of the people who actually understand what your technology does, what it is capable of, and the ways it can be abused.

    Thank you for your time.
  • by gekkotron (641131) on Tuesday January 13, 2004 @10:00AM (#7962410) Journal
    Verisign is considering a name change to 'Skynet'.
  • ...so many 'technical people', so little real understanding. To the peeps who think RFID is 1984 "20 yrs late" - you are soo joking, give this technology another 10yrs minimum Before it gets anywhere NEAR the kind o0f FUD I'm seeing on this thread. Even more to the point, Y oh Y do people seem to swallow the Corporate-bilge when it suits their paranoia??? Figure it out - more importantly, do some reading, I work with RFID and half of what I read on this thread is applicable only in a SciFi novel. Ho hum
  • Do you subscribe to the idea that it is inherently bad for those in power to have information in excess of what is required for them to fulfill their constitutional duties? Is anonymity a prerequisite for freedom? Has the only thing protecting that anonymity been the impracticality of knowing everything?

    The right to privacy is inferred rather than explicit in the U.S. Constitution. For this to be ruled illegal, you'd have to convince a judge that a commercial RFID tag represents a law enforcement searc
  • I wake up, check my e-mail, and pop the lid on my RSS feeds, and what do I see?

    Verisign to run National RFID Directory

    My first thought is, "Nice April 1 joke! Hah, hah, hah. Very fucking funny." But then I check my calendar.

    Oh shit.

  • by Klowner (145731) on Tuesday January 13, 2004 @11:43AM (#7963479) Homepage
    I can see it now. I'm shopping in wal-mart (Clearly this is a dream sequence)

    After browsing around for a few minutes, I walk out the doors without purchasing anything.

    BOOM! Two sets of doors slam open, and out comes ItemFinder "Service" Bot ! Scooting towards me at nearly 35mph, knocking me down with his huge spiked arms.

    [IFBot] I AM SORRY THAT YOU WERE UNABLE TO FIND THE ITEM YOU WERE SEEKING!!!
    *** IFBot picks me up and throws me back into the store
    [IFBot] PERHAPS THESE ITEMS ARE WHAT YOU WERE LOOKING FOR!!!

    ...damn you item finder bot
  • How EPC works (Score:3, Insightful)

    by jan de bont (702726) on Tuesday January 13, 2004 @12:21PM (#7963882)
    1) Read an RFID tag, get an EPC.
    2) EPC is 96 bits: Header, company, product, serial #
    4) Extract "company" bits (exact length set by header flags). Make a lookup call to root ONS server. It will return IP address of "company"'s ONS server.
    5) Extract "product" and "serial", call company's server for information on that instance of that product

    Note that steps 4-6 are likely to be buried off in a single API call that accepts the whole EPC as an argument... and that (local) caching likely means that step 4 is often skipped. Caching can also help step 5, mostly when were only interested in product and not serial... but I digress from the point.

    Further note that Verisign is only involved at "Company bits -> IP address of company's ONS" in step 4. No other involvment from Versign... so lots of scenarios suggsted above are just BS. Verisign either answers the query; or not.

    If they attempt to "squat" like they did on unused domains, they can only do so on unused COMPANY codes (more like TLDs than unused domains)... and why would a real world RFID tag ever have an unused company code?

    As for perverting any deeper information about that product or that instance... they are not involved in those calls... no can do.

    Jan

  • I'm surprised that the Uniform Code Council doesn't seem to be involved with this (perhaps they are, or since the members section is down, maybe the partners of the EBC are the same as those of the UCC, who knows.) One would think they have experience in these matters.

    The UCC is the organization that hands out UPC barcodes.
  • by n-baxley (103975) * <nate@baxl[ ].org ['eys' in gap]> on Tuesday January 13, 2004 @01:34PM (#7964503) Homepage Journal
    Didn't I hear something not too long ago that Versign was going to spin off the Network Solutions company? At least then there would be two seperate companies running these central databases.
  • Imagine... (Score:3, Funny)

    by suwain_2 (260792) on Tuesday January 13, 2004 @03:12PM (#7965365) Journal
    The technology we trust most, in the hands of the company we trust most!
  • Seeing how Verisign is completely and utterly incompetent, the RFID database should be dead within 12 months.

    Wait until the first paying customer looks up their office supply product, and Verisign's database returns "Adult Sexual Aid"

  • by ciphertext (633581) on Tuesday January 13, 2004 @03:30PM (#7965571)

    Why not simply adapt the UNSPSC codes to work with RFID technologies? UNSPSC codes are already used around the world for working with material goods. In addition, all of the world's ERP systems including the market leading SAP R/3 support UNSPSC codes. So, instead of receiving a UNSPSC code through a Purchase Order, Invoice, or Purchase Requisition, the software would receive the RFID transmission of its UNSPSC code.

    Wouldn't it be possible for companies to buy their own custom coded or blank RFID tags anyway? Who says you would have to subscribe to this format in the first place? Already there are competing standards on how e-commerce should be used. We have ebXML, cXML, and cbML. Sure it would be better if there was a single standard, but there isn't a way to force businesses to use such a standard. Why would RFID and EPC be any different?

    Finally, if I use SAP (for example) why would I need my RFID tags or any software to communicate with Verisign? Why wouldn't I want my R/3 system to be "the system of record" as it is for my accounting?

  • I suppose this means that eventually, any unregistered RFID tag scanned by anybody will result in a $2.00 (US) bill from "tagfinder" for using what must clearly be "their" property...
  • ...for a discreet, wearable RFID jammer.

I am not now, nor have I ever been, a member of the demigodic party. -- Dennis Ritchie

Working...