Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Privacy Your Rights Online Technology

The Trouble with RFID 424

wintermute42 writes "Simson Garfinkel, author of Practical Unix & Internet Security along with Gene Spafford and Alan Schwartz, has an article in The Nation on RFID tags. They're not just for tracking stuff. They can track you too."
This discussion has been archived. No new comments can be posted.

The Trouble with RFID

Comments Filter:
  • Only if... (Score:2, Funny)

    by caston ( 711568 )
    your stupid enough to forget to rip the tag off your shirt after you buy it.

    • Re:Only if... (Score:4, Insightful)

      by wiggys ( 621350 ) on Thursday February 05, 2004 @09:57AM (#8188553)
      And what if "your" too stupid not to spot the one they hid in the button of the shirt, or the sole of your shoes?
      • Re:Only if... (Score:3, Insightful)

        by zelphior ( 668354 )
        Just throw everything you buy from Wal-Mart in the microwave for a few seconds. I'm sure the RF static from the microwave should be enough to fry any circuits in your clothes.
        • I don't think your new pet fish/hamster/whathaveyou would like that very much...
        • Re:Only if... (Score:3, Informative)

          by Anonymous Coward
          This has been discussed. RFID-tags can be designed to withstand such treatment (shielding plus decoupling the antenna in overload situations). Besides, even if it worked it wouldn't save you: RFID tags will be embedded in things which you don't want to fry because you would destroy the useful function as well (_anything_ with electronics, your watch for example).
        • by dahamsta ( 161956 ) on Thursday February 05, 2004 @10:56AM (#8189159) Homepage
          Just throw everything you buy from Wal-Mart in the bin, save yourself the worry.
    • Hmm, and I just bought some tshirts the other day that were advertised as "tagless". Perhaps if I took a scissors to random parts of my clothes?
    • RFID is such a potentially dangerous technology because RFID chips can be embedded into products and clothing and covertly read without our knowledge.

      A small tag embedded into the heel of a shoe or the inseam of a leather jacket for inventory control could be activated every time the customer entered or left the store where the item was bought; that tag could also be read by any other business or government agency that has installed a compatible reader.

      Unlike today's antitheft tags, every RFID chip has a

  • Oh wait...
  • RFID Zapper? (Score:5, Interesting)

    by flinxmeister ( 601654 ) on Thursday February 05, 2004 @09:54AM (#8188526) Homepage
    So how feasible is a "zapper" that will render RFID's useless? The idea is you come home and run your new purchases throught some sort of scanner...and poof! Normal merchandise again.

    Any EE types that are familiar with what it would take to do something like this?
    • Re:RFID Zapper? (Score:3, Informative)

      Just off the top of my head Its probably quite difficult. All the RFID chip is doing is responding to an outside pulse and using the pulses energy to respond back. You would need a fairly, powerful EM (electromagentic) source to fry the thing which aren't too easy to get access to. It probably wouldn't be too clever if you wearing it as well. (unless of course you believe that mobiles phone transmitters aren't bad for you either)

      Interestingly though i doubt many RFID tags would stand up to a hot wash, ple
      • Most commercial grade ICs can handle up to 70 deg celcius. It's not terribly uncommon for ICs to be able to handle 100C+. Since these guys have no need for external connections I imagine that making them water proof would be fairly simple. Just give them a good dip in epoxy.
    • by oneiros27 ( 46144 ) on Thursday February 05, 2004 @10:29AM (#8188846) Homepage
      My understanding, based on earlier articles that have been posted on this website, is that the RFID tags are specifically built to withstand these sorts of problems.

      They disconnect their antenna if they sense a surge to protect their circuitry.

      And it makes sense -- if you're using these for tracking merchandice, you wouldn't want some shoplifter taking the RFID equivalent to a tazer with them, shorting out the RFIDs, and then walking out with your product.

      (personally, I didn't see anything new from this article than any of the other articles posted before on the subject. I don't think there have been particular suggestions of targeting window shoppers, but the general proximity issues have mentioned repeatedly before)
    • Sure, maybe you can zap your cloths, or scan them and remove hidden tags, but what about other tags they are going to force you to carry? Store scanners can scan your car keys, credit cards, gas speedpass, security card for your office and then start linking all of this information together to track you. If corporations and the government get their way, RFID tags will be in many things we can't do without (maybe even driver's licences or national ID cards?). Add to that scanners at key locations and the
    • Use a microwave (Score:3, Informative)

      by tunabomber ( 259585 )
      Given what a microwave does to a light bulb [wwu.edu], I'd expect it would be pretty useful in destroying electronics. Note that a burnt-out lightbulb will still glow in a microwave, and for this reason I doubt that simply disconnecting the antenna from the RFID circuit will have any effect since the whole circuit will be getting irradiated. Also, don't forget to have the clothes in a pyrex pan full of water or something- unless you want there to be a burnt hole in the garment where the RFID tag was.
  • Anyone can track you. Really. All it takes is a notebook and pencil.

    Get over yourselves. Jeez.
    • Right, but nobody can track thousands of people simultaneously and find patterns and "alleged links with so-and-so" with a computer.
    • by _LORAX_ ( 4790 ) on Thursday February 05, 2004 @10:05AM (#8188632) Homepage
      What you fail to address is that takes a vehicle and one or two dedicated people per person being tracked. This is the way it should be.

      With RFID we are now faced with situation where a simple globally unique tag is assigned to each RFID tag and can be tracked with simple electronics. A store can track your every movement with a dozen carefully placed receivers by tracking the RFID tag embedded in the soles of your shoes.

      Malls could track walking patterns the same way, and by consolidating and minimg the data, they can probably match up anonymous tracking data with an individual by looking for things like credit card transactions.

      This is not stuff of Sci-Fi or intregue novels, stores want this kind of information and they WILL be using it. Unfortunatly with my buisness hat on I know that RFID will never go away, it just has WAY WAY too many advangtages for stores ( inventory, shrink reduction, fraud protection, ... ) gone will be the days that people could walk into a large store, take something off the selves and return it to the sevice counter ( it was a gift and I don't have a recipt ).
  • ...as then everything will be tracked. People and transactions. :/
  • by smittyoneeach ( 243267 ) on Thursday February 05, 2004 @09:57AM (#8188546) Homepage Journal
    When people act surprised about information.
    They're not just for tracking stuff. They can track you too.
    No kidding. Life takes on a similarity to the chessboard. There are no surprises in chess, just players not quite working out all of the move combinations.
  • Obligatory (Score:5, Funny)

    by Anonymous Coward on Thursday February 05, 2004 @09:57AM (#8188548)
    In Soviet Russia RFID tracks you. Wait... that's not right is it?
  • Spam (Score:3, Funny)

    by Anonymous Coward on Thursday February 05, 2004 @09:57AM (#8188552)
    Great. We'll have inboxes filled with "Track your neighbour" and "Generic RFID removal" in no time.
  • question (Score:5, Interesting)

    by Anonymous Coward on Thursday February 05, 2004 @09:58AM (#8188561)
    What happens if you collect about 1000 RFID devices
    and carry them around with you. Will the readers
    be able to read that when you pass by a scanner?
    • Re:question (Score:3, Insightful)

      by ragnar ( 3268 )
      Whereas a UPC is a common identifier among like items I believe RFID contains globally unique identifiers that are de-registered at the store upon sale, so they shouldn't trigger anything. Maybe someone else can shed more light on this, but I think they probably considered this scenario.
  • by 31415926535897 ( 702314 ) on Thursday February 05, 2004 @09:59AM (#8188568) Journal
    You're thinking about this all wrong. Take off your tin-foil hats, nobody really wants to 'track' you.

    Now, what companies will really be salivating over is the opportunity to market to you. If they can track all of the RFID tags on and around you, they can know so much about you that they can tailor advertising to you specifically. Just like Minority Report, only not so cool.

    Just think of it as value adding. You're adding so much value to the coffers of manufacturers and advertisers!
    • "You're thinking about this all wrong. Take off your tin-foil hats, nobody really wants to 'track' you."

      So, totally unlike the inroads that have been made with pinpointing the location of mobile phones?

      It doesn't take a genius (note: I don't mean you) to figure out that it's not the application of something that matters, but the possible application, and given that corruption exists, and the ability to track will exist, someone will use it.

      Hell, just go take a look at how much tracking has infiltrated
    • Individual walks into the drugstore

      RFID scanner picks up the condom in his wallet

      60inch Plasma Monitor: Greetings Mr. Smith, it's been 60 months since you last purchased that box of Troy Extra Super Ribbed, the one in your pocket has expired, would you like to purchase some more?

      If you liked that item, you may find these appealing: Super Personal Lube 3000, Peanut Butter & Chicken Flavored body oil, Hustler Magazine, MIT:Technology Review, Kraft Macaroni & Cheese.

      of course the only reason you c

  • by tuxette ( 731067 ) * <tuxette@nOSPAM.gmail.com> on Thursday February 05, 2004 @09:59AM (#8188574) Homepage Journal
    But companies that are pushing RFID tags into our lives should adopt rules of conduct: There should be an absolute ban on hidden tags and covert readers. Tags should be "killed" when products are sold to consumers. And this technology should never be used to secretly unmask the identity of people who wish to remain anonymous.

    Rules of conduct like those in the previous slashdot story here? [slashdot.org]

  • by RevAaron ( 125240 ) <revaaron@@@hotmail...com> on Thursday February 05, 2004 @10:00AM (#8188576) Homepage
    Who didn't figure that RFID tags will be used to track us- the consumers? Hell, that may be even a better use for them than inventory tracking... They get about the perfect picture of what products we use, when and to an extent how. The marketers wet dream. And of course the definition of propriety will be stretched, bent and broken during the courtship of RFID tags.

    Now, I on the other hand, have a want for them. I think they could be fun to hack around with. That is, I want my PDA to be able to read tags, and then I'll get a bunch of them. I'll tag my house up, so that I can get location-based alerts. The kind of thing GPS would be too big and clunky- and not accurate enough- to do. I can come up with all sorts of fun things to use RFID tags for in my own life that have nothing to do with being "targeted" better. :)
  • Slippery slope... (Score:5, Insightful)

    by John Seminal ( 698722 ) on Thursday February 05, 2004 @10:00AM (#8188582) Journal
    Indeed, such warnings might once have been dismissed as mere fear-mongering. But in today's post-9/11 world, in which the US government has already announced its plans to fingerprint and photograph foreign visitors to our country, RFID sounds like a technology that could easily be seized upon by the Homeland Security Department in the so-called "war on terrorism." But such a system wouldn't just track suspected Al Qaeda terrorists: it would necessarily track everybody--at least potentially.

    What is that quote? Man is born free yet everywhere he is in chains

    I do not like the idea of having every last bit of privacy removed. Between the new camera's my state is installing on highways, with radar guns, that send you a ticket in the mail, to having banks sell personal information to thrid parties so they can call me at dinner to offer me a great price on a satelite dish, this is getting out of control.

    While some may say that government will never, ever use any technology in an illegal way, I would just say they have done it in the past. Nixon broke into the dem's headquarters. Other presidents have bugged the phones of political groups like the black panthers. And this current president has the "Patriot Act".

    It scares me to think what government could do. 1984 is looking less like fiction and more like a prediction.

    • I like to think that a combination of 1984 and brave new world is where we're heading for.

      Not that I'm happy about that you mind.
    • It is time the US government did something to track foreign visitors, now if they just make use of the new technologies.

      Before all you point to western Europe as this place where this does not happen, travel thier sometime. Most Europian counties have a division that just tracks foreignors. When you move in,semi-permanent, you have to report to them and give them all information(fingerprints in some places, blood samples in other counties also). If you move, want to change job, want to marry a local pe
    • by dpilot ( 134227 ) on Thursday February 05, 2004 @11:02AM (#8189233) Homepage Journal
      Some are quick to say that the US Constitution guarantees no right to privacy.

      But IMHO, the US Constitution embodies the 1793 State-of-the-Art of distrust of Government and other concentrations of power. That's the whole reason that there are three branches with checks and balances - mistrust of the institution of government. No matter how trustworthy those in power may be today, there's no guarantee that the next batch will be so. Checks and balances were put in place to provide trust - through mistrust.

      Had the Founding Fathers been able to foresee the capabilities of electronic surveillance, they would have codified Privacy into the Bill of Rights. Instead, they did what they could, focusing on late-18th century concerns.

      Had the Founding Fathers known of the potential concentrations of power known as multinational corporations, they would have codified some sort of separation of Business and State. Instead, they focused on what they knew, separation of Church and State.
  • by erick99 ( 743982 ) * <homerun@gmail.com> on Thursday February 05, 2004 @10:01AM (#8188592)
    I did a search on google news and read some articles about RFID. It was interesting to read that retailers, at this point, can only wish they had the tracking capabilities that RFID might be able to provide. I also read that some retailers have canceled plans to deploy RFID after getting firestorms of negative feedback from their customers. It will be interesting to see how this turns out. It's sort of a sociological technological showdown.

    Happy Trails,


    • I also read that some retailers have canceled plans to deploy RFID after getting firestorms of negative feedback from their customers. It will be interesting to see how this turns out. It's sort of a sociological technological showdown.

      You're quite right about the firestorm. The technology to deactivate the RFID tags is dependent entirely on the Johnny punch clock who swipes it over the deactivator. My grandmother-in-law works at a Walmart at the return desk. When she is not talking about how the dirty c
  • by Wonderkid ( 541329 ) on Thursday February 05, 2004 @10:01AM (#8188597) Homepage
    RFID on slashdot many times. Solution to this problem is simple. Avoid holding actual personal details on a central database. Yes, lets track what people buy and where they go, but only as an alias. IE, last month, 1287 people visited XYZ store in New York and purchased ABC jacket and then 376 of those people left the state. No need to log WHO they were. Simple really!
    • That is not the problem!

      Do you recall a story fairly recently about one guy who using a great deal of very public infrastructure information, managed to put together a map that had the US government worried because it revealed information that was supposed to be classified?

      It is the same thing, if you track the movements, with all the other tracking that is going on, it will be much easier to put together that information to get a complete dossier on a person if you want to. The real worry is not the data
  • by bunyip ( 17018 ) on Thursday February 05, 2004 @10:02AM (#8188600)
    I'm a triathlete and runner, we've been using RFID to track athletes for years. The main company doing this is Champion Chip. It's a small plastic device that you attach to your shoe or put on an ankle strap.

    The tracking lets them do severl things. First, they get accurate timing and immediate results. They can also track where you've been to make sure that people haven't cut parts off the course. Some people are too creative, a few years back a women hopped on the subway for part of the Boston marathon, but she went "too fast", they got suspicious and reviewed the surveillance cameras in the subway.

    The latest cool thing was in Ironman Hawaii. They had video cameras setup on the course and the chip strapped to your ankle let them know your location all day. Then, you could order a personalized DVD with video of your race. Pretty cool idea, though I didn't personally buy one.

    Some may see this as big brother, or a harbinger of things to come. Some of us, however, have been happily tracked by RFID for years - voluntarily! I wouldn't want this to be 7*24, without my permission.

    • A friend of mine does triathlon and he wears a name tag on his shoe. RFID tags could alos be used for this - they are small and light weight.

      The reason they wear the tags is because if something happens, there is some information about themselves which people can use. It all started when someone was killed/severly injured (not sure which) when training on the roads and nothing could be done because an identity could not be resolved for a long time.

      The tags are named after the person who's unfortunate acci
    • And that's fine. Using it to track runners, with their knowledge, for short periods of time (during a race) is not a problem. Nor, frankly, is using it to improve inventory management control.

      But when it's used to track me after I buy something, or without my knowledge, then I get very very cranky.
      • So set up an RFID swap club. Extract a few of the things and exchange them with comparative strangers. Have your club make up packets and mail them to other clubs. Poison the database.
    • You miss the point.

      Your tag is invalid and useless after your race. The reader is gone.
    • by The Ape With No Name ( 213531 ) on Thursday February 05, 2004 @10:23AM (#8188797) Homepage
      In this case, you willingly put it on in order to operate and interact with your community of runners. Basically, to see who is the best among you and to see what your time is for personal reasons.

      In the scary case, WalMart puts an RFID tag on my tighty-whities and then I go to Target and over the intercom comes a voice that says, "John Allman, Welcome to Target. We have tighty-whities for sale."

      Personally, I am learning to sew.
      • 'In the scary case, WalMart puts an RFID tag on my tighty-whities and then I go to Target and over the intercom comes a voice that says, "John Allman, Welcome to Target. We have tighty-whities for sale."'

        And that's what you call *scary*? Don't go to any horror movies; your heart would never take the strain.

        The only scary thing I see about it is if I were a Target stockholder and I found they were wasting my money on schemes to sell stuff to people who had just bought the same stuff elsewhere and thus do
    • Rosie Ruiz (Score:4, Informative)

      by SolemnDragon ( 593956 ) * <solemndragon AT gmail DOT com> on Thursday February 05, 2004 @10:58AM (#8189179) Homepage Journal
      Rosie Ruiz, [boston.com] i believe. Took the subway and dashed to the finish line. I live here in Boston, and while i can't run the marathons, almost everybody here knows someone who does- a doctor, a friend, a teacher or college student. And thanks to rosie, we see the rosie chips. You put it on your shoelace or what have you, and they use those as well as cameras. The checkpoints are set up along the course of the marathon. The marathon site is here. [bostonmarathon.org]

      I talked to one of the runners last year about it and we were laughing over the story. we also have a lot of ham radio operators in the city who broadcast results as they're anounced; i'm wondering what's next with RFID. Will hardcore athletes just have permanent chips in their bodies? Or will they be embedded in the sneakers?

  • Saying that a database that keeps the data of every person that does window shopping on your shop and reading every tag can "be built easily" might be true in a sense, but making sense of so much crap data is not.

    So really, is it a big deal? Getting the tag off my groceries when I get home compared to just being able to walk out the supermarket with my groceries in a bag and have the bill ready instantly is a pretty small price to pay. Yeah, they can track what I've bought, but honestly, what's that goi
  • by ch-chuck ( 9622 ) on Thursday February 05, 2004 @10:03AM (#8188607) Homepage
    Now I need a tin foil jumpsuit, boots, gloves and helmet.

  • Paranoia (Score:2, Interesting)

    by tttonyyy ( 726776 )
    Why is everyone so paranoid about being tracked with RFID? I've got nothing to hide, so I couldn't give a monkies if everyone knows where I am or if a store knows my purchase patterns. Heck, most of them already have this info thanks to my loyalty cards, and I don't see anyone making a big fuss about that!
  • Chicken little? (Score:2, Insightful)

    by Anonymous Coward
    If you gents keep screeching about the profound dangers of RFID for every single article, interview or news tidbit that comes out, folks are going to start ignoring your input.

    Hell, I look forward to the day I can just load up my cart with groceries and head out of the store without bothering to stop at a cash register. My purchases are already matched to my credit card account in their internal inventory anyhow, and I'm openly 'opting in' by using the system.

    I wonder what Slashdot would have been like i
    • "Hell, I look forward to the day I can just load up my cart with groceries and head out of the store without bothering to stop at a cash register."

      I look forward to cloning your tag and doing the same thing.

      What's the figure on global credit card fraud? Something in the billions?

  • Get a clue (Score:5, Insightful)

    by dabadab ( 126782 ) on Thursday February 05, 2004 @10:05AM (#8188628)
    Technology is not the problem.
    The problem is (as always was and always will be) how people use a technology.
    RFID (or any other technology) is not necessary for a police state as demonstrated by many examples in the past.
    You privacy can be (or most probably: was) violated without RFID too.
    To protect your privacy you need a society that values privacy and have laws that express this. If you do not have that then you are swimming against the flow and your are doomed to failure, no matter if RFID is used or not.
    I would like to point out Europe: there are privacy laws that basically say the following:
    • Personal information can only be collected with your approval (or if mandated by a law)
    • This information can only be gathered for specific purposes (of which you must be informed) and may only stored for a set period of time, which can not be unreasonably long.
    • You can request access to the information about you and request correction or deletion
    • Your info must be kept confidental and correct
    • Your personal information can be given to a third party only if the above requirements are fulfilled

    If you have such laws (and have them enforced) then there is no need to fear RFIDs - but if you don't have them, RFIDs should be the least of your worries.
    • Yeah, I have a great deal of respect for some of those European privacy laws. The one thing I don't know, though, is what you can do to a person or organization which ignores them. Can you slap the offender hard enough to hurt?
  • by lukewarmfusion ( 726141 ) on Thursday February 05, 2004 @10:06AM (#8188636) Homepage Journal
    like Simson Garfinkel. First of all, it's not exactly a common-sounding name to me. Maybe it is in other parts of the world.

    Second, can I withstand the desire to crack a Simon & Garfunkel joke? I mean, almost all the letters are there...

    Hello R-F my old friend,
    I've come to talk with you again.
    Because the data softly creeping
    I am just lying here weeping
    Because a hacker
    Just stole my identity...
    And now my bank account is silenced.
  • by plnrtrvlr ( 557800 )
    It would seem to me that all of the "take off your tin-foil hat" crowd are missing the obvious. Yes, I understand (and if you rtfa you'd see that the author does too) that the planned use of these tags are for very legitimate reasons, but hasn't anyone learned through history that abuse occurs? If some technology has the potential to be abused, then sooner or later, the government, spammers, advertisers or even Wal-Mart WILL abuse it and our privacy will be invaded. This isn't to say that laws governing the
  • This is an insult! No-one has the right to infringe our privacy like this! I for one will be boycotting all stores/establishments that use RFID. I find the idea of a device that can be used to track my movements and habits utterly reprehensible. Now, if you'll excuse me, I'm off to town to go shopping using my credit card and many clubcards.
  • If they are going to track us, why not make it fun. We can all get together and swap RFID tags. Some mischevious shoppers in Britain do that with their Tesco loyalty cards, so why not do it with RFID to. And if one person carries multiple tags from different people, then they can make it look like an entire flock of people are at the door.

    The alternative is to wrap ourselves in tin-foil. Hmmm.. I wonder is metallic clothing will soon be fashionable. Maybe that's why all those SciFi movies have peopl
    • Uhhuh. The loyalty-cards are a joke. People lend them all the time. I've even had store clerks *ask* if I would lend mine to the person behind me, who forgot his.

      And if they make the tags hard to get out, people will form groups and shop for each other. What fun.
  • ... of these things ?

    Could they be used for automatic purchase ? You have your RFID and the products RFID's and you leave the shop the items are automatically placed on you 'tab' . Pain free shopping and no cueing at the checkouts. Some super markets here allow you to tot up your shopping this would just be the next logical step.

    You could have it such that there is a little reader on a shopping basket that tells you how much you are spending, nutrition information etc...

    They could also be used at toll bo
    • The range isn't that great. In my Digikey catalog the tags made by TI-RFid have ranges listed as ranging from 60 to 200cm. For most of the tags the range was at most 100cm.

  • by dpbsmith ( 263124 ) on Thursday February 05, 2004 @10:16AM (#8188726) Homepage
    The big question, which, it seems to me, gets deliberately fuzzed in all of these discussions, is this:

    Is it acceptable to invade your privacy as long as it is for the purpose of selling you stuff?

    Privacy advocates tend to emphasize the danger that systems put in place for the purpose of selling you stuff might later be used for purposes of political repression. This is a real concern, but a relatively remote one. It's a slippery-slope, speculative, "if this goes on" kind of argument. Yes, I know (mostly from reading Slashdot!) that there have already been instances of such usage creep.

    Let's suppose--implausible, of course, but suppose--that you could somehow guarantee that RFID tags, and all the information that companies gather on you in all sorts of ways, could be freely exchanged by companies for the purposes of selling you stuff, but could be perfectly secured against any other kind of use whatsoever.

    Would that be all right, or not?
    • Interesting viewpoint, but it's actually the retailers more than the government that have me worried. I'm all for retailers tailloring their inventory/options/ whatever they make or do to my interests. That's what capitalism is all about. My purchase of a product is a vote for the continued production of that product. But you don't need to know my name to consider that. I worry about the scenario presented in "Minority Report" (as another poster pointed out)...where advertisements tailored to ME shout
    • by ferreth ( 182847 ) on Thursday February 05, 2004 @11:36AM (#8189647) Homepage Journal
      Hmm, How about when your life insurance premium is jacked up because they find out that you have been eating at various fast food vendors > 5 days a month? Same justification smoking, which is hard to hide now. You'd have to be more accountable to get the lowest rate, no less free, just that your actions would have more consequences.

      Or, is it better that everyone remain anonymous, put their dollars in the pot, and the insurance rate is based on the average actions of the individuals grouped by the limited information the insurace company is allowed to collect on you?

  • Be sure to check out other stuff by the author: The Unix haters Handbook [microsoft.com]. Quite fun (but somewhat old)!
    • I really like unix.

      But I love that book, quite funny.

      It really nice to read that unix stuff that drives me crazy(terminals, root, etc), they slam and say why it is so messed up.
      Granted it is old and most of the problems have been fixed, but still funny.

  • by HarveyBirdman ( 627248 ) on Thursday February 05, 2004 @10:36AM (#8188922) Journal
    Tell me why I should be quaking in my boots. I'm open minded, and have a strong libertarian (small "l") streak, so convince me.

    All I usually get is "Stores will build a database, and then Homeland Security will do, um, something." Followed by handwaving and dubious slippery slope arguments that usually imply a continent spanning sensor net that sounds like a cross between Tom Clancy and Vernor Vinge.

    Someone connect the dots here. The article didn't do a very good job.

    Or is this just modern mythology, like people hiding in their homes worrying about wererwolves and vampires and witches in centuries past?

  • Does anyone know if rather than zapping the tags as discussed in other posts, there might be possible countermeasures? For example, how much shielding would be required to block the signal? i.e. would it be possible for an industry to grow up providing shielded wallets, backpacks, purses, briefcases etc.? Or even *chaff* belts to drown the system with false readings?
  • by wherley ( 42799 ) * on Thursday February 05, 2004 @10:46AM (#8189045)
    This group, CASPIAN - Consumers Against Supermarket Privacy Invasion and Numbering [nocards.org] has information on RFIDs including Auto-ID: Tracking everything, everywhere [nocards.org]. The group is also against loyalty shopping cards for similar reasons.
  • One of the high street stores in the UK (Marks & Spencer) has just completed a pilot test at one of its stores. Worryingly the Department for Trade and Industry actually subsidised the scheme, even more worrying was of the 50 people who were intereview about RFID no one seemed to care or be aware of the technologies issues.
    The scheme used intelligent tags that "hold just the number unique to each garment. When scanned against an M&S database, the tag would only give information related to the prod
  • I must ask why. (Score:3, Insightful)

    by Awptimus Prime ( 695459 ) on Thursday February 05, 2004 @10:49AM (#8189076)
    I apologize for, maybe, missing the point but after looking at a few portions of the article, I am beginning to wonder why. For instance:

    RFID isn't a household word today, but within the next few years manufacturers hope to put it into many household products.

    Why would these be needed in 'household products'? I understand they want to track merchandise, but this could be accomplished by putting an RFID sticker on the bottom of the product. That way, you take it home and tear the sticker off when you take it out of the box.

    Perhaps, for clothing, just put an RFID on the main tag. I've worked for a clothing store who used the locking pin security devices found in most stores. They work wonderfully, as you have to destroy the garment to steal it and it only costs a couple of thousand to enough of those things to last a lifetime. I do not see the flaw that needs a new product, not in regards to clothing.

    Both Wal-Mart and the US military have already told their hundred largest suppliers that cartons and pallets must be equipped with unique RFID tags by January 2005.

    This is what I would like to see RFID used for. This will really speed things up at distribution centers, as a forklift coming off a trailer will simple have to drive through the dock doors (assuming the sensor would be there) to put an entry in the company's database saying "this pallet entered the building", meanwhile the operator keys into the computer on his forklift the actual product count.

    For people who will "bite" and say something about computers on forklifts, they have been around for over a decade. I know, I fabricated a prototype mounting platform for a small, wireless computer back in 92. They had blueish LED displays, and were shaped similar to an old RS Model 100 portable, but housed in a sturdy black metal case. I made a nice adapter for Crowne forklifts that allowed the operator to swivel, tilt, and adjust it to his/her most comfortable viewing position. Too bad I didn't know anything about patents back then. They started using this design at all their distribution centers, which equates to thousands of lift trucks. :O

    I do not miss working for Kraft foods. We had weekly 'rallies' where the managers would have a guest speaker. The most memorable one was Penske (wealthy bastard) came to tell us what a great job we were doing, then proceeded to talk about efficiency for the next 45 minutes. More often than not, everyone left with a broken sense of pride due to wealthy investors talking to us like we were children. It seemed that after every meeting, new poop would appear on the bathroom walls.
  • by Snosty ( 210966 )
    Cut off all your RFID tags and keep them somewhere safe. On a weekly basis get together with all your friends and put all your collective tags in one bucket. Take, at random, your share and carry them with you for that coming week. Repeat process next week. This way any data gathered through these tags would be a random assortment of movements from you and your friends.

    Correlate that, bitches!
  • There will be a market for chipset-free goods.
  • by pesc ( 147035 ) on Thursday February 05, 2004 @10:54AM (#8189140)
    There are some great new product opportunities in the new RFID-enabled world.

    RFID Super Scanner - Scan your surroundings and your stuff for RFID tags. Pinpoints the location exactly.

    RFID Mega Zapper - A high energy directed radio energy impulse designed to fry the electronics in your RFID tags. Great fun for vandals in stores! Smack your enemy's wallet!

    RFID Spoofer - A programmable device that returns the RFID code of your choice. Great for making a copy of you luxury car key! Or your neighbours. Have fun in stores after Zapping (TM) a RFID tag and replacing it with a Spoof(TM)!

    RFID Data Miner - Build your own database of RFID tasks. Now you can do your own surveillance and track people. Also good in parking lots when you want to know what RFID code to feed into your spoofer for easy access to that nice car.

    RFID Jammer - A fun little DOS device that emits radio frequences to blind RFID readers.

    RFID Database Feeder - This device emits thousands of new random RFID codes every second. Great for filling the databases of those eager RFID code collectors.

    I think most of these tools can be built easily and are not science fiction. If they can be built, they will.

    Seriously, do you think RFID techniques makes the society more or less vulnerable for attacks?
  • by blorg ( 726186 ) on Thursday February 05, 2004 @10:57AM (#8189165)
    As far as I recall, the *maximum* distance for passive RFID, under ideal conditions, is 1 meter. Shorter in 'ordinary' conditions. This is one of the reasons passive RFID is not likely to work for 'walk out of the shop' automatic payment, but also why it is also unlikely to be much use for person tracking.

    The 'myths' of RFID [rfidasia.com] - from an industry group, but might be worth a read - even the people selling these things [intersoft-us.com] are only claiming ranges of 10-50cm.

  • RFID will go into mainstrean acceptance when it is used to find a missing child. Then we'll find a wave of "Let No Child Be Un-Lojacked".

    Parents will have the ability to track their teens, and when kids find a technology that will subdue the signal, that technology will be derided as The Greatest Evil Threatening Our Children{tm}, surpassing Cough Medicine.
  • by GeneralEmergency ( 240687 ) on Thursday February 05, 2004 @11:16AM (#8189390) Journal

    It seems like a paranoid fellow can't even buy alumunum foil anymore without being monitored.

    Now what'll I use to line my Official Area 51 Ball Cap?

  • by kieran ( 20691 ) on Thursday February 05, 2004 @11:23AM (#8189479)
    As well as RFID jamming technology [zdnet.co.uk] being in development, the makers of the tags themselves want to find a decent compromise, such as a kill command [techweb.com].
  • by scorp1us ( 235526 ) on Thursday February 05, 2004 @11:24AM (#8189502) Journal
    Automatic 'In' Door Scan Results:
    Customer #4323423432 Scan Results:
    Product: Jams, Size Medium: M, Style: 11, Color: Blue, Purchased at Target
    Product: OP Sunglasses, Style: 13, Color: Blue, Purchased at Target

    Alert!: Customer Has No Shirt On!
    Alert!: Customer Has No Shoes On!
    Security Dispatched
    Computed Customer Loyalty Discount: -10%

    'Out' Door Scan Results:
    Customer #4323423432 Scan Results:
    Product: Jams, Size Medium: M, Style: 11, Color: Blue, SN:1232mdsfskd2, Purchased at Target
    Product: OP Sunglasses, Style: 13, Color: Blue, Purchased at Target
    Product: Mens Medium T-Shirt Style 1404A, Purchased at Walmart
    Product: Mens Burkenstocks Size 10 Style 14A, Purchased at Walmart

    Shipping Time: 1h 14m. Last visit (By Jams SN) Oct 11, 2003. Approximate customer weight 140lbs. Customer Type: 'Surfer Dude'
    Customized 'sufer dude' email and circulars flagged for next mailing cycle.

  • by PlatoShrimp ( 562704 ) on Thursday February 05, 2004 @11:34AM (#8189631)
    As a third-party public warehouse, my company is constantly looking at technologies to streamline the process of receiving, storing, and shipping material for our customers. Currently we receive inventory to our docks in two ways: 1. Material is received at the dock and put away in location by warehousemen. They record exactly what came in on a form and turn it in to the office staff who enter the information into the database. This relies on the warehouseman to count the material correctly, fill out the form correctly, then for the office staff to enter the data correctly. The system works, but there are many opportunities for data entry errors. One misread, miscount, mis-type and the data is bad. 2. Material arrives at the dock and barcodes are scanned. The data is uploaded to the system without any human interaction besides the original scan and a later check against the Bill of Lading that came with the load. Much better than the first method, but it comes with its own issues. For one, if the material is put into location, stacked high off the ground, reading barcodes for inventory purposes can be problematic. Also, it relies on a good quality barcode. A lot of our material arrives after long truck/train rides with the material rubbing and jostling against its neighbor resulting in many unreadable barcodes. RFID is the next logical step for us. For the material to cross from the truck/train to our dock and be read by an RFID reader without the warehouseman having to aim a laser at a possibly unreadable barcode would be nice. The customer would also be able to follow that particular RFID all the way from manufacturing through the distribution process. I understand privacy concerns, but in regard to the logistics industry I see RFID as a positive thing.
  • by jjshoe ( 410772 ) on Thursday February 05, 2004 @01:21PM (#8190964) Homepage
    The problem with this article is the simple fact that they start out by talking about passive rfids and then switch to ways they can be abused that would only work on ACTIVE rfids. The big difference? One has a battery and broadcasts its number a significant range.
  • by shylock0 ( 561559 ) on Thursday February 05, 2004 @02:06PM (#8191551)
    every RFID chip has a unique serial number

    I have a question: how long before this system becomes unwieldy. If we're going to track every product sold worldwide, how big will the string have to be? Furthermore, at what point will a database of said string's become unwieldy, and at what point will it become worthless to maintain all that data?

    The retail RFID plans I've seen don't have a unique serial number for every item. They have a unique serial number for every type of item, kind of like a barcode. Granted, that may pose some minor privacy issues of its own. But those problems are minor, and no worse than paying with a credit card.

    More to the point, RFIDs have the potential to save businesses billions -- kind of like barcodes did. And, like with barcodes, those savings will most probably be passed to the consumer.

  • by r_j_prahad ( 309298 ) <`r_j_prahad' `at' `hotmail.com'> on Thursday February 05, 2004 @02:55PM (#8192234)
    For a scant few bucks an hour, I will take your RFID tags out for a walk about the town. Spend a few more dollars, your RFID tags get to go to the opera, making you appear a very sophisticated gent. But skimp on the tip, and your tags spend a half hour in an alley known for prostitution and drugs.

    This month's special - your RFID tags get a tour of the White House! And maybe even a chance to meet the president's RFID tags. Register soon as there are only a few openings available each year.

Who goeth a-borrowing goeth a-sorrowing. -- Thomas Tusser