The Trouble with RFID 424
wintermute42 writes "Simson Garfinkel, author of Practical Unix & Internet Security along with Gene Spafford and Alan Schwartz,
has an article in The Nation on RFID tags. They're not just for tracking stuff. They can track you too."
Only if... (Score:2, Funny)
Re:Only if... (Score:4, Insightful)
Re:Only if... (Score:3, Insightful)
Re:Only if... (Score:3, Funny)
Re:Only if... (Score:3, Informative)
Re:Only if... (Score:4, Funny)
Re:Only if... (Score:3, Funny)
Re:Only if... (Score:2)
A small tag embedded into the heel of a shoe or the inseam of a leather jacket for inventory control could be activated every time the customer entered or left the store where the item was bought; that tag could also be read by any other business or government agency that has installed a compatible reader.
Unlike today's antitheft tags, every RFID chip has a
Re:Only a problem if you never change clothes (Score:5, Informative)
Sure, you change clothes, but what about your phone? What happens when you wear the same pair of shoes with different clotes? The data warehouse ties that serial number in with your profile and builds a profile of all the items you own. There's not an easy way to eacape that.
I work in datawarehousing. We have a system that processes about a billion transactions a day. Each record is far mor complex than than a simple RFID and station ID. We also tie multiple records together into transactions. The scenaro above could be very real.
Re:Only a problem if you never change clothes (Score:4, Funny)
The fashion police haul you away.
Re:Only a problem if you never change clothes (Score:5, Interesting)
With such a device you could scan your things and locate and remove the tags.
It shouldn't be too hard for the hardware hackers out there to come up with something like this.
Re:Only a problem if you never change clothes (Score:3, Insightful)
I don't have a problem saying no to sales people. I do take exception to being harangued, by name, from the moment I enter a store. My shopping day will be a lot more stressful if I have to say "Get the f*** away from me, I'm just looking" in every store I walk into. And if that sales person has been picked based on the type of salesperson you are most receptive to, it gets harder - I'm not talking the high schooler at radio shack here, but a well chosen personable salesperson, based on y
Hello darkness my old friend.... (Score:2, Funny)
RFID Zapper? (Score:5, Interesting)
Any EE types that are familiar with what it would take to do something like this?
Re:RFID Zapper? (Score:3, Informative)
Interestingly though i doubt many RFID tags would stand up to a hot wash, ple
Re:RFID Zapper? (Score:2)
They're supposed to withstand it. (Score:5, Informative)
They disconnect their antenna if they sense a surge to protect their circuitry.
And it makes sense -- if you're using these for tracking merchandice, you wouldn't want some shoplifter taking the RFID equivalent to a tazer with them, shorting out the RFIDs, and then walking out with your product.
(personally, I didn't see anything new from this article than any of the other articles posted before on the subject. I don't think there have been particular suggestions of targeting window shoppers, but the general proximity issues have mentioned repeatedly before)
What about your other RFID Tags??? (Score:2)
Use a microwave (Score:3, Informative)
Re:RFID Zapper? (Score:3, Interesting)
What about when you buy a new car...they're already using RFID for the keyless ignition. It's just a matter of time before they install EZPass/FastLane/WhateverItsCalledInYourArea in every new car without asking you. It won't be an obvious device in the corner of your windshield like it is now, it'll be hidden somewhere it's a pain to get to. Of course
Re:RFID Zapper? (Score:2)
And if you travel through five towns, you get five tickets.
Anyone with two feet and perhaps access to a car (Score:4, Funny)
Get over yourselves. Jeez.
Re:Anyone with two feet and perhaps access to a ca (Score:2, Insightful)
Re:Anyone with two feet and perhaps access to a ca (Score:5, Interesting)
With RFID we are now faced with situation where a simple globally unique tag is assigned to each RFID tag and can be tracked with simple electronics. A store can track your every movement with a dozen carefully placed receivers by tracking the RFID tag embedded in the soles of your shoes.
Malls could track walking patterns the same way, and by consolidating and minimg the data, they can probably match up anonymous tracking data with an individual by looking for things like credit card transactions.
This is not stuff of Sci-Fi or intregue novels, stores want this kind of information and they WILL be using it. Unfortunatly with my buisness hat on I know that RFID will never go away, it just has WAY WAY too many advangtages for stores ( inventory, shrink reduction, fraud protection,
Re:Anyone with two feet and perhaps access to a ca (Score:5, Insightful)
Here's an idea for a new community project: Mega RFID Vest Library
Go to the dump where multiple people are throwing away RFID-laden products. Snag the lil suckers off discarded food products, garments, appliances, liquor bottles, baby food.
Sew them onto a vest.
Lots of `em.
When you walk through the scanner you'll be ...... 246 different people.
Then, trade vests with others in other cities, other countries!
It will be scary when they put it in money... (Score:2)
Re:It will be scary when they put it in money... (Score:4, Interesting)
I'm always unsurprised... (Score:5, Insightful)
No kidding. Life takes on a similarity to the chessboard. There are no surprises in chess, just players not quite working out all of the move combinations.
Obligatory (Score:5, Funny)
Spam (Score:3, Funny)
question (Score:5, Interesting)
and carry them around with you. Will the readers
be able to read that when you pass by a scanner?
Re:question (Score:3, Insightful)
Tracking? No, more like targetting! (Score:5, Insightful)
Now, what companies will really be salivating over is the opportunity to market to you. If they can track all of the RFID tags on and around you, they can know so much about you that they can tailor advertising to you specifically. Just like Minority Report, only not so cool.
Just think of it as value adding. You're adding so much value to the coffers of manufacturers and advertisers!
Re:Tracking? No, more like targetting! (Score:3, Informative)
So, totally unlike the inroads that have been made with pinpointing the location of mobile phones?
It doesn't take a genius (note: I don't mean you) to figure out that it's not the application of something that matters, but the possible application, and given that corruption exists, and the ability to track will exist, someone will use it.
Hell, just go take a look at how much tracking has infiltrated
Great SPAM everywhere you go..WTF (Score:3, Funny)
RFID scanner picks up the condom in his wallet
60inch Plasma Monitor: Greetings Mr. Smith, it's been 60 months since you last purchased that box of Troy Extra Super Ribbed, the one in your pocket has expired, would you like to purchase some more?
If you liked that item, you may find these appealing: Super Personal Lube 3000, Peanut Butter & Chicken Flavored body oil, Hustler Magazine, MIT:Technology Review, Kraft Macaroni & Cheese.
of course the only reason you c
Re:Tracking? No, more like targetting! (Score:2)
Please tell me specifically what they can do with this. Enquiring minds want to know.
Re:Tracking? No, more like targetting! (Score:5, Insightful)
You're confused - addressing national security concerns is good. Unless you remove constitutionally guaranteed freedoms and move closer to a police state in the process. No, do not take citizens' freedoms away or introduce processes that ease potential abuse.
You're confused - national security is not being served, and our reserves are being wasted. Your tax dollars and mine pal. Our borders are not any safer than they were pre September 11 - the Homeland Security department is doing a bad job. Even networks like Fox News are pointing this out. If you've ever travelled through Israel you'd realize American "security" is a joke.
Which part of September 11 did you like? All of it?
There is a part of your brain telling you that having the Patriot Act in its current incarnation is going to prevent another September 11. America's policies toward the Muslim world for years are what finally led up to our September 11. George W. Bush's alienation of practically every other country on this planet may eventually lead to another September 11.
Since I knew people who died in those towers, and since some of my best friends happened to make it out alive, from where I stand your question there is pretty stupid.
A lot of people don't like our freedom and way of life.
We didn't achieve this way of life by looking the other way when legislation like the Patriot Act appears. This is exactly the kind of shit the first Americans rejected the Crown for. Fucking wake up.
Rules of conduct? Yeah, right... (Score:3, Interesting)
Rules of conduct like those in the previous slashdot story here? [slashdot.org]
Well, duh. (and other fun uses for RFID tags) (Score:3, Insightful)
Now, I on the other hand, have a want for them. I think they could be fun to hack around with. That is, I want my PDA to be able to read tags, and then I'll get a bunch of them. I'll tag my house up, so that I can get location-based alerts. The kind of thing GPS would be too big and clunky- and not accurate enough- to do. I can come up with all sorts of fun things to use RFID tags for in my own life that have nothing to do with being "targeted" better.
Slippery slope... (Score:5, Insightful)
What is that quote? Man is born free yet everywhere he is in chains
I do not like the idea of having every last bit of privacy removed. Between the new camera's my state is installing on highways, with radar guns, that send you a ticket in the mail, to having banks sell personal information to thrid parties so they can call me at dinner to offer me a great price on a satelite dish, this is getting out of control.
While some may say that government will never, ever use any technology in an illegal way, I would just say they have done it in the past. Nixon broke into the dem's headquarters. Other presidents have bugged the phones of political groups like the black panthers. And this current president has the "Patriot Act".
It scares me to think what government could do. 1984 is looking less like fiction and more like a prediction.
Re:Slippery slope... (Score:2)
Not that I'm happy about that you mind.
Re:Slippery slope... (Score:2)
Before all you point to western Europe as this place where this does not happen, travel thier sometime. Most Europian counties have a division that just tracks foreignors. When you move in,semi-permanent, you have to report to them and give them all information(fingerprints in some places, blood samples in other counties also). If you move, want to change job, want to marry a local pe
every last bit of privacy removed (Score:5, Insightful)
But IMHO, the US Constitution embodies the 1793 State-of-the-Art of distrust of Government and other concentrations of power. That's the whole reason that there are three branches with checks and balances - mistrust of the institution of government. No matter how trustworthy those in power may be today, there's no guarantee that the next batch will be so. Checks and balances were put in place to provide trust - through mistrust.
Had the Founding Fathers been able to foresee the capabilities of electronic surveillance, they would have codified Privacy into the Bill of Rights. Instead, they did what they could, focusing on late-18th century concerns.
Had the Founding Fathers known of the potential concentrations of power known as multinational corporations, they would have codified some sort of separation of Business and State. Instead, they focused on what they knew, separation of Church and State.
Not quite ready for prime time (Score:5, Insightful)
Happy Trails,
Erick
Re:Not quite ready for prime time (Score:2)
You're quite right about the firestorm. The technology to deactivate the RFID tags is dependent entirely on the Johnny punch clock who swipes it over the deactivator. My grandmother-in-law works at a Walmart at the return desk. When she is not talking about how the dirty c
Re:Not quite ready for prime time (Score:2)
This subject already covered millions of times! (Score:4, Insightful)
Re:This subject already covered millions of times! (Score:2, Insightful)
Do you recall a story fairly recently about one guy who using a great deal of very public infrastructure information, managed to put together a map that had the US government worried because it revealed information that was supposed to be classified?
It is the same thing, if you track the movements, with all the other tracking that is going on, it will be much easier to put together that information to get a complete dossier on a person if you want to. The real worry is not the data
I welcome my RFID tag (Score:5, Interesting)
The tracking lets them do severl things. First, they get accurate timing and immediate results. They can also track where you've been to make sure that people haven't cut parts off the course. Some people are too creative, a few years back a women hopped on the subway for part of the Boston marathon, but she went "too fast", they got suspicious and reviewed the surveillance cameras in the subway.
The latest cool thing was in Ironman Hawaii. They had video cameras setup on the course and the chip strapped to your ankle let them know your location all day. Then, you could order a personalized DVD with video of your race. Pretty cool idea, though I didn't personally buy one.
Some may see this as big brother, or a harbinger of things to come. Some of us, however, have been happily tracked by RFID for years - voluntarily! I wouldn't want this to be 7*24, without my permission.
Alan.
Re:I welcome my RFID tag (Score:2)
The reason they wear the tags is because if something happens, there is some information about themselves which people can use. It all started when someone was killed/severly injured (not sure which) when training on the roads and nothing could be done because an identity could not be resolved for a long time.
The tags are named after the person who's unfortunate acci
Re:I welcome my RFID tag (Score:2)
But when it's used to track me after I buy something, or without my knowledge, then I get very very cranky.
Re:I welcome my RFID tag (Score:2)
Re:I welcome my RFID tag (Score:2)
Your tag is invalid and useless after your race. The reader is gone.
Volition and benefit (Score:5, Funny)
In the scary case, WalMart puts an RFID tag on my tighty-whities and then I go to Target and over the intercom comes a voice that says, "John Allman, Welcome to Target. We have tighty-whities for sale."
Personally, I am learning to sew.
Re:Volition and benefit (Score:2)
And that's what you call *scary*? Don't go to any horror movies; your heart would never take the strain.
The only scary thing I see about it is if I were a Target stockholder and I found they were wasting my money on schemes to sell stuff to people who had just bought the same stuff elsewhere and thus do
Rosie Ruiz (Score:4, Informative)
I talked to one of the runners last year about it and we were laughing over the story. we also have a lot of ham radio operators in the city who broadcast results as they're anounced; i'm wondering what's next with RFID. Will hardcore athletes just have permanent chips in their bodies? Or will they be embedded in the sneakers?
Overstatement (Score:2)
So really, is it a big deal? Getting the tag off my groceries when I get home compared to just being able to walk out the supermarket with my groceries in a bag and have the bill ready instantly is a pretty small price to pay. Yeah, they can track what I've bought, but honestly, what's that goi
tin foil hat (Score:3, Funny)
Re:tin foil hat (Score:2)
You mean like this guy [battlestargalactica.org]
Re:tin foil hat (Score:3, Insightful)
Paranoia (Score:2, Interesting)
Chicken little? (Score:2, Insightful)
Hell, I look forward to the day I can just load up my cart with groceries and head out of the store without bothering to stop at a cash register. My purchases are already matched to my credit card account in their internal inventory anyhow, and I'm openly 'opting in' by using the system.
I wonder what Slashdot would have been like i
Re:Chicken little? (Score:2)
I look forward to cloning your tag and doing the same thing.
What's the figure on global credit card fraud? Something in the billions?
Get a clue (Score:5, Insightful)
The problem is (as always was and always will be) how people use a technology.
RFID (or any other technology) is not necessary for a police state as demonstrated by many examples in the past.
You privacy can be (or most probably: was) violated without RFID too.
To protect your privacy you need a society that values privacy and have laws that express this. If you do not have that then you are swimming against the flow and your are doomed to failure, no matter if RFID is used or not.
I would like to point out Europe: there are privacy laws that basically say the following:
If you have such laws (and have them enforced) then there is no need to fear RFIDs - but if you don't have them, RFIDs should be the least of your worries.
Re:Get a clue (Score:2)
What's in a name... (Score:5, Funny)
Second, can I withstand the desire to crack a Simon & Garfunkel joke? I mean, almost all the letters are there...
Hello R-F my old friend,
I've come to talk with you again.
Because the data softly creeping
I am just lying here weeping
Because a hacker
Just stole my identity...
And now my bank account is silenced.
Re:What's in a name... (Score:2)
Missing the obvious (Score:2, Insightful)
How dare they! (Score:2, Funny)
Lets swap tags (Score:2, Funny)
The alternative is to wrap ourselves in tin-foil. Hmmm.. I wonder is metallic clothing will soon be fashionable. Maybe that's why all those SciFi movies have peopl
Re:Lets swap tags (Score:2)
And if they make the tags hard to get out, people will form groups and shop for each other. What fun.
What is the range.... (Score:2)
Could they be used for automatic purchase ? You have your RFID and the products RFID's and you leave the shop the items are automatically placed on you 'tab' . Pain free shopping and no cueing at the checkouts. Some super markets here allow you to tot up your shopping this would just be the next logical step.
You could have it such that there is a little reader on a shopping basket that tells you how much you are spending, nutrition information etc...
They could also be used at toll bo
Re:What is the range.... (Score:3, Informative)
Privacy invasion OK as long as it's for sales? (Score:5, Interesting)
Is it acceptable to invade your privacy as long as it is for the purpose of selling you stuff?
Privacy advocates tend to emphasize the danger that systems put in place for the purpose of selling you stuff might later be used for purposes of political repression. This is a real concern, but a relatively remote one. It's a slippery-slope, speculative, "if this goes on" kind of argument. Yes, I know (mostly from reading Slashdot!) that there have already been instances of such usage creep.
Let's suppose--implausible, of course, but suppose--that you could somehow guarantee that RFID tags, and all the information that companies gather on you in all sorts of ways, could be freely exchanged by companies for the purposes of selling you stuff, but could be perfectly secured against any other kind of use whatsoever.
Would that be all right, or not?
Re:Privacy invasion OK as long as it's for sales? (Score:2, Insightful)
Re:Privacy invasion OK as long as it's for sales? (Score:4, Interesting)
Or, is it better that everyone remain anonymous, put their dollars in the pot, and the insurance rate is based on the average actions of the individuals grouped by the limited information the insurace company is allowed to collect on you?
Also by the same author... (Score:2)
Re:Also by the same author... (Score:2)
But I love that book, quite funny.
It really nice to read that unix stuff that drives me crazy(terminals, root, etc), they slam and say why it is so messed up.
Granted it is old and most of the problems have been fixed, but still funny.
Paint me a real picture (Score:3, Insightful)
All I usually get is "Stores will build a database, and then Homeland Security will do, um, something." Followed by handwaving and dubious slippery slope arguments that usually imply a continent spanning sensor net that sounds like a cross between Tom Clancy and Vernor Vinge.
Someone connect the dots here. The article didn't do a very good job.
Or is this just modern mythology, like people hiding in their homes worrying about wererwolves and vampires and witches in centuries past?
Countermeasures? (Score:2)
Consumer group against RFID (CASPIAN)... (Score:4, Informative)
RFID trials in the UK (Score:2, Informative)
The scheme used intelligent tags that "hold just the number unique to each garment. When scanned against an M&S database, the tag would only give information related to the prod
I must ask why. (Score:3, Insightful)
RFID isn't a household word today, but within the next few years manufacturers hope to put it into many household products.
Why would these be needed in 'household products'? I understand they want to track merchandise, but this could be accomplished by putting an RFID sticker on the bottom of the product. That way, you take it home and tear the sticker off when you take it out of the box.
Perhaps, for clothing, just put an RFID on the main tag. I've worked for a clothing store who used the locking pin security devices found in most stores. They work wonderfully, as you have to destroy the garment to steal it and it only costs a couple of thousand to enough of those things to last a lifetime. I do not see the flaw that needs a new product, not in regards to clothing.
Both Wal-Mart and the US military have already told their hundred largest suppliers that cartons and pallets must be equipped with unique RFID tags by January 2005.
This is what I would like to see RFID used for. This will really speed things up at distribution centers, as a forklift coming off a trailer will simple have to drive through the dock doors (assuming the sensor would be there) to put an entry in the company's database saying "this pallet entered the building", meanwhile the operator keys into the computer on his forklift the actual product count.
For people who will "bite" and say something about computers on forklifts, they have been around for over a decade. I know, I fabricated a prototype mounting platform for a small, wireless computer back in 92. They had blueish LED displays, and were shaped similar to an old RS Model 100 portable, but housed in a sturdy black metal case. I made a nice adapter for Crowne forklifts that allowed the operator to swivel, tilt, and adjust it to his/her most comfortable viewing position. Too bad I didn't know anything about patents back then. They started using this design at all their distribution centers, which equates to thousands of lift trucks.
I do not miss working for Kraft foods. We had weekly 'rallies' where the managers would have a guest speaker. The most memorable one was Penske (wealthy bastard) came to tell us what a great job we were doing, then proceeded to talk about efficiency for the next 45 minutes. More often than not, everyone left with a broken sense of pride due to wealthy investors talking to us like we were children. It seemed that after every meeting, new poop would appear on the bathroom walls.
Brilliant Plan (Score:2, Funny)
Correlate that, bitches!
If they do it (Score:2)
Some great new product opportunities (Score:5, Insightful)
RFID Super Scanner - Scan your surroundings and your stuff for RFID tags. Pinpoints the location exactly.
RFID Mega Zapper - A high energy directed radio energy impulse designed to fry the electronics in your RFID tags. Great fun for vandals in stores! Smack your enemy's wallet!
RFID Spoofer - A programmable device that returns the RFID code of your choice. Great for making a copy of you luxury car key! Or your neighbours. Have fun in stores after Zapping (TM) a RFID tag and replacing it with a Spoof(TM)!
RFID Data Miner - Build your own database of RFID tasks. Now you can do your own surveillance and track people. Also good in parking lots when you want to know what RFID code to feed into your spoofer for easy access to that nice car.
RFID Jammer - A fun little DOS device that emits radio frequences to blind RFID readers.
RFID Database Feeder - This device emits thousands of new random RFID codes every second. Great for filling the databases of those eager RFID code collectors.
I think most of these tools can be built easily and are not science fiction. If they can be built, they will.
Seriously, do you think RFID techniques makes the society more or less vulnerable for attacks?
Distance too short for effective tracking? (Score:3, Interesting)
The 'myths' of RFID [rfidasia.com] - from an industry group, but might be worth a read - even the people selling these things [intersoft-us.com] are only claiming ranges of 10-50cm.
Predictions (Score:2)
Parents will have the ability to track their teens, and when kids find a technology that will subdue the signal, that technology will be derided as The Greatest Evil Threatening Our Children{tm}, surpassing Cough Medicine.
NOW I'M WORRIED. (Score:5, Funny)
It seems like a paranoid fellow can't even buy alumunum foil anymore without being monitored.
Now what'll I use to line my Official Area 51 Ball Cap?
This has already been addressed (Score:3, Informative)
Welcome to WalMart.... (Score:3, Funny)
Customer #4323423432 Scan Results:
Product: Jams, Size Medium: M, Style: 11, Color: Blue, Purchased at Target
Product: OP Sunglasses, Style: 13, Color: Blue, Purchased at Target
Alert!: Customer Has No Shirt On!
Alert!: Customer Has No Shoes On!
Security Dispatched
Computed Customer Loyalty Discount: -10%
'Out' Door Scan Results:
Customer #4323423432 Scan Results:
Product: Jams, Size Medium: M, Style: 11, Color: Blue, SN:1232mdsfskd2, Purchased at Target
Product: OP Sunglasses, Style: 13, Color: Blue, Purchased at Target
Product: Mens Medium T-Shirt Style 1404A, Purchased at Walmart
Product: Mens Burkenstocks Size 10 Style 14A, Purchased at Walmart
Shipping Time: 1h 14m. Last visit (By Jams SN) Oct 11, 2003. Approximate customer weight 140lbs. Customer Type: 'Surfer Dude'
Customized 'sufer dude' email and circulars flagged for next mailing cycle.
Positive Step for the Logistics Industry (Score:3, Informative)
The problem with this article (Score:3, Insightful)
Something's a little fishy here... (Score:3, Insightful)
I have a question: how long before this system becomes unwieldy. If we're going to track every product sold worldwide, how big will the string have to be? Furthermore, at what point will a database of said string's become unwieldy, and at what point will it become worthless to maintain all that data?
The retail RFID plans I've seen don't have a unique serial number for every item. They have a unique serial number for every type of item, kind of like a barcode. Granted, that may pose some minor privacy issues of its own. But those problems are minor, and no worse than paying with a credit card.
More to the point, RFIDs have the potential to save businesses billions -- kind of like barcodes did. And, like with barcodes, those savings will most probably be passed to the consumer.
A new business opportunity (Score:5, Funny)
This month's special - your RFID tags get a tour of the White House! And maybe even a chance to meet the president's RFID tags. Register soon as there are only a few openings available each year.
Re:Battery life & short range makes it impract (Score:2)
Re:Battery life & short range makes it impract (Score:2, Insightful)
The RFID tags that we're talking about DON'T have batteries. Only active RFID tags do, and those are an extremely small percentage. Do you really think they would place an expensive battery powered RFID tag in every shoe?
-------
Condoms already had RFIDs (Score:4, Funny)
Re:Orson Scott Card (Score:2)
Oh wait, our sheep will probably have RFID tags in them too...
Seriously though... what they should mandate is that products with RFID tags should be labeled as such. "This product contains a Radio Frequency Identification Tag"
Probably illegal (Score:3, Informative)
In the U.S. it is against the law to own/operate a device whose sole purpose is to interfere with communication across the radio spectrum. The obvious exceptions are the military and other govt. agencies. I think that the "jammer" would violate the law. However, if the jammer wasn't really a "jammer" but a device that would generate a localised EMP pulse, you could permanently disable the tag. That oddly wouldn't land you in jail, as they would have to prove that the tag wasn't "broken" and that you did