Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Wireless Networking The Internet Hardware

Hacking the RFID Network 213

Posted by michael from the ubiquitous-tracking dept.
An anonymous reader writes "The world's largest retailers are developing the EPC Network as the infrastructure for a global rollout of item-level RFID. In many ways this 'Internet of Things' resembles the ISBN system or CueCat's codes-to-content. But the network built for tracking consumer goods could also be used for intangible items: airline seats, music tracks or service calls."
This discussion has been archived. No new comments can be posted.

Hacking the RFID Network More

Hacking the RFID Network

Comments Filter:

  • Sounds like they're working (Score:5, Insightful)

    by Anonymous Coward on Tuesday July 13, 2004 @05:19PM (#9690953)
    on overusing this new system

    Track music downloads and service calls? That's billions of unique items every year. How many items do these RFID tags support?

    • Re:Sounds like they're working (Score:2, Informative)

      by Anonymous Coward
      It is possible for users to deploy up to 20 billion unique transponders. [slashdot.org]

      Google says that in here [kisseyet.co.uk] (maybe here? [216.239.41.104]) there's a claim of supporting up to 550 billion unique ID codes with this manufacturer.

      It seems to vary significantly depending on which provider you choose, but that's 91.6 RFIDs per human being on Earth. It's about 1800 RFIDs per human being in the United States.

      (PSA [anti-slash.org] of anti-slash)
      • actually that sounds like really poor design on someone's behalf - these things are supposed to become ubiquitous - wait 'till McDonalds starts using them for order tracking and the post office for mail tracking/sorting - they'll run out after a few years
        • Anyone know what the architecture to this system is? Are they having MS databases and MS windows clusters in the backend?

        • I don't think there will be any collision problem if they are re-used. If they are generated randomly, what are the chances that two RFID tags of the same number will meet in space and time? Probably not often enough to worry about, and then the difference should be obvious. A 2008 Post Office receipt vs. a 2021 can of baked beabs.
          • maybe not ... but unless the post office can distinguish between a letter currently being routed from the baked beans in a parcel (kind of implies a manufacturer portion to the number in much the way that MAC addresses are handed out)

            On the other hand selling RFID stamps kind of makes sense - they don't get postmarked, just used once, and can be used for routing along the way ... urgh - that means that junk mail doesn't even need to print addresses on the outside, just stick a stamp addressed to you ....

            • And yet I've known at least 2 people who claim to have had MAC address collisions (without doing things like changing the MAC via ifconfig). So even a manufacturer-doled-out system isn't going to be foolproof.

              What might make sense is to reserve a pool that expire every X number of years. Use that for perishables or disposables. Probably would need interim periods between expiration and re-activation.

              BTW the cost of putting RFID on mail, at least in the forseeable future, is prohibitive. Not for UPS style
              • > yet I've known at least 2 people who claim to have had MAC address collisions

                Make that three. Unfortunately, that happens, although it is very rare. However, how many bits are there in a MAC address? How many bits will there be in the RFIDs? Using totally BS statistics, if the MACs had had one more bit on the right-hand side, you might have only met one person with a collision. If they had 3 more, you probably never would have met one.

                Is there a predetermined ID length for the RFIDs?

    • Re:Sounds like they're working (Score:5, Informative)

      by Big Smirk ( 692056 ) on Tuesday July 13, 2004 @05:42PM (#9691160)
      Well, there is 96bits on info on the tag (the 64bit tags are already just about dead). The reprogrammable tags (unsecure) will have something like 196 bits of scratch space. Secure tags are laser programmed. Of those 96bits, some are dedicated to the same functions as the old UPC codes. But you can imagine 48 bits as a serial number. There are various EPC standards proposed that will dictate how many bits are dedicated to each data type.

    • Re:Sounds like they're working (Score:5, Funny)

      by Qrlx ( 258924 ) on Tuesday July 13, 2004 @05:44PM (#9691183) Homepage Journal
      I propose we begin tagging RFID tags with RFID tags, and feed the data into a meta-tracking database.
    • How many items do these RFID tags support?

      640k items should be enough for everybody

  • So this means.... (Score:5, Funny)

    by mboverload ( 657893 ) on Tuesday July 13, 2004 @05:22PM (#9690985) Journal
    I can track my porn collection internationally?
  • I knew they could be used as flotation devices- but now they're apparently virtual as well. That explains the problem with overselling flights I guess. They're selling VAPORSEATS (tm) (Patent Pending)

  • Since the article summary is cryptic... (Score:5, Informative)

    by GillBates0 ( 664202 ) on Tuesday July 13, 2004 @05:28PM (#9691038) Homepage Journal
    this is what I learnt about the system from a cursory read of the article:

    What they're saying is that RFID can be applied to intangible information - content rather than the physical media - just like ISBN/Library_of_Congress system uses an identifier for a book rather than an instance of it.

    In other words: RFID can be extended to apply to an entire class, rather than instances of it, as is usually done.

    Bet somebody'll mention how this is great for pr0n in the next 5 minutes.

  • FINALLY (Score:5, Funny)

    by surreal-maitland ( 711954 ) on Tuesday July 13, 2004 @05:29PM (#9691052) Journal
    at least someone will be able to find my remote control

    • Re:FINALLY (Score:5, Funny)

      by shut_up_man ( 450725 ) on Tuesday July 13, 2004 @06:02PM (#9691352) Homepage
      Hey, I'm looking forward to be able to type "grep socks".
    • Agreed. I would give up all my liberties for a device that would accurately tell me where my remote control is. Last time I found it in the refrigerator. Hopefully I was thirsty and I had beer, I could have left it in there for days...
    • Truth being said in jest dept: These tags are tiny. I'd love to be able to put one on my wife's glasses, my keys, my cell phone, etc., etc., and yes, most especially the remote controls. Then, with a reader, I could at least get a "warmer... warmer... colder..." guide to where the items were.

      Then there's the problem of misplacing the reader. I think I'd want to have it "want" to be in a docking station in a fixed location, and start making noise after a few minutes "away from home".

      • Re:RFID for finding all those misplaced things. (Score:2, Insightful)

        by Anonymous Coward
        The tags may be tiny, but the 4" antenna attached to each may be somewhat easy to spot.

        Assuming for the moment that we're talking about the passive RFID tags (such as those produced by Alien and Matrics), then the tiny chip on the tag gets its power by receiving the RF signal generated by the transmitter, and uses that power to send back a signal saying "here's my data".
        Now assuming the usual inverse square stuff, and allowing that the signal back from the chip is being sent with about 30 dB attenuation,

  • Hmmm (Score:3, Insightful)

    by Anonymous Coward on Tuesday July 13, 2004 @05:30PM (#9691055)
    RFID presents the same looming threat as bar codes.

    What does "hacking" have to do with any of this?
    • Comment removed based on user account deletion

      • Re:Hmmm (Score:2, Funny)

        by Trailwalker ( 648636 )
        And what looming threat do bar codes present?


        The requirement for shirt, shoes and a minimum age of 18 to be served alcohol.
      • And what looming threat do bar codes present?
        Why, the threat of having them tatooed on your forehead, of course!

    • Re:Hmmm (Score:3, Interesting)

      by pilgrim23 ( 716938 )
      Indeed. Does anyone have links to any sources for info on 1: eliminate or deactivate RFID chips in clothing and other itesm other then the old method of microwave which seems to have an adverse reaction to Andrew Jackson's eyball iirc from an earlier /. on this or: 2: how to tweak, hack, redirect, reprogram, re-tune, reset an RFID so that instead of denoting on the bill of lading that this airline seat is Joe Blow on his way to see his mistress in Newark, rather it is 1000 crates of pampers being shipp
      • I worked at an EMC research lab once, and they had a device made from a piezoelectric lighter and a big coil (originally used to measure current). The contraption would fry just about any electronic device held near the coil. Something like this should work with RFID tags, too.
        • > Something like this should work with RFID tags, too

          How close did it have to be to the tag? Would you first have to find out exactly where the tag was to kill it? (How hard is that, anyway?) I suppose you could just keep zapping different areas until the receiver stopped getting a signal, but that could be rather tedious.

  • So what happens .... (Score:5, Funny)

    by taniwha ( 70410 ) on Tuesday July 13, 2004 @05:30PM (#9691062) Homepage Journal
    if I make my own RFID object that pretends to be other stuff .... maybe lots of other stuff ..... ?

    "err sir ... you appear to be stealing an elephant from our store .... err um please turn out your pockets ... wait I was wrong you appear to be carrying the entire housewares department ..."

    • Re:So what happens .... (Score:4, Insightful)

      by taniwha ( 70410 ) on Tuesday July 13, 2004 @05:36PM (#9691101) Homepage Journal
      Ok - I was being rather tongue in cheek there ... but seriously what's to stop me walking through a store with an RFID sniffer and playing havoc with someone's inventory system when I exit?

      Could anyone who understands RFID perhaps enlighten us about what sorts of security is built into the system?

      • Re:So what happens .... (Score:5, Interesting)

        by hamsterboy ( 218246 ) on Tuesday July 13, 2004 @06:31PM (#9691602)
        I work kind of tangentially on my company's RFID products, so I don't know everything. From what I understand, Gen2 tags (shaping up to be the standard) support read, write, and kill operations. Reading can be done by anyone, but writing and killing may have password protection. If the password is not set, anybody can write or kill a tag.

        I'm not sure about security on the password exchange, but with how little thought seems to have gone into the other "standards", I wouldn't be surprised if it was plaintext.

        Hamster

        • > I wouldn't be surprised if [an RFID password] was plaintext.

          For devices that small, I don't necessarily think that it would be a password, per se, but just a short string of bits. In addition, these things aren't exactly PCs, with the power to handle encryption, so I believe it wouldn't really be a viable option.

          More likely, the RFIDs are premade with the n bit security key and if it 'hears' that key, it starts writing the next packet to its own memory, if it reads a respond request, it sends its ow

    • Re:So what happens .... (Score:4, Interesting)

      by LehiNephi ( 695428 ) on Tuesday July 13, 2004 @05:45PM (#9691195) Journal
      My first thoughts were exactly the same. What's to prevent you from building/buying/manufacturing + selling RFID denial-of-service devices? I can see Congress (or the FCC) quickly outlawing such devices, but how hard would it be to build one?

      Not only could you drive any Walmart's system into the ground (allowing someone to get away with shoplifting), but you could sabotage someone else, sending them into a no-cameras room for a visit with store security. I confess to some degree of ignorance here, but are there any mechanisms in place in RFID systems to prevent such sabotage/DOS attacks?

      One more point--what's to prevent ME from bugging the store and datamining everyone's shopping habits? I imagine an RFID detector would be simple to build, require little power, take little room, be easy to hide by the doors of a store, and would be able to intercept all radio traffic between the RFID tags and store equipment.(/me thinks for a second) Wow, that's kind of scary.
      • Personally, I want to build a quiet robot, no more than 3 inches tall (but flat and wide, 2' x 2' or so?). Cover the top with tile look alikes for the store under attack. From a distant B&W security camera, it should be invisible. Drive it around in a 24/7 walmart late at night, having it drag stuff off.

        RFID means it can actively search out the things I want it to find, without having to be so heavy on the remote control.
        • > From a distant B&W security camera, it should be invisible. Drive it around in a 24/7 walmart late at night, having it drag stuff off.

          Yes, it may look invisible, but security may become suspicious seeing a stereo walk off by itself.

      • Re:So what happens .... (Score:5, Informative)

        by hamsterboy ( 218246 ) on Tuesday July 13, 2004 @06:35PM (#9691627)
        Transmission ranges on these things are VERY short. Keep in mind that the FCC regulates how much power you can pump through a reader, and that the tag is powered entirely by this transmission. With an RFID tag mounted to the pricetag on a shirt, you'll be lucky to get 3 feet of transmission. Also, the tag will most likely be killed right after the customer's credit card is charged, so sitting outside the door won't get you any data at all.

        In answer to your first question, fairly difficult. You'd need an active device which listens for a query from a reader, and responds as though it were a tag. Also, the tag is just responding with essentially the same data as a barcode; any code that isn't in the master database in the sky will be ignored. And the readers can handle a large number of tags (read rate for some readers is >1000 tags/sec, and will only get better), so a DoS will be pretty difficult. Not something you'd wire-wrap in your garage.

        Hamster
        • You can mount an effective DOS. The tags, the collision-resistant ones, are listening for the responses of other tags, and trying to not transmit during them, and retransmitting after a random delay when a collision is detected. The DOS device would have to operate in a very similar way, but force collisions into the transaction - either by listening to the preambles of tag responses and broadcasting impulses at that moment, or by broadcasting series of short pulses or bursts, with less spacing than is the
      • -what's to prevent ME from bugging the store and datamining everyone's shopping habits?

        Practicality, perhaps? Odds are you don't care about an individual's shopping habits, or you'd be stalking him. So if you need to know what Walmart customers are buying lots of, why not just buy lunch for a Walmart stock clerk and ask him? Easier, and probably a lot more effective.

    • Re:So what happens .... (Score:2, Insightful)

      by wrc ( 99060 )
      Simple. Once it is ubiquitous, make it illegal to manufacture or sell any device that can interfere. Heck, make it illegal to even tell people how to make such a device.

      Hmm. How likely is that to ever happen?

  • Their "Object Name Service"... (Score:5, Informative)

    by tcopeland ( 32225 ) * <tom AT thomasleecopeland DOT com> on Tuesday July 13, 2004 @05:31PM (#9691072) Homepage
    ...piggybacks on DNS to look up manufacturer info. The spec is here [epcglobalinc.org]... nifty stuff!
    • The research group at MIT that preceded EPC global released GPL reference source code for an ONS client and server which I've been unable to locate online since EPC global took over. All I can recall is that they were on an mit.edu FTP site that was buried about 10 links down in the midst of their research papers. However, I do have the filenames and md5sums in case someone finds a mirror:

      ae99d2b01957e827e4b4eea0f5520d6e ons-1.0.tar.gz
      596126f77a460818902d4253c3927feb ons-content-server-1.0.tar.gz
      b65115

  • And no doubt, trackable. (Score:5, Insightful)

    by TyrranzzX ( 617713 ) on Tuesday July 13, 2004 @05:35PM (#9691099) Journal
    The major shortcoming of RFID tags is not their rollout in stores, it's that they want to do things like weave them into clothing fabric or hide them so you've got to work to get them out. I don't know about you, but that's a bit excessive. Moreso, the range on the tags is an issue; the tag may be tiny, but you can still get a considerable amount of range out of that, look what's possible with GPS.

    Then we've got the registering everything idea. If we put RFID tags on everything that can go for 100 feet, and if everything has a unique identification code, then the government can ask for a list of which codes are associated with which objcts. Then, as stuff is baught, you swipe through your drivers lisence and a database is updated with what you have. Combine this with bank account data, wifi hotspots on poles that are constantly pinging devices, garbage trucks equiped with rfid scanning technology, and other pieces of information, and you've got one hell of a spying system. All those evil laws the people in power dream of would be possible.

    If there was a law that said the RFID tags could only be put on removable stickers, and must have a range limited to less than 5 feet, then it'd be ok. It's the "weaving them into products" thing that's got everyone upset. Infact, if that weaving thing didn't exist, I think RFID tags would be pretty neat; you could buy a bunch of food and query it through your house, which could download and update a database of recipe's which could be setup on some kind of whacky algoritm that figures out which is going to go bad first.

    The only problem there is that as the chips evolve, we'll be throwing small flash cards on em with advertising or more complicated systems of ensuring produce hasn't been tampered with, which if the laws don't change, will require licensing since you're copying; licensing to eat, not a good thing.

    AS far as tracking people is conserned, we all know of the mark of the beast, and we all know that tracking accounts with rfid tags is just plain stupid. If you're going to track a person, have them wear a wrist band or something; even the guys on star trek didn't have that little pin thingy embedded in their forhead.



    • Re: (Score:3, Insightful)

      by account_deleted ( 4530225 )
      Comment removed based on user account deletion
      • You can already remove existing anti-theft tags if you don't mind a little hole in the garment you were stealing. Just bring a pair of scissors. But seriously, retailers need to clearly state where the tags is and how to remove it. Sew it into an identifiable tag (like the one with washing instructions) so that the customer can remove it if they wish. Also, state that the product has an RFID chip attached to it.
        I wouldn't have a problem with RFID if I could take the tag off of whatever I bought and dispose

    • Re:And no doubt, trackable. (Score:5, Funny)

      by AnodeCathode ( 787159 ) on Tuesday July 13, 2004 @06:03PM (#9691365)
      As long as we can continue to obtain rolls of aluminum foil without RFID tags, we should be good to go.

    • Please do not use GPS as an example. The signal for GPS is sent by satellites, presumably with large antennae. The signal for RFID is sent by the RFID tag (at least, the signal you're interested in reading) which has a small antenna and operates with very low power. The GPS [transmission] antenna only needs to handle a certain range of orientations of receiver to sender, and RFID must broadcast omnidirectionally because you cannot guarantee the orientation of the tag.

      What scares me is that eventually sh

    • Re:intangible: airline seats and japanese children (Score:5, Insightful)

      by TyrranzzX ( 617713 ) on Tuesday July 13, 2004 @05:39PM (#9691135) Journal
      If there's anything to say about the japanese, it's "wow, they're screwed up". If tagging your kid everywhere they go says something, it says "I don't trust you"; and the longer kids aren't trusted with responsability, the less they will be responsable, and if the world is filled with irresponsable people....

      Dear lord...that'd be one screwed up place...
      • "and the longer kids aren't trusted with responsability, the less they will be responsable"

        I'm not sure I agree with that one. It ignores the vastly different cultures and the effects they have on people. The Japanese live in a rather different society than you or I.

        -Erwos
        • No, they really don't. Yes, the culture is different, but essentially the same. The japanese culture is crazy, because their value system is completly, utterly, and totally screwed up. Namely, because of what we did to them after world war 2; destroyed most of their culture with industrialism.

          Their society is decaying in much the same way ours is. They are a different people, but all people's on the planet have the same values, but different ways of going about it. You can worship a non-existant god
  • Services?!

    Tag your plumber.

  • Just how intangible .. (Score:5, Interesting)

    by AndroidCat ( 229562 ) on Tuesday July 13, 2004 @05:41PM (#9691155) Homepage
    .. Are Japanese school children anyway? (Japan school kids to be tagged with RFID chips [com.com]) Just wait until a stalker hacks that RFID network!
    • Fortunately, pedophilia and rape fantasies are practically unheard of in Japan.
      • Fortunately, pedophilia and rape fantasies are practically unheard of in Japan.

        I was just about to embark on a flame when my sarcasm sensor finally kicked in, and I remembered all of the rape/schoolgirl shit from their comics. Indeed. They like their young girls in Japan.
  • Why doesn't some entity work on a universal system of tracking nearly everything?

    I'd like to scan in that barcode at the bottom of a Walmart Reciept and import all the tag information about what I bought to my home database and/or spreadsheet.

    ISBN, UPC, VIN are all fairly standard. The artical wants a standard for reusable resellabl items. Bus tickets, subway tickets, airplane tickets, and movie tickets all come to mind.

    I'd love to be able to track/search/use all this information for my own personal use.

  • RFID identity dilution (Score:3, Insightful)

    by nekoniku ( 183821 ) <justicek.infosource@info> on Tuesday July 13, 2004 @05:50PM (#9691250) Homepage
    How long are RFID tags (or the databases' links between a person and their stuff) supposed to last?

    When people get tired of or wear out their RFID clothes and then give them to Goodwill or sell them through consignment stores, tracking systems will think they're in multiple places at the same time.

    So does this mean I should or should *not* start buying all my clothes at the second-hand store when RFID rolls out? :P
    nn
  • why on earth should airline seats be intangible? last time I sat in one it wasn't. I further imagine that the seats not get lost too often and therefore do not need to be tracked..... This whole idea is just nonsense...

  • Instead of RFID tracking everything why not.. (Score:4, Funny)

    by Tandoori Haggis ( 662404 ) on Tuesday July 13, 2004 @05:51PM (#9691265)
    simply dictate where you send your products and keep the consumer in one place, like a vat of amneotic fluid. Come to think of it, all those carbon based units churning out 100W of heat and only using less than 10% of their processing power...

    Imagine a super beowulf cluster of those...

    Er wait...

  • Open Source RFID (Score:2, Interesting)

    by winavr ( 793523 )
    If anybody wants to do something constructive, then help "hack" on the open source RFID C library on Savannah [nongnu.org].

  • A good use for existing RFID tags (Score:5, Interesting)

    by Alaska Jack ( 679307 ) on Tuesday July 13, 2004 @05:59PM (#9691326) Journal
    It's my understanding that a common practice these days is to have microships (which I assume to be RFID tags) injected under the skin of pets, so lost pets can be identified even if they're not wearing collars.

    I think a good idea would be to make pet doors that can "learn" to unlock only when certain RFID tags are within 4 or five feet. You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in.

    Also, if your pets didn't have the chips implanted, you could just get a chip on a collar.

    Alaska Jack
    • Damn, that's a good idea. Not necessarily for RFID, but in general. Too bad someone already beat us to market:

      Magnetic [pet-dog-ca...-store.com]

      Infrared [pet-dog-ca...-store.com]
    • I think a good idea would be to make pet doors that can "learn" to unlock only when certain RFID tags are within 4 or five feet.

      I came VERY close to doing almost exactly this a few years back. We have two cats, each with kidney issues requiring a special diet. The kicker is, they each had their own food, and eating the other's would just make their own problem worse. So we had to pour out their food, stand there and watch them eat, then when it looked like they were done, take it away.

      So I was all se
    • "You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in."
      Uh, I think you meant "You could set it for the pets you own, and other pets (and/or other critters) wouldn't be able to get in unescorted ." Those of us with those big, friendly (but gullible) dogs would still come home to a "party" every day...

  • Security at the beginning (Score:5, Interesting)

    by Blindman ( 36862 ) on Tuesday July 13, 2004 @06:01PM (#9691333) Journal
    I'll let the philosophers sort out whether the ability to track every object is a good or bad thing. However, I do know that if this system becomes too pervasive without security, this is going to be a big problem in a hurry.

    I remember a commercial where a shifty guy walks through a store stuffing things in his jacket, and then walks out of the door to be stopped by security. The guard informs him that he forgot his receipt, hands it to him, and sends him on his way. I'm all for putting checkers out of work, but if such an environment existed, it would also be profitable to spoof the system.

    As they are currenly used, I suppose the only profit would be to either disable the tags or somehow make the store think it has already been purchased. That brings me to the next issue. I assume most people have tried to walk out of a store with a purchased tagged item where the checker forgot to take off the tag. It is annoying and embarassing. Imagine if this could happen with every article of clothing that you own because the store database gets screwed up.
    • The current generation of RFID tags (Gen2) specifies that tags are to include a "kill" function to avoid just this type of scenario. Basically, if a tag reader issues the "kill" command, the tag destroys itself, and will no longer respond to any reader at all.

      There's password protection to avoid the obvious method of theft, but I'm not sure how secure that is. Plus, it would be easily detectable if someone were using an unauthorized reader inside the store; they're literally broadcasting their position and
      • Plus, it would be easily detectable if someone were using an unauthorized reader inside the store; they're literally broadcasting their position and what they're trying to do.

        If the store is equipped to detect this. You can also use a limited-range transmitter, trading radiated power for distance, and using highly directional antenna, further reducing the necessary radiated power.

        Another method is a pulse transmitter keyed by the preamble of the tag response, forcing collision into every tag answer. You

  • Seek and destroy (Score:4, Interesting)

    by Hannes Eriksson ( 39021 ) <hannes.acc@umu@se> on Tuesday July 13, 2004 @06:01PM (#9691336)
    What would be the easiest way to find and/or destroy an RFID tag? Put your new pullover in the microwave oven for 3 seconds?

    Is there any way to destroy such a tag embedded in electronics? Would it be possible to make the tag a vital part of the electronics in such a way that its destruction would lead to immediate equipment failure?

    Are the signals easy to spoof?
    • It's not a good idea to microwave an object without something to absorb the microwaves (typically water in the food you're cooking). If nothing absorbs the microwaves they may be reflected and damage the magnetron. If you want to destroy RFID's in clothing, you can add a cup of water beside it or something similar while microwaving.

      If you're microwaving water beware of superheating [snopes.com]

      With regard to electronics, RFID's can be remotely killed without the use of a microwave by sending a specific signal. Thi
      • http://www.spychips.com/metro/scandal-deactivation .html - "This will make the RFID tag useless"

        AFAIK only the writable part of only some tags can be written to, not the laser-burned unique ID and all RO tags work till they fail from mechanical stress.

  • Those activists aren't too bright. (Score:4, Interesting)

    by Positive Charge ( 592093 ) on Tuesday July 13, 2004 @06:25PM (#9691539) Homepage

    Maybe I'm just spoiled being a hardware engineer, but it seems to me that the people who are crying about these RFID tags and privacy are just plain ignorant.

    I can tell you it will be trivially easy to build a jammer for them. Maybe a little harder to build an RF source with enough energy to burn out their cute little itty-bitty diodes. And until they get wise and start putting challenge/responce encryption in them, building a box to spoof them would be a weekend project for your average Radio Shack hobbyist.

    Will someone please educate them about the technology so they can devote their time to something that really matters? (If they want something to bitch about, they can read my blog for ideas. [blogspot.com])

    I might just wait until they're manditory in license plates and walk parking lots blowing them all out, (but probably not being a grownup and all.) Perhaps I should have posted as AC just for suggesting it. (Damned Patriot Act bastards.)

  • "Consider some of the main usages . . . Anti-theft . . . Quick checkout . . . 'easily-removable' defeats the entire purpose for which a lot of stores will use them."

    It's not the merchants' _ostensible_intended_ usages which are excessive, Virginia; it's the _potential_ uses, by corporations, hackers, private snoops, governments, etc.

    Jeez, things are going way beyond Ben Franklin's famous saying about trading liberty for security. Lately, I've been seeing way too many of these examples of people being nai

  • Someone needs to make an RFID jammer. A little keychain size device that jams any RFID traffic within one's personal space, rendering any RFID tags you're carrying to be effectively inert. Surely something like this should not be hard to make.

    I'd buy one.
    • IANAL. A device like that would be illegal to sell in the US, for the same reason that you can't sell telephone jammers. The FCC regulations make it illegal to deliberately interfere with other radio signals (whether licensed or not). On the other hand, I wonder how difficult it would be to build passive RFID jammers. Also if certain types of RFID tags are programmable, how difficult and effective would it be to reprogram them?
      • Well, the FCC makes it illegal to jam OTHERS radio signals. Last I checked, RFID uses somewhat low power RF transmitted by a "receiver" (gate at a store usually) to excite a resonant antenna in the RFID tag, which provides it power to momentarily transmit back to the gate. If one were to interfere with the signal being sent back to the gate, that'd be interfering with your own transmision, and although IANAL either, I'd surmise that's not illegal anymore than assulting yourself is illegal.

        A bit off-topic
        • > that's not illegal anymore than assulting yourself is illegal.

          Unless you are successful at assaulting yourself... Suicide is illegal.

          Also, even if assaulting yourself isn't illegal, there's a chance you will be detained anyway -- for psychiatric evaluation.
  • No need to shoplift OUT of the store -- walk in and start tossing rfid emiters in coat pockets, bags of socks, other shoppers' carts .....

    Overwhelm the system and it becomes useless.

Slashdot Top Deals

Software production is assumed to be a line function, but it is run like a staff function. -- Paul Licker

Close