Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Privacy Threat in New RFID Travel Cards? 265

Posted by ScuttleMonkey from the new-and-improved-tin-foil-wallets dept.
DemolitionX9 writes to tell us ZDNet has an interesting article rehashing the problems with privacy in future RFID-equipped travel documents and ID. The piece focuses on a recent speech given by Jim Williams, director of the Department of Homeland Security's US-VISIT program. From the article: "Many of the privacy worries center on whether RFID tags--typically minuscule chips with an antenna a few inches long that can transmit a unique ID number--can be read from afar. If the range is a few inches, the privacy concerns are reduced. But at ranges of 30 feet, the tags could theoretically be read by hidden sensors alongside the road, in the mall or in the hands of criminals hoping to identify someone on the street by his or her ID number."
This discussion has been archived. No new comments can be posted.

Privacy Threat in New RFID Travel Cards? More

Privacy Threat in New RFID Travel Cards?

Comments Filter:

  • Even if it was a few inches... (Score:3, Insightful)

    by Gyga ( 873992 ) on Wednesday April 19, 2006 @01:06PM (#15158380)
    ...What is to stop someone from "accidentally" bumping into you with their scanner in their pocket?

  • RFID triggered terrorist bombs (Score:5, Insightful)

    by Bubba-T ( 578601 ) on Wednesday April 19, 2006 @01:10PM (#15158414)
    Set off a Bomb when person id code 46465456456489715678984 walks by

  • Re:practically speaking (Score:2, Insightful)

    by Nos. ( 179609 ) <andrewNO@SPAMthekerrs.ca> on Wednesday April 19, 2006 @01:10PM (#15158418) Homepage

    Imagine that these ids can be read from a distance. Now suppose a chain of stores, say some clothing stores, installs sensors and begins reading these tags. You sign up for their "monthly mailing list", and now they know who you are and what your unique ID is.

    After a trip, you get an email/letter saying, "Thanks for visiting our [exotic destination] location. We hope you enjoyed your trip". Okay, not terrible, but I don't really want clothing stores knowing where I take my vacations.

    Now, substitute that store with your employer, and your vacation destination with a labour lawyer. All of a sudden you employer knows you've been talking to a labour lawyer.

    There are definitely worse scenarios, if you let your imagination run a little

  • Re:practically speaking (Score:5, Insightful)

    by drinkypoo ( 153816 ) <drink@hyperlogos.org> on Wednesday April 19, 2006 @01:11PM (#15158423) Homepage Journal

    There is off the shelf hardware that will allow you to read RFID tags (with varying levels of reliability) from ranges in excess of thirty feet. A collection of RFID tags produces a sort of constellation even if they are not unique. For instance, the guy who has the bottle of scope mouthwash, the bag of fritos flamin' hot, and the #2 philips screwdriver at this intersection is probably the same guy who has the same stuff at the next intersection. This allows you to positively track someone based on checkpoints, even without a unique RFID like your passport will be. Furthermore, even if some of the tags don't scan properly, the percentage similarity can be compared from point to point and you can get a fairly positive match anyway.

    With Unique tags, then you don't need to go even that far, of course.

    If you cannot imagine why this is a bad thing, then truly, you should read 1984.

  • Re:practically speaking (Score:5, Insightful)

    by Tackhead ( 54550 ) on Wednesday April 19, 2006 @01:11PM (#15158425)
    > This is all very intriguing, but how exactly could someone exploit this RFID range to make my life worse? I can only think of things that would make it better. Could someone explain less abstractly than "Didn't you read 1984?"

    "Ground Beef a L'amerique".

    Ingredients:

    1 Terrorist.
    1 RFID reader.
    1 Pringles can.
    1 Blasting cap.
    1 Pound of boom-boom stuff.

    Assemble recipe. Bake in broad daylight on side of road until American tour bus comes by.

  • Re:practically speaking (Score:3, Insightful)

    by Penguinoflight ( 517245 ) on Wednesday April 19, 2006 @01:18PM (#15158495) Journal
    The condition that makes RFID tags in any capacity (not just long range ones) unsafe and irresponsible is the insecurity of identification systems in the government/big business system. As things are now, Social Security numbers and other forms of identification can be used against the holder to steal money from them. Credit card companies are getting worse and worse, and they are not held back by bought and paid for congress.

    RFID is bad because it makes the job of criminals much easier, and there has been no boost in security from other areas. There is another aspect of this which is slightly more controversial: prosecution based on RFID.

    The bottom line is, no machine will be as efficient and accurate at identifying what happens at a crime scene. With the use of RFID scanners you could "confirm" that John Doe was the man who broke into a jewelry shop... when in fact is was John h4x0r. Currently, the competency of courts when dealing with issues of advanced technology is a shame to the US, and with this kind of power of evidence things will only get worse.

    With these two major issues raised, I ask what advantages does having personal RFIDs bring to the table? The purposes that justify checking identification now are mostly childish, and wouldn't stop any truly purposed criminal. This question is just another one of those situations where benefit/loss is so bad that it begs the question of whose side its supporters are on.

  • In other news ... (Score:3, Insightful)

    by PatrickThomson ( 712694 ) on Wednesday April 19, 2006 @01:18PM (#15158496)
    In other news, walking around with a bizzare skin disorder that makes microscopic copies of your passport flake off and fall on the ground may be a risk to your identity.

    (I choose such an odd analogy because rfid readers are about as hard to obtain as microscopes. Not everyone will have one on them but it's not exactly mil-spec hardware)

  • Or RFID triggered goverment bombs (Score:2, Insightful)

    by Anonymous Coward on Wednesday April 19, 2006 @01:18PM (#15158500)
    Person id code 46465456456489715678984 has very vocally expressed negative opionions about us, let's stage a little accident for him.

  • Devil's advocate - switch the antenna (Score:5, Insightful)

    by Weaselmancer ( 533834 ) on Wednesday April 19, 2006 @01:26PM (#15158567)

    Why not put a switch in the antenna's path? To use the card, you have to push a contact button to turn it on? That would stop passive scanning, right?

  • A boon for terrorists (Score:3, Insightful)

    by hpa ( 7948 ) on Wednesday April 19, 2006 @01:31PM (#15158606) Homepage
    The U.S. gov't will start issuing RFID-equipped passports this fall. How long until we see the first U.S.-citizen-triggered bomb?

  • Re:practically speaking (Score:2, Insightful)

    by SengirV ( 203400 ) on Wednesday April 19, 2006 @01:38PM (#15158659)
    The agent sees the person who is using the card doesn't match the stored information, and hauls you in.

    That doesn't work too well in a passive setting, like along side of a road, or unmanned building entrances, etc...

    On the back of my credit card, I have my endorsed name AND a note that says "please check ID". How often do you think they check my ID? Also, do you think EVERY place that is going to be using this cards has a nice pretty display to view the picture of the individuals? And if it's a simpe 96 digit number, then imagine the fun as criminals cycle thru the DB looking for people who match their general appearance. Oh what joy.

  • Re:practically speaking (Score:5, Insightful)

    by PowerKe ( 641836 ) on Wednesday April 19, 2006 @02:10PM (#15158968)

    How is this any different from someone stealing your passport now?

    Because it's not even necessary to steal your passport, it's not even necessary to touch it. You can walk past someone at 25 feet and copy it. If you have an ordinary passport and keep it in a safe place all the time you can be pretty sure no one takes it without you knowing and if they steal it, you might notice it's missing.

    Besides, if the RFID card is designed to be readable at 25 feet, it's probably possible to do so at a much longer distance using special equipment.

  • Re:yes, but.. (Score:3, Insightful)

    by uncoveror ( 570620 ) on Wednesday April 19, 2006 @03:05PM (#15159446) Homepage
    Yep, any terrorist with an RFID reader will be able to identify Americans to kill. It will give them a lot of freedom and liberty, me not so much.

  • If you've done nothing wrong... (Score:2, Insightful)

    by Muzungo ( 950356 ) on Wednesday April 19, 2006 @03:07PM (#15159461)
    If you've done nothing wrong you have nothing to fear This wonderful new technology will enable us, your benign and caring government to protect you from identity theft/terrorists/child molestors Unfortunately, its not really effective if those pesky terrorists/id thieves/child molestors can simply chose not to carry any RFID tags.. so of course you won't mind if we embed this RFID tag in your baby's cranium while its still soft ? Its for your protection.

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close