Sunday, July 19, 2009

Passport RFID

This is an old topic, but a good one. On June 1, 2009 it became mandatory for Americans entering the US to present identity documents that are embedded with radio frequency identification tags, or RFID chips. This means Passports. So why is this a problem?

"Climbing into his Volvo, outfitted with a Matrics antenna and a Motorola reader he'd bought on eBay for $190, Chris Paget cruised the streets of San Francisco with this objective: To read the identity cards of strangers, wirelessly, without ever leaving his car.
It took him 20 minutes to strike hacker's gold.
Zipping past Fisherman's Wharf, his scanner detected, then downloaded to his laptop, the unique serial numbers of two pedestrians' electronic U.S. passport cards embedded with radio frequency identification, or RFID, tags. Within an hour, he'd "skimmed" the identifiers of four more of the new, microchipped PASS cards from a distance of 20 feet."

The AP written article on Fox News is not talking about anything new. Security researchers were talking about this problem when it was first announced that the US government was going to start embedding RFID chips in passports. In fact RFID security has become enough of a hot topic that one FLL (First Lego League) Referee I talked to last year was planning on specializing in the subject after school.

So I don't have a passport, no problem, right? Wrong. Wal-Mart loves RFID chips to the point that they where talking about fining suppliers not using them on pallets in Sams club distribution centers. But this is at the supplier level, still no worries right? Wrong again. Several companies are looking at ways to use RFID tags on the consumer level.

Think about this scenario. You walk into a grocery or department store. You walk around picking up the things that you need and want, depositing them into your cart. When you are done, you simply head to the door and walk through a small doorway on your way out. Much like the sensors you see now to detect shoplifters. As you push your cart through, all the RFID tags are scanned and totaled, so as you pass through the doorway sensors a printer hands you a receipt to give to the cashier or even automatically charges a predetermined credit card that is linked to a pin you punched in, or better yet tied to the RFID chip you carry on your person or on your cell phone. That way the store no longer has to pay a cashier, and check out is quick and easy. The funny part is that these types of scenarios have been tested. Beside finding a way to disable the RFID tags once you have left the store so people can't scan your house to find out what you have the other major push back from consumers was that they had to bag there own stuff.

So what is the best way to protect your self from RFID chips besides a tinfoil wallet? Wired has a suggestion, but use at your own risk and watch your fingers.

To end this rant I give you a cheesy, but informative video off YouTube. Enjoy.

1 comment:

Unknown said...

And how many dummies did You blow up in your backyard? Jokes
It's a fascinating topic. Chuck D from Public Enemy has been talking about this for years. Smart man, i don't know why the government hasn't hired him yet.
But terrorists aside, it's a technology that can be used for nefarious reasons by the corrupt on all sides of the law. I say we simply get rid of the corrupt and all of our problems will be solved.
As a fan of 'old' almost prophetic SF, i recommend a quick read of John Brunner's 'The Shockwave Rider'. Again, an insightful man who should probably have been on the payroll instead of the usual naysaying jingoists.