Loss of Privacy

Keeping you informed on recent losses to privacy and civil rights worldwide.

Browsing Posts in RFID

According to Cnet, implanting people with RFID chips isn’t as lucrative, or popular, as we are led to believe.  Ever since VeriChip went public with their idea to implant humans, their stock has been struggling.  The chip, to be used for medical purposes, has attracted a mere 222 humans willing to be chipped.

Three years ago, VeriChip began its ad campaign about how wonderful and useful it would be to be chipped.  Everyone from civil libertarians to my grandma balked at the idea, claiming that there were severe privacy issues at stake in such an endeavor.
Cnet also points out that

Virtually all the company’s revenues come from two Canadian companies it acquired in 2005. These companies, EXI Wireless and Instantel, specialize in infant tracking and “wander” detection systems in rest homes. In these systems, RFID tags alert nurses and medical professionals if an infant or other patient is passing through the exits or into unauthorized areas. In these systems, however, the RFID chip is contained in a wristband.

VeriChip, however, has stated that they intend to continue to market their RFID chips because it’s a good idea for medical patients to always have their records with them.  While these chips are a good idea for tracking things such as a lost pet or merchandise, it’s not a good idea to tag every single human just because it’s a convenience.  In theory, tagging grandpa in the old folks’ home to keep track of where he’s wandered off to, again, is a good idea.  However, you already pay thousands of dollars to have actual, live humans do this job.  And they’ve been doing this job for decades.  Has there suddenly been a huge increase of old folks running off the reservation?

Using the VeriChip for other medical reasons might also seem reasonable if you have severe allergies or you have some sort of special needs.  However, it is not reasonable to use my tax dollars to force hospitals across the USA to redo their emergency rooms solely because you can’t be bothered to get a bracelet and an ID card listing your medical condition.  It is your responsibility to take care of your health matters and not place the burden on someone else.

One Problem not addressed in implantable RFID chips are what to do when you need an MRI.  It is known that the skin around the tag will burn when subjected to devices like an MRI.  You could solve this by implanting the RFID tag in a finger, but that just makes it easier for a thief to take that finger with them when they rob you.  If you want to prevent identity theft, then you have to introduce two factor identification, which negates the benefits of having a chip at all because third parties would be introduced, making the entire system less secure than advertised.

Larger problems deal with the end of life issues of a chip.  Technologies change and, in ten years, the chip will not work with the latest technologies.  This would force a person to get a new chip.  If standards are not imposed, you will need different chips for different things.  It makes much more sense to create human RFID tags to be placed in something the person wears every day, such as a wedding ring or a bracelet.  Upgrades will create nightmares, literally, for people once the chip becomes obsolete and a person must return to have the chip removed and replaced.

It’s also no surprise that no one wants this from VeriChip.  We are already uniquely identifiable by a dozen or so different processes.  We have retina scans, fingerprints, DNA and voice recognition.  Then, there are the “minor” unique characteristics such as race, hair color, eye color, height, weight, and shoe size.  The only thing an RFID chip can do is put this into one place, making it easier than ever to track every single thing you do in life.

The slippery slope in this argument is that we’ve already tracked cargo, then pets and cattle.  Next, we will track immigrants.  Who do you think is the last stop?  That’s right.  It’s you.  The government is going to shove a leash up your ass and you’ll like it.  Within a short period of time, you’ll not even notice it’s there.

These chips can and will be abused to determine what you are doing.  You think it’s bad now, with Presidents getting FBI files on their political enemies?  Hitachi now has a chip so small that you can literally dust an area with them and connect the dots later.  Imagine what can be done when there are no longer any paper trails to expose illegal activity.  RFID will be used to see exactly who you voted for, what dissident group you belong to, and who you co-mingle with that also does not like the current governmental regime.

There is no way to justify implanting legal, foreign nationals who have chosen to live here.   In order to do it, you would have to chip every American citizen as well.  Then, you would be faced with the prospect of what you are going to do with the illegal citizens who have no chips?  They will stick out in a field of chipped Americans and the government will no longer be able to turn a blind eye to illegal immigration.  Worse yet, would be the tit-for-tat retaliation that other countries will enforce against the United States.

I am a, mostly, law abiding citizen.  I do not take kindly to people telling me what I can and cannot do.  I do not like people tracking my whereabouts.  When I leave my home, no one knows where I am except “out” and I’d like to keep it that way.  There is not a soul on this planet that needs to know where I am every moment of every day.  I wear a medic alert bracelet should something terrible happen to me while I’m out.  If wearing a bracelet versus being implanted means that those two seconds are the difference between life and death for me, then I chose death.  I will not be tracked and I will not allow others to decide that I need to be tracked.  Keep your RFID tags and chips and use them to track Fluffy or your cargo.  Do not come near me with them.

Our privacy is slowly disappearing.  Some care.  Most do not.  I suspect that, by the time I am an old lady, rocking in my chair on the front porch each afternoon, that I, and a few like me, will remember a time when privacy mattered.  I will witness the erosion of privacy and individual rights as the generations behind me freely give up what the generations before me fought so hard to preserve.

flattr this!

In the latest RFID news, IBM has announced that they are planning on inserting RFID chips into Italian scooters and diapers in order to track their movements.  IBM will implement this, most likely, via their new WebSphere RFID Information Center , a new software that allows multiple companies to log and share data from RFID tags.

Honda Italia Industriale, which sold 12.7 million scooters last year, plans to use RFID chips and IBM software to track motorcycle parts and tools circulating within its manufacturing plant in Atessa, Italy.

This, Honda believes, will lead to a more efficient plant because they can easily be tracked throughout the warehouse.

Pliant, based in Schaumburg, Ill., will sell a new RFID-embedded plastic wrap to consumer-goods companies that want to detect any tampering of their products in transit from manufacturer to distributor. Pliant is using IBM’s software to keep track of RFID-marked cargo–everything from cereal boxes to diapers–in the warehouse.

Though Pliant wants to keep track of tampering [] , there is no word on whether the RFID tags will be disabled before the unsuspecting public purchases items embedded with the tags.

These two companies add themselves to the new, and evolving, technology that IBM hopes will be a boon for businesses.  Boeing already tracks their parts via RFID but many retail outlets are still hesitant to use the new technology due to its cost and the lingering questions of consumer’s privacy, such as those that were asked about the Nike iPod.

Other companies already using RFID in their products include US Passports and discs that aim to prevent piracyRitek, the world’s largest DVD and CD maker, introduced these discs through their subsidiary, U-Tech in September 2006 in conjunction with IPICO, who makes the RFID chips for the discs.  This affects all discs, stamped and recordable.

The technology, which can also be used for Blu-Ray and HD-DVD discs, will allow movie studios to remotely track individual discs as they travel from factories to retail shelves to consumers’ homes.

Home DVD players will eventually be able to check on the chip embedded in a disc, and refuse to play discs which are copied or played in the ‘wrong’ geographical region, the companies behind the technology expect.

“This technology holds the potential to protect the intellectual property of music companies, film studios, gaming and software developers worldwide,” said Gordon Yeh, chief executive of Ritek Corporation.

RFID readers will then be built-in to home DVD players to extend the anti-copying technology into homes as part of a digital rights management system.

Again, while it is important to note that having the ability to track your product from warehouse to stores is a good idea, once a person purchases CDs and DVDs, they should actually own the product.  What this does is create a system whereby you are only leasing the product, to be used in your own home, in a manner, that someone else dictates.

It also locks you into one specific system that you are able to use to watch your purchased product.  Your DVD player will perform security tests to locate the RFID chip.  This will be done at the hardware level instead of the current system of software and drivers.  If it does not locate the chip, you will not be able to use the disc.

Ritek believes that this will eliminate piracy altogether.  It may, but I will believe it when I see it.  There will always be a way to copy or record something.  It might take a bit of time, but we have seen protection scheme after protection scheme broken.  Firmware has been modified for years and, if this new technology requires firmware, it will be cracked.  The most recent story is that the HD-DVD restrictions have been cracked and pirated copies of Serenity are available via bittorent.

GM and Toyota have also used RFID tags in the past and still had problems with theft.  Nissan is also implementing RFID.  Even if the data is encrypted, if all you need is a copy, then that is easy to do.  You can be on your way in your new car with a working copy of a key or ID.

Though tracking shipments is a good use of RFID tags, placing them on individual packages presents dangers.  Not all tags are passive and, in many warehouses, tags can be read from several meters away using standard issue readers.  Several meters away is still far enough away that you won’t notice someone reading your tags when you leave the supermarket.   Once you reach home and use the products, all a person needs to do is pass by your garbage cans with a reader and, over time, can account for the types of items you like to buy.  There is no need to for them to dig through your trash and get dirty because a brisk walk will gather all the information that they will need for whatever nefarious purpose they can think of.

IPICO claims that its RFID tags can be read from at least six metres away, and at a rate of thousands of tags per minute. The passive chips require no battery, as they are powered by the energy in radio waves from the RFID reader.

With this reality, it will not be hard to read the RFID tags for whatever possibility a person can imagine.  By continuing to label consumers as the bad guys, much of the RFID technology will be used to prevent normal people from doing normal things with items they purchased and legally own.  These protections aren’t even used to combat piracy, as Hollywood has finally admitted.  What will happen is the elimination of fair use for media, tracking of individual’s personal habits, and abuses of the system.  The question is, are those in Hollywood and Washington going to accept this as they watch their sales dwindle further because Joe Citizen is no longer purchasing their products or will Joe Citizen blindly accept yet another control telling them how to live?

I suggest you do what I have done; purchase several cheap DVD players, get a lot of blank media, keep your mouth shut, and don’t ever upgrade to this crap idea that those that sell you products should tell you how to use them.

flattr this!

Tokyo is about to go Minority Report. Starting next month, the Tokyo Ubiquitous Network Project will launch its services in Tokyo’s Ginza district, sending shoppers ads via its RFID networks.

Shoppers can either rent a prototype reader or get messages on their cell phones. The tags and transmitters identify a reader or phone’s location and match it to information provided by shops.

Along with this nifty way of shoving more ads down people’s throats, there are, yet again, calls of concerns about privacy.

Researchers, for instance, have suggested that a sensor designed by Nike Inc. and Apple Computer Inc. to keep track of running distances could also be used to track runners’ whereabouts — such as by installing readers along running paths.

Others worry that tags embedded in clothing could give a retailer valuable details on how long a consumer spends trying on sweaters.

While RFID has good uses, such as tracking pallets of merchandise in warehouses, modern day uses seem to go too far. Children are being tracked at schools, teaching them that it is okay to have their every move logged into a database somewhere. They no longer think it’s a big deal that their every move is being kept somewhere to be analyzed later. Many regular people balked at the idea of RFID tags, forcing companies to target the wealthy first, then children and, now, the public at large. When being tracked is ubiquitous to breathing, those that argued against RFID will be the minority and no longer count.

flattr this!

In not so surprising news, professional hacker, Adam Laurie, has claimed that he has successfully hacked Australia’s ePassport system. His new reader is able to access the passports, even through a jacket pocket, just so long as he is within a few inches of the actual passport. He is working on a new reader that can read passports from greater distances, putting all passport holders’ identities in jeopardy.

He had previously used the same tools to hack into Britain’s electronic passport, and warns it could enable criminals to steal your identity or terrorists to target you based on your nationality

He claims such a “hack” would also allow someone that looks like the passport holder to “clone” passports, and cross borders using a false identity.

Hey, it’s not like this should surprise anyone. These systems are entirely insecure, yet Britain, Australia, and the USA have pushed through these new technologies without proper and complete testing. Of course, the Australian government is downplaying this information and denying that it can actually happen. After all, millions of dollars have been spent getting this system online and, to have it be declared a failure so soon after its inception is an unthinkable admission on the government’s part, especially when, a little more than a year ago, Australia was hailing their passports as unhackable and the most secure ever.

“Each passport has a unique key which must be entered before the operator can access the information on the passport chip. The key is contained in the machine-readable zone on the data page of each passport.”

For crying out loud! We’ve heard this over and over. The government sticks their heads in the sand and says, “nuh-uh you can’t crack this. We’re better than the hackers.” It’s been proven many times already that you can clone the information on the passport. If it’s cloned, of course it’s going to pass whatever security measures the passport actually has. For once, I’d like someone in the government to say, “Holy Shit! Can we take a look at this so we can try to prevent this from happening to our unsuspecting citizens?”

“As far as the key is concerned … the information needed to derive this key is available not only on the printed page inside the passport, but sometimes from other sources such as online airline booking sites,” Mr Laurie said in an email.

“The information required is the date of birth, expiry date of the passport, and the passport number.

“This means that you would be unable to read the passport of a random passer-by, but if you were targeting a specific individual, and could get prior knowledge of those bits of information, you could read the passport without touching or seeing it.”

Don’t you think it would be prudent to listen to Mr. Laurie? He is telling you how to circumvent the passport’s security, thereby letting you know what is vulnerable and, essentially, how to fix it. He is concerned more with the fact that so much information regarding a person’s identity is placed on the chips in passports and that someone who would like to do evil can obtain access to the database.

Mr Laurie also raised the concern of “profiling”, whereby an attacker could potentially target specific nationalities.

Yes, many places, such as Slashdot, discussed this some time ago. You target a specific nationality, then kill them just because of it. In this instance, you do not even need physical access to the passport. You scan and learn the nationality of the person. You hate this particular nation so, it’s just a matter of how you want to kill them. Tell me again how RFID chips, biometrics, fingerprints, etc. will stop the terrorists now?

But, that’s okay, the Australian government says it’s not possible to rewrite or alter their passport’s chips, missing the point completely. There’s no need to worry when those evil muggers and terrorists target you just for being [insert your nationality here], they won’t be able to alter your passport so you’re perfectly safe.

flattr this!

This year the news media has taken steps to reveal the many uses for RFID to the general public but most people do not know that RFID has been in existence and common use for several years. What people do not know is how many systems have been using this technology because they simply do not equate the use of a simple convenience with a technology that could also invade their privacy later on.

E-ZPass has been in use since August 3, 1993 in New York State and, by February 6, 1997, it was in use along the entire New York State Thruway. Today, it ranges from Florida to Maine and Illinois.

Also in 1993, there were a few dutchmen playing around with the idea of RFID because they weren’t satisfied with the current uses of timing in marathons. A year later, they used their new technology at the Berlin marathon. The company, ChampionChip, is the oldest company to use this technology. While there are other companies with similar technology, I have to admit a bias to ChampionChip as I have a friend who worked for them from near the beginning until earlier this year. I’ve also been to the headquarters in Nijmegen, The Netherlands twice. Still, this is a great use of RFID technology that sometimes gets overlooked by those of us wearing our tin-foil hats.

Glasgow Rangers Football Club implemented RFID into their ticketing system in 1999. Many other sporting events and organizations have followed.

In 2000, Wal-Mart wanted to start chipping all of their inventory. In 2003, they began tagging their warehouses, a task that was to be completed by 2005.

Canada has its own mandatory cattle identification program that has been running since January 1, 2001. Its aim is to trace diseases and other items that may end up being harmful for cattle or humans.

The Oyster Card was introduced in London in 2003 and has been happily tracking Londoners for three years.

Marks & Spencer also began using RFID in their clothing line in 2003. Here, however, the chips aren’t permanently embedded into the clothing. They are attached to tags that are attached to clothing.

In 2004, the Baja Beach Club in Barcelona, Spain began implanting VIPs with chips so they are readily identifiable. This was to keep the riff-raff out of the VIP-only areas of the club.

A guy who calls himself Dividuum created an RFID music player with SID files from a Commodore 64. When an RFID tag gets near the music player, the music is played. This is a very cool use of RFID.

This weirdo decided to chip himself and these crazy kids want to give you help so you can chip yourself. There is a tribe of people who like RFID and want you to like it too. Several governments around the world want to chip migrant workers. Verichip wants to begin implanting US military personnel. Fortunately, EFF still thinks chipping people is a bad idea.

As of October 2006, all US Passports have RFID in them. Thankfully, my passport runs out in 2013 so I’ve got some time to remain nostalgic for the old system. I’ve also got plenty of time to get one of those portable Faraday Cages for my passport so no one can clone it.

Many libraries have objected and rejected the idea of RFID in books, citing it to be too dangerous [pdf] to track what individuals read. Still, others, think it’s a great tool.

Korea has created RFID chips out of 100% organic matter, which should ease the minds of people with allergies. Now, there’s no need to worry anymore about harming the environment or yourself as you chip away. Besides, the US FDA has said it’s safe, so go ahead, chip yourself.

The list goes on and on. Silicon.com has an article about the 10 best and worst uses of RFID. Now, while there are good, practical uses for RFID, such as inventory control, race timing, and tracking airline luggage, much of the other uses are not always a good idea.

These other uses make people lazy. Parents may not watch their children close enough because they will become lackadaisical and think that, “oh they’re chipped, they’ll turn up sooner or later.” Well, this is enough time for them to disappear altogether.

Implanting people with chips is dangerous. We don’t know the long-term effects of being chipped on a person’s body. Some people are more susceptible than others to infections. I also think too far ahead to a time when criminals will begin ripping people’s hands, arms, whatever off, so they can get access to your chip and everything that is you. We know the government will eventually put your entire identity on the chip. Hospitals are already doing this in the name of safety. Face it now and stop deluding yourself that it isn’t going to happen.

Remember, RFID chips can be copied and cloned. If a security system can identify the RFID chip, then so can the bad guys. They will get access to the machines. You can buy them now, if you’ve got the cash. If you are too poor, then make your own. But don’t think that RFID is entirely safe.

Face it. RFID isn’t coming. It’s already here. We haven’t done enough to stop it from invading out private lives so we’d better get off our asses now and find ways to make the system more secure before your identity is transferred to an insecure, easily defeated chip.

flattr this!