Schneier on Security
A blog covering security and security technology.
« Blizzard Entertainment Uses Spyware to Verify EULA Compliance |
| Real ID and Identity Theft »
October 14, 2005
RFID and Privacy
Boston Globe editorial on RFID and privacy:
It's one of the cutest of those cute IBM Corp. TV commercials, the ones that feature the ever-present help desk. This time, the desk appears smack in the middle of a highway, blocking the path of a big rig.
''Why are you blocking the road?" the driver asks. ''Because you're going the wrong way," replies the cheerful Help Desk lady. ''Your cargo told me so." It seems the cartons inside the truck contained IBM technology that alerted the company when the driver made a wrong turn.
It's clever, all right -- and creepy. Because the technology needn't be applied only to cases of beer. The trackers could be attached to every can of beer in the case, and allow marketers to track the boozing habits of the purchasers. Or if the cargo is clothing, those little trackers could have been stitched inside every last sweater. Then some high-tech busybody could keep those wearing them under surveillance.
If this sounds paranoid, take it up with IBM. The company filed a patent application in 2001 which contemplates using this wireless snooping technology to track people as they roam through ''shopping malls, airports, train stations, bus stations, elevators, trains, airplanes, rest rooms, sports arenas, libraries, theaters, museums, etc." An IBM spokeswoman insisted the company isn't really prepared to go this far. Patent applications are routinely written to include every possible use of a technology, even some the company doesn't intend to pursue. Still, it's clear somebody at IBM has a pretty creepy imagination.
There's a Slashdot thread on the topic.
Posted on October 14, 2005 at 7:11 AM
• 33 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
I find it heartening, actually -- as long as IBM has a patent on the creepy stuff, they can at least in theory prevent anyone from actually doing it. Better IBM than a dozen other companies and agencies one could name.
Qualcomm already offers a service to track trucks and their trailers via satellite. They can even shut the truck down via a mouse click, or alert the driver to any of a number of mechanical problems with the truck. The service is used mostly with hazardous, perishable, or secret cargos. They just detailed it on the History Channel a week ago or so. You can find their services here: http://www.qualcomm.com/qwbs/solutions/prodserv/...
RFID is even more invasive (as you state), but not yet pervasive, since it won't likely be used for logistics unless it's cheaper than satellite and the infrastructure isn't in place yet. I wouldn't worry about it just yet since it will be a while before the infrastructure is in place to use the technology for privacy abuses. Besides wifi and cellular technology can already be used for invasive privacy abuse, and if laws are carefully worded, they can include RFID devices in any legislation designed to prevent similar abuses. Design the laws properly now and it will be a nonissue.
Has there been any kind of legislation, in the US or other countries, been brought to the table banning something like RFID electronic surveillance by non-LE (law enforcement) entities?
I can't imagine the Wiretap Act would apply in the US since this isn't a 'wiretap.'
Please notice that the guy riding shotgun in the semi truck is none other than Tracey Walter, who played Miller in "Repo Man." Miller is famous for the "plate of shrimp" monologue. "A lot o' people don't realize what's really going on. They view life as a bunch o' unconnected incidents 'n things. They don't realize that there's this, like, lattice o' coincidence that lays on top o' everything. Give you an example; show you what I mean: suppose you're thinkin' about a plate o' shrimp. Suddenly someone'll say, like, plate, or shrimp, or plate o' shrimp out of the blue, no explanation. No point in lookin' for one, either. It's all part of a cosmic unconciousness."
Just another part of the lattice of coincidence.
Well, I don't know that RFID technology would be considered anything other than end-user technology.
Most RFID chips are pretty dumb, it is the software and hardware that activate and detect them that contain intelligence.
I imagine this would leave it treated as an 'opt-in' thing; if you don't want RFID tracking, don't buy RFID stuff.
I also see a massive market for personal electronics that generate low power jamming signals across common RFID frequencies.
If http://www.rfid-handbook.de/rfid/frequencies.html is a reasonable indicator of the frequencies used for this technology, I can't imagine it would be too difficult.
Actually, I do believe that this kind of technology will be regulated under the
european directives 2002/58 concerning
privacy protection and more precisely the articles regarding geolocalisation.
"If you don't want RFID tracking, don't buy RFID stuff" sounds good, but there are at least two problems with it.
The first is knowing that has RFID tags--many products likely won't be labeled as such, because the tags are useful to the seller and not to the buyer. The second is whether you'll have a choice: if every can of beer, or every pair of shoes, is tagged, you have the choice of having tags or going without. Going without beer is easy for many of us, but even those who are comfortable barefoot, and in climates that allow it, would find themselves barred from many businesses if they weren't wearing shoes.
This feels a bit like being told "if you don't like recombinant bovine growth hormone, don't buy milk from dairies that use it." The problem is that the hornone marketers have successfully fought against rules requiring labeling of milk that contains the hormone, and many milk sellers mix milk from dairies that do and don't use it. If someone really cares about this, they'll have fewer places they can buy milk, and pay more for it.
If the analogy holds, I don't like the idea of having to pay a significant surcharge on every purchase I make to avoid having some random corporation or seven--or a random government, quite possibly not my own--being able to trace my steps and activities.
RFID tags are still expensive enough, $.50 to $3.00, that they're not likely to show up on lower end individual products. Antenna size and environment also set a limit to where they can be used. Many larger, more expensive items aren't things you carry around, automobiles are the main thing that could be tagged to track individuals; expensive enough to make the tag cost unimportant, large enough that a sensitive tag could be hidden.
So long as there is cash, but it tangible or good e-cash, tracking of smaller items isn't going to be a real problem as cash breaks the link of ID and purchaser. Really hidden tags can't be very sensitive, physics gets in the way, and it will be difficult to make them able to stand up to daily usage. Tags in clothing or money have to be flexible, stand up to washing and static electricity, and be able to survive a short zapping in the microwave by people who want to kill the tags.
Bar codes already do a good job of tracking what you buy at a much lower cost per item.
Wasn't there talk at one time of an RFID jammer?
That article was talking about the new book Spychips: How Major Corporations and Government Plan to Track your Every Move with RFID. Have you read it? Anyone?
If we get to the point where everyone is tracked all the time, will anyone be able to make sense of all the data? We're talking about tracking nearly 300 million people in the US alone. And for each person there's a ton data.
There was an outcry not long ago about a website which gave you "personal" info about a person simply by typing in their name and last known location. If the person had an unusual name, it was pretty accurate. But for someone like me, with a family name and first name ranked near the top of the most common names in the US, the site was worthless. It listed hundreds of names. I finally found my info buried on page 20 or so. And even then it listed an address where I hadn't lived in a year.
So will all this available data lead to Privacy by Obscurity?
I'm hoping that simple schematics or cheap RFID scanners/blasters become the norm. Of course, someone will use them to fry your passport too, probably, but it may be needed in certain cases.
Isn't it great that we now really have need for figurative tinfoil once in a while?
"will anyone be able to make sense of all the data?"
That's not a problem. Good software doesn't give a damn how much raw data you've got. If it has a chance to link an RFID tag to a CC #, then they've got you dead center.
The difficulty for "Big Brother" is going to be getting all the data in one place, at least initially. Once that's done it's just a matter of writing some vaguely intelligent data mining that can track individual RFID tags and cross-reference with CC databases, as well as when those RFID tags change hands. Complex, but not as hard as you suggest.
@ Mark J
Privacy by Obscurity is an interesting concept. It is basically what permitted the cover for the Septmber 11th terrorists. There was plenty of information about these people and the idea that they may be up to something, but a real lack of people to analyze and interpret the data.
Since then, we have devoted even more resources to data collection, yet I have not heard about corresponding increases in interpretation. I can't imagine that this will balance that equation any. The problem with relying on getting "lost in the crowd" to provide your cover in this scenario is that, once you do show up on somebody's radar screen, you have nothing that could be considered unknowable by those watching.
I saw this ad and found it quite annoying.
The problem I see is in this exchange:
"''Why are you blocking the road?' the driver asks. 'Because you're going the wrong way,' replies the cheerful Help Desk lady. 'Your cargo told me so.'"
The supply-chain model has numerous trust elements in it, one of which might be that a truck should have an ID that is trusted to represent all the associated IDs on board. If all the cargo itself has to report that it is headed in the wrong direction, then it has to have all of the same transport information that a truck would need, and that's just rediculous as this point in time. The cost of managing that kind of intelligence integrated into every device, let alone the cost of integrating it successfully, would be so far over the top...buyer beware.
As I've posted on this before, the US Army has been using RFID for supply chain logistics since (slightly before) the invasion of Somalia, and there is a subsequent body of knowledge amassed about the trade-offs from in the field experience. I can guarantee that even pharmaceutical companies, that really NEED to trace the whereabouts of every pill all the time, have a problem solving this with any real granularity. Actually, when you get right down to it supply-chain security is fascinating because the weakest links are usually the most obvious and yet the least often resolved.
Alas, American technology marketing to consumers is usually so far out in dreamy land it's no surprise that the culture tends to buy on a promise and a prayer, let alone place liability where it belongs for being misled.
Surely the best thing to do to avoid being tracked by RFID chips is to encourage everyone to collect them. Keep a bag full of the things with you (they're small, so it wouldn't be a problem), and make sure to swap a random handful of them with as many people as possible. If you end up with too many, just scatter them in public places. This will have the effect of polluting any data collected so badly as to make it useless for "hard" tracking purposes. On the other hand, it would allow interesting studies of social networking, for those with a lot of time and computing horsepower at their disposal - I feel a thesis coming on...
How many RFID chips can a scanner read simultaneously? The more the merrier, I say ;^)
@ Yvan Boily
Apparently a few seconds in a microwave will fry the radio bit of RFID chips, so if you can't find the chip in, say, an article of clothing, then nook it, and your problem is solved.
In related news, sales of tin foil are up 5000%
I wonder why RFID creates such a paranoid. It is not like wherever you are around the world, RFID can track you. It will work only with in a spatial range. This range will be at the most 100 meters. May be someone sitting in a car in your parking lot can track your movements or rather the movement of the product that has got the RFID tag, which is still a privacy issue. But he cannot do it for everyone who bought the product by sitting somewhere remote.
The problem with that is that a lot of high value items don't like being put in a microwave for even a few seconds.
Not just electronics, but that nice hand tooled leather wallet your significant other gave you for your birthday etc...
The simple answer, is that just about every shop will have them, not just at the check out but at the doors as well (for security).
One proposed use for RFIDs with unique ID's is to prevent theaft / fraud. If you try to walk out and the serial number is not registered as sold then the alarm goes off. Also if you bring an item back the RFID is checked in the DB for your CC# and the number on the sales recipt, if they don't match then questions will be asked...
So the reason for the paranoia is simple, you will not be able to go about your ordinary life without being picked up on a reader many many times a day...
I see it as a way to make shoplifting a breeze, staff will become complacent relying on the machines to detect shrinkage. detect the chip yourself fry it with a electromagnetic magnetic pulse and walk out.
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.