Schneier on Security
A blog covering security and security technology.
« Choosing Secure Passwords |
| Wholesale Surveillance »
January 11, 2007
Radio Transmitters Found in Canadian Coins
Radio transmitters have been found in Canadian coins:
Canadian coins containing tiny transmitters have mysteriously turned up in the pockets of at least three American contractors who visited Canada, says a branch of the U.S. Defense Department.
Security experts believe the miniature devices could be used to track the movements of defence industry personnel dealing in sensitive military technology.
Sounds implausible, really. There are far easier ways to track someone than to give him something he's going to give away the next time he buys a cup of coffee. Like, maybe, by his cell phone.
And then we have this:
A report that some Canadian coins have been compromised by secretly embedded spy transmitters is overblown, according to a U.S. official familiar with the case.
"There is no story there," the official, who asked not to be named, told The Globe and Mail.
He said that while some odd-looking Canadian coins briefly triggered suspicions in the United States, he said that the fears proved groundless: "We have no evidence to indicate anything connected with these coins poses a risk or danger."
Take your pick. Either the original story was overblown, or those involved are trying to spin the news to cover their tracks. We definitely don't have very many facts here.
EDITED TO ADD (1/18): The U.S. retracts the story.
Posted on January 11, 2007 at 12:07 PM
• 41 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Cell phones aren't as useful to tamper with if they don't make it into secured areas.
Could the coins be a proof of concept to see where they end up? Technology only gets better, so is it inconceivable that in the near future that high quality transmitters could be good enough and tiny enough to record and transmit conversations from a coin?
If so, then knowing the effectiveness of the distribution method is valuable knowledge.
The general consensus on the 'net is that these contractors were confused by some of Canada's specialty coins (like the Rememberance Day (Veteran's Day) quarter that had a red poppy on it, or the Breast Cancer quarter with a pink ribbon on it.
We Canadians like our money to be purty.
"We Canadians like our money to be purty."
We Americans like our money to be ugly.
"We Americans like our money to be ugly." - Bruce Schneier
And you certainly succeeded. The notes in particular are among some of the least attractive that I've seen. I like Belgian notes myself. But the Bank of Scotland and Royal Bank of Scotland notes are pretty nice.
I can see it now... "Canada believes the US developing new Manhattan Project in DC-area Starbucks."
Tracking coins seems pretty useless. Nobody carries coins with them everywhere they go. They either spend them, put them in the bus, or keep them at home in a big jar to take to the bank later.
Automated border security profiling: "should we search this guy?" (flips coin - automated profiling system reads RFID to deduce answer) "hold him there while a grab a soda from the machine ..."
FAS has the document referred to by a number of the news agencies:
The coins reference is in "VIII. Appendix 2: Recent Cases" on page 32. The document makes interesting reading.
Wouldn't the surface of the coin act as a Faraday cage? Unless the coin itself was the transmitting antenna, but it seems to me that the coin shape would be a very inefficient antenna.
You can say anything to the press, and as long as you're convincing enough, they'll report it. I remember when the police broke up the "SquadBuster Brigade", an evil paintball ring I was a mamber of. That, or the SquadBuster Brigade is a brand of paintball supplies. Fact checking? What's that?
Although I completely agree that the story is at least implausible, more likely impossible, I do have issue with one of your comments, Bruce.
"There are far easier ways to track someone than to give him something he's going to give away the next time he buys a cup of coffee."
Except -- if you give someone in the U.S. a Canadian coin (particularly a quarter) it's similar enough to likely stay with their change, but no merchant will accept it. (I'm seem them get concerned over a Canadian *penny*.) So - they will carry it with them for some time.
Most people use their credit cards about once per day, and more than that if they travel. If you want a coarse tracking tool, just pull their credit report.
Here's the Remembrance Day poppy coin. They are definitely weird looking. I always do a double-take when I get one as change. The poppy looks like it was added to the coin after minting, and it's the same size as a watch battery or some similar little electronic gizmo. Most of the poppies have lost their red coloration, but a bit of color remains in the margin between poppy and background, which intensifies the feeling that the poppy doesn't quite belong.
If this is the explanation, though, I don't know why they wouldn't just say so.
Er, my link failed. But a Google image search for "remembrance day"+poppy+coin will get you the right picture.
Who says this is espionage? Maybe the Canadian mint is just working on an undisclosed currency tracking/usage pattern project? It is a good way to track individual coins that otherwise have no serial numbers.
They might not want to disclose it because they'd be sought out by collectors and not get accurate data samples that the mint would be looking for.
RFID tags in coins is a stupid way to spy. It is, however, an excellent way to track currency (especially through vending machines and the like). Everything that makes it a weak spy tool makes it a good tool for a mint that is trying to assess coinage usage patterns.
The TTC tokens angle is interesting. You'd think the fine intelligence folks could tell the difference between subway tokens and federally issued coins, but who knows.
One thing on that though - the report Rob Mayfield posted indicates that these people were traveling in Canada "between 2005 and 2006", and the report you posted indicated that the new tokens only went into place November 2006. Which is, technically, included in 2005-2006, but doesn't exactly fall square across the range...
Correction to the above - the report says they were travelling between October 2005 and January 2006. So, well outside the time when the TTC tokens had RFID (or equivalent - doesn't look like they're admitting to what they are)
Sounds like some overzealous contractors to me that wanted to have something to report. Coins are inherently unreliable means of tracking individuals and RFID is only useful when you have a network of scanners installed. The tracking of the coins itself could be an option (although very expensive in relation to the average value of coins). If you want to track a person a gift that he is likely to use (expensive pen, watch) is much more reliable.
Here is some security theatre for all of you. Plant a coin with one of these emitters on a target. Plant a bomb, which is designed to explode when the coin is detected, in an area you know the person will pass. If the person changes plans and doesn't walk by the bomb, you can go back later an pick it up to reuse it somewhere else. It should make a great movie plot.
@tin foil hat: can you say rfid in passport?
Seriously, this is something Q would ask 007 to plant on a terrorist, which would end up with Bond paying for his dry Martini (shaken, not stirred) with.
Now we know how the contractor got the coins.
I'm having a hard time accepting any of this story at face value. First of all, as has been mentioned, what value would a transmitter that has a range measured in inches be? What possible value would an item that is so transient have? Why not substitute a hacked credit card or frequent-flyer card instead of planting bogus change on your target?
I'm trying real hard here, and I can't think of a single useful data point. It's not like these can be used to wardrive to find out where these "defence contractors" work or live (which might be easy to get knowledge anyway).
For the sake of argument, let's assume that these things are not broadcasting until some event is triggered. Then it emits a series of bursts of RF that can be read within some greater distance.
1. I don't want this in my pocket when that happens.
2. I guess it could leak some specific location information if you sort of knew where the contractor worked, and wanted to triangulate a more exact location (say, within a building).
I guess the killer app might be finding out where such a defense contractor was staying or visiting while in Canada. That is, I suppose there is value in knowing what such a contractor is doing, right now, while visiting a foreign nation. I'm still trying to convince myself that the coin could transmit for more than a few metres, at best. And what sort of information even a very efficient and powerful transmitter might reveal that couldn't be found in some other less movie-plot friendly manner.
In terms of industrial espionage, I suppose another piece of information is knowing who the other venfors are in a closed or secret defence contract might be. If you can prove that Dr. Smith from Fake Company Inc. travelled to Montreal to have a private conversation with Bombardier, it might be useful to know that this is actually some well-known person who is actually representing Hughes Aerospace (or something). If you are also bucking for the contract to make nuclear warheads disguised as subway cars, I _guess_ this is valuable information.
BTW, I _seriously_ doubt Canada would spend the time and money coming up with tech to track currency usage. They already know how currency is used: it goes to the bank in big trucks, is distributed to commercial accounts and ends up in your change jar. Some of it ends up back in circulation.
Anyway, I imagine it would be hellishly hard to come up with an RF coin that could get by most coin-op security systems. Coin-ops have been waging a war of escalation against counterfeit coins for years. I doubt even a mint could reliably make a toonie that had the same size, mass, electromagnetic and optical characteristics as a real coin.
@ Chris S:
"Except -- if you give someone in the U.S. a Canadian coin (particularly a quarter) it's similar enough to likely stay with their change, but no merchant will accept it."
You must not live very close to the border. We get Canadian coins mixed in with change all the time here and it's rare that someone makes a fuss about it. I've even gotten loons as change from the US Post Office's vending machines at two different locations. Canadian coins move as least as quickly, if not more quickly out of people's pockets.
Hasn't anyone been to the International Spy Museum in DC? The KGB started using coins to conceal transmitters in the 1950's!
"... details were secret, according to the U.S. Defense Security Service, which issued the warning to the Pentagon's classified contractors. The government insists the incidents happened, and the risk was genuine.
"'What's in the report is true,' said Martha Deutscher, a spokeswoman for the security service. 'This is indeed a sanitized version, which leaves a lot of questions.'"
I recently read Peter Wright's "Spy Catcher". His job was (in part) to tail Russian Embassy staff where ever they went in London, in order to build up as detailed a profile as he could.
Now, I can think of all sorts of reasons to use transmitters like this. For example, you're trailing a suspected spy who goes into a shop. Why? Is he meeting someone, or just buying postage stamps?
Of course, if you want to plant a transmitter on someone, what better way than putting a stooge behind the counter in a shop they regularly visit, and then handing them a bunch of transmitters in their change.
Not only do you get to track them in realtime, but they leave a trail. And, you can track the coins, and recover them pretty easily, too.
If the coins can pick up audio signals, and relay them, then that's even better.
Actually, I do live close to the border (30 miles), and I have relatives who live far closer than that.
My description of the typical reaction was based on experience, but - not recent experience. Perhaps the gradual rise in the value of the Canadian dollar has reduced the concern for an occasional Canadian coin.
I am curious, though, as to getting loonies back as change. What coins did it think it was handling?? The only U.S. dollar coins I've seen always seemed dangerously similar to quarters.
The foreign coin problem even crops up with tokens. I was once sold a Czech 10 heller coin ( http://www.cnb.cz/www.cnb.cz/en/... ) by the TTC and didn't notice it. I expect the automated turnstiles would reject it, but the dropboxes on buses and in stations have no special detectors.
At current conversion rates, the 10 heller coin is worth about 1/400 th of a TTC token!
guess that and the comment about the coins not having RFID tags blows that theory out of the water.
I'm about an hour and a half from the border, and in several decades of living here I've never seen anyone complain about receiving Canadian coins regardless of the exchange rate. You wouldn't believe the argument I got once when I had a Canadian penny in the handful of change I tried to use in Florida once. The clerk seriously was trying to calculate the exchange rate on it before finally refusing it.
The loons I got in two different post offices were mixed with Sacagawea dollar coins. They're about the same size and color, but won't work in the PO vending machines. They don't mind giving them as change though.
AFAIK, the US and Canada have an agreement that there is no exchange rate for day-to-day use of foreign coin currency issued from the other country.
That is, the cost for banks to collect all that coinage up and ship it back across the border would cost more than simply letting people sort it out themselves. I'm not sure how the new CDN money changes this, but this was the agreement between the two countries for years.
It is up to individual vendors if they want to accept such cash, but there is no official exchange rate that applies. That is, it is my understanding is that no Canadian bank with not give you 29.217 cents for your US$0.25. The same goes for US banks.
Now, I have no idea what happens if you show up at your bank with $500 in "change" (those loonies and toonies can add up, now), but I'm sure the amount they might charge you to verify the amount would more than offset any exchange rate you could get.
The point is that amounts of currency that are fractions of a dollar are, for the purposes of international trade, worth exactly the same.
In my experience, cross-border cash is noticed as an occasional oddity, but is quickly forgotten and passed on during the next transaction. Or noted only when trying to use a vending machine.
Then again, every Canadian in the service industry used to have stories about making change for a US visitor who demanded that they were passing them counterfeit money. It is apocryphal that some US travellers rarely saw their own $2 bills, and being passed a number of bright pink bills back as change for a Canadian $20 never sat well with them.
The fact that the bills featured the face of King George III and were emblazoned with the motto, "In Dog We Trust" seemed to be the sticking point for many. Go figure.
When the Canadian Mint issued the $3 bills in the late 80s, this must have really put those folks over the edge.
Just hope the person with the "trigger" coin doesn't happen to wander by as you are picking up the bomb to deactivate it...
Defense Security Service Report Statement on Canadian Coins Incorrect, 01/12/2007
A statement in the 2006 Defense Security Service Technology Collection Trends in the U.S. Defense Industry report which claimed radio frequency transmitters were discovered embedded in Canadian coins is not true, according to DSS officials.
This statement was based on a report provided to DSS. The allegations, however, were found later to be unsubstantiated following an investigation into the matter.
According to DSS officials, the 2006 annual report should not have contained this information. The acting director of the DSS directed an internal review of the circumstances leading up to the publication of this information to prevent incidents like this from reoccurring.
The 2006 DSS Technology Collection Trends in the U.S. Defense Industry report was published by DSS in June 2006. As part of its oversight responsibilities under the National Industrial Security Program, the DSS receives reports from U.S. cleared defense industry to enhance overall security awareness in cleared industry.
Oh, please. How could these things have been used to "track" someone, anyway? Something that tiny would have have a very short transmission range, even assuming we're talking about active RFID instead of passive. And unless it's also got a GPS chip in it, only way to track is through triangulation and signal strength, meaning you'd need have a person with tracking gear following him closely. Oh, and don't forget that the contractor will likely try to spend it before he returns to the U.S. anyway. Perhaps the scariest thing about this is that it likely really was triggered by getting one of the special-issue Canadian quarters that has a special, highly-visible different-colour insignia in it ... what, the people who made the fake coin wouldn't even try to make it look normal?
"How could these things have been used to 'track' someone, anyway?"
Seems highly plausible to me. But I wasn't thinking of it in terms of random long-range tracking, but instead in terms of "marking" someone for tracking or identification in close-range to a transmitter.
In other words, I could remotely tell when you actually entered the room by having a remote sensor read the coin in your pocket, or tell when you sat down in a car, etc., if you know what I mean...
Who cares what it looks like, as long as it spends?
Good reason to give your change to homeless people.
"Security experts believe the miniature devices could be used to track the movements of defence industry personnel dealing in sensitive military technology."
Amazing. Sounds like something they did on Harry Potter
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.