RFID Pocket =========== Mike Sklar v1.0.0, 2005-09-22 Protecting yourself from your RFID future. RFID changes things we use -------------------------- - These devices will all being going away * Magnetic Strips from Credit / ATM cards * 1D Passport barcodes * 2D Driver licenses barcodes What is RFID ------------ Definition from wikipedia ~~~~~~~~~~~~~~~~~~~~~~~~~ - http://en.wikipedia.org/wiki/RFID Radio Frequency IDentification (RFID) is a method of storing and remotely retrieving data using devices called RFID tags or transponders. An RFID tag is a small object that can be attached to or incorporated into a product, animal, or person. RFID tags contain antennas to enable them to receive and respond to radio-frequency queries from an RFID transceiver. Passive tags require no internal power source, whereas active tags require a power source. ...rfid tag pictures... How does it work? ~~~~~~~~~~~~~~~~~ Passive RFID tags have no internal power supply. The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the tag to transmit a response. Due to limited power and cost, the response of a passive RFID tag is brief typically just an ID number (GUID). ...rfid flow charts... RFID fun stuff -------------- - Home automation * human implant - http://www.amal.net/rfid.html - hobbiest access * http://www.phidgetsusa.com/ - Pet tracking * - Clubbing * Baha Beach Club (Spain) * cashless payment * http://www.bajabeach.es/ ...implant pics... ...animal pics (my kitties)... ...animal pics (injection)... ...home locks... ...login... ...start car... ...tracking good... RFID Common Uses Today ---------------------- - Talking Prescriptions for visually impaired veterans - Pets - Beer kegs - library books - pallet tracking - building access - apparel tracking - ID badges - Express Pay (Amex / Mastercard) - Vehicle Access control - Highway tolls (E-ZPass and many more) - Seismic sensors - Car ties - Transit Fares - Smart Key Cars (Toyota / Lexus) - Inmates (wrist watch) RFID concerns ------------- - Privacy / Marketing * http://www.turbulence.org/Works/swipe/main.html - Duplication / Cloaning of RFID tags * Gain Building access * Payment Systems * ExxonMobil Speedpass (ti) * http://rfidanalysis.org/ * 40bit weak keys / FPGA cracking / 2hrs * Casino Chips - Mastercard RFID 4M by 2005 year end - Nokia 5140 RFID reader accessory - Encrypted tags not very strong due too minimal RFID tag resources - Consumer products with tags (Electronic Product Code) * purchaser not aware * can be read without purchaser knowledge * purchased item can be associated to the purchaser * rfid remains funcation post purchase * example: gillette photographs customers who pull safety razors off shelf to deter shoplifting - Nefarious uses * surveilance * high-gain antenna scanning * resold/given away items can map social networks * example: mugger can choose only wealthy people - Passports * Current proposal includes personal information, plus persons name and origin * example: Bomb could trigger when a person from a particular counttry walks by reader * Pakistan passports have RFID tags What can I do? -------------- - Protect yourself * Do not use RFID devices when you have the option in ID and Point of Sale * This won't last - Fight back * Metallic Fabric * LESS EMF * http://www.lessemf.com/fabric.html - Faraday cage * wrap your RFID items in RF block materials (metal) - Lukas Grunwald * RFDump - reading / reprogramming RFID metadata (not serial #) - RFID blocker tag * spits out all UIDs * does not protect against metadata being read * http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/blocker/blocker.pdf What does GOD think? -------------------- - Mark of the beast * pro-beast: http://www.favorminded.com/pray/themark.html * pro-beast: http://www.rfid-666.com/ * anti-beast: http://www.cybertime.net/~ajgood/trust.html * Book of revelation * credit cards / UPC codes had same accusation