Rules are rules
Posted on 08/31/2008 7:31:10 AM PDT by MichiganMan
Credit card companies successfully nixed a Mythbusters segment exposing RFID's security flaws, according to Arbiter of Truth and Mythbusters co-host, Adam Savage.
Texas Instruments comes on along with chief legal counsel for American Express, Visa, Discover, and everybody else... They were way, way outgunned and they absolutely made it really clear to Discovery that they were not going to air this episode talking about how hackable this stuff was, and Discovery backed way down being a large corporation that depends upon the revenue of the advertisers. Now it's on Discovery's radar and they won't let us go near it.
Well, you can understand the Credit Card Companies reaction, Geeks across the land would be building RFID readers and sending them to Kari to impress her...
Kari? Yeah, Kari!!
You know the rules, where is it.
Once again, like with the WGN situation, it’s the truth that is scary, not the fabrications.
We might never know, but I’d be curious to see how much grief Mr. Savage gets just for his part in this video.
I just love the small shot at Smash Lab. Damn that show sucks.
Used mostly for building access and package tracking today, RFID is not privacy friendly technology. With a range of at least 3 meters RFID chips can theoretically be hidden in products from laptops to shoes without the user’s knowledge and can be used to track the users movements and behavior across a network of scanners.
I know that one of the security problems is that the cards can be readily cloned - if you sniff a scanner, then sniff a card on that network you can clone the card as many times as you like just by duplicating the key.
Most businesses in major cities give employees RFID cards to use like building keys. We’ve started recommending that clients use RFID for secondary internal access only, say between zones or departments within a building, like access to server rooms. Primary access to a facility should be granted only after people have been identified by a less vulnerable means (Mark 1 eyeball for instance).
Smash Lab is beyond lame. Still worse was the Rocket Guys show. hat was sooo painful.
By theway, Kari is awesome!
It's worked pretty good.
Oh most certainly. The potential for tracking is beyond current comprehension. If less than one decade we could easily be living in a society where your every move is tracked. Think about it. Your sneakers have a tag that tracks it through production and shipment. That tag, hence, those shoes, gets tied to your name through your credit card purchase. Those shoes’ tag then announces your presence and movement throughout any store with appropriately equipped scanners and purchased access to the above info. Very simple endeavor for startling tracking ability.
Yea, i tried watching Smash Lab. It was like watching High schoolers trying to demonstrate gravity or something.
Actually I had already heard about this, and I want to make a Faraday cage using cloth for my credit cards. I might be paranoid, but the geek in me thinks it's just cool to work with metal encoded fabrics. I actually want to build a cage for my server next.
From Wikipedia: http://en.wikipedia.org/wiki/RFID#Security_concerns
“Cryptographically-enabled tags typically have dramatically higher cost and power requirements than simpler equivalents, and as a result, deployment of these tags is much more limited. This cost/power limitation has led some manufacturers to implement cryptographic tags using substantially weakened, or proprietary encryption schemes, which do not necessarily resist sophisticated attack. For example, the Exxon-Mobil Speedpass uses a cryptographically-enabled tag manufactured by Texas Instruments, called the Digital Signature Transponder (DST), which incorporates a weak, proprietary encryption scheme to perform a challenge-response protocol for lower cost.”
That’s why I’m becoming a bigger and bigger fan of cash - it can’t be traced back to you.
In any case, I remember finding out my brother had a RFID-enabled debit card, so I promptly helped him line the relevant pocket in his wallet with a layer of aluminum foil. Fortunately, I have nothing with an RFID chip in it with personal information besides my passport, and when/if it looks like I’m going to use it, I’m buying one of these: http://www.thinkgeek.com/gadgets/security/910f/ before taking it out of my house.
Nice, thanks for posting that. I wish I had this when I used my passport. I didn’t realize that it had one of these chips.
You, sir, are a righteous man.
Not doing so would be unAmerican.
Ping.
An RFID reader can read the info on your card while it is still in your wallet in your back pocket. Stay away from RFID cards.
bmflr
Really! Too bad. I haven't seen an episode yet (it looked too much like a Mythbusters's ripoff), but I was planning on taking one in eventually. How bad is it?
These chips cannot stand even a light blow from a hammer. Give your new passport a good beating.
One of my Grad School papers was on the dangers of RFID. I wonder how they’d feel if I published my findings out on the ‘net (which included how hackable RFID was, and how easy it is to read.)
Best picture of her ever. Wonder why she changed into such a dog this season ....
/pulls out hammer
/shakes head, pulls out large hammer
/smiles evilly and gets car keys
Thanks
For those of us who do not live in the geek world, just how do we know if we have something that has an RFID chip in it? Then how do we disable it?
Well I just heard about it here. I looked it up and found out that it was in those Paypass Mastercards, and some metro subways cards. It’s also in passports (US ones if you got it past 2006, which I did). Just Google whatever your cards before you get it with RFID to make sure. However, according to ccmay they are fragile and can be destroyed. However, I would expect that you wouldn’t want it destroyed the paypass card (Since it’s how you pay). You want to protect your card then, so that people can’t take up your information since even a RFID chip not powered can put out a signal out from 10cm to 10 meters (according to wikipedia). This would be what’s in a credit card. You can buy the wallet that ccmay recommended to me. It seems like that it would be safe enough.
Hope that helps
The crooks no doubt know about it already.
Nevertheless, it seems like Mythbusters should be helping the NY Times tip off terrorists on the various ways law enforcement agencies and the US military and intelligence communities track them. ;’)
You will want yourhour back. You look forward to the commercials.
You would prefer to be dutch ovened by Joy Behar!
It is a very lame rip off along with them blowing something up at the end.
Don't bet your life on it. Hold a modern bill up to the light and notice the thin magnetic strip running top to bottom near the left side. That has the serial number encoded
ATM machines spit out $20's. Hardly anybody uses $50's or $100's, so when you make a purchase and hand over a $20, that bill will most likely go straight back to the bank from the store. If the bank gets mandated to use cash counting machines which also record the serial #s of incoming cash, and ATMs that record the serial #s of outgoing cash, and forward those records to a central office, then the fed can have a list of where you've likely been shopping. And if a drug dealer is busted with cash which came out of your ATM, you may find yourself getting some questions
This may not be in place today, but it would be easy to put in place at some point
That was my point earlier, we lack the perspective to conceive of what possibilities RFID enables, and the ones we can come up with are pretty mind boggling. Another simple one: Imagine employers putting these one cent tags into increasingly ubiquitous Employee ID badges. A few well placed scanners and you have a time clock, even if your job "doesn't have a time clock"
Kari is quite hot, however on a recent episode I saw (the one with the ceiling fans that supposedly decapitated someone), they had another hot babe, this one blond and tattooed working along with Kari. And Kari had to excuse herself from one test, because she is a vegetarian, but the blond wasn't. Who was the blond, and where is a photo of her?
She is not on the show anymore as far as I know.
She is also quite spanky in her own way.
Oh, and fortunately for people who would like to destroy the RFID chips in your credit card, PayPass or other RFID-enabled cards can be swiped like standard credit or debit cards - I do that at work all the time when our PayPass readers aren’t working (which is more often than not). As long as it’s got the black stripe, the card can be almost broken in half and it’ll still work. However, I think the easiest way to disable or at least mess up the chips would be to slip the credit cards into the freezer for a bit, since on my passport it clearly said to avoid having it in ‘extreme’ heat or cold for extended periods of time (apparently ‘extreme’ is something like ‘more than 20 degrees away from room temperature’).
*disclaimer: I am not advocating tampering with your passport, as that is illegal.
Cause she’s pregnant in most of the episodes.
That was Scottie. She left the show when they went to the build-team/Adam-Jamie format. She has been back on the show occasionally.
http://dsc.discovery.com/fansites/mythbusters/meet/scottie-chapman.html
I haven’t seen the show in ..... more than a year now? So my comment wasn’t based on her being pregnant this season. My comment was based more on all the stupid things she’s done with her hair the last few seasons and how she’s ‘dressed down’ in really crappy clothing.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.