Feds At DefCon Alarmed After RFIDs Scanned 509
FourthAge writes "Federal agents at the Defcon 17 conference were shocked to discover that they had been caught in the sights of an RFID reader connected to a web camera. The reader sniffed data from RFID-enabled ID cards and other documents carried by attendees in pockets and backpacks. The 'security enhancing' RFID chips are now found in passports, official documents and ID cards. 'For $30 to $50, the common, average person can put [a portable RFID-reading kit] together,' said security expert Brian Marcus, one of the people behind the RFID webcam project. 'This is why we're so adamant about making people aware this is very dangerous.'"
duh? (Score:5, Informative)
Why would they be surprised? This has been common knowledge for years.
If you have to carry an RFID'ed object that contains sensitive information, keep it shielded at all times or destroy it.
Sounds like a new cop-detector tool... (Score:1, Informative)
If an officer is under cover, they may still be carrying their ID. Looks like a discreet RFID scanner may be added to future tool kits of various orginizations that want to avoid making deals with undercover cops.
wait a minute (Score:3, Informative)
They're attending a security convention with id cards that can be read from their pockets.
It's a good thing they didn't have rfid credit cards.
If it can be done, it will be done.
Misleading post text... (Score:5, Informative)
Federal agents at the Defcon 17 conference were shocked to discover that they had been caught in the sights of an RFID reader connected to a web camera...
erm... not quite what the Wired Article says:
But the device, which had a read range of 2 to 3 feet, caught only five people carrying RFID cards before Feds attending the conference got wind of the project and were concerned they might have been scanned
Still I suppose the Feds have probably hacked into the Wired Article and fixed that one...
The data was destroyed (Score:3, Informative)
"Priest asked Adam Laurie, one of the researchers behind the project, to "please do the right thing," and Laurie removed the SD card that stored the data and smashed it. Laurie, who is known as "Major Malfunction" in the hacker community, then briefed some of the Feds on the capabilities of the RFID reader and what it collected."
Re:What do you bet... (Score:2, Informative)
Is it possible to remove the RFID device?
Yes... with a hammer.
Re:What do you bet... (Score:3, Informative)
Re:What do you bet... (Score:1, Informative)
I went for a different tactic than the clichéd hammer or microwave.
I held a coin against the plastic page in my new Oceania passport with the edge of the coin halfway across the chip, placed another coin centred over the chip and half the 1st coin, then held a third coin on the other side of the page and chip.
A hard squeeze, and there was a click. And when I next use the passport I'll make sure I pull it out my back pocket with some coins, fluff, etc..
No doubt it'll lead to a few extra questions, but after my last couple of experiences going through airports it's not likely that the staff will give a shit anyway. There must be plenty of broken chips out there already too, so I it's quite likely they'll not even bat an eyelid.
Re:What do you bet... (Score:5, Informative)
It is still valid. After returning from a long trip I went to bed and my wife did all my laundry from my trip, which included my passport and ipod nano in a shirt pocket. I was traveling again shortly after and tried to find someone who could tell me if it was still valid, but had no luck. I was going from the U.S. to Mexico and just figured I'd see how it went.
The agent tried to scan the chip and when it didn't work, just treated it like an older passport. I've gone out of the country with it again since then and had the same result.
I wouldn't recommend that approach, as is mentioned above, a hammer will do the job. It took me a while to dry out my passport then I had to leave it under a huge stack of books to get the pages flat again. Knowing that people keep them for 10 years makes me think that they must go through all kinds of things like that.
The nano took longer to dry out completely but still works.
I hope events like this (the scanning of the chips) keep getting attention so that something can be done before disabling the chip becomes synonymous with invalidating the document.
Re:What do you bet... (Score:3, Informative)
Re:What do you bet... (Score:4, Informative)
Every able-bodied man between 18 and 45 is automatically in the militia.
Re:What do you bet... (Score:3, Informative)
Most RFID cards are completely unencrypted, and even the encrypted ones have only basic encryption implemented (it was quite spectacularly reverse engineered a couple of years ago) - there just isn't enough power available to do anything robust.
Re:What do you bet... (Score:3, Informative)
It's the process [wikipedia.org] by which the rights guaranteed to us by the Federal Constitution are held to also apply to the state. The original theory behind the Constitution was that it only applied to the actions of the Federal Government and thus a state was free to establish a state religion, infringe on your freedom of speech/right to keep and bear arms, etc.
This was the accepted view until the passage of the 14th amendment, part of which reads, "No State shall make or enforce any law which shall abridge the privileges or immunities of citizens of the United States" After the 14th amendment passed SCOTUS started holding that various parts of the Bill of Rights (the 1st, 4th and 5th amendments in particular) applied to the states as well. They haven't yet held that the 2nd amendment applies but it's only a matter of time before they do -- a plain reading of the 14th and 2nd amendments doesn't leave much wiggle room for the states to infringe on your right to keep and bear arms.
Re:What do you bet... (Score:5, Informative)
for those who will demand the citation
10 usc 311
(a) The militia of the United States consists of all able-bodied males at least 17 years of age and, except as provided in section 313 of title 32, under 45 years of age who are, or who have made a declaration of intention to become, citizens of the United States and of female citizens of the United States who are members of the National Guard.
(b) The classes of the militia are--
(1) the organized militia, which consists of the National Guard and the Naval Militia; and
(2) the unorganized militia, which consists of the members of the militia who are not members of the National Guard or the Naval Militia.
it should be noted that well-regulated != organized
Re:What do you bet... (Score:4, Informative)
if you sign up for selective service (which you are required to...)
Bzzt, no selective service registration is required. From Title 10, Section 311 [cornell.edu] of the US Code:
The militia of the United States consists of all able-bodied males at least 17 years of age and, except as provided in section 313 of title 32, under 45 years of age who are, or who have made a declaration of intention to become, citizens of the United States and of female citizens of the United States who are members of the National Guard.
details (Score:2, Informative)
Morton Grove Illinois banned them, Kennesaw Georgia required them (no enforcement though, just symbolic) Crime went way up in Morton Grove and dropped in Kennesaw.
I've lived a buncha places, the area with by far the least amount of crime I have seen was Vermont, which is one of two states that have basically a pure no BS second amendment stance. It works once everyone gets used to it.
Re:What do you bet... (Score:3, Informative)
Professional soldiers who have trained extensively with firearms tend to average a couple thousand rounds per kill.
That's because of two things: suppressive fire, which just keeps the target's head down, and training, which burns through tons of ammo without killing anyone. Snipers, who have trained extensively in accuracy against designated targets, average about 1.3 rounds per kill.
Look at an example of a worst case scenario such as the Columbine killings, where two heavily armed kids were in a target-dense environment with no serious concern over defense and yet "only" killed 12 and wounded 24
Harris and Kleibold weren't planning to shoot everyone - guns were for mop up. Their original plan was to blow the place up with propane bombs and shoot the survivors. For an example of how that might play out, check the 'bath school disaster'.
reality has shown time and again that guns are scarier than they are dangerous when put into actual practice.
Sure, when dealing with multiple targets. If you're the only target, things are a whole lot different.
You Are Wrong (Score:2, Informative)
I have a RFID passport right here.
Here on page five:
This passport must not be altered or mutilated in any way. Alteration could make the passport invalid, and if willful , may subject you to prosecution (Title 18, U.S. Code, Section 1543.
Re:What do you bet... (Score:2, Informative)
"A well regulated Militia, being necessary to the security of a free State" isn't in there because they wanted to practice their penmanship. So we have to determine why it's there. You could say that they were explaining why they included this right--which is certainly possible-- but that would make it the only one I can think of that they felt the need to justify. The only other possibility I can see is that it was intended to place some sort of restriction on the second part. But any limitation would be to be a direct contradiction of "shall not be infringed". Basically, it's a lesson about the importance of good writing skills.
1) It's an introductory phrase/clause, and a commonly used tool in English. There are many similar examples in the Constitution and bill of rights. We the People of the United States, in Order to form a more perfect Union...
2) Many of the framers were not fond of large standing armies (for obvious reasons to them), and were non-trusting of a federal government that would raise them. Because of this, they believed the whole of the people should be the militia, and indeed a later amendment said (paraphrasing) the militia of the United States consists of all able bodied males age 17-45 who are citizens, or have made a declaration of intention to become a citizen. In other words, if you're healthy and in the bracket, and are a citizen, you're a militiaman.
Re:What do you bet... (Score:3, Informative)
Why don't cops start shooting at fleeing suspects 99% of the time? Because they're more likely to hit everything else BUT the suspect.
Actually it's because the same rules apply to them as apply to the rest of us. You aren't allowed to use deadly force unless it's necessary to save your life or the life of another. A fleeing criminal is obviously not moments away from the murdering the officer, so shooting him wouldn't be justifiable.