Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Employees In Swedish Office Complex Volunteer For RFID Implants For Access 168

Posted by timothy from the not-for-all-the-butter-in-smaland dept.
Lucas123 writes A Swedish office building is enabling corporate tenants to implant RFID chips into employee's hands in order to gain access through security doors and use services such as photocopiers. The employees working at Epicenter, a 15,000-square-foot building in Stockholm, can even pay for lunch with a swipe of their hand. Hannes Sjöblad, founder of Bionyfiken, a Swedish association of Biohackers, said Epicenter is not alone in a movement to experiment with uses for implanted chips that use RFID/NFC technology. There are also several other offices, companies, gyms and education institutions in Stockholm where people access the facilities with implanted chips. Bionyfiken just began a nationwide study using volunteers implanted with RFID/NFC. "It's a small, but indeed fast-growing, fraction which has chosen to try it out." The goal of the Bionyfiken project is to create a user community of at least 100 people with RFID implants who experiment with and help develop possible uses. But, not everyone is convinced it's a good idea.

John Kindervag, a principal security and privacy analyst at Forrester Research, said RFID/NFC chip implants are simply "scary" and pose a major threat to privacy and security. The fact that the NFC can't be shielded like a fob or chip in a credit card can with a sleeve means it can be activated without the user's knowledge, and information can be accessed. "I think it's pretty scary that people would want to do that [implant chips]," Kindervag said.
This discussion has been archived. No new comments can be posted.

Employees In Swedish Office Complex Volunteer For RFID Implants For Access More

Employees In Swedish Office Complex Volunteer For RFID Implants For Access

Comments Filter:

  • You could just... (Score:2, Insightful)

    by Anonymous Coward

    ...tattoo everybody with a bar-code...

    • ... on their foreheads or on the back of their right hands.

      • Re:You could just... (Score:5, Funny)

        by PolygamousRanchKid ( 1290638 ) on Saturday February 07, 2015 @07:22AM (#49004853)

        I'd like to have the chip implanted in my dick. I have a tiny little mind, and am easily amused by puerile shenanigans . . . so whipping out my dick and waving it around to open doors and pay for stuff . . . priceless!

        MasterCard, Visa and American Express, please take note of this post! This is the "Innovative Cloud of Internet of Things," that everyone is talking about!

        • but when it would count your average number of thrusts... might be embarrassing data if leaked.

        • This is the "Innovative Cloud of Internet of Things," that everyone is talking about!

          Doctor: "Sorry, Mr. PolygamousRanchKid, but your urine is a bit cloudy; I'd like to run a couple more tests..."

        • Re: (Score:2)

          by msobkow ( 48369 )

          Until all the female staff start pointing and laughing at you... :P :P :P

          "Look! He's got a teeny tiny magic wand! *BWAHAHAHAHAHAHA*"

      • I cannot believe that nobody here got this. Revelation 13:16. And I don't consider myself religious. Too bad I don't have mod points right now. well done sir.

        • I cannot believe that nobody here got this. Revelation 13:16. And I don't consider myself religious. Too bad I don't have mod points right now. well done sir.

          I got it but no mods points to spend today. always have mods when there is nothing worth modding but never when there is

    • Or a number, like what the Nazi did (Score:2, Insightful)

      by Anonymous Coward

      Yep, like what the ranchers often do to their calf - branding

      I mean, what's next?

      Every new born has to be 'chipped', like kittens / puppies?

      What NSA/GCHQ did was bad enough and this is much worse !

      We might as well chuck that UN Charter of Human Rights out of the window, since human themselves are willing to be branded

      • This is not the first mass publication of people willingly getting themselves chipped. If enough people start to believe the media (safer, and easier, really! *wink*) then there is no need to force anyone to get chipped.

        Here, there are numerous negative comments surrounding the subject. See any of this same negative feedback in the "news"? I have not, yet I have seen people paraded in front of the camera with ID tattoos, and remember a Florida family being portrayed as very happy and "safe" after they we

    • Only if I can tell the machine my name is Not Sure.

  • How long until mandatory? (Score:4, Informative)

    by Anonymous Coward on Saturday February 07, 2015 @04:50AM (#49004535)

    Look, if you want to be that stupid, as long as it only affects you, go right ahead. But don't bother anyone else with it, thanks. Yet there's the rub: Before you know it, it's become de rigeur and everyone is expected to follow, something I'll never do voluntarily. So force it is going to be. I object to that.

    • Re:How long until mandatory? (Score:5, Insightful)

      by Anonymous Coward on Saturday February 07, 2015 @05:03AM (#49004553)

      Your objection has been noted, and will be ignored when the time comes. You're strongly advised to think your position over, to rationally analyze your fears and to understand that change is inevitable so you might as well embrace it. The consequences of some misgiven "rebellion" would be... Unpleasant to you and your family.

    • This. Noone is implating any chips in me. Give me a card to carry around with an RFID chip to enter work? Fine. But it's not going any further than that.

  • Insecure? (Score:5, Interesting)

    by Anonymous Coward on Saturday February 07, 2015 @04:53AM (#49004539)

    Isn't it like extremely easy to copy passive NFC/RFID tags? You just record them and replay them.
    So in essence this adds nothing to security and only harms privacy. (But I guess that is pretty much the norm everywhere these days.)
    Well, at least it might be a bit convenient since the people doesn't need to remember their keys.
    Not that it should be an issue, they would probably rather be caught dead than forgetting their smartphone somewhere.

    • Re: Insecure? (Score:5, Insightful)

      by Anonymous Coward on Saturday February 07, 2015 @04:59AM (#49004545)

      Even when you can't just replay them you're often able to relay them.

      Shake hands with a person in one place and in another your partner is able to authenticate as being them.

    • As far as I know, the only chips fit for implanting into humans are very easy to clone. What I don't know is how long one needs access to the chip to clone it. Do you need 10 minutes to break some weak-ass encryption, or is it as easy as sneakily running a scanner past someone's hand as you shake it? If cloning the chip takes some time, then putting it in your hand adds some security as it'll be much less easy to clone. Still, that doesn't outweigh the downsides.

    • Isn't it like extremely easy to copy passive NFC/RFID tags? You just record them and replay them.

      Not if it's implemented with public/private key encryption to generate an encrypted challenge/response communication.. i.e. A private key is stored in the RFID tag, along with the public keys for any scanners it's supposed to respond to. When a scanner queries it, it sends an initial "who are you?". The RFID tag responds with its ID. The scanner then looks up the ID in its list of public keys. It then crea

    • Doesn't seem actually quite that easy though in practice. Some RFID tags employ a challenge/response mechanism.

      If someone does have such a solution available, though, I'm interested! A colleague tried to reuse the tags at work for some other purposes by writing a custom reader for them, but I think he gave up due to those issues.

  • Comment (Score:5, Insightful)

    by easyTree ( 1042254 ) on Saturday February 07, 2015 @04:59AM (#49004547)

    The NSA declined to comment although a muffled "W0000000t!!!!" could be heard in the background.

    • Re: (Score:3)

      by itzly ( 3699663 )

      Short range RFID devices with encryption aren't nearly as useful for the NSA as mobile phones that can be tracked from a mile away.

      • Re: (Score:2)

        by pmontra ( 738736 )
        To prevent replay attacks you should beam a different signal to the RFID each time, and each RFID should reply with a different answer to the same signal. The receiver looks up the answer into a table of expected answers and identifies the wearer. Is this how they work or is there a smarter way?

        • Re: (Score:2)

          by itzly ( 3699663 )

          A table will run out of entries. It's better to use something that can be dynamically generated. For instance, you can generate a random string, ask the RFID device to encrypt it with its private key, and then you can verify it with a public key. That way, all you need is a table that links public keys to employees/customers.

          • Re: (Score:2)

            by pmontra ( 738736 )
            That is obviously better. I didn't know RFID could do that kind of computations. Do they need an internal battery or the power they get from induction current is enough?

            • Re: (Score:3)

              by itzly ( 3699663 )

              They would use induction. I'm not sure that the technology is advanced enough that we can power public key encryption from induction in a small implantable device, but that's probably just a matter of time. There are already passive RFID cards that can do AES, which would be good enough for employees at the office buying a sandwich.

              • There's also glucose-powered... fuel cells? Some sort of small system recently developed that can run off blood sugar, for the specific purpose of powering low-power implantable technology.

            • Re: (Score:2)

              by flux ( 5274 )

              They get the energy and the clock signal from the 'receiver'. So they don't even need a crystal. But as long as they have those two available, they can perform any kind of computations. As longer computations need more clock pulses, it could be that advanced crypto algorithms could increase the time-to-validate annoyingly.

      • Not very useful to the NSA, certainly, but a gold mine for Europe's approximately eight billion pickpockets.

      • Except I seem to recall that some folks have made highly directional scanners that can read chips from blocks away. Still not as convenient as a cell phone, but cell phones can be left behind if you're doing something the overseers might not approve of. Seems like an implanted RFID would be a wonderful complement in a surveillance state, especially if it was eventually made illegal to mask the signal. Automated system: "Non-chipped humanoid identified at location 1234:5432, intercept and apprehend"

  • Is it really that bad for privacy? (Score:5, Interesting)

    by Scorpinox ( 479613 ) on Saturday February 07, 2015 @05:16AM (#49004569)

    I'm no RFID expert, but it's just used for identification, right? It won't be long until face scanning is good enough that you can identify someone from even further away than the range of an RFID chip. The potential for people cloning the chips seems worse than any sort of privacy/tracking worries.

    • Re: (Score:2)

      by itzly ( 3699663 )

      I'm no RFID expert, but it's just used for identification, right?

      Contactless payments are another useful application.

    • Re:Is it really that bad for privacy? (Score:5, Interesting)

      by hcs_$reboot ( 1536101 ) on Saturday February 07, 2015 @06:49AM (#49004775)
      There is one big concern: the chip cannot be removed. Outside the company you're a person, not an employee. So when things turn awry, some guy installed a RFID reader and knows (and can prove) you were at that place at that time, or some better ideas yet unknown, your surgery skills will be at test.

      • Who says it can't be removed? If it's just under the skin it is a *very* minor procedure to put in and remove. We do the same thing all of the time for implanted contraception (Implanon [implanon-usa.com]). You don't want to do this every month but for a semi permanent sort of thing it's trivial.

    • It's not just about privacy (Score:2, Interesting)

      by Anonymous Coward

      The privacy part is important, but not the only part. It's a bit like biometrics, that aren't replacable and aren't quite private. Of course, you can zap the tag and implant a new one, and keep doing that until your arm rattles. But that doesn't make it a good idea. Personally I already object to tagging pets, because of this, and because of the wireless part. I'd acquiesce to tattooing a number in the ear so that a vet can look up ownership, but that's as far as I'm willing to go. Nobody needs to check own

    • Come on, it's being used at work cafeterias and at the gym. It's not the end of the world if someone clones it.

  • I used to "wear" a RFID chip, it was claimed more to account for for personal in case of an accident, thinking about it now not many would of passed through the portal if an accident took place.

    Would we of had them implanted if small enough? For the job and pay I think it would of been accepted at that time. Security was all important with different levels, I had to use a hand geometry scanner to reach my work place.

    • Would we of had them implanted if small enough?

      "We've". Or "we have". NOT "we of".

      This type of illiteracy is relatively new (to me). I've seen it a lot in the last few months, never before that. Is this something they're teaching in schools now?

      • Because we can no longer correct people in schools for grammar. It's the motive in writing that gets graded today, not the ability to communicate. Government mandates, you are welcome.

  • Christian fundamentalists will smile knowingly (Score:5, Interesting)

    by Bruce66423 ( 1678196 ) on Saturday February 07, 2015 @05:22AM (#49004579)
    They've been predicting this technology for decades, based on the 'mark of the beast' being necessary to buy anything

    [The Beast] also forced all people, great and small, rich and poor, free and slave, to receive a mark on their right hands or on their foreheads, so that they could not buy or sell unless they had the mark, which is the name of the beast or the number of its name. (Rev 13:16,17)

    • Re: (Score:2)

      by devman ( 1163205 )
      The passage is extremely vague and can be applied to almost every type of official currency. They said paper money was the mark of the beast, they said credit cards were the mark of the beast. At the time the passage was authored it was likely referring to Nero's profile appearing on of Roman coinage.

      • Re: (Score:3)

        by s.petry ( 762400 )

        If you want to argue against GP's statement at least make it rational. I study a hell of a lot of history and have found many currencies have been called "tools of Lucifer/Satan" and even sinful, but not a "mark of the beast". The "tool" statement usually relates to money being used as a control mechanism, because it's not an individual mark that was required for a person to buy/sell or even receive currency. The 'sin' arguments usually relate to how people put more faith into money than religion, covet

    • So can you explain how an RFID chip is "...the name of the beast or the number of its name."?

      Each RFID chip would be unique to identify the buyer and seller. Which means they'd all be different. And unless the beast has one name per person, the RFID cannot be the name of the beast. And not the mark of the beast.

      QED.

      Thanks for playing. I love how people who insist on a "literal interpretation" allow their mind to wander. If you believe that revelation is fact, and will come to pass, you should look for

      • Re: (Score:2)

        by s.petry ( 762400 )

        I'm not claiming it's rational to do so, but will tell you it's easy for people to make this claim. It is easy because depending on what a person looks for anything (or close) can be called three sixes. III (in writing it looks more like a 1) in ancient Hebrew was pronounced "V", so people will claim that VVV = 666. If they take VW or WV we can claim it's 3 Vs or 666. Similarly 111 and III can be claimed to be 666 also. I have read all kinds of these, and in fact there is a Wiki [wikipedia.org] page and countless othe

    • I used to think the author(s) of Revelations were unbelievably prescient and ahead of their time in predicting the ascendence of bar codes, RFID tags, etc. to identify and to number people.

      Now with facial recognition, and with DNA readers in the future, who needs to "mark" people?

  • "New and improved over our previous 666 model corporate drone." Available in Yes man versions.

  • who in their right mind would willingly submit? (Score:3)

    by ihtoit ( 3393327 ) on Saturday February 07, 2015 @05:30AM (#49004605)

    So many things wrong with the very IDEA of this.

    An implant is as permanent and as symbolic as a fucking TATTOO. Remember the last people to use tattoos to identify individuals? Read some books and see how that shit turned out for six million people.

    • Re: who in their right mind would willingly submit (Score:2, Insightful)

      by Anonymous Coward

      Yes, except⦠that they're easily removed and not visible. But besides that they're totally like tattoos.

      • Re: (Score:2)

        by ihtoit ( 3393327 )

        fuck off #49004625, when you've got one of these things in your arm you'll not be an AC any more - all your personal data will be displayed in plain text for all who are willing to pay for the directory CD. From insurance underwriters to cialis merchants to internal revenue service to security services to the health service, they will each own a piece of you.

        Mark my words, and mark these words as well:

        "Arbeit Macht Frei".

        • Re: (Score:2)

          by itzly ( 3699663 )

          Just walking around with a phone, or a face, is already enough to lose your AC status.

          • Re: (Score:2)

            by s.petry ( 762400 )

            If you carry around your phone 24/7 then you are a really sad person in my opinion. Life away from the constant Twitter and Facebook feeds is really quite nice. That said, I have no qualms either moving or asking people to stop taking pictures if they happen to continue after I move. You are kind of right that people are tracked more often than they may think. At the same time, many of us are not tracked as often as you seem to think.

    • Re: (Score:2)

      by itzly ( 3699663 )

      Things in WW2 had already turned shitty. The tattoos came later.

    • This is patently ridiculous!

      In the RFID chip, we write the numbers much, much smaller than the WW2 tattoos!

  • People would love it. (Score:3)

    by geekmux ( 1040042 ) on Saturday February 07, 2015 @05:32AM (#49004611)

    "...NFC can't be shielded like a fob or chip in a credit card can with a sleeve means it can be activated without the user's knowledge, and information can be accessed."

    And how many people currently shield their smartphones from bluetooth, NFC, WiFi, IR, radio, or GPS? (you know, that technology we use to track things) Obviously the majority of post-Snowden society today has no problem carrying around devices capable of tracking them.

    Activated without the users knowledge? Well, only if they didn't take the time to read every page the 37 EULAs they've accepted, along with the other 27 auto-accepted when they activated their new smartphone. I'm certain data is being slurped with every GPS refresh and radio pulse. And it was agreed to by the owner.

    Society is so accepting to this that a kids game theme (follow the leader, tag-you're-it) could be tied to the marketing and people would buy it.

    Doubly so if Apple did it.

    • It seems to be a fairly well established principle that "without the user's knowledge" means "without the user's knowledge", not "if they user had tried harder, they could have found out."

      None of Snowden's revelations seemed new to people who cared about privacy already. (Maybe I missed something?) But most people didn't care til they were spoonfed it.

  • lanyard, motherfuckers, just wear a lanyard (Score:3)

    by raymorris ( 2726007 ) on Saturday February 07, 2015 @05:54AM (#49004655) Journal

    This has roughly zero advantage over clipping your ID card (with RFID) to a lanyard you wear at work. I'll leave it to my fellow Slashdotters to list all the disadvantages. So this is just plain stupid and pointless, along with all of the other adjectives others will post.

    I know the new "progressive" thing is that we're all interchangeable cells of out defined group, you're "a black" or "a white" or "the rich" or "the poor", but for myself I like a little personal privacy and individual dignity.

    • Re: (Score:2)

      by itzly ( 3699663 )

      An obvious advantage is that you can't forget to bring it.

      • If I forget my wallet, I'm not going to be able to board the train to the city since my transport pass also lives in it.

      • If you're the forgetful type, whatever is critical that you must bring to work, touch it to the door of your house as you leave. It quickly becomes habit - close door, touch badge, lock door, open car. After doing that for ten days straight, it'll become rather difficult to forget.

        This method can be taught to 3rd graders.

        • Some people (like myself) use different transportation on different days. I'm pretty organized and careful, but there are plenty of times I show up to work without my fob because it's on my other key ring, or in my "bike gear" backpack and I drove today, etc.

          I've said in the past that I would volunteer to get the chip if it were ever available, but that was easy talk when I knew that it was not. Now that I could actually do this, I have to admit I would think about it carefully. A lot of potential to go w

          • Since "there are plenty if times", it might be an interesting experiment to touch your work keyfob to the door of your house as you leave each day. Once the habit is engrained, you may never leave the house without your fob again.

  • "volunteer" (Score:2, Interesting)

    by Anonymous Coward

    The employment climate in Sweden if very far from the socialist dream of the 1970's. Today it is very easy to get kicked out on your ass in Sweden. You don't want the implant? Well then you cant do your job, audios! We had a guy fire for saying he liked big breasts and another because he wanted he stipulated vacation during summer (which is his right by law). Sweden has somehow transformed from a democracy with a good employment climate to a dictatorship (we basically have a one party since the "December ag

    • You don't want the implant? Well then you cant do your job, audios!

      does this also include videos, as well? we now live in a multi-media world, you know...

  • ... though you have to wonder who would voluntarily do something like that. It's easy to see who want to do it _to_ someone though.

    The implants are used on herd animals in farming and pets. Is that what those people feel they are?

  • Regardless of how minor the surgery may be, I would *never* consent to surgery just to get a job. Never mind to implant a tracking device that remains active outside the workplace.

    The employment rates over there must really suck if people are "volunteering" for this.

  • I think everyone from employers to credit card companies and loyalty card companies are going to be issuing RFID-embedded cards real soon now, and so in the next couple-three years I'm probably going to end up with a lot of RFID chips on me. I've been kicking around the idea of trying to read them with my NFC-enabled phone and then playing them back later on so I don't have to carry around all those goddamn loyalty cards. Of course, it's just a step from that to picking up and playing other people's. Anyway

  • A small permanently implanted device wirelessly broadcasting (Yes I know passively) its unchangeable code? Isn't that completely the opposite of "security"? I think a lot of people in the corporate culture mistake "security" with "convenience" and assume everyone else on planet earth is as inept as them when it comes to technology.

  • I see RFID implants as the mark of the beast. 666. It also forced all people, great and small, rich and poor, free and slave, to receive a mark on their right hands or on their foreheads, so that they could not buy or sell unless they had the mark, which is the name of the beast or the number of its name. Revelation 13:16-17 This is my interpretation.
  • I chose to have the implant in my penis so I have permission to whip it out a couple dozen times a day.

  • Try getting an MRI with an implant. The last one I had on my head and neck for my acoustic neuroma, the technician told me to remove my wedding ring because it might vibrate. Right on the form it asks "do you have an implant?"

  • ... now I have to microwave my arm?

Slashdot Top Deals

Solutions are obvious if one only has the optical power to observe them over the horizon. -- K.A. Arsdall

Close