Orcmid's Lair |
status privacy contact |
|
Welcome to Orcmid's Lair, the playground for family connections, pastimes, and scholarly vocation -- the collected professional and recreational work of Dennis E. Hamilton
Archives
Atom Feed Associated Blogs Recent Items |
2004-10-26Arphids: Swarming Near You?
I am putting more focus on security matters in the care of Professor von Clueless, but the story of RFIDs continues to liven up our daily lives and I might as well continue it here. It is also a great opportunity for my belated celebration of Bruce Schneier's blogging his collection of articles, interviews, and Crypto-Gram material. Bruce Schneier Blogs and we are all so happySchneier on Security: RFID Passports October 7,2004: Dana Epp just blogged that Bruce Schneier is blogging, and here it is. Bruce's articles and columns and other material at one source. I subscribed immediately.My maiden link is to an October 4, 2004, article that points out how ridiculous it will be to use RFIDs to chip U.S. and foreign passports. The problem, of course, is that even passive RFIDs of this kind can be used to pick U.S. passport holders out of a crowd or a queue somewhere, and that presents a great number of risks away from passport control points. I don't think these are meant to be active RFIDs (they'd run down too soon) but passive ones, so they are not continuously broadcasting. But they will be easy to ping and even if the content is not trivially decipherable, getting a response may be enough. This is like walking around with an electronic target painted on your passport wallet. I think it is time to take the Arphid Ladybug project to another level. Quickly. Belay that Arphid!Securing RFID information - Computerworld. 2004-10-07: Also from the Crypto-Gram Blog News, information on how easy it is to read RFIDs from a distance of three feet with a reader attached to a laptop. When this gets as cheap to build as the little credit-card scanner that was demonstrated at a recent meeting we can all run around scanning with our pocket computers as if we were sniffing the beach with a metal detector. Arphid dowsing, what a concept.When Counterfeiting RFIDs Will WorkFuture Now: Projection Virtually Reveals Tagged Contents. 2004-10-09: Franz Dill catches an interesting Arphid Ladybug application, one that projects an image of the product that has been detected. This is an interesting clue as to how prevalent and convenient ladybugging can become but it presents another defect. People, like package inspectors, may believe the RFID response is equivalent to confirming the contents of the package. I am not so sure that is what the UPS application would be -- probably more like finding a misplaced package or discovering inappropriate content (what, lighter fluid?) that has been carelessly shipped by a customer. But I wouldn't want to rely on that for authentication of anything. It's like using the picture on the outside of the box. I wonder what will be worth smuggling that it is worth counterfeiting the RFIDs.Mandating RFID, RFID Dating BackACM News Service: RFID - Getting From Mandates to a Wireless Internet of Artifacts. There is an amazing leap, in this blurb, between what RFID technology barely supports at the moment and someones amazing dream of where we are headed."Over the next few years, WINMEC will work to bring together user companies and technology vendors to collaborate on interfaces, middleware, and protocols to be used for the Internet of Artifacts." and that is apparently a way for the RFIDs in a space to interact among themselves for some business-benefitial purpose. Amazing. And just getting started. Rajit Gadh's 2004-10-04 ComputerWorld article provides more detail. "The transition from the current RFID technology to the Internet of Artifacts requires significant research and new infrastructure generation at several layers. The lowest layers would allow robust communication infrastructure among the artifacts. The middle layers would allow data exchange formats to be specified, coded/decoded, routed, tightly secured and so on. The upper layers would provide the business logic to drive the middle and lower layers." Nowhere do I see any discussion of the issues around security and privacy, even for the suppliers themselves. Arphids Are Science Fiction, Yes They AreACM Queue: RFID Isn't Science Fiction. 2004-10-24: The snippet included in the ACM Queue RSS Feed says simply: "Is RFID going to wreak its havoc on your systems?" This is Edward Grossman's October 2004 ACM Queue editorial introduction to the RFID features. It is all going to be wonderful, and it is here now, coming to a DoD Wal-Mart near you. Goshers.Oddly, the science fiction question is not addressed. We go for magical fantasy instead. The Magic of RFIDACM Queue - The Magic of RFID - Just how do those little things work anyway?. This is the 2004-10 article on RFID technology by Roy Want of Intel Research. The first long page is devoted to the history of the technology and a hint at the network effect that is hoped for as well as the kind of adopter drag that happens when organizations mandate the use of them. The only risk mentioned in this part is the risk of early adoption and infrastructure investment if the technology fails to take off.On the second page, the operation of passive arphids and the various difficulties the scanner has are sketched. Some extensions, including connection to environmental sensors, use in conjunction with packaging security (sensors that detect tampering) and use of on-arphid memory to carry data that is added over the life of the RFID are introduced as possibilities. Further issues described by Want have to do with problems of missing some RFIDs because they are oriented incorrectly relative to the scanner. There is also the prospect of interference resulting from two or more scanners operating in proximity to each other (write this in your notebooks kids, it'll be on the quiz). There are also difficulties with arphids in proximity with ferrous metals, and there are competing standards for RFID signalling and data formats at this time. There are also scanning range problems and RFID manufacturing costs to improve before RFIDs can be commonplace. The social concerns are acknowledged in three paragraphs. Want accurately describes exaggerated fears of the current technology. He acknowledges that if these public concerns are not addressed successfully, it may impact sales for early adopters. (One of the competing RFID standards does provide for a kill-switch that can disable a tag at the point of sale. As I have mentioned before, how can a consumer tell that privacy safeguards have been successfully implemented? [But your private arphid ladybug would reveal all.]) At the end of the article, it is finally mentioned that the next big hurdle is the infrastructure for gathering data from RFIDs and making it useful in RFID-based inventory control systems. We have not ever considered item-level tracking at this level in any historical inventory systems. In short, this article stays on-message with regard to the technology and how is it to be perfected. It recognizes basic concerns that come up for deployment and the business models that deployment impacts (or vice versa). The larger system issues about why we are doing this and what are the real security, safety, and privacy issues are not addressed. Part of the problem is that the exaggerated scary version of dangers can't be addressed, because it is based on fantastic extrapolations beyond the current state of the technology. Want appears to think that it is all about misperception, though, and I think he finesses the concerns with the current technology a little too easily. I think the future will hinge on whether adopters of arphids find out that it creates security and privacy issues for them, not just consumers. That may dampen any motivation for extravagant applications, especially with regard to usability in surveillance. Comments: Post a Comment 2004-10-25Our Kids Are in Big TroubleWired Issue 12.10: Government is using technology to burden their future - and it's all our fault. Lawrence Lessig has gotten to the heart of how we are living and the deterioration of political will that goes with it. It is simple: the future can't vote. It's not that we are spending them into incurable debt, its that we are creating a world that we don't have to live in. And wouldn't choose to. If the key to immortality is living a life worth remembering, how will the children of the earth remember us? Thanks for the link from Sean from Scoble. Comments: Post a Comment |
You are navigating Orcmid's Lair. |
template
created 2002-10-28-07:25 -0800 (pst)
by orcmid |