Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Businesses Communications Hardware IT

A Technical RFID Primer 131

gManZboy writes "Roy Want, principal engineer at Intel Research, has a pretty meaty technical overview of RFID up at Queue. If you ever wondered how these little things actually work it's worth a read. For instance, I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up and transmit their own signal back to the reader."
This discussion has been archived. No new comments can be posted.

A Technical RFID Primer

Comments Filter:
  • by OccidentalSlashy ( 809265 ) on Tuesday October 26, 2004 @09:37AM (#10630698)
    Are they biodegradable?
    • by Anonymous Coward
      I would suggest that instead of composting your used RFID tags, recycle them. Perhaps these small pieces of silicone could be used in the clothing industry. I can see it now, a RFID "sequined" jacket that drives all RFID readers crazy.
    • Here is a news released on Oct-13

      "A computer chip that is implanted under the skin won U.S. approval on Wednesday for use in helping doctors quickly access a patient's medical history.

      The VeriChip, sold by Applied Digital Solutions Inc., is placed in the upper arm in a painless procedure that takes minutes, the company said."

    • Well here is my little conspiracy theory... First its RFID tags on food because it makes sense. Then pets because we don't want to lose them, because we love them. Then criminals because we want to be safe. All of this total common sense. Then we should tag hospital patients because it makes sense, helps make sure they get the right treatment. Then perhaps we should tag any known terrorist with some form of device... then tag everyone, have a one world economy, cashless society where we all pay electr
  • by Dancin_Santa ( 265275 ) <DancinSanta@gmail.com> on Tuesday October 26, 2004 @09:41AM (#10630740) Journal
    I am looking into wiring the office with RFID readers and equipping the engineers with RFID tags that will allow them to beep in and out of the office. Without a valid tag, the doors would not unlock. I've seen this done with smart cards previously, but would like to do it with a more lightweight technology.

    The most obvious security risk is that someone steals a tag and enters the premises unnoticed. But there are others that I worry about. Stuff like the ease of replicating an RFID tag or even a hacker passively reading a tag in public then recreating it and gaining access.

    I understand the problems many people have with RFID, especially stuff like tracking of purchased items and the like, but I'm more interested in using it for security clearances. Unfortunately, the web is not full of information about this (whereas it is full of information about how RFID is a privacy threat). More information about the practical uses of RFID would be greatly desired.
    • Without a valid tag, the doors would not unlock.

      I'm assuming you'd let the engineers out of the office when the fire alarm was going off, otherwise you'd probably be looking at quite a jail term.

      • I'm assuming you'd let the engineers out of the office when the fire alarm was going off, otherwise you'd probably be looking at quite a jail term.

        Every facility I have worked at with card readers on doors have crash bars and a door alarm, so that if you exit without swiping your card the alarm goes off. If there is a fire, nobody really cares about a door alarm.

      • I've been in offices where the doors were locked from both sides.

        The security system communicated with the alarm system, to disable all locks whenever the alarm sounded.

        S
    • ...
      The most obvious security risk is that someone steals a tag and enters the premises unnoticed. But there are others that I worry about. Stuff like the ease of replicating an RFID tag or even a hacker passively reading a tag in public then recreating it and gaining access. ...


      RFID in conjunction with pin numbers addresses stuff like that.

    • Someone mentioned a pulse sent from a bug zapper. In the realm of anything is possible, could an "eraser" pulse be sent out from some unscrupulous individual? While barcodes are simply paper bar-codes remain unaffected by these sorts of things, an entire store dependent on RFID could be "wiped" clean. Wouldn't you still need the barcode "backup" in place, just in case?
      • by Technician ( 215283 ) on Tuesday October 26, 2004 @10:31AM (#10631224)
        could an "eraser" pulse be sent out from some unscrupulous individual?

        There are some spec's on the standards. Google search for ISO15693. That covers near field tags operating on 13.56 MHZ.

        Search for EPC-96 standard for the far field 915 MHZ tags.

        Most tags are either read only with a unique ID number, or read/write, also with a non-alterable unique ID number. Some, but not all tags can be told to become de-activated. So yes, an eraser signal could be used against some tags. A huge surge of RF could simply fry them also. Tossing them in a microwave oven comes to mind..

        Since the tags have collision avoidance, an unscrupulous individual could make an emitter that chattered garbage. With that, items with active tags could be taken past readers without being read as they wouldn't be heard in the chatter.

        There is mention of RFID jammers. Do a Google search again. Google is your friend.
    • Why not put a numeric keypad lock on the door? That's what we do in my company's labs. Keep the door open when someone is in - last person out shuts the door and you need to keycode to get in.

      Like someone else mentioned, you don't want to make it difficult to leave the area in case of emergency.
    • RFID in an access control installation is pretty common. We use Lenel Systems' OnGuard software suite along with TI RFID access control readers. Here are a couple of sites that might help you get an idea of what is involved in a system like this:

      http://www.lenel.com/ [lenel.com]

      http://www.ti.com/tiris/docs/products/readers/RI-H 4R-S5H3.shtml [ti.com]

    • If you go and implement this for all the entrances and you really DO want to be cautions about hackers gaining admittance, be careful what kind of RFID you choose. RFID Cloner [cryolite.ath.cx]

      If would be easy enough to have the RFID readers ONLY within the building and give the engineers/manag^H^H^H^H^H^H/security/cleaning staff access to a sensitive lab, maybe. That way even if someone does manage to clone the tag while the engineer is in the street, they can't get in the building using just the cloned tag. If someone
      • This is a valid point, but there are a couple of other locks in place on modern RFID access control readers that make it a bit more difficult to spoof. For instance, we have a programmable 64-bit encryption scheme between our readers and cards. Not the strongest hardcore encryption in the world, but its like locking the fron door at night.

        Helix_r also has the right idea about combining a pin code with the tag, in our most secure locations we require card, pin, and bio (RSI hand scan). Something you hav

    • by lashi ( 822466 )
      A few months ago we were issued our new tags at our office. They are teardrop shaped little things you slip on the keychain.

      Before this we had swipe cards. Now all we have to do is walk up to the door and the door reader will go beep and open the lock.

      I have been trying to open it up to take a look but it's complete sealed. I have been told it's water proof, heat proof and so on. It's labelled by a company called Sonitrol. Their website is at http://www.sonitrol.com/ but it doesn't show any actual pr

    • Check out http://www.kantech.com/ [kantech.com]. We use one of their systems and it does exactly what you want.
      Some RFID protocols are more secure than others. We use cards with the XSF protocol, which according to our vendor is one of the more secure.
    • Normaly high security systems use more than one method for access to secure areas/information.

      For example, access to your bank account via ATM requires something physical (your card) and something only you should know (your pin number).

      A lot of people beleive that biometrics will answer everything, but secure systems will still require information that only the holder should know. Reason being is that your eyeball can be removed and so can your finger.

      So, if you used RFID then you would still require so
      • your pin number

        Ahh yes, the good ol' Personal Identification Number number. But seriously...

        ...secure systems will still require information that only the holder should know. Reason being is that your eyeball can be removed and so can your finger.

        If someone has decided that they're willing to remove your eyeball or finger in order to gain access to a facility, chances are that they would get the average person to reveal whatever password they know after the removal of a few more fingers (or the t
    • One solution to replay attacks is obvious, but increases the RFID's power consumption, response time, and cost budgets. It's a public-key crypto challenge-response system, where the reader produces a random "challenge" sequence and the RFID encrypts the challenge with its private key to generate the "response". The reader then decrypts the response with the public key, verifying the RFID's private key. If the challenge is unique (for example, a 64 bit date-time value), then a replaying a recorded response w
  • Sure (Score:4, Funny)

    by Prince Vegeta SSJ4 ( 718736 ) on Tuesday October 26, 2004 @09:43AM (#10630755)
    I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up

    Tinfoil ON!. Everyone knows they get there energy from stealing your soul a little at a time, sucking the very life essence from your body. Then when they have all your energy they march you into a retirement home which is just a block away from the new universal nutrient - soylent green! Tinfoil OFF!

    • Re:Sure (Score:1, Funny)

      by pete-classic ( 75983 )
      They don't steal your soul, son. They steal your precious bodily fluids.

      And remember, you needn't avoid women, but you must deny them your essence.

      -Peter
    • Everyone knows they get there energy from stealing your soul a little at a time,

      Wouldn't they get more energy from thrash metal?

  • by hrbrmstr ( 324215 ) * on Tuesday October 26, 2004 @09:45AM (#10630776) Homepage Journal
    A little over a week ago, Yahoo! posted a story [yahoo.com] from TechWeb about IBM's experiences with Wal-Mart in their RFID deployment.
    During the deployment, IBM consultants have encountered interference from handheld devices such as walkie-talkies, forklifts, and other devices typically found in distribution facilities. And nearby cell-phone towers, which transmit at the high end of the frequency band, sometimes leak unwanted radio waves into the RFID readers. Bug zappers in the grocery sections of the pilot stores also caused interference. "When you have a bug that hits the zapper, the RF power generated by the interaction with the bug produces noise in the coax cables," says Douglas Martin, executive consultant at IBM Global Services.
    Regardless of how much a retailer's internal facility might disrupt their ability to monitor me, I still plan on getting one of RSA's RFID jammers [wired.com] when they're out.
    • You and the tinfoil-hat crowd will all get these jammers, and when you get to the checkout, you will likely disrupt all the item scanners within a 10 ft. radius. Meanwhile, it takes all the register-jokeys 15 minutes to sort out th problem, and I have to spend 15 minutes longer at the jumbo-mart than I had to.

      If you're paranoid that the FBI is tracking you and your chiuaua, then start microwaving all your jeans at home, or go live in a cabin for all I care. But please *do not* inconvience me while I am alr
      • I'm gonna start building Tesla coils like a madman and sell them on Ebay as RFID killers. :-)

        Don't rail at the paranoids. Profit from them!

      • Isn't that the idea? If the technology can be disrupted to the extent that it undermines its value to the implementor, they might be inclined to scale it back or not use it at all.

        Meanwhile, take a couple of xanax and shop someplace else besides Wal Mart.
        • There is nothing wrong with the technology. RFID is going to do nothing except streamline the ordering/warehousing/shipping/purchasing process for companies, reducing their costs, and reducing your costs at the checkout counter.

          No one wants to track shit all with it once it leaves the store. Do you really think Wal-mart is going to share its RFID database with Target so that Target will know what you bought there when you walk in? No - so how the hell is anyone going to track anyone with it?

          Answer - they
          • No one wants to track shit all with it once it leaves the store.

            However, it occurred to me that they may want to track you upon re-entering the store. No, not everything that was ever bought there (probably). Rather, items that managed to make it out the front door without being paid for. Imagine the look on Joe Shoplifter's face when he is greeted by the police while shopping and taken for a little ride downtown, all because he happened to wear his stolen boots back into the store.
            • Once again....

              a) Any clothing item's RFIDs would be zapped in the dryer, or when you rub your feet on the carpet and make a spark, or a billion other potential ways.

              b) Any criminals/paranoids can zap any potentiall still-working tags using a common microwave, so their value as a re-entry tracer is ***USELESS***.

              c) The tags are not going to be sewn into the clothes for christ sake. You think that see-through blouse your GF owns can have a tag with metal in it without it itching her? Or even the shirt you
    • by HarveyBirdman ( 627248 ) on Tuesday October 26, 2004 @10:10AM (#10630995) Journal
      Great linked article. Full of FUD and paranoia. Very entertaining.

      Ooo! A store can track my purchases up to 10 feet beyond their door! Wow! I better call Secret Squirrel for some countermeasure tips!

      And of course it had the old idea of an ubergovernment plan of having sensors in every toilet seat and lamp post so that they can track how often I change my underwear.

      Honestly, people... The X-Files is over, and our government can't keep Chechnyan rebels from crossing in from Mexico. They can't even prevent the vast waste and fraud perpetrated by the uneducated masses against the various money giveaway programs.

      So they're suddenly get their act together and implement a shiny, sparkly supersensor array in order to track which communist manifesto you bought this week down at the Chairman Meow Bookshop/Animal Companion Emporium?

      Regardless of how much a retailer's internal facility might disrupt their ability to monitor me, I still plan on getting one of RSA's RFID jammers when they're out.

      Huh. Interesting. Do any descendants of P. T. Barnum work at RSA? I think you'd be better served by an orgone energy accumulator.

      • by onyxruby ( 118189 ) <onyxruby&comcast,net> on Tuesday October 26, 2004 @11:22AM (#10631756)
        Don't think commies (although they can be blamed for anything:). Think marketing and muggers. As you walk around town you'll get a marketing profile from all the RFID tags delivered to everyplace you go. Problem is, you won't be able to stop this kind of targeted marketing because your clothing will be tagless - and you don't want to cut a hole in your brand new pants. Heck I'm wearing a tagless tshirt like that right now.

        I don't know about you, but I'm pretty anti-marketing myself. The idea of "minority report" style marketing makes me want to puke. The idea that someone not only knows the manufacturer and model of my shirt, but whether or not I'm wearing boxers or briefs gives me the ebee-jeebies. It would also give muggers a priceless resource for picking victims. It wont take very long for public databases of RFID tags to manufactureres to start appearing. A few RFID scanners for the public are also already available.

        10 feet is plenty of space on most streets, restaraunts or bars to find out if someone is worth mugging. Even more if people start making out of spec scanners that put out more power to get a stronger (longer range) return signal. Now, all that being said, I'm not oppposed to RFID at all, I think it has excellent potential. The problem is that RFID tags are being expressly designed directly into future products to prevent you from removing a tag without damaging or destroying the product.
        • Don't think commies...

          I wasn't. That was a joke. I thought "Chairman Meow" sort of tagged it as such. That was the name of a cat P. J. O'Rourke once owned, BTW.

          10 feet is plenty of space on most streets, restaraunts or bars to find out if someone is worth mugging.

          I just don't think anyone is going to bother. Common criminals have lots to go high tech with now, and the most sophisticated thing they tend to use is a cell phone. Lead pipes and boomsticks are still the tools of choice. There are plenty o

          • by Anonymous Coward
            "I just don't think anyone is going to bother. Common criminals have lots to go high tech with now, and the most sophisticated thing they tend to use is a cell phone. Lead pipes and boomsticks are still the tools of choice. There are plenty of tried and true ways to evaluate a target."

            They use more than that. Read the November issue of Popular Science. Page 88.

      • Wow, are you really that clueless? You sound like the perfect target for marketers: you'll believe what they say without question.

        Who says only stores can detect your RFID's? Anybody will be able to buy a reader. That means anywhere you go, you can be identified remotely, and all your posessions you are carrying/wearing can be identified without your knowledge.

        Maybe you don't care if people know you're carrying a $3000 laptop and wearing a $600 Rolex and $1000 shoes. Maybe you don't even care that the
        • [bunch of tired old stale strawman arguments snipped]

          It's such a short leap to other illegitimate uses for RFID's that I can't believe you are so blind as to not see them.

          OK, dumbass from the fifth level of Hell, let's get this straight. I said I didn't think street criminal would BOTHER with this stuff. That was my whole point: they CAN, but WILL they?

          And your examples prove my point. They don't need an RFID reader to tell if I have a $3000 laptop, $600 Rolex or $1000 shoes. They can use that old sc

    • "Bug zappers in the grocery sections of the pilot stores also caused interference. "When you have a bug that hits the zapper, the RF power generated by the interaction with the bug produces noise in the coax cables," says Douglas Martin, executive consultant at IBM Global Services."

      The more things change, the more they stay the same http://en.wikipedia.org/wiki/Computer_bug [wikipedia.org]

  • errrm.... (Score:3, Informative)

    by mr_snarf ( 807002 ) on Tuesday October 26, 2004 @09:56AM (#10630873)
    I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up
    I thought that was the WHOLE POINT of RFID tags? Pretty useless if they need their own power source.
    • by HarveyBirdman ( 627248 ) on Tuesday October 26, 2004 @10:15AM (#10631041) Journal
      In the OP's defense, he did say he was intrigued to find out HOW they absorbed the energy, not that they did.
    • Re:errrm.... (Score:4, Informative)

      by Rimbo ( 139781 ) <rimbosity@s[ ]lobal.net ['bcg' in gap]> on Tuesday October 26, 2004 @02:18PM (#10633760) Homepage Journal
      "I thought that was the WHOLE POINT of RFID tags? Pretty useless if they need their own power source."

      This is called Passive RFID. There is also Active RFID, where the tag has its own power source.

      Active RFID is more expensive, because of the need for a power source, but it gets much better range than the ~10 feet (with an antenna that will cook you under perfect conditions) you can get with a passive tag.

      Person-tracking RFID systems are the sorts of things that would use an active tag; you need greater range, and the tagged item has a much higher value than, say, a can of soup, so it's worth the extra cost.

      As for the dream/nightmare of passive tags tracking people's purchase as they walk from store to store, I have enough trouble getting six tags placed directly onto an antenna powerful enough to make you feel warm if you stand next to it to get read; it's highly bloody unlikely that someone or some company with an antenna ten feet away is going to surreptitiously record your purchases without your knowledge. Don't believe the RFID industry's hype.
  • OK, so bug zappers and phone towers interfer with this little beasties.... what about the humble microwave ? If I "nuke" a couple of these tags - will they stick work ? or will they get supped-up and transmit the data even further ? :\ Can just see the "hand held rfid tag" destroyers being sold....mmmm...for personal privacy use only - yeah right.
    • No they won't work (Score:3, Interesting)

      by brunes69 ( 86786 )
      Nuking a tag in the microwave will break it. Running it through your electric dryer will likely break it due to static buildup. So none of your clothes have working tags, you buy a wallet maybe once every 2-3 years - so what are they "tracking you" with?!?! The TV that sits in your house 24/7 and emits so much RF that it can attract air search+rescue?

      This is why all these privacy nuts are just uninformed wackos.

  • by Technician ( 215283 ) on Tuesday October 26, 2004 @10:04AM (#10630937)
    From the article,

    In fact, various forms of crude RFID have been used since World War II.

    What I think he is refering to but failing to mention by name is the aircraft friend or foe reflector. A tuned cavity was placed on an air craft that would reflect a radar signal many times inside the cavity then emit it back. This delay produced a second reflection to a radar scan. If the shadow image of the plane was on the display, it was a Friend. If it was absent, it was a Foe. It was known as a FOF transponder. (Friend Or Foe)

    It has been upgraded to return the plane identification.
    • Replying to my own post, I just found this gem that describes the system well including present day.

      http://www.dean-boys.com/extras/iff/iffqa.html

      A snip from the article mentions the first system that simply delayed and returned the original radar signal. This produced 2 blips. One of the plane and one behind it from the delayed reflection.

      Snip ... That first German maneuver, which was soon superseded by others, was a passive system in that the returned signal was still just a reflection of the radar
  • Wow (Score:3, Funny)

    by narsiman ( 67024 ) on Tuesday October 26, 2004 @10:07AM (#10630964)
    And I thought they worked by Magic !!

    Redundancy check completed !
  • I can't figure out who actually submitted this story, but it seems the summary was "written" by gManZboy and the Article was written by Edward Grossman or gMan. Is this a shameless self promotion of a website? I can't find this guy as a user on slashdot either. Clicking on his name just takes me to the site. Did Hemos just find this on the net and think it was interesting? Anyone know?
  • I'd love to have them embedded in my books, DVDs, and so forth so I could get an inventory and stop buying the same books over and over again because I can't remember which ones i own.. :(
    • I'd love to have them embedded in my books, DVDs, and so forth so I could get an inventory and stop buying the same books over and over again because I can't remember which ones i own.. :(

      Scan the barcodes. Eg with http://www.collectorz.com/book/ [collectorz.com]. I keep meaning to have a go at this for my books, but doing my CDs used up this decade's allocation of can be arsedness.

  • Lest we forget... (Score:3, Insightful)

    by xeon4life ( 668430 ) <devin@@@devintorres...com> on Tuesday October 26, 2004 @10:15AM (#10631048) Homepage Journal
    RFID has so many uses, but we all know it's ultimate purpose is to be used as the Mark of the Beast as soon as the Antichrist appears.

    You first heard it from me.
  • For those interested in the design at a more in-depth level, you might want to take a look at the RFID HANDBOOK by Klaus Finkenzeller, published by Wiley, 1999 and reprinted in 2001. Also, ATMEL and Microchip(? I'm not in the lab.) have evaluation kits for a few hundred dollars.
  • RFID Technology? (Score:4, Insightful)

    by iso ( 87585 ) <slash.warpzero@info> on Tuesday October 26, 2004 @10:17AM (#10631068) Homepage
    For instance, I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up and transmit their own signal back to the reader."

    I don't mean to be argumentative, but are you serious? This was the first time you had heard about this? I thought this was the fundamental feature for RFID--the idea that the tag doesn't require any kind of battery or other external power supply.

    It scares me that on a technical site like slashdot the submitter is much more likely to know every privacy concern about RFID, yet know very little about the underlying technology. Isn't it supposed to be the other way around? When did "Your rights online" trump technical information on slashdot?
    • Read his comment again, he KNOWS that they are generally battery free, but he WAS wondering about HOW they managed to receive power from a remote source. So was I. And personally, the privacy concerns are overblown imho, the same as how environmental concerns are often overblown.
    • For scientists and engineers, human rights and morals (at least in the broadest sense) are more important than just plain old knowledge. Even Einstein said that the brain is just a muscle which has no inherent personality of its own, and should not be worshipped. (I'm horribly mangling what he said, probably, but that's the important part) It is much more important for someone to know they shouldn't make a biological weapon than for someone to know how to make a biological weapon. An extreme example, sur
    • I don't mean to be argumentative, but are you serious? This was the first time you had heard about this? I thought this was the fundamental feature for RFID--the idea that the tag doesn't require any kind of battery or other external power supply.

      I thought the features of RFID were that they could hold as much or more info than a bar code at about the same cost without the limitation of the bar code -- dependance on line of sight for data transmission. Its pretty handy to be able to inventory an entire w
  • by 2N ( 253814 ) on Tuesday October 26, 2004 @10:23AM (#10631132) Homepage

    For a complete developers guide you can check EM Microelectronic-Marin SA Application Note [emmicroelectronic.com]

    However for and introduction, check Wikipedia [wikipedia.org], or if you just want to start play with it, take a look at some [rfidinc.com] RFID [engidesa.com] readers [skyetek.com].

  • by lcsjk ( 143581 ) on Tuesday October 26, 2004 @10:30AM (#10631213)
    "I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up and transmit their own signal back to the reader."

    The passive devices that power up and send back data have nothing on the crystal radios that were used during the 1930's and 1940's. With nothing but an antenna a few feet or yards long,a semiconductor(crystal) and earphones, it was possible to receive enough power to hear radio stations. The so called "Fox Hole Radio" of World War II used a pin made of tin and to contact a "Blue Blade" razor to make the crystal. This simple setup received enough power from the antenna to give audible power to the earphones. I duplicated this years later but used a 1N34 germanium crystal. (And no, you don't need a tuning circuit if you have one strong signal and the others are weak.) The blue blade razors were out of production before I knew that they could be used.

    • Heck, go to my old house in Florida. Attach a PC speaker or whatnot to anything metal in the house and ground the other side with your fingers, whatever. Voila! Audible sound from the AM station broadcasting behind our house.

      Want it really loud? Pick up the phone. Turn on the TV. It took multiple calls to the FCC to get that station to turn its power down. Eventually though the station went broke and came back as someone knew, who again cranked up the power.
    • More info on the Foxhole Radio is here [gizmodo.com].
  • by Wansu ( 846 ) on Tuesday October 26, 2004 @10:36AM (#10631296)

    I was intrigued to find out how the tags (which are generally battery-free) can absorb enough energy from RFID readers to then power up and transmit their own signal back to the reader."

    The high frequency tags don't actually transmit. They change the impedance of their antenna to modulate the reflection back to the transmitter.

    Another problem the article didn't mention is that bags lined with aluminum or copper foil will thwart these systems.
  • by phreakmonkey ( 548714 ) on Tuesday October 26, 2004 @10:44AM (#10631396) Homepage
    Lukas Grunwald did an excellent presentation at BlackHat USA 2004 [blackhat.com] about this very subject.

    The most interesting thing that I learned was that most all RFID tags have a 128 byte "user data" buffer than can be read or written by ANY RFID gate. (Ie: you can put an RFID interface on your laptop and query the tags and change the "user data" portion on them.)

    Obviously, this means that any application that is sensitive to tampering should only use the hard-coded serial numbers, not the "user data" area... but history has told us how well people stick to "common sense" security practices in their implementations.

    His paper and the Linux tool that allows you to query and change the data are located here: http://www.blackhat.com/html/bh-media-archives/bh- archives-2004.html [blackhat.com] (scroll down to Lukas Grunwald under "Layer 0".

  • what about anti-theft devices? You know, the plastic tag things on clothing, or stickers with spiral circuits in bookstores/libraries, that set off the alarms on exiting?

    Those have been around for quite a while, and you might consider them RF tags too, right?

    Speaking of those, how do those stickers work? Do they generate some kind of signature back-EMF in the detection coils? I've always wondered this -- and how is it they can be activated, deactivated, repeatedly? (like for a library)
    • Re:not so new? (Score:1, Informative)

      by Anonymous Coward
      they are magnetic metallic strips which can be degaussed temporarily to allow exiting the store. if they arent degaussed, they resonate and generate an em field which sets of the alarm.
      see : http://w4.siemens.de/FuI/en/archiv/zeitschrift/hef t1_99/artikel10/
  • by leav ( 797254 )
    did you notice that recent slashdot articles are going to great lengthes to get us to RTFA?

    i refuse! :P


  • It's magic.

    -Arthur C. Clarke
  • by cpghost ( 719344 ) on Tuesday October 26, 2004 @11:12AM (#10631670) Homepage

    The article states, that metal containers (say, a can of coke) and RFID tags don't match well. Is this really true? What if the RFID tag's antenna connects to the metal? Wouldn't the metal become a bigger antenna, thus increasing the range?

    • Yes, it is a problem. Any metal covering whose apertures are smaller than the wavelength of the radiation in question blocks that signal. This is true of any conductive material and any EM radiation. This kind of construction is referred to as a "Faraday Cage", is used to minimize interference in all sorts of applications (like the metal liner in your XBox and other consumer electronic devices). This sort of thing is also used in practice by petty crooks who block sticker and RFID tags by dropping them into
  • by feloneous cat ( 564318 ) on Tuesday October 26, 2004 @12:05PM (#10632239)
    ... used by Exxon (and called Speedpass), I can tell you that they are pretty cool in technology... and yet lame at the same time.

    Yes, it is true, there is a blast of energy (usually at a really low wave length - around 100Khz to 180Khz - they aren't very well tuned despite the lit).

    For the paranoid, chewing gum wrappers do a good job of blocking them. Actually, a lot of tinted windshields do a good job as well (they tend to contain metal, typically iron from what I am told).

    Interference is a big factor with these guys. A noisy engine (spark plugs badly gapped?) can cause problems. But the end result was that the company bought it.

    Do I fear the use of it? Not really. But at the same time I don't like them used without my permission. As any device that is used to "track", it needs to have my consent.

    That said, they are kinda' cool.
    • by JustKidding ( 591117 ) on Tuesday October 26, 2004 @12:15PM (#10632332)
      I'm kinda surprised nobody (that i'm aware of, anyway) has started a little project to counter RFID. I don't think it would be very difficult.
      For those that didn's bother the read the article, i'll quickly try to explain how it works.(yes, IAAEE, I Am An Electrical Engineer).
      Basicly a RFID scanner works by transmitting a certain frequency (125Khz is very common). The tag has a L/C (coil-capacitor) ciruit tuned to this frequency. It uses energy from the circuit to power a tiny circuit (that's how it can work without a battery), which will then send it's stored code. It sends the information back to the scanner by effectively shorting out it's receiver circuit. Doing so drains more energy from the transmitter circuit on the scanner, which can be measured and so the code that the tag send can be decoded.

      Now a couple of ideas on how to block it:

      - block the scanner by transmitting the same frequency at a highly varying output level. This makes it effectively impossible to measure the tag shorting out it's receiver circuit, because of the heavy fluctuation in the field strength.

      - use a microcontroller to send random codes. If enough people do this, the database will get stuffed with false information and will eventually be useless.

      - fry the tags in your stuff, EMP-style. I think it would be possible to break the little circuit by placing the tag inside the transmitter coil of a powerfull (but very simple) oscillator running at 125kHz.

      • Some add on... (Score:4, Informative)

        by feloneous cat ( 564318 ) on Tuesday October 26, 2004 @12:47PM (#10632689)
        Yah, but the transmitters are not clean (how the eff do they get them through FCC?). They splatter around their set frequency. Really a freakin mess.

        -The energy sent BACK is very weak. So you really don't need much to block it. White noise around 125 Khz should be enough. Or, as I mentioned before, chewing gum wrapper. Take your pick.

        -Random codes won't do it. Sorry, but there IS a check (pretty pitiful, but there is one) and if the checksum don't match, nothing goes through. Nothing gets stuffed. Most readers use 8051 or something lightweight. If it doesn't pass first base, it doesn't go no where.

        -Pliers work real good at breaking them. Easier than EMP (which might be noticed). They also break pretty easily on their own.
        • Re:Some add on... (Score:3, Informative)

          by JustKidding ( 591117 )
          -The energy sent BACK is very weak. So you really don't need much to block it. White noise around 125 Khz should be enough. Or, as I mentioned before, chewing gum wrapper. Take your pick.
          Well, ofcourse, that's the idea. Just build a simple 125 kHz oscillator (say, run a schmitt trigger at 125 square wave and use a simple second order bandpassfilter to filter out some unwanted harmonics), and connect it to a simple, tuned antenna. That would be pretty effective at blocking all RFID tag readers using that f
          • - 125 Khz square wave is a bad idea... you'll be squirting up the freakin' harmonics (odd ones). So, yeah, bandpass the puppy. Antenna's at that freq. are tricky. They tend to get big. Let's just say you'll be noticed ("Hey, lookit' the guy with the antenna on his back!"). Truly, to get any distance, you are going to have to have a big-ass antenna! (Speedpass used a approx 1 meter one and it got about 3 meters in terms of distance).

            - Smaller the tag, the smaller the squeak. Remember, energy dissipate at a
      • They have been discussed, check sites such as www.rfidprivacy.org/blog/archives/000090.html [rfidprivacy.org].
  • This isn't actually an RFID question, but I'm wondering what other uses EM powered circuits may be put to. Could a remote control for TVs be produced that worked this way? The TV would send out periodic EM pulses, and the remote could use backscatter to then signal back its state.

    Also, a longstanding dream of mine is the wireless light switch. It could signal back its state to to an EM transponder in each room. Light switches would then be affixed to walls with blu-tack or whatever. This sounds kin

  • Here I am, thinking with all this doom and gloom RFID fear tinfoil-hat nonsense on slashdot any time the subject comes up, that everyone is already WELL educated on the subject. So much so that posting this article would be redundant...

    A lesson for you people: it's not the end of the world.

The best defense against logic is ignorance.

Working...