Between the Lines

Larry Dignan, Andrew Nusca and Rachel King
Home / News & Blogs / Between the Lines

On not learning from history

By | August 12, 2006, 8:38am PDT

Summary: [I wrote this piece before the passport ID fiasco came to light. I think its points are still valid.] One use of implantable RFID chips is as replacements for biometric (and other) identification. Implant a chip in your hand and — voila! — a single flamboyant gesture grants access to your car, home, work, bank [...]

[I wrote this piece before the passport ID fiasco came to light. I think its points are still valid.] One use of implantable RFID chips is as replacements for biometric (and other) identification. Implant a chip in your hand and — voila! — a single flamboyant gesture grants access to your car, home, work, bank account, credit, theater tickets, and so on. At least, that’s the vision. Its success hinges on the "uncopy-ability" of an RFID tag–obviously, if someone can remotely make a copy of your tag, then he becomes, for all practical purposes, you…which means that shortly you’ll be able to write a book called something like "How I Stopped Worrying and Learned to Love Identity Theft." Imagine, then, the wailing and gnashing of teeth at one implantable biometric RFID chip vendor, one of whose tags has apparently been cloned using little more than a PC and a homebrew antenna…

So what?

RFID chips have attracted a lot of negative attention over the years–some people consider them the latest Mark of the Beast (displacing bar codes for that honor) while others merely find them an example of creeping Big Brother-ism. Less attention has been focused on the possibility that the chips might not work as advertised–indeed, the tendency is to impute a lot more functionality to them ("I tell you, it’s inside my brain!") than they could ever have. But a security hole that permits cloning is a big deal: Anyone coming within a few inches of you (perhaps on a crowded subway) could surreptitiously read your tag, record its number, and arrange to reproduce it. (The effective range could be increased with more powerful/sensitive readers–imagine the industrial-level theft possible with ranges in the feet or yards.) This lack of foresight is reminiscent of the early cell phone network–its designers assumed no one would bother trying to compromise it, so they built in minimal security. Lo and behold, equipment appeared that would harvest phone identifiers en masse and produce pirated handsets for sale on the street. For a few years, fraud took a significant chunk out of the telcos’ profits. [sad, world-weary head shake] Such a simple lesson.

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Between the Lines”

Topics

Ed Gottsman is a senior researcher with Accenture Technology Labs.

Biography

Ed Gottsman

Ed Gottsman is a senior researcher with Accenture Technology Labs, the technology research and development (R&D) organization within Accenture. He joined Accenture in 1985 and was involved in expert systems and object-oriented programming - both hot topics in the IT industry back then. His research interests today include information visualization and the future of the online catalog. One of his most recent projects was the Information Source which uses a high-density interface to enable users to view up to 50,000 documents from the ZDNet whitepaper directory.

For more information on the work of Accenture Technology Labs, visit www.accenture.com/techlabs.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
7
Comments
Add Your Opinion

Join the conversation!

Just In

RE: On not learning from history
tomlin21-24319035676893835085146735905770 11th Oct
I be taught slightly some thing new nfl jerseys 2012 on unique sites almost every day. It truly is primarily refreshing to endure posts of other bloggers and find out a little bit some thing from them. Numerous many thanks for sharing.
View in thread
0 Votes
+ -
Note also ...
P. Douglas 12th Aug 2006
There is also the issue of people ripping out implants out of other people to use the chips. This could lead to crimes becoming more and more gory. Then there are of course privacy issues which many people conveniently dismiss.
0 Votes
+ -
It's a stupid idea ...
bportlock 13th Aug 2006
... to implant these things. Technology changes rapidly and security technology is no exception. All this story demonstrates is that RFID (and many other technologies) have a very, very limited span before they are cracked or superceded.

To base your country's security on these things as the US and UK are proposing with RFID passports and implants is simply bonkers.
0 Votes
+ -
Haven't you ever wanted...
Anton Philidor 13th Aug 2006
... to be updated to the latest version of yourself when you have quiet time to reboot?

I admit I do worry about DoS attacks, expressed as someone who won't stop talking.

But the risks and sacrifice of privacy are small price for having the security of knowing you're in full compliance, especially with DRM and all other protections of IP.
0 Votes
+ -
Not to worry!
P. Douglas 13th Aug 2006
But the risks and sacrifice of privacy are small price for having the security of knowing you're in full compliance, especially with DRM and all other protections of IP.

Movie executive assistant: "Sir! The peasants ... err ... consumers are protesting the implants you are requiring them to wear, in order to buy our DRM protected content!"

Movie executive: "Hambug! Just give them ?em all plastic mugs with our logo on it, that should placate them!"
0 Votes
+ -
Careful about the RFID "copy"
georgeou 13th Aug 2006
I spoke with Lukas Grunwald in person. I know what the "clone" is. Yes it's cloned, but it's cloned with the exact same name and digital photo. That doesn't get you anywhere because if you change the name or photo, the digital signature will not match. We need to be very careful about overstating the RFID "fiasco".

As for putting in something in to your body, I think that's a great technology - for my cat. I like strong authentication technology based on PKI, but these implants are simply a serial number in clear text. It offers no strong authentication capability and I even if it did, I DO NOT want to implant something in to my body. No material possession on this earth is worth body and limb and the last thing I want is to get my body chopped up. I'd much rather just say here's my (external) token and take the money. Still, if someone wishes to put something in their body, I?m fine with that so long as it?s optional. It?s my business if I want to carry something or implant something, and I think most sensible people would choose the former.
0 Votes
+ -
RE: On not learning from history
jackson1984-24316069205748857739440257893812 10th Oct
This web site is incredibly excellent! mulberry outlets How can I generate a solitary comparable to this?
0 Votes
+ -
RE: On not learning from history
tomlin21-24319035676893835085146735905770 11th Oct
I be taught slightly some thing new nfl jerseys 2012 on unique sites almost every day. It truly is primarily refreshing to endure posts of other bloggers and find out a little bit some thing from them. Numerous many thanks for sharing.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix