Moving at the Speed of Creativity by Wesley Fryer

RFID insecurity

The May 2006 issue of Wired Magazine has an article about RFID chips worth reading titled, “While You Were Reading This, Someone Ripped You Off.” The online version’s heading reads:

The RFID Hacking Underground: They can steal your smartcard, lift your passport, jack your car, even clone the chip in your arm. And you won’t feel a thing. 5 tales from the RFID-hacking underground.

My main takeaway from the article is that most RFID chips in use today are insecure and susceptible to hacking. This may not be alarming now, but as RFID chips increase in use (and apparently this is happening rapidly) this is something to be aware of. Some libraries are moving to RFID, and many retail chains are embracing RFID for inventory management. Supposedly the RFID chips being built into next-gen US passports are not hackable as easily as the run-of-the-mill RFID chips, but I wouldn’t put all my eggs in that basket.

There are some applications of RFID that sound quite helpful, but others that might be downright alarming. I first blogged about RFID back in June 2004. Whatever our personal feelings, this technology seems likely to move forward and be embraced by a growing number of folks. The article states:

According to the RFID market analysis firm IDTechEx, the push for digital inventory tracking and personal ID systems will expand the current annual market for RFIDs from $2.7 billion to as much as $26 billion by 2016.

It makes sense to be aware of how easily the common, unencrypted versions of RFID can be compromised– because if someone is telling you these technologies are foolproof or unhackable, they are probably misinformed.

To learn more, check out the thorough and excellent WikiPedia entry for RFID. RFID Journal is also a good source of updated info about the topic, like this article from June 1st: “Tucson Schools Considering RFID BusPass: The school district plans to test an RFID-based system that would let administrators and parents know when and where kids get on and off school buses.” According to the article:

With 120 schools and 60,000 students, the district is interested in deploying the technology to bolster children’s safety by better accounting for their locations outside of school premises. Parents could arrange to receive text phone messages or e-mail alerts telling then when their children’s bus will arrive, or if their children fail to catch the bus.

I can think of several ways the school district might be able to spend its technology money for greater instructional impact on teaching and learning than a RFID student tracking system. But perhaps technologies like this can serve to make schools safer? I’m rather cynical. I think people make the difference, whether it is the teacher in the classroom or the driver on the bus. But I’m sure high tech solutions like this will appeal to many, and we’ll see schools besides Tuscon embrace RFID despite the privacy concerns and other complaints of sometime-neo-Luddites like myself! We’ll also likely see students hack these systems, maybe with low-tech approaches as well as high-tech ones.

At Texas Tech in some of the classes using the “remote controls” for student responses, instructors thought they were being really efficient using them each meeting date for attendance. Problem was, kids skipping class would just send their remote controls with a friend, who showed up with four or five remote controls to manage during class. In a class of several hundred, that can be hard to identify and track. So technology offers no panacea, whether the topic is RFID or something else.

If you enjoyed this post and found it useful, subscribe to Wes’ free newsletter. Check out Wes’ video tutorial library, “Playing with Media.” Information about more ways to learn with Dr. Wesley Fryer are available on wesfryer.com/after.

On this day..


Posted

in

by

Tags: