Instructables
So, you're wondering about RFID you say? You've read things about its goods and bads, and supposed "facts". Well, I'd like to tell you the REAL story on RFID, not just a bunch of misinformed mumbo-jumbo. If you are one of the people spreading misinformation about RFID, please read along, and share with your friends what you find. But please know, that I am only stating not only FACTS, but also my own opinion on RFID. Everyone has their own thoughts, and i respect yours, so please respect mine.
 
Remove these adsRemove these ads by Signing Up

Step 1: What is RFID?

RFID stands for Radio Frequency Identification Device. Its a small coil/chip that can come in packages from tags, to small circles, even down to an 8x12mm chip. RFID chips are identified and read by a reciever, which then does whatever it's supposed to do when it reads that particular chip. It would be like me handing you a piece of paper with a 16-digit number on it, and noone has that same number. Very similar to a social security card.

Step 2: Myth 1: RFID chips can be tracked from across the room!!!!

Many RFID conspiracy theorists will tell you that an RFID chip can be read from across the room. This is true, however, they fail to mention that these are active RFID chips. Active RFID chips are similar to passive(the common kind), except that they require a battery, and are therefor much larger than passive chips.

Step 3: Myth 2: RFID chips will contain all of your personal information!!!

While it's true, RFID chips do store information, as I stated earlier, the only information they store is the particular identification number for that chip. So no, I'm sorry conspiracy theorists, RFID chips don't contain your financial and medical records for everyone to see.

eallin15 months ago

Great, well thought out "instructable" (RANT) from a 14 year old. It was already shown at defcon FIVE years ago (even BEFORE the lame rant was written) that RFID can and often DO pose a great security risk. Nobody EVER said they can "control your mind". I'm pretty sure you made that up in your own mind.

When RFID chips are embedded in your car tires (like each one having it's very own SSI# rather you like it or not), it's a little scary. It's already been shown that the "fast pass" toll readers aren't the only places they're being read. They're also being used for "traffic control" (ie stalking purposes) all over the place.

Imagine a world where Target is sending you spam for tons of baby shower stuff because they knew you were pregnant before your family did. Now, imagine TARGET gets HACKED and everyone else knows too. Guess what? ALREADY HAPPENED ;)

Imagine schools where your forced to wear your RFID chip all day, every day so they they use them to monitor your every movement... even while you use the bathroom. ALREADY HAPPENING.

Take a look around the place. RFID can and ARE being hacked like crazy. GO FIGURE! Anyone can pick up they're very own RFID reader for $30 bucks. People have been hacking them more than Rasberry Pi! And you don't HAVE to read them from across the room, just have one placed next to a doorway where everyone comes and goes. Eazy Peazy baby!

Be sure to keep that PASSPORT of yours hidden, you crazy conspiracy theorists... everyone with their head in the sand is secure.

Would kind of be common sense to see that having tracking devices attached to you all the time may be a slight invasion of privacy and serious security risk. Too bad there are so many people who lack common sense.

So the REAL story is, this "inscrutable" was a complete and total FAIL on every level. The only thing it was trying to "instruct" readers to do was DUMMY UP and stick their heads in the sand when it came to their own privacy and security. It was all proven false before it was even written. It's even worse now.

And I am being as "nice" as possible. I'm definitely being CONSTRUCTIVE. It's kind of like telling people to "not worry" about leaving their IDs on the dashboards of their cars with the doors unlocked. Only a "paranoid conspiracy theorist" would be worried about stuff like that! Like there's a "conspiracy" where people go around trying to steal your personal info and sell it for money or something!

I mean, what reason would a company try to gather Intel on you? I can't figure it out and anyone who thinks they can must be paranoid or whatever...

Read up on RFID. Educate yourself on the serious security risks of this developing tech and cover your own butt Just like putting a firewall or anitvirus on your PC, it's not "paranoia", it's just common sense.

knozis1 year ago
always the same story of conspiracy. haha mind control, very good joke.
francisroan2 years ago
ok.....your wrong thats just an attiny with an rf transmitter so basically it has a receiveing pair ...and it cannot be worked out with rfid reader!!!
pilgrimboz3 years ago
so let me get this straight,you have a monopoly on 'THE TRUTH' and everyone else is a whacky 'conspiracy theorist' Hmmmm some how I'm not at all convinced.Sorry.
rimar20004 years ago
RFID labels are really a fourth dimention gate. They call the aliens to come and conquer the planet and raping our mothers, sisters and daughters (maybe we men receive some too)
certainly sounds like you have
metrogdor22 (author)  rimar20004 years ago
Uuuhuhh...So you mean to say they come to rape our crops and burn our women? wait...
Wessinc3 years ago
Very well said! I could not agree with you more!These conspiracy theorists have their facts all mixed up and like to stirr up things that is non existing.Thanks for the info.
sorry but which 'conspiracy theorist' say this?I've never heard anyone come out with the rather paranoid scenarios that the author listed and why all of a sudden does anything certain people believe in become a 'conspiracy theory' as if just uttering that vastly over used miss understood phrase somehow proves a point, it does not. I have however read about real concerns people have about rfid which are indeed fact. they are potentially incredibly open for miss use by a state against its people,why do you have a problem admitting that fact? Whats your agenda?
rugerio3 years ago
At least a Conspiracy Theorist Thinks that there's a possibility that there could be a conspiracy going on.

Those 'Anti-Conspiracy Theorists' meanwhile do n't bother to think at all.

They just accept whatever bullshit the powers that be put in front of them.
Talk about 'mind control'. You don't need it with people like this.

They do n't have 'minds' to control.( That is unless they Are already being controlled.)

For a conspiracy theory to have any weight, it shouldn't be based on ignorance.  But then, what exactly is the RFID conspiracy?

Unless you are some ultraparanoid cash-only baseball-cap-in-public type person, you are already pretty easy to track, with or without rfid.

On the off chance that you run into someone who is siphoning rfid's, they have no way of knowing what the particular id is used for.  They have a number, but won't be able to tell if it's for a lock, a credit card, or just a pair of shoes.

You can RFID all day long. It is only a problem when you live with it as a cash system. You will be tagged to whatever "value" system the rulers of you choose. You might as well have chains on your ankles. Although a digital slave chain would be more convenient than actual shackles. Depends on how you look at it.
GonzoLives3 years ago
Anyone who doubts the sincerity of world business & government (esp. defense) in using RFID technology should just go to this site:

http://www.rfidglobalsolution.com/ (They're so SMUG! )
And read the piece entitled: "Prison RFID Study Finds Planning Is Critical" By Claire Swedberg.

Here's a delightful excerpt: "Sept. 13, 2010—A study conducted by nonprofit research organization RAND Corp [emphasis mine-sound familiar?]. has found that RFID deployments in correctional facilities require considerable customization to each prison's unique needs and infrastructure.

According to the report, failure to properly anticipate infrastructure installation challenges, as well as the need for proper funding and training for staff members, can delay installations or render the system ineffective. The study, titled "Tracking Inmates and Locating Staff with Active Radio-Frequency Identification (RFID): Early Lessons Learned in One U.S. Correctional Facility," was conducted by the RAND Corp., with funding provided by the U.S. Department of Justice's National Institute of Justice (NIJ) division.

Researchers took a two-pronged approach: determining how many RFID installations were actually in use in U.S. prisons, and studying the installation process in one correctional institution. "

There was mention in the subtitle of "controlling inmate violence"...wonder HOW? (they track tasers with RFID's in the UK).

For the rest: here's the totally innocuous link by those whacko conspiracy the--uh, er...by the people who MAKE the damned things!

http://www.rfidjournal.com/article/view/7862
rblee3 years ago
Whilst what you say is true, you've left a lot of detail out.

"Standard" passive RFID is very short range, but various people have demonstrated that with a powerful RF field and a high quality receiver/antenna combination they can be read over considerably greater distances. The last time I looked the record was 3 or 4 metres, although this was in laboratory conditions. It's worth remembering that the reason most, if not all, commercial RFID readers only work over short ranges is because they're built down to a price, and a few centimeters is plenty for passive applications (EPOS, stock control, etc.). They can do better in the right circumstances.

Yes, RFID chips only carry a unique number. Your social security number is similar, as is your credit card number, as is the electronic lock that you open by waving an RFID chip near it. What is far more important is what that number is keyed to. If it's on a sock, did you pay for that sock with a credit card? If so that could allow a black hat to find out all about you. It will allow the forces of law and order to find out all about you. Is it a pass card for a transit system? If it's read and a copy made, someone gets to ride around at your expense. This happened in London, UK (my home town), and they had to replace all the cards (google for: +TfL +"oyster card") at considerable expense, although you might reasonably argue that this isn't standard RFID - It just appears to be.

In practice, you don't need to read these things from very far away. The Oyster card scam was apparently just took advantage of the fact that London's underground system is packed to the gunnels during the rush hour (think Tokyo), and it's normal to be in intimate contact with the 3 or 4 people standing around you. Close enough is good enough.

None of these things may concern you, but they are provenly possible, and actually seem to be a favorite prank in American Universities. It seems to me that it's unwise to play down the potential dangers. The London Underground customer who's in intimate contact with dozens of strangers every day has a very different risk profile from someone living in a rural community. The devil is in the detail.

You may find this interesting:

http://www.eff.org/deeplinks/2010/01/primer-information-theory-and-privacy

It describes a formal technique for identifying people, stratified by the nature of the information available about them. Perhaps you should ask yourself where the random unique number in an RFID chip could lead? And could this be detrimental to the card holder?

Before anyone asks, I do have a metallic credit card holder. Faraday cages aren't illegal (in the UK, at least) and it removes the potential problems at a stroke. I do not own an aluminum beanie hat, and never have :).
metrogdor22 (author)  rblee3 years ago
I do see, and understand the potential for RFID to be a dangerous thing, once it's widely spread. But that's the thing. Currently, it's not widely spread. If you were to pick 100 random people out of the general population, I would guess about 20 of them would even have ever heard of, much less understand, RFID. However, when the time comes that RFID-implemented devices become as common as iPods, then I do think we will have to worry about security. But as the potential danger of them becomes a more popular idea, people will start to develop more measures to counteract this danger. It's already happening with credit/debit cards. A person could potentially read a credit card through a normal wallet. People aware of, and sincerely concerned with this danger take precautions against it(Like I assume you do, with your metallic card holder-I have one too). Theoretically, wouldn't it be possible to shield a RFID tag with some sort of signal-scrambling device? I.e., it broadcasts a number of "dummy" serials with the same format as an RFID card to confuse a reader.
A faraday cage is ideal - They cannot be detected through one. Another way is, reputedly, to carry a few dozen around with you to confuse readers, although better readers might get around that problem.

The latter approach comes out of a paranoid concern that "The Man" will want to track us by the large number of RFID chips we will all be carrying around, attached to our clothes and similar. The idea is that everyone exchanges chips randomly with strangers - Imagine a bowl in every bar into which every customer empties their chips, stirs it around, then grabs a random handful. This would have the theoretical advantage of polluting any database used for tracking people, rendering it useless. Well, maybe. I'm not that paranoid yet...

A lot of UK refuse bins have RFID chips in them to allow people to be charged according to the weight of rubbish they generate. This is hugely unpopular, but is easily defeated with one of those mini-EMP generators that you can build with a disposable camera. Given that these bins (we call them "wheelie bins" because they, err, have wheels?) cost around 100 UKP, and the chips aren't replaceable, judging by the one in my drive. A recipe for trouble, if ever I saw one. :)

The time to worry, of course, is when they start to forcibly inject them into people. Fortunately this would probably be a massive vote loser, so is unlikely to happen in real life. In my opinion, of course.
metrogdor22 (author)  rblee3 years ago
I agree completely. If it ever does come to a point where we probably should all get some form of RFID identification, but it's not required, I'd still be ok with that. However, the second they are being mandated, I think A LOT of people will flat out revolt. In the disarray, other countries will see that country as weak, and will either step in to help, or attack. Generally not a good idea to force very much onto people.
owenaero4 years ago
some do carry your med info my wife is a nurse and had to take a class for the hospital she works in but thei is a different kind of chip . ther the size of a grain of sand and they are injected under the skin their is the same kind that are used for dogs and cats for knowing who the owner is like when you adopt a anamul now ther all given this chip for incase ther lossed some major cities are testing a system that can track them through cell towers. i am not stating this as a theroyiest this is a fact some areas in NY as well as LA. san francisco as well.it is a good thing if not abused but the facts remain all things are abused in some way or another all i know is i will never get one even if it is for med records we pay anough for the medical treatment ther record keepers can earn ther pay as far as i'm concerned sorry to rant.
metrogdor22 (author)  owenaero3 years ago
Completely different from what I'm referring to.
They store no info. The RFID chips store a code which is linked to a database entry with all of the information.
mrmath4 years ago
RFID can contain all your financial information, or all your medical information, if that's what it's programmed to do. That's not, however, what they are programmed to do. As you said, they hold very specific information.

For instance, my credit card has a tap and pay feature. It's got my credit card number (and other info specific to my card, such as expiration date) in it. No, it doesn't have my account balance, and it doesn't have my social security number, but if someone were to use an RFID reader to read the info on the card, they could use it to create their own version of my credit card. Even if the data is encrypted, which I would hope it is, they can just store the encrypted version of the data, and the credit card machine would read that in just fine.

PS: There are no RFIDs in US currency. You can't tell how much money is in someone's wallet, or where it's been spent and by whom.

brknfngr mrmath4 years ago
yep, punched a hole in my credit card, destroying that chip.
metrogdor22 (author)  brknfngr4 years ago
Not all credit cards use RFID. Most currently just use the magnetic strip(the black line on the back) in the same way that a few others use RFID. If yours used RFID, then, depending on where the hole was, you did destroy it. If, for whatever reason, you do want to completely destroy any RFID chip, best way is to just burn it.
actually the only "legal" way to destroy the chip is smash it with a hammer
jdege mrmath4 years ago
There are magnetic strips in US currency, that can be detected at a distance.

As for "active" vs. "passive" rfid chips, the only difference is in how much power is needed to read them, at any distance. A passive chip needs more power in the transmitter than an active chip. This means that either the transmitter is closer, or the transmitter has more power.

There's no reason to expect that someone who has nefarious intent will limit themselves to the same power levels as the commercial units.

mrmath jdege4 years ago
I understand things a bit differently, so I'd like to see your sources. Yes, the strips in our currency are magnetic, but they contain no information, and you can't even tell how many you have from a distance.

I thought that the passive chips were limited in the distance they could transmit by their design, not by the power of the reader used. So, for example, you can't point a reader a a chip from across the room if that chip was designed to be read from a distance.

Also, I know it's possible to detect more than one chip at a time, but can a single reader actually read more than one chip at a time? In other words, if I'm standing in an airport, and someone has a high powered reader as you describe, and points it at my passport, will they be able to read the details of my passport from across the room, even if there are 100 other passports between mine and the reader? I don't think so, but I'm not sure.
jdege mrmath4 years ago
Radio is radio. There's no way to limit its distance, only its power. The standard readers don't put out enough power to power a passive RFID chip at distances of over a couple of inches, but that doesn't mean that a custom reader couldn't be built that would power them at longer distances.
mrmath jdege4 years ago
You can limit radio's distance by limiting the power it uses to output its signal. So the question becomes, are the passive RFIDs built to output using as much power as they get as input? If they are designed to only output a certain amount of radio power no matter how much power they get sent to them, you couldn't read them from far away, no matter how powerful a signal your reader sent.
jdege mrmath4 years ago
Just as you no reason a person could not build a transmitter that's more powerful than those commercially available, there's no reason you could not build a receiver that is more sensitive.

Yes, there's a point at which the signal is so weak that it gets lost in the background noise, but if a signal that can be read at six inches with a $50 receiver, it will we readable at 20 feet with a more sophisticated receiver.
metrogdor22 (author)  mrmath4 years ago
I messed around with RFID way before I'd even heard of implanting them. The RFID tags and readers I used only worked at a maximum of 5cm for passive, and 50ft for active, and I could only read one chip at a time, and if I tried to make it read 2 at once, it would just randomly pick one to read. But I'm not sure on discerning different tags/chips at a distance. I'll have to check that out.
dtitzer jdege4 years ago
The back side of US paper currency is printed with a mildly magnetic ink, not a strip. It can't be detected at a distance, it's far too weak. Try sticking a dollar bill to your refrigerator door! It won't stick!! I used to maintain a bill changer machine, and taking alcohol to the magnetic pick-up head (like a tape deck) was frequently necessary.
metrogdor22 (author)  mrmath4 years ago
Thank you. At least you know what you're talking about.
dtitzer4 years ago
Active RFID is more common in shipping, warehousing, and logistics. It's possible to scan an entire truck in/out of a distribution hub or a port. The chip and the transmitter/detector are both powerful to work over long distances and to do so at high speed.

Passive RFID works best in POS and anti-theft systems where the transmittter can be placed close to the chip. Further, those stick-on little anti-theft tags are super-cheap throw-aways, so there's an economic reason as well to use them in certain situations.