How to block/kill RFID chips

[Raineyrocks]

I hope I'm not reposting something.

http://www.instructables.com/id/How-to-blockkill-RFID-chips/

How to block/kill RFID chips
   
by w1n5t0non Apr 24, 2008in tech & life   
intro
step 1
step 2
step 3
step 4

introHow to block/kill RFID chips
In this Instructable I will describe different ways to block or kill RFID tags. RFID stands for Radio Frequency Identification. If you do not know about this technology yet, you should definitely start familiarizing yourself with it, because the number of different devices that utilize these types of tags is growing exponentially.

RFID chips are very similar to barcodes in the sense that a certain amount of data is contained within them, and then transmitted to a reading device which then processes and utilizes the information. The major difference is that barcodes have to be physically visible to the reading device, which is usually only able to scan them at a distance of a 12 inches or less. RFID tags, on the other hand, do not have to be visible to the reading device. They can be scanned through clothes, wallets, and even cars. The distance from which they can be read is also much greater than that of a barcode. At DEFCON an RFID tag was scanned at a distance of 69 feet, and that was back in 2005, the possible reading distance now is probably much greater than that.

There are a few different categories of RFID tags, but the most common ones, and the ones we will be dealing with in this instructable, are the "passive" type. Passive RFID chips contain no internal power supply. They contain an antenna which is able to have a current induced in it when within range of the RFID reader. The tag then uses that electricity to power the internal chip, which bounces its data back out through the antenna, where it will be picked up by the reader.

For more information on RFID tags check out the wikipedia entry.
image not found
loading...
556x500 : F5QCBT0FECFCJKF (0)
i

next step »

[kola]

hammertime. WHACK!!

i do not own or want a credit card... nor do i want a passport.

kola

[K. Darien Freeheart]

It's possible to build an RFID zapper using a disposable film camera that's capable of permanently deactivating passive RFID tags.

That said...

Do you cut out your barcodes before you throw out the products you buy? There's a lot of RFID hysteria out there and it's almost totally unfounded. Passive RFID doesn't store information about you. If someone really cared about what products you buy they could just pull the empty boxes out of your trash can. Sure, there's an RFID on a US passport but you're not required to actually HAVE a passport (and if you get it, do you really think the information is ONLY saved on that chip?).

If you know about the RFID tags, you can choose to avoid them. None of the methods mentioned in that article discuss how to safely deal with the RFID you don't know about.

[Pat McCotter]

Barcodes in your trash and RFID chips on your body are not the same thing.

Please rea "Spychips" by Katherine Albrecht and Liz McIntyre. Learn what can be done with that cloud of data you will be carrying with RFID on "every manufactured item on the planet." You use and RFID implanted credit card to make a purchase? All those items are now connected to you. Walk into the bookstore down the road a few days later, they have bought the data from the store you made purchases from, the bookstore knows who you are.

Go on, read the book, Katherine and Liz put it together better than this.

[dalebert]

She gave a good summary in a speech at the Live Free or Die festival last year in Jaffrey. Made me want to buy the book but haven't gotten around to it yet.

[J’raxis 270145]

Simply put, UPC codes are not unique to the item. They may identify an item as a box of Wheaties, but not this specific box of Wheaties. RFID does the latter: It basically places a serial number on every item, like cars and firearms currently have. (A bar code could be made to do this, of course, but it would require an additional dozen or so digits.)

[John Edward Mercier]

Most of this information can already be come by. Social Security numbers and any thing linked to them open up a gamut of information.
Also if you take an RFID through a retail scanner... it might not be able to read the code, but will know that one is present unless it has been made inoperable.

[KBCraig]

For your convenience, the State Department is willing to shrink the passport to a standard card size that can carried conveniently in your wallet at all times.

Don't worry, it's "secure".

http://www.washingtontimes.com/apps/pbcs.dll/article?AID=/20080516/NATION/662238118/1001

Passport cards called security vulnerability
May 16, 2008
By Bill Gertz -

The State Department will soon begin production of an electronic passport card that security specialists and members of Congress fear will be vulnerable to alteration or counterfeiting.

The agency has contracted with L-1 Identity Solutions Inc. to produce electronic-passport cards as a substitute for booklet passports for use by Americans who travel frequently by road or sea to Canada, Mexico and the Caribbean.

About the size of a credit card, the electronic-passport card displays a photo of the user and a radio frequency identification (RFID) chip containing data about the user. The State Department announced recently that it will begin producing the cards next month and issue the first ones in July.

Security specialists told The Washington Times that the electronic-passport card can be copied or altered easily by removing the photograph with solvent and replacing it with one from an unauthorized user.

James Hesse, former chief intelligence officer for the Immigration and Customs Enforcement Forensic Document Laboratory, which monitors fraudulent government documents, said the card should have been designed with a special optical security strip to make it secure and prevent counterfeiting. The selection of a card with an RFID chip is "an extremely risky decision," Mr. Hesse said in an interview.

"The optical strip has never been compromised," he said. "It's the most secure medium out there to store data."

Joel Lisker, a former FBI agent who spent 18 years countering credit-card fraud at MasterCard, said the new cards pose a serious threat to U.S. security. "There really is no security with these cards," he said.

Mr. Lisker, a consultant to a competitor for the electronic-passport card contract, said the State Department's selection of the RFID card shows it favors speedy processing at entry points more than security. He charged that the department "will not make changes until it is satisfied that compromises are occurring on a regular basis."

The State Department rejected a more secure card because it is "surrendering to speed over security, essentially creating new vulnerabilities. ... It will not take long for the bad guys to figure out which ports have readability and which do not," he said.

Steve Royster, a State Department spokesman, declined to comment.

Another State Department official, however, said the agency thinks the RFID passport card is secure.

"The passport card is the result of an interagency effort to produce the most durable, secure and tamper-resistant card for the American public using state-of-the-art, laser-engraving and security features," said the official, who spoke on the condition that he not be identified.

Members of Congress have raised concerns about the new card in a bipartisan letter to Secretary of State Condoleezza Rice and Homeland Security Secretary Michael Chertoff.

"We have serious concerns regarding the final card chosen for the Passport Card," the April 25 letter states. It was written by Reps. Brian P. Bilbray, California Republican, and Christopher Carney, Pennsylvania Democrat. Seventeen Republicans and one Democrat signed the letter.

"Each card will carry the same rights and privileges of the U.S. passport book with the exception of international air travel. As such, the cards will be used not only to cross the border, they will also be used throughout the interior United States as proof of citizenship and identity in everyday transactions; as a proof of identity in [transportation Security Administration] lines, to enter federal buildings, to engage in financial transactions, and to obtain driver's licenses," the letter said.

The lawmakers noted that the bipartisan Sept. 11 commission final report stated that "travel documents are as important as weapons" for global terrorists.

In a separate letter to the State Department on May 2, Mr. Carney asked for a briefing on the passport cards, saying "we need to have confidence that these cards cannot be compromised by terrorists, drug smugglers, human traffickers and others who would break our laws and do us harm."

The State Department considered a prototype passport card designed by General Dynamics that used the optical security strip but rejected the option, preferring a passport card that contains an RFID chip made in Europe.

An optical security strip appears as a dark, 1-inch-wide line on the top of a card. Close inspection of the strip reveals ultra-high resolution images that security specialists say cannot be counterfeited and can be identified easily by border officials. Security specialists say the strip is needed to boost the security features of the RFID chip in the passport cards.

L-1 Identity Solutions announced in March that it won the State Department contract, which has an estimated value of $107 million over five years.

The cards are intended for use by travelers in U.S. border communities as a "less expensive and more portable alternative to the traditional passport book," according to the State Department Web site. The cards are not valid for entry into the United States by travelers arriving by aircraft.

Mr. Hesse, the former Forensic Document Laboratory intelligence chief, stated in a 2006 letter to Mr. Chertoff that he is "seriously alarmed" by the use of RFID technology on the passport card. He also noted that the U.S. permanent residence and border-crossing cards that use the optical security strip are being phased out.

"With my 30-plus years experience in the field of travel and identity document security, this is, in my opinion, a shortsighted and extremely risky decision," Mr. Hesse stated.

Because the passport card will be widely accepted as an official travel document for entry into the country, "this card will definitely become the document of choice for counterfeiters," Mr. Hesse said.

"Why would a non-U.S. citizen even bother to counterfeit the green card? The PassCard makes you a U.S. citizen and gives you the access to and/or the privileges mentioned above," he stated. "Therefore, it should be imperative that the U.S. government produce and provide the most secure card as possible."

Brian Zimmer, a former House Judiciary Committee investigator, said the new passport cards lack sufficient security features because the State Department did not demand them of the contractor, L-1 Identity Solutions.

"It's critical that the passport card be made highly counterfeit-resistant," said Mr. Zimmer, now head of the Coalition for a Secure Driver's License. "The State Department should address these deficiencies and change the contract so the manufacturer can address them." Mr. Zimmer was for a time a consultant on the passport card to a subcontractor of General Dynamics.

Frank Moss, a former State Department passport office official who is now a consultant to L-1, said the State Department and the Department of Homeland Security set the specifications for the contract.

"It was government security experts who determined the specifications," Mr. Moss said in an interview. "The optical stripe, quite honestly, was never used as a stand-alone security feature."

The federal government plans to supply only 39 ports of entry with equipment capable of checking the validity of the cards with electronic scanners. More than 300 other entry points will not have the RFID chip readers.

Kelly Klundt, a spokeswoman for U.S. Customs and Border Protection, said the deployment of passport card readers to the largest and busiest 39 border-entry points was intended to expedite travel. The more than 300 remaining points of entry without passport card scanners are in remote locations, and officials will visually inspect passport cards at those entry points, she said.

"Just because there aren't RFID readers at every entry point doesn't mean we don't inspect [the passport cards]," she said.

[John Edward Mercier]

Optical strips are secure .
There will never be a 'secure tamper-proof' ID.