[Noisebridge-discuss] [Rack] RFID tag research

Naomi Most pnaomi at gmail.com
Sun May 11 20:33:22 UTC 2014


You improve trust in another direction actually -- trust that a
"foreign" RFID has less of an opportunity to compromise baron in an
unexpected way.

(I'm not saying that's "likely" but you have to consider something
like a code injection attack "possible".)

The downside of us using exclusively our own RFID tags, of course, is
that they become a limited resource.  But I'm not sure that's a bug.

As to people worrying about their uses being recorded:  that's going
to continue to be a possible complaint.

And actually, the fact that we don't hear that complaint all that
often makes me think perhaps I'm making too much of a deal out of
sticking to exclusive-use RFID tags.

*ruminating*...

--Naomi




On Sun, May 11, 2014 at 1:22 PM, Jeffrey Carl Faden
<jeffreyatw at gmail.com> wrote:
> No one can either fully trust the people doing the allowing and revoking,
> either.
>
> But yeah, at least the problem of trust is remedied if people use
> case-specific RFID tags.
>
> People might still want to complain about their uses being recorded, to
> which I respond: do these same people complain about their keypad code uses
> being recorded?
>
>
> On Sun, May 11, 2014 at 1:15 PM, Naomi Most <pnaomi at gmail.com> wrote:
>>
>> Open source helps with transparency as long as you trust the people
>> doing the deploying, and we're not giving everyone equal access to
>> that.
>>
>> Sad to say, paranoia and conspiracy theories run deep in this community.
>>
>> --Naomi
>>
>>
>> On Sun, May 11, 2014 at 12:57 PM, Jeffrey Carl Faden
>> <jeffreyatw at gmail.com> wrote:
>> > I expect that this will be an extension to Baron, which is open-source.
>> > https://github.com/noisebridge/noisebridge-baron
>> >
>> > If people are uneasy about that, we plan on purchasing a bunch of RFID
>> > cards
>> > with no other data on them. They're super cheap.
>> >
>> > Jeffrey
>> >
>> >
>> > On Sun, May 11, 2014 at 12:53 PM, Naomi Most <pnaomi at gmail.com> wrote:
>> >>
>> >> There are deeper issues beyond the possibility of possibly corrupting
>> >> a card (and yeah, mistakes do happen).
>> >>
>> >> For instance, do we want to end up giving anyone the impression that
>> >> we might, even for a second, be collecting sensitive personal data?
>> >>
>> >> --Naomi
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> On Sun, May 11, 2014 at 11:50 AM, Jeffrey Carl Faden
>> >> <jeffreyatw at gmail.com> wrote:
>> >> > I don't believe we intend this to be a read/write system.
>> >> >
>> >> >
>> >> > On Sun, May 11, 2014 at 11:32 AM, Norman Bradley
>> >> > <pryankster at gmail.com>
>> >> > wrote:
>> >> >>
>> >> >> My concern with using Clipper Cards is that if this is setup as a
>> >> >> read/write system it could damage the card losing the user transit
>> >> >> money or
>> >> >> even invalidating the card. Mistakes happen.
>> >> >>
>> >> >> You are entitled to your own opinion.
>> >> >> You are NOT entitled to your own facts.
>> >> >>
>> >> >> Norman
>> >> >>
>> >> >> On 5/10/2014 12:53 PM, Henner Zeller wrote:
>> >> >>>
>> >> >>>
>> >> >>> Ultimately, I'd like to offer that people can use their Clipper
>> >> >>> cards
>> >> >>> or
>> >> >>> whatever stuff they already have to use as a means of entry.
>> >> >>>
>> >> >>
>> >> >> _______________________________________________
>> >> >> Noisebridge-discuss mailing list
>> >> >> Noisebridge-discuss at lists.noisebridge.net
>> >> >> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>> >> >
>> >> >
>> >> >
>> >> > _______________________________________________
>> >> > Noisebridge-discuss mailing list
>> >> > Noisebridge-discuss at lists.noisebridge.net
>> >> > https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> Naomi Theora Most
>> >> naomi at nthmost.com
>> >> +1-415-728-7490
>> >>
>> >> skype: nthmost
>> >>
>> >> http://twitter.com/nthmost
>> >
>> >
>>
>>
>>
>> --
>> Naomi Theora Most
>> naomi at nthmost.com
>> +1-415-728-7490
>>
>> skype: nthmost
>>
>> http://twitter.com/nthmost
>
>



-- 
Naomi Theora Most
naomi at nthmost.com
+1-415-728-7490

skype: nthmost

http://twitter.com/nthmost


More information about the Noisebridge-discuss mailing list