[Noisebridge-discuss] [Rack] RFID tag research

Naomi Most pnaomi at gmail.com
Mon May 12 05:45:45 UTC 2014


That's a really good point.

--Naomi


On Sun, May 11, 2014 at 10:40 PM, Joe Black <joeblack949 at gmail.com> wrote:
> It’s been at least a year since I actively worked on an RFID hardware
> project but I seem to remember that RFID readers will power all cards
> responding to it and those cards will all reply back. So using a separate
> card from the clipper card but similar, and in the same wallet is actually
> protecting one’s privacy more than having simply used the muni card to begin
> with. It’s all up to whether the reader system is logging this extra data
> and one’s trust in that system to not be compromised.
>
> joeblack
>
> On Sunday, May 11, 2014 at 1:35 PM, Jeffrey Carl Faden wrote:
>
> I'd at least like the use of non-exclusive RFID tags to be an option. I
> don't want to carry more stuff if I can help it.
>
>
> On Sun, May 11, 2014 at 1:33 PM, Naomi Most <pnaomi at gmail.com> wrote:
>
> You improve trust in another direction actually -- trust that a
> "foreign" RFID has less of an opportunity to compromise baron in an
> unexpected way.
>
> (I'm not saying that's "likely" but you have to consider something
> like a code injection attack "possible".)
>
> The downside of us using exclusively our own RFID tags, of course, is
> that they become a limited resource.  But I'm not sure that's a bug.
>
> As to people worrying about their uses being recorded:  that's going
> to continue to be a possible complaint.
>
> And actually, the fact that we don't hear that complaint all that
> often makes me think perhaps I'm making too much of a deal out of
> sticking to exclusive-use RFID tags.
>
> *ruminating*...
>
> --Naomi
>
>
>
>
> On Sun, May 11, 2014 at 1:22 PM, Jeffrey Carl Faden
> <jeffreyatw at gmail.com> wrote:
>> No one can either fully trust the people doing the allowing and revoking,
>> either.
>>
>> But yeah, at least the problem of trust is remedied if people use
>> case-specific RFID tags.
>>
>> People might still want to complain about their uses being recorded, to
>> which I respond: do these same people complain about their keypad code
>> uses
>> being recorded?
>>
>>
>> On Sun, May 11, 2014 at 1:15 PM, Naomi Most <pnaomi at gmail.com> wrote:
>>>
>>> Open source helps with transparency as long as you trust the people
>>> doing the deploying, and we're not giving everyone equal access to
>>> that.
>>>
>>> Sad to say, paranoia and conspiracy theories run deep in this community.
>>>
>>> --Naomi
>>>
>>>
>>> On Sun, May 11, 2014 at 12:57 PM, Jeffrey Carl Faden
>>> <jeffreyatw at gmail.com> wrote:
>>> > I expect that this will be an extension to Baron, which is open-source.
>>> > https://github.com/noisebridge/noisebridge-baron
>>> >
>>> > If people are uneasy about that, we plan on purchasing a bunch of RFID
>>> > cards
>>> > with no other data on them. They're super cheap.
>>> >
>>> > Jeffrey
>>> >
>>> >
>>> > On Sun, May 11, 2014 at 12:53 PM, Naomi Most <pnaomi at gmail.com> wrote:
>>> >>
>>> >> There are deeper issues beyond the possibility of possibly corrupting
>>> >> a card (and yeah, mistakes do happen).
>>> >>
>>> >> For instance, do we want to end up giving anyone the impression that
>>> >> we might, even for a second, be collecting sensitive personal data?
>>> >>
>>> >> --Naomi
>>> >>
>>> >>
>>> >>
>>> >>
>>> >>
>>> >> On Sun, May 11, 2014 at 11:50 AM, Jeffrey Carl Faden
>>> >> <jeffreyatw at gmail.com> wrote:
>>> >> > I don't believe we intend this to be a read/write system.
>>> >> >
>>> >> >
>>> >> > On Sun, May 11, 2014 at 11:32 AM, Norman Bradley
>>> >> > <pryankster at gmail.com>
>>> >> > wrote:
>>> >> >>
>>> >> >> My concern with using Clipper Cards is that if this is setup as a
>>> >> >> read/write system it could damage the card losing the user transit
>>> >> >> money or
>>> >> >> even invalidating the card. Mistakes happen.
>>> >> >>
>>> >> >> You are entitled to your own opinion.
>>> >> >> You are NOT entitled to your own facts.
>>> >> >>
>>> >> >> Norman
>>> >> >>
>>> >> >> On 5/10/2014 12:53 PM, Henner Zeller wrote:
>>> >> >>>
>>> >> >>>
>>> >> >>> Ultimately, I'd like to offer that people can use their Clipper
>>> >> >>> cards
>>> >> >>> or
>>> >> >>> whatever stuff they already have to use as a means of entry.
>>> >> >>>
>>> >> >>
>>> >> >> _______________________________________________
>>> >> >> Noisebridge-discuss mailing list
>>> >> >> Noisebridge-discuss at lists.noisebridge.net
>>> >> >> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>> >> >
>>> >> >
>>> >> >
>>> >> > _______________________________________________
>>> >> > Noisebridge-discuss mailing list
>>> >> > Noisebridge-discuss at lists.noisebridge.net
>>> >> > https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>>> >> >
>>> >>
>>> >>
>>> >>
>>> >> --
>>> >> Naomi Theora Most
>>> >> naomi at nthmost.com
>>> >> +1-415-728-7490
>>> >>
>>> >> skype: nthmost
>>> >>
>>> >> http://twitter.com/nthmost
>>> >
>>> >
>>>
>>>
>>>
>>> --
>>> Naomi Theora Most
>>> naomi at nthmost.com
>>> +1-415-728-7490
>>>
>>> skype: nthmost
>>>
>>> http://twitter.com/nthmost
>>
>>
>
>
>
> --
> Naomi Theora Most
> naomi at nthmost.com
> +1-415-728-7490
>
> skype: nthmost
>
> http://twitter.com/nthmost
>
>
> _______________________________________________
> Noisebridge-discuss mailing list
> Noisebridge-discuss at lists.noisebridge.net
> https://www.noisebridge.net/mailman/listinfo/noisebridge-discuss
>
>



-- 
Naomi Theora Most
naomi at nthmost.com
+1-415-728-7490

skype: nthmost

http://twitter.com/nthmost


More information about the Noisebridge-discuss mailing list