[Noisebridge-discuss] RFID tokens

Torrie Fischer tdfischer at hackerbots.net
Wed Aug 26 19:16:15 UTC 2015


hi, noisebridge.

i've been super duper busy the last few weeks so I haven't had an opportunity 
to show up to a tuesday, but jeez, the meeting notes are way too sparse:

https://noisebridge.net/wiki/Meeting_Notes_2015_08_25

There's also this line:

> Leveling up the RFID tag and potentially adding anonymity would be 
importnat. Some people care about anonymity, and this doesn't offer that. Also 
the RFID is hackable, somebody can listen in.

What are folks concerns about the anonymity of the RFID system? This gets 
brought up from time to time, and here are the known attributes of the system:

* Only capital-M members can add new users to the system
* New tokens that are added are anonymous and have a 30 day expiration
* That expiration can be dropped by filling in some data file with a chosen 
nym and e-mail address
* nym is short for pseudonym, which means you don't need to give a "legal" 
name or anything, which is also why I ask people "how would you like to be 
identified in the system?" instead of asking for a name.
* The only people with SSH access to earl, and thus the ability to modify 
membership/philanthropist/user/fulltimeuser status are Rubin, Henner, nthmost, 
Patrick, and myself.

If folks are still worried about anonymity, I'd love to talk about it afk in 
the space. That has alleviated the fears of everyone who has had them before.

There's also some small concern in the notes about how hackable RFID is, and 
yeah, sure. Its hackable. FWIW, if someone wanted to break into the space, the 
RFID system is not the weak point.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20150826/b011b90b/attachment.pgp>


More information about the Noisebridge-discuss mailing list