Bug devices track officials at summit [RFID]

The WashingtonTimes ^ | 12/14/03 | Audrey Hudson

[Pro-Bush]

Bug devices track officials at summit

Officials who attended a world Internet and technology summit in Switzerland last week were unknowingly bugged, said researchers who attended the forum. Badges assigned to attendees of the World Summit on the Information Society were affixed with radio-frequency identification chips (RFIDs), said Alberto Escudero-Pascual, Stephane Koch and George Danezis in a report issued after the conference ended Friday in Geneva. The badges were handed out to more than 50 prime ministers, presidents and other high-level officials from 174 countries, including the United States.

[Pro-Bush]

...For the RFID naysayers, you know who you are.

[FairOpinion]

We don't need to excerpt the Washington Times, only the Washington POST.

This is am amazing article. I never can understand how people have been ignoring RFID -- there have been a few articles posted, but most people prefer to live in blissful ignorance.

It is scary, the way people were able to obtain fake ID-s. IF they can, so can terrorists.

Full article below -- so we preserve it for posterity.

---

Bug devices track officials at summit


By Audrey Hudson
THE WASHINGTON TIMES


Officials who attended a world Internet and technology summit in Switzerland last week were unknowingly bugged, said researchers who attended the forum.

Badges assigned to attendees of the World Summit on the Information Society were affixed with radio-frequency identification chips (RFIDs), said Alberto Escudero-Pascual, Stephane Koch and George Danezis in a report issued after the conference ended Friday in Geneva. The badges were handed out to more than 50 prime ministers, presidents and other high-level officials from 174 countries, including the United States.

The trio's report said they were able to obtain the official badges with fraudulent identification only to be stunned when they found RFID chips — a contentious issue among privacy advocates in the United States and Europe — embedded in the tags.

Researchers questioned summit officials about the use of the chips and how long information would be stored but were not given answers.

The three-day WSIS forum focused on Internet governance and access, security, intellectual-property rights and privacy. The United States and other countries defeated an attempt to place the Internet under supervision of the United Nations.

RFID chips track a person's movement in "real time." U.S. groups have called for a voluntary moratorium on using the chips in consumer items until the technology and its effects on privacy and civil liberties are addressed.

Mr. Escudero-Pascual is a researcher in computer security and privacy at the Royal Institute of Technology in Stockholm. Miss Koch is the president of Internet Society Geneva, and Mr. Danezis studies privacy-enhancing technologies and computer security at Cambridge University.

"During the course of our investigation, we were able to register for the summit and obtain an official pass by just showing a fake plastic identity card and being photographed via a Web cam with no other document or registration number required to obtain the pass," the researchers said.

The researchers chose names for the fake identification cards from a list printed on the summit's Web site of attendees.

The hidden chips communicate information via radio frequency when close to sensors that can be placed anywhere "from vending machines to the entrance of a specific meeting room, allowing the remote identification and tracking of participants, or groups of participants, attending the event," the report said.

The photograph of the person and other personal details are not stored on the chip but in a centralized database that monitors the movement. Researchers said they are concerned that database will be used for future events, including the next summit to be hosted by Tunisian authorities.

"During the registration process, we requested information about the future use of the picture and other information that was taken, and the built-in functionalities of the seemingly innocent plastic badge. No public information or privacy policy was available upon our demands that could indicate the purpose, processing or retention periods for the data collected. The registration personnel were obviously not properly informed and trained," the report said.

The lack of security procedures violates the Swiss Federal Law on Data Protection of June 1992, the European Union Data Protection Directive, and United Nations' guidelines concerning computerized personal-data files adopted by the General Assembly in 1990, the researchers said.

"The big problem is that system also fails to guarantee the promised high levels of security while introducing the possibility of constant surveillance of the representatives of civil society, many of whom are critical of certain governments and regimes," the report said.

"Sharing this data with any third party would be putting civil-society participants at risk, but this threat is made concrete in the context of WSIS by considering the potential impact of sharing the data collected with the Tunisian government in charge of organizing the event in 2005," it said.

The organization Reporters Without Borders was banned from attending the summit and launched a pirate radio broadcast to protest the ban and detail press-freedom violations by some countries attending the meetings, including Tunisia.

"Our organization defends freedom of expression on the Internet on a daily basis. Our voice should therefore be heard during this event, despite this outrageous ban," said Robert Menard, secretary general of Reporters Without Borders.

Tunisia is among several countries Reporters Without Borders has accused of censoring the Internet, intercepting e-mails and jailing cyber-dissidents.

[Pro-Bush]

Note taken. Thanks for posting the full article.

[agitator]

Hey, that's just for inventory control, they wouldn't do that here. /sarcasm

[FairOpinion]

I used to think that NY Times articles needed to be excerpted, until someone pointed out that NYT was not on the list of publictions we need to excerpt.

[FairOpinion]

What irks me (or worse) is that the same people who make a big deal about some common sense anti-terrorism measures, totally ignore REAL invasion of privacy into everyone's life, not just those who are suspected of terrorism.

[endthematrix]

Seems there are two issues here. First, people were able to register under false ID. just what was the process? Could anybody (excluding Reporters w/out Borders) just register? Probably. Second, the fact that RFID tracks things. No new news there. Maybe some bigwigs got offended and will put a nix in RFID? Doubtful. Some book conference in Japan tracked what kinds of books people read who visited vendors and such.

[agitator]

That's because they're distracted by their knees reflexively jerking.

[Pro-Bush]

Could anybody (excluding Reporters w/out Borders) just register?

Seems to be a common trade show, I don't know why they went incognito, maybe because they planned to go underground because they are reporters and wanted to hide that fact.

The problem is that they were tracked without their permission, I personally have a problem with that, do you?

[FairOpinion]

"During the course of our investigation, we were able to register for the summit and obtain an official pass by just showing a fake plastic identity card and being photographed via a Web cam with no other document or registration number required to obtain the pass," the researchers said.

The researchers chose names for the fake identification cards from a list printed on the summit's Web site of attendees.

[hosepipe]

Somebodys on the right track....

TERRORISTS
1) catch em
2) bug em
3) let em go
4) track them
5) make raids, break a lot of things, kill some, get some more
6) go to (1)

[Pro-Bush]

RFID used in a controlled way by our intelligence can be beneficial indeed.

[endthematrix]

I think if it is a Tech symposium somewhere regarding the RFID tags, they'd flaunt it to high heavens. That is it could cancer and all that. Someone failed to read the fine print...."due to heightened security and your safety, all you movements, including bowels, will be monitored from a central location."

[endthematrix]

Investigation of what? Was it an open registration? Most events you can register online. Most passes are issued just to tell if you have paid admission and having restricted access to various areas. Wouldn't have been an issue if you just got a ticket in the mail, right?

[Pro-Bush]

...."due to heightened security and your safety, all you movements, including bowels, will be monitored from a central location."

lol, isn't technology great.

[EUPHORIC]

What is the big deal? I work in that field and this paranoia about RFID devices is just as bad as the uproar over Y2K. That was a non-issue. This is a non-issue.

The SAME RFID chip is in the handles of most modern car keys and subcutaneously implanted under the skins of quite a few pets.

The thing is just a tiny "transponder" that sends out its unique identifier upon interrogation by a very localized low frequency low power RF field. Typical range is a couple of feet for the readers that are on doors and several feet for the higher power units that are used to identify vehicles.

With all of the ID card type transponders I've seen and use on a daily basis you have to get the cards within about a foot of the reader before it can be read. With the vehicle types you have to drive under or next to a reader for it to indicate.

Also ALL common units are read only and only send one unique ID number much like the MAC addys on your network cards. It is up to the security people on site to enroll each of those cards and they systems will not recognize any non-enrolled cards.

Bottom line? They cannot be detected from more then a few feet away at max and certainly will not register on some black ops wall map unless then happen to be attached to each and every local access control database on the planet and I can assure you 100% that is NOT happening interagency within the government or in the private sector.

RFID chips as they exist today are no different then the mag stripes on your various cards. They are in use for CONVENIENCE and because they are more durable then mag stripe cards.

Were those officials "bugged"? No more then their FACES gave them recognizability to the human eye.

This reminds me of Chuck Missler going on and on and on in 1999 about the cacophony of evils about to assault us in Y2K when all that really happened was a lot of money was wasted and a few old computers and camcorders wacked out.

I was right four years ago when I argued with Missler and I am right now when I slap my hand to my head at the unreal paranoia over these innocuous and quite useful RFID devices.

Cripes! You gave more easily researchable data about yourself when you use ATM and Credit Cards for purchases then you do with RFID!

[clee1]

Thanks for a rational viewpoint on this issue.

I had suspected that the furor was "much ado about nothing".

[endthematrix]

If the topic is Privacy vs. Conveniences then the issues are easily debatable. RFID has encroached silently for years with slight detection. Most have concerns of a highly organized effort to monitor everything you do. Can this not be said for RFID. It's to replace (basically has already) the bar code. But it's also associated the products with you. What are you carrying in your bag? No big deal isn't selling peace of mind when you work in the field. Whats next transponders inject in your children? For safety you say? Convenience? Security? Oh yea, they already have the verichip. If they could tag fish they could tag you, but for what?

[Pro-Bush]

RFID technology is not bad on its own, it is the method of which it is utilized. If you don't see anything sinister with the way it was used at the WSIS, then I cannot relate to you.

[EUPHORIC]

Security? Oh yea, they already have the verichip. If they could tag fish they could tag you, but for what?

Paranoia. Big destroyah...

Waste of head time. Not happening.