| | |
|
DanielHarrisFirstPaper 12 - 15 Apr 2009 - Main.EbenMoglen
|
|
<
< |
| META TOPICPARENT | name="FirstPaper%25" |
|---|
| >
> |
| META TOPICPARENT | name="FirstPaper" |
|---|
| | |
In Defense of RFID | | | -- DanielHarris - 09 Apr 2009 | |
<
< | I think the argument about the functional equivalency of howling RFID cards and cellphones where privacy is concerned highlights another important point: piecemeal solutions to the privacy concerns with particular technologies, whether technological or legislative, have little effect on the overall erosion of privacy. | >
> | I think the argument about the functional equivalency of howling RFID cards and cellphones where privacy is concerned highlights another important point: piecemeal solutions to the privacy concerns with particul | | | Which suggests that we need a solution--again, either legislative or technological--that encompasses all vectors for privacy invasion. Recognizing a constitutional right is a plausible first step, since the right can influence cultural expectations about how technology should preserve rather than erode privacy. This can in turn influence technology architects and hopefully meta privacy-protecting legislation along the lines of the Civil Rights Act of 1964.
-- AndreiVoinigescu - 10 Apr 2009 | |
>
> |
- I think this essay is convincing on the points it argues. I also think, however, that the action is elsewhere.
- I believe your argument that tracking by RFID is much harder than tracking by cellphone, which everyone more or less now accepts risk of. But the point about RFID is how cheaply someone can plant something on you that could be detected later: browser cookies in the real world. And, just as it may be especially problematic when A can see a cookie given you by B, ....
- I think the problems posed by chatty RFID tags are more from the effects on identity-based security than about tracking. The CUID scheme turns out to be easy to break, for example, despite the "encryption" features, because you can pretend to be a door lock and spend all day having brief conversations with passing ID cards. After a surprisingly small number of such challenge/response pairs, you are ready to open any door in the place, or to pretend to be anyone you please to impersonate. I agree that one can shield cards most of the time so that their tendency to make excess noise can be confined, though many people will be careless thus enabling various forms of fraud and abuse.
- Your position seems to be that there are good reasons for having stored wireless money that anonymously pays rapidly and at a distance. I entirely endorse that view, and would be happy to carry such a card myself. Remove the anonymity, however, and I don't want it at any price. So it's obviously not about radio frequency ID technology, it's about carrying a bunch of automated database record tags around with me covering my entry in other people's databases.
| | | |
|
|
|
|
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
|
|
| | |