From: Steven Trewick (STrewick@joplings.co.uk)
Date: Wed May 12 2004 - 12:18:42 EDT
> > I was under the impression, (which may well not be correct)
> > that passive RFID tags derive their operational power supply
> > from the radio signal transmitted by the reader. If this is
> > the case, is it not possible to simply transmit a higher
> > power signal, and thus boost the response from the tag to
> > gain more range? (Obviously,
> > this becomes the arms/armour cycle in the end if we are talking about
> > shielding.) Or even simply build an extremely sensitive
> > receiver and place it near where the cards will be used ? (etc)
> Higher power, based on what? And what about the nearer RFIDs you cook
while
> trying to get enough power to the ones that are further away?
> And of course this assumes that you can get enough gain without
overloading
> all of them (or cooking your own gonads).
Yowza !
Yes, this argument is not based on my sound knowledge of RF engineering,
(because I dont have any) but on some stuff I read on the net, viz :
"But what about a more powerful RFID reader, created by criminals or
police who don't mind violating FCC regulations? Eric Blossom, a veteran
radio engineer, said it would not be difficult to build a beefier
transmitter
and a more sensitive receiver that would make the range far greater. "I
don't
see any problem building a sensitive receiver," Blossom said. "It's
well-known
technology, particularly if it's a specialty item where you're willing to
spend five times as much."
which can be found here :
http://news.com.com/2010-1069-980325.html
This may be tosh as far as I know, but it sounds plausible, (assuming
one can overcome the problems mentioned above (particularly the one about
Gonads! Tin foil hats again, methinks)
> > > And this all assumes that all the credit cards in the wallet don't
> > > respond at the same time, on the same frequency, thus garbling the
> > > results.
> These are different tags than you find in a credit card.
> Keep in mind that all RFID is, by definition, is something that transmits
an
> identifier using radio signals. As such, there are vastly different
> implementations, with solutions for different problems.
Yes they do indeed (OK, I finally googled ;-)
Here's some :
http://www.microchip.com/ParamChartSearch/chart.aspx?branchID=1204&mid=&lang
=en&pageId=76
Interestingly, we can see that some have Anti Colision, and some don't,
so all the scenarios we discuss are going to depend on what exact tech is
deployed. (But then, when isnt it ??)
I can see arguments either way for putting anti-collision on CC tags,
but since I have not seen any RFID implementations any more sophisticated
than those used in anti-theft systems, its impossible for me to even guess
what manufacturers/card issuers might feel is appropriate in the future.
Interestingly, according to the following,
http://www.aimglobal.org/technologies/rfid/what_is_rfid.asp
One of the form factors an RFID tag can take is " credit-card shaped for use
in access applications"
So perhaps we wouldnt be looking at a tag *on* a card, but a tag that *is*
a card (with side glance to the obvious "wheres the mag stripe/backward
combatibility" technical challenge, of course)
For now I think I'll keep an open mind on weather some scumbag can tell what
type of pants I'm wearing from the other side of the room, and try and
figure
out weather I should care '-) (Oh, and on making another tinfoil, erm,
'hat'!)
Peace and stuff.
</code>
The information contained in this e-mail is confidential and may be privileged, it is intended for the addressee only. If you have received this e-mail in error please delete it from your system. The statements and opinions expressed in this message are those of the author and do not necessarily reflect those of the company. Whilst Joplings Group operates an e-mail anti-virus program it does not accept responsibility for any damage whatsoever that is caused by viruses being passed.
joplings.co.uk
------------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:54 EDT