Real Conspiracy Theories

The Washington Post reports on an “Orwellian” plan to track college students:

“‘Is there some reason to reverse three decades of [privacy] policy and go down this Orwellian road?’ asked Christopher B. Nelson, the president of St. John’s College, during a conference call with reporters to call attention to a new survey on the subject.

The controversial concept of a national student ‘unit’ tracking system has been floating around for about two years. It was given a boost last month when Education Secretary Margaret Spellings’s Commission on the Future of Higher Education released a draft report endorsing such a plan. . .

The United States Student Association views the proposal ‘as a massive invasion of student privacy,’ according to the group’s legislative director, Rebecca Thompson.

‘It’s cradle-to-grave tracking,’ said Rolf Wegenke, president of the Wisconsin Association of Independent Colleges and Universities. ‘It can easily be connected to other databases and be connected to basic freedoms.’”

News.com is runing a story about new legislation that would increase FBI snooping:

“The FBI has drafted sweeping legislation that would require Internet service providers to create wiretapping hubs for police surveillance and force makers of networking gear to build in backdoors for eavesdropping, CNET News.com has learned. . .

Require any manufacturer of “routing” and ‘addressing’ hardware to offer upgrades or other ‘modifications’ that are needed to support Internet wiretapping. . .

Authorize the expansion of wiretapping requirements to ‘commercial’ Internet services including instant messaging if the FCC deems it to be in the “public interest.” That would likely sweep in services such as in-game chats offered by Microsoft’s Xbox 360 gaming system as well.”

You can read the full story here.

Computer security experts believe that the voting machines used in the United States are vunerable to hacking:

"It gets scarier. The best minds in the computer-security world contend that the voting terminals can’t be trusted. Listen, for example, to Avi Rubin, a computer-security expert and professor at Johns Hopkins University who was slipped a copy of Diebold’s source code earlier this year. After he and his students examined it, he concluded that the protections against fraud and tampering were strictly amateur hour. “Anyone in my basic security classes would have done better,” he says. The cryptography was weak and poorly implemented, and the smart-card system that supposedly increased security actually created new vulnerabilities. Rubin’s paper concluded that the Diebold system was “far below even the most minimal security standards.”"

If you are concerned about election fraud and want to stay on top of the latest news about insecure voting machines, check out BlackBoxVoting.org. This will again be big news in the next election.

Related articles:

• 100,000 errors in the 2004 presidential election
• Maryland votes against electronic voting machines
• A movement for open-source voting machines

An article on EETimes.com discusses a way that cellphones could be used to crack RFID chips:

"A well known cryptographer has applied power analysis techniques to crack passwords for the most popular brand of RFID tags.

I haven’t tested all RFID tags, but we did test the biggest brand and it is totally unprotected,” Shamir said. Using this approach, “a cellphone has all the ingredients you need to conduct an attack and compromise all the RFID tags in the vicinity,” he added.

Shamir said the pressure to get tags down to five cents each has forced designers to eliminate any security features"

Do you want the password on your implanted chip to be vunerable to an attack by someone’s cell phone? I thought so.

Unashamedly using terms like “RFID for people” and “implantable microchip”, VeriChip’s web site advertises implanted chip solutions for your organization.

VeriChip also have a page that vaguely mentions “RFID infant protection solutions“, whatever that means.

Wikipedia has more about RFID and spychips, as well as a photo of what an implanted spychip looks like.

CNET is running a story about a new way of tracking things:

"Why attach an RFID chip to a shirt when you can identify the shirt through undetectable, invisible chemicals mixed into the fibers?…

[CrossID] has devised a way to put a chemical signature into fabrics, labels, inks, boxes and other materials. When a hand or door scanner tuned to a specific frequency is pointed at an item, chemicals mixed inside the item get excited and give off a signal. The signal, which differs with the addition or subtraction of different substances, then serves as an ID for the item."

Sci-Tech Today recently published an article titled Citibank Experiments with RFID Tech:

"As you walk into your bank, your every move is tracked and studied. Once at the teller, there will be little need to present your ID. They already know who you are. That somewhat Orwellian concept could become a reality at your local lending institution in the near future if the radio frequency identification (RFID) technology now being tested in Europe proves successful…

Citibank has begun issuing pilot MasterCard PayPass key fobs, which are similar to small credit card that attach to key rings, for use at RFID-enabled merchants and at the bank branches…

Once the use of RFID is fine-tuned, it will be rolled out at 2.5 million PayPass debit devices."

An article titled RFID privacy concerns are global discusses some of the steps officials are supposedly taking to protect us against RFID chips.

"Privacy concerns over the use of radio frequency identification technology aren’t confined to the United States. Officials in Europe and Asia have completed or are developing guidelines and directives to ensure that RFID technology is used properly."

How can hackable, radio-wave transmitting chips that are capable of tracking everything you do be “used properly”? The article continues, talking about the “legitimate” uses of implanting RFID chips in your body:

"Laurant expressed special concerns about a miniaturized RFID device about the size of a grain of rice from a company called VeriChip. The chip is implanted below a person’s skin and contains a unique verification number.

Laurant said the chip could legitimately be used by health officials to obtain information, such as blood type, about an unconscious person and used to treat them. But it could also be used for more controversial applications such implanting them in the arms of soldiers who are on special military missions."

Spychips.com has a press release announcing that the American state of Wisconsin has just banned forced injection of RFID chips.

"Civil libertarians cheered yesterday upon news that Wisconsin Governor Jim Doyle signed a law making it a crime to require an individual to be implanted with a microchip. Activists and authors Katherine Albrecht and Liz McIntyre joined the celebration, predicting this move will spell trouble for the VeriChip Corporation, maker of the VeriChip human microchip implant."

It may be hard to imagine that it is legal to require someone to get a radio chip injected into their body, but it has already happened.

An ominous article by the New Scientist predicts a new wave of privacy violations:

"New Scientist has discovered that Pentagon’s National Security Agency, which specialises in eavesdropping and code-breaking, is funding research into the mass harvesting of the information that people post about themselves on social networks. And it could harness advances in internet technology - specifically the forthcoming “semantic web” championed by the web standards organisation W3C - to combine data from social networking websites with details such as banking, retail and property records, allowing the NSA to build extensive, all-embracing personal profiles of individuals."

RFID chips will soon be everywhere. These are the frightening "implanted chips" of the future, except that they don’t need to be implanted. They will be embedded in every product that you use, tracking your every move.

RFID chips have very bad security and can easily be hacked:

"James Van Bokkelen is about to be robbed. A wealthy software entrepreneur, Van Bokkelen will be the latest victim of some punk with a laptop. But this won’t be an email scam or bank account hack. A skinny 23-year-old named Jonathan Westhues plans to use a cheap, homemade USB device to swipe the office key out of Van Bokkelen’s back pocket."

Another hacker uses a prank to open his locked hotel room with a box of cream cheese:

" ‘I was at a hotel that used smartcards, so I copied one and put the data into my computer,’ Grunwald says. ‘Then I used RFDump to upload the room key card data to the price chip on a box of cream cheese from the Future Store. And I opened my hotel room with the cream cheese!’"

But the uses of cracking into RFID chips go far beyond pranks:

Aside from pranks, vandalism, and thievery, Grunwald has recently discovered another use for RFID chips: espionage. He programmed RFDump with the ability to place cookies on RFID tags the same way Web sites put cookies on browsers to track returning customers. With this, a stalker could, say, place a cookie on his target’s E-ZPass, then return to it a few days later to see which toll plazas the car had crossed (and when). Private citizens and the government could likewise place cookies on library books to monitor who’s checking them out.