PDA

View Full Version : Apple Seeking To Make Wireless Network Setup Easier




MacRumors
Mar 9, 2007, 09:29 PM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

In a patent application (http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=20070054616&OS=20070054616&RS=20070054616) revealed yesterday (http://hrmpf.com/wordpress/116/apple-suggests-rfid-to-allow-easy-wireless-network-setup-and-security) (#20070054616), Apple reveals that it is working on making configuring wireless networks, especially ones with devices with limited input/output capability, more simple.

The system describes using RFID tags in networking equipment that would communicate basic configuration settings when the devices got close to one another. The devices would then be able to establish a rudimentary network based on that information and be able to automatically finish setting up a more complex and secure wireless network.

Apple's innovative use of RFID appears to be aiming to simplify the setup of wireless devices (especially ones with limited user interfaces) while simultaneously promoting the use of secured wireless networks.



Eidorian
Mar 9, 2007, 09:31 PM
That's an interesting idea on how to get the devices to recognize each other before you even have to set it up. I still love my extensive user interfaces though. Please don't get rid of them.

bigandy
Mar 9, 2007, 09:32 PM
I'm really liking this idea. Anything to stop my parents phoning up for a detailed step-by-step from me each week when they managae, again, to factory reset their router :rolleyes:

Eidorian
Mar 9, 2007, 09:33 PM
I'm really liking this idea. Anything to stop my parents phoning up for a detailed step-by-step from me each week when they managae, again, to factory reset their router :rolleyes:Have them backup their settings once they're set up. I also find it quite odd that they can unintentionally hold down the reset button for that long.

longofest
Mar 9, 2007, 09:40 PM
FYI: Sorry for the delay in the article. I happen to work with RFID and was working to get an expert interview (a PhD MIT grad), but I wasn't able to get it before now, so I decided to run the story anyways with just my insights (see the extended (http://www.macrumors.com/2007/03/08/apple-seeking-to-make-wireless-network-setup-easier/) part of the story).

bigandy
Mar 9, 2007, 09:41 PM
Have them backup their settings once they're set up. I also find it quite odd that they can unintentionally hold down the reset button for that long.

oh, i do, every time :rolleyes:

they seem to have some magical inability to keep anything set up correctly.

last time something went horribly wrong they flew me down to (near london) from scotland for the weekend, specifically to fix it. you should have seen the look on my dad's face when, within seconds of turning up, i'm saying "you really need to have the router plugged in to the phone socket..."

:rolleyes:

Eidorian
Mar 9, 2007, 09:47 PM
oh, i do, every time :rolleyes:

they seem to have some magical inability to keep anything set up correctly.

last time something went horribly wrong they flew me down to (near london) from scotland for the weekend, specifically to fix it. you should have seen the look on my dad's face when, within seconds of turning up, i'm saying "you really need to have the router plugged in to the phone socket..."

:rolleyes:Once you have the router settings backed up it shouldn't be a problem to just restore them. Keep the file yourself in case they lose it too. The only pain left is to restore it from that configuration file.

roland.g
Mar 9, 2007, 10:07 PM
I didn't think it could get much easier.

theranch
Mar 9, 2007, 10:12 PM
Could be for connecting iPods... sort of like what the Zune can do.

Analog Kid
Mar 9, 2007, 10:14 PM
FYI: Sorry for the delay in the article. I happen to work with RFID and was working to get an expert interview (a PhD MIT grad), but I wasn't able to get it before now, so I decided to run the story anyways with just my insights (see the extended (http://www.macrumors.com/2007/03/08/apple-seeking-to-make-wireless-network-setup-easier/) part of the story).
Thanks. Maybe you can explain why they're using a second signaling channel to do this rather than negotiating over the primary network channel? Is this purely a security-through-proximity technique?

Is this a passive backscatter RFID, or a full blown second RF channel?

I'll admit I haven't actually looked at the patent yet, but I'm hoping to coax you into sharing more of your insights...

roland.g
Mar 9, 2007, 10:14 PM
Could be for connecting iPods... sort of like what the Zune can do.

and/or for connecting iPhones though everything we've heard says that the iPhone won't utilize it's Wi-Fi or Bluetooth to sync any data, but will just use a charging cradle/dock which really doesn't make much sense.

theranch
Mar 9, 2007, 10:15 PM
and/or for connecting iPhones though everything we've heard says that the iPhone won't utilize it's Wi-Fi or Bluetooth to sync any data, but will just use a charging cradle/dock which really doesn't make much sense.

Yeah that too.

Digital Skunk
Mar 9, 2007, 11:08 PM
Yeah... do that and put it in my 12" MacBook Pro... or MacBook or something that is tiny and small so I can buy it for my girlfriend who is getting the most and then some out of her 12" PowerBook.

Analog Kid
Mar 10, 2007, 02:28 AM
and/or for connecting iPhones though everything we've heard says that the iPhone won't utilize it's Wi-Fi or Bluetooth to sync any data, but will just use a charging cradle/dock which really doesn't make much sense.
Most likely not for connecting the iPhone to the Mac-- both have extensive UI capability. I'm thinking this is for connecting mice or keyboards-- something that doesn't have an interface to enter a password.

MrCrowbar
Mar 10, 2007, 02:53 AM
Sweet. This reminds me how you pair a Mac with a specific Apple remote right now. Just get very close to the Mac with the remote and hold the menu and rewind button, boom, remote is paired. You could just do the same with RFID: put your iPhone on top of your airport base station or a Mac sharing the Ethernet connection over Airport (love that feature by the way) and the devices are paired (maybe use a button to confirm, else it might get messy in a place where everything is close together, i.e. an office).

I wouldn't have thought about using RFID to initiate a more complex wireless communtication, I really like the idea.

MrCrowbar
Mar 10, 2007, 03:34 AM
Sweet. This reminds me how you pair a Mac with a specific Apple remote right now. Just get very close to the Mac with the remote and hold the menu and rewind button, boom, remote is paired. You could just do the same with RFID: put your iPhone on top of your airport base station or a Mac sharing the Ethernet connection over Airport (love that feature by the way) and the devices are paired (maybe use a button to confirm, else it might get messy in a place where everything is close together, i.e. an office).

I wouldn't have thought about using RFID to initiate a more complex wireless communtication, I really like the idea.

BoyBach
Mar 10, 2007, 03:57 AM
If it makes the 'Dark Art' of setting up a wireless network any easier, it get's my vote.

(You can't rely on your younger brother to set it up for you forever! ;) )

longofest
Mar 10, 2007, 07:46 AM
Thanks. Maybe you can explain why they're using a second signaling channel to do this rather than negotiating over the primary network channel? Is this purely a security-through-proximity technique?

Is this a passive backscatter RFID, or a full blown second RF channel?

I'll admit I haven't actually looked at the patent yet, but I'm hoping to coax you into sharing more of your insights...

Apple didn't talk much about the exact implementation of their RFID system. They didn't even mention which frequency they'd be using (LF, HF, UHF (EPC Gen2?)). Its most definitely would be a passive system though.

Basically, the RFID tag is being used to store basic network information. I'm assuming SSID. If they are smart, they may also store a public key.

Then, the RFID portion is done, and the devices will connect using wireless to communicate the rest of their settings. This is why I said it would be good of Apple to have included a public key in the RFID tag. this would enable the devices to talk relatively securely even over an unencrypted channel to exchange WPA keys. Then, the full wireless security framework would be set up.

The biggest problem I see in the proposed solution by Apple is that an attacker in close proximity could get the connecting device to look at the attacker's RFID instead of the intended device. This would basically make the user's device connect automatically to the attacker's device. Oops! However, this would require an attacker in relative close proximity, and if they are further away than the user's connecting device, then they would need a higher gain output to try to trick the device. Its just one of the security implications Apple would need to work to prevent from happening in the field.

synth3tik
Mar 10, 2007, 08:12 AM
easier networks? I'm all for it:D

Sandfleaz
Mar 10, 2007, 08:32 AM
Apple sure seems to have a lot going on these days ....sounds like lots of fun gadgets coming down the pike. Of course it's all a conspiracy to keep me broke! (it's working)

iJawn108
Mar 10, 2007, 10:07 AM
I want security more than I want ease of use for networking thanks.

Di9it8
Mar 10, 2007, 10:37 AM
I didn't think it could get much easier.

In the UK there is a handy trick of putting the "$" in front of some of the codes to make a router work on a mac:D

failsafe1
Mar 10, 2007, 11:36 AM
Could this be a magic connection for all the upcoming stuff? Connect the phone to the iTV and easily get the iTV to the computer? Could this make the iPhone into a universal remote and on and on?

NewSc2
Mar 10, 2007, 12:40 PM
I'm sure Apple could make it easier but how much easier could it already be? Communicating with my COMPUSA (no-name) router is a breeze. Took me like 1 minute to set up (if that) and with my work's router. Every time I open up my MBP, it auto-detects and logs on. *shrugs*?

EagerDragon
Mar 10, 2007, 12:57 PM
There is very little value in this. The same can be done via the wireless or bluetooth with the exception that you have to power the device.

We already have way too many RFID tags in the environment. Your shoes, your clothes, your belt, your computer, your passport, your credit card, your gas pass, etc. These devices are not secured and can be read from a distance. People can track you and your habits.

Just because you dont see the tags, does not mean they are not there. I highly suggest you fry them if you do not need them. See this http://globalguerrillas.typepad.com/globalguerrillas/2006/01/weapons_the_rfi.html

BTW I am a securuty consultant, I highly sugest you start zapping them if you do not need them.

For the ones you must carry like the credit cards you may want to use something like this, but I have not tested them so not sure how effective they are: http://www.rpi-polymath.com/ducttape/RFIDWallet.php

longofest
Mar 10, 2007, 01:48 PM
There is very little value in this. The same can be done via the wireless or bluetooth with the exception that you have to power the device.

We already have way too many RFID tags in the environment. Your shoes, your clothes, your belt, your computer, your passport, your credit card, your gas pass, etc. These devices are not secured and can be read from a distance. People can track you and your habits.

Just because you dont see the tags, does not mean they are not there. I highly suggest you fry them if you do not need them. See this http://globalguerrillas.typepad.com/globalguerrillas/2006/01/weapons_the_rfi.html

BTW I am a securuty consultant, I highly sugest you start zapping them if you do not need them.

For the ones you must carry like the credit cards you may want to use something like this, but I have not tested them so not sure how effective they are: http://www.rpi-polymath.com/ducttape/RFIDWallet.php

You complain about the tracking abilities of RFID, yet you don't worry about the tracking ability of mobile phones? Mobile phones can be pinpointed and tracked over a far greater distance than RFID can. Same thing with GPS devices.

It really perturbs me that there is such a vocal minority spreading FUD about RFID without considering the entire picture. If you are some sort of conspiracy theorist, there are much worse evils out there to get scared about than RFID.

Peace
Mar 10, 2007, 01:51 PM
You complain about the tracking abilities of RFID, yet you don't worry about the tracking ability of mobile phones? Mobile phones can be pinpointed and tracked over a far greater distance than RFID can. Same thing with GPS devices.

It really perturbs me that there is such a vocal minority spreading FUD about RFID without considering the entire picture. If you are some sort of conspiracy theorist, there are much worse evils out there to get scared about than RFID.


While I agree with you to an extent.One can turn off a mobile phone and/or GPS device.It appears the AEBS using RFID would be on regardless of whether or not the airport was on.
Please correct me if I'm wrong.

perhaps this topic deserves a poll concerning RFID in future Apple products

EagerDragon
Mar 10, 2007, 02:03 PM
You complain about the tracking abilities of RFID, yet you don't worry about the tracking ability of mobile phones? Mobile phones can be pinpointed and tracked over a far greater distance than RFID can. Same thing with GPS devices.

It really perturbs me that there is such a vocal minority spreading FUD about RFID without considering the entire picture. If you are some sort of conspiracy theorist, there are much worse evils out there to get scared about than RFID.

Correct, however this thread is about RFID so I stick to that. there are a lot of areas related to security we could cover, but I am not writting a book and not every one is interested.

EagerDragon
Mar 10, 2007, 02:29 PM
You complain about the tracking abilities of RFID, yet you don't worry about the tracking ability of mobile phones? Mobile phones can be pinpointed and tracked over a far greater distance than RFID can. Same thing with GPS devices.

It really perturbs me that there is such a vocal minority spreading FUD about RFID without considering the entire picture. If you are some sort of conspiracy theorist, there are much worse evils out there to get scared about than RFID.

I am not complaing, I am passing information, you can ignore it or take the advice, your choice, makes zero difference to me.

As to FUD.... When you were told to look both ways before crossing the street, did you consider that as FUD? Well it is the same here, if you look both ways you become aware of your surroundings, the dangers (if any) and you have an opportunity to digest the information and decide to cross at a moment where you personnaly can deal with the level of risk. I guess most people did consider it FUD since a lot of people do not look both ways before crossing.

As a security consultant I analyze the risk and inform, if people do not take the advice they are now aware of the risk and it was their choice to act or not.

Some people are paranoid, some want to be aware and make their own decisions, and some like to cover their ears and not listen.
Decide which one you want to be.
Makes no difference to me.

longofest
Mar 10, 2007, 03:50 PM
I am not complaing, I am passing information, you can ignore it or take the advice, your choice, makes zero difference to me.

As to FUD.... When you were told to look both ways before crossing the street, did you consider that as FUD? Well it is the same here, if you look both ways you become aware of your surroundings, the dangers (if any) and you have an opportunity to digest the information and decide to cross at a moment where you personnaly can deal with the level of risk. I guess most people did consider it FUD since a lot of people do not look both ways before crossing.

Sorry to respond so quick with the FUD comment, but I've heard the arguments so many times before, and I largely regard most of them (not all, however) as baseless.

You seem to be concerned regarding tracking abilities of RFID. I believe the conspiracy theories and "security risks" regarding tracking abilities of RFID are extremely over-blown.

First, lets make an assumption we're talking about passive RFID. In response to Peace's comment, yes, RFID could be read even when not powered on, however this is mitigated by the fact that you can place some RF-interferance material over the chip and it would no longer respond. There are other techniques that can be employed as well in newer generations of RFID (tags can be programmed to only respond to certain readers, etc).

However, the main point that I would make is that you have to be in relative close proximity to an RFID tag to read it. Therefore, you'd have to have a network of readers to track someone. While this kind of scenario does occur in supply-chain management (networks of readers in a warehouse and along highways to track trucks, for instance), the potential to do it otherwise isn't that huge.

Now, back to your original point. Why is apple using RFID instead of Bluetooth or something else? Well, BlueTooth requires pairing, so its doubtful that they'd use that specific technology, but still, they could use a different technology, and I don't know why they aren't. To be honest, it sounds like they would save themselves from some headaches by not using RFID but using a similar principle to what they are suggesting, minus the RFID.

EagerDragon
Mar 10, 2007, 04:06 PM
Sorry to respond so quick with the FUD comment, but I've heard the arguments so many times before, and I largely regard most of them (not all, however) as baseless.

You seem to be concerned regarding tracking abilities of RFID. I believe the conspiracy theories and "security risks" regarding tracking abilities of RFID are extremely over-blown.

First, lets make an assumption we're talking about passive RFID. In response to Peace's comment, yes, RFID could be read even when not powered on, however this is mitigated by the fact that you can place some RF-interferance material over the chip and it would no longer respond. There are other techniques that can be employed as well in newer generations of RFID (tags can be programmed to only respond to certain readers, etc).

However, the main point that I would make is that you have to be in relative close proximity to an RFID tag to read it. Therefore, you'd have to have a network of readers to track someone. While this kind of scenario does occur in supply-chain management (networks of readers in a warehouse and along highways to track trucks, for instance), the potential to do it otherwise isn't that huge.

Now, back to your original point. Why is apple using RFID instead of Bluetooth or something else? Well, BlueTooth requires pairing, so its doubtful that they'd use that specific technology, but still, they could use a different technology, and I don't know why they aren't. To be honest, it sounds like they would save themselves from some headaches by not using RFID but using a similar principle to what they are suggesting, minus the RFID.

All very good points, besides not everyone is out to get everyone else. We are talking about potential uses of perfectly great technologies for purposes other than the original intend. Some people will be affected by these issues and some wont. However once my pair of shoes is purchased and is taken home, there is not reason to not fry the RFID chip. I rather take a moment to do so than leave the door open, regardless of how unklikely.

We will have to see how secured Apple implements the chip and the level of information they store. Assuming for a moment that they don't go all the way, an individual could read the chip and either get the full set of information on how your network is setup, or at least some of the setup, making it easier to listen in.

Hope they do the right thing. Convenience is #2 enemy of security.

alec
Mar 10, 2007, 05:23 PM
It's always nice to have Apple improve something it hasn't improved on before! By the way, I got a Windows Vista ad on this site ::bleggghhhhhhhhh::

Peace
Mar 10, 2007, 06:10 PM
It's always nice to have Apple improve something it hasn't improved on before! By the way, I got a Windows Vista ad on this site ::bleggghhhhhhhhh::


[ plug for arn's great site ]

One can always contribute (http://www.macrumors.com/site.php?mode=about) and the get ad-free site :)

[ /end plug for arn's great site ]

FleurDuMal
Mar 10, 2007, 06:13 PM
Could it get any easier?! :confused:

Analog Kid
Mar 10, 2007, 10:21 PM
Apple didn't talk much about the exact implementation of their RFID system. They didn't even mention which frequency they'd be using (LF, HF, UHF (EPC Gen2?)). Its most definitely would be a passive system though.

Basically, the RFID tag is being used to store basic network information. I'm assuming SSID. If they are smart, they may also store a public key.

Then, the RFID portion is done, and the devices will connect using wireless to communicate the rest of their settings. This is why I said it would be good of Apple to have included a public key in the RFID tag. this would enable the devices to talk relatively securely even over an unencrypted channel to exchange WPA keys. Then, the full wireless security framework would be set up.

The biggest problem I see in the proposed solution by Apple is that an attacker in close proximity could get the connecting device to look at the attacker's RFID instead of the intended device. This would basically make the user's device connect automatically to the attacker's device. Oops! However, this would require an attacker in relative close proximity, and if they are further away than the user's connecting device, then they would need a higher gain output to try to trick the device. Its just one of the security implications Apple would need to work to prevent from happening in the field.
Thanks longofest. Sounds about right to me. I think the objective here is to provide security on a wireless signal by ensuring that the individual using the wireless link has physical access to the base station. This could be further enhanced by adding a button to the base station to minimize the chance of the high-gain remote attack. A hacker might be able to collect the credentials remotely if they're listening when the button is pressed, but they couldn't trigger an authentication remotely.

Passive RFID would make the most sense from a cost standpoint-- put the expense of the reader into the base station and each device has pennies of incremental cost.
You complain about the tracking abilities of RFID, yet you don't worry about the tracking ability of mobile phones? Mobile phones can be pinpointed and tracked over a far greater distance than RFID can. Same thing with GPS devices.

Just to extend the battle against FUD on all fronts, there is nothing about GPS that allows anyone to track you. GPS is passive only-- the satellites transmit but the user only receives. Remember this was a military technology and they aren't very keen on their soldiers broadcasting their position. GPS can only track someone if they transmit their position over a separate transmitter.

Cellphones, on the other hand, are quite powerful transmitters and are easy to track and triangulate to.
You seem to be concerned regarding tracking abilities of RFID. I believe the conspiracy theories and "security risks" regarding tracking abilities of RFID are extremely over-blown.

First, lets make an assumption we're talking about passive RFID. In response to Peace's comment, yes, RFID could be read even when not powered on, however this is mitigated by the fact that you can place some RF-interferance material over the chip and it would no longer respond. There are other techniques that can be employed as well in newer generations of RFID (tags can be programmed to only respond to certain readers, etc).

However, the main point that I would make is that you have to be in relative close proximity to an RFID tag to read it. Therefore, you'd have to have a network of readers to track someone. While this kind of scenario does occur in supply-chain management (networks of readers in a warehouse and along highways to track trucks, for instance), the potential to do it otherwise isn't that huge.

Now, back to your original point. Why is apple using RFID instead of Bluetooth or something else? Well, BlueTooth requires pairing, so its doubtful that they'd use that specific technology, but still, they could use a different technology, and I don't know why they aren't. To be honest, it sounds like they would save themselves from some headaches by not using RFID but using a similar principle to what they are suggesting, minus the RFID.
I should probably be responding to EagerDragon here but your post better covers both sides of the issue... The danger in RFID as a privacy/security threat is two fold but it's always tied to the information that the RFID provides.

The threat that EagerDragon raises is the ability to follow you around town which is theoretically possible, but as you point out that is rather impractical for very short range devices. Wallmart can track you around the store if they choose, but following you home would require a grid of tag readers spaced every few feet across an entire city. This is roughly the equivalent of the Nike Jogger Stalking threat that got a lot of attention with their iPod integration.

Wrapping the device in foil helps reduce range but only mitigates the threat, it doesn't eliminate it. As the British will tell you, the foil cover on their RFID passports doesn't prevent them from being scanned by the sufficiently motivated. The problem in that case is different though, and it points to the other danger of RFID:

The problem with the British passports is that the data transmitted contains real information not just a meaningless identification number. This is bad implementation. If RFID is broadcasting an identifier that is is divorced from other information, it allows you to track the device, but not to learn anything about the person carrying it. If the RFID carries useful information in itself, as it does with the passports, then you have a real privacy/security concern-- as with the ability to know the contents of and clone a passport without ever having held it.

Wallmart may know the ID for your shoes, and they may have even linked that ID to your credit card data so they know more about you which is spooky in itself, but for that threat to spread they'd need to share that information with others. If the RFID is spitting out your name and address, then it is poorly implemented and you've got the same problem that the passports have.

The way I see this fitting in with the Apple application is this: I don't care much if my iPod or remote control spits out a meaningless ID when polled. Maybe I'd feel differently if I was in a position where someone might want to activate a device only when I'm next to it, but there aren't many people with that concern and it's easier to accomplish the same goal with a pair of binoculars and a remote control anyway. What I don't want is anything on me to be spitting out anything that is useful in itself and this doesn't seem to do that on the device side-- only on the base station side (and this is easy enough to plug as I mentioned above).

Overall, it's a question of whether this is a net positive for security or a net negative. Despite what people are saying here on the forum, I know for a fact that there are a large number of people who aren't able to secure their networks properly and as the ubiquity of wireless links grows, the problem is only going to get worse. The threat of someone following my RFID tag around is much smaller than the threat of someone listening in to all of my WiFi transmissions-- because those transmission carry useful data.

The one remaining attack point that I'd be worried about is not rogue devices connecting to my base station, but rogue base stations linking to my device. If the device is dumb enough to connect to any base station it's close to then someone could set up a base station under a bus seat and harvest information by establishing secure links with any device that goes by then polling it for more useful data. A simple button press might be sufficient to mitigate this one as well...

Aeolius
Mar 10, 2007, 11:14 PM
All I want is for Apple to release an "Airport Extreme XXL" (Airport Wambo?), which will transmit up to a 3,000' radius, like some of the hotspot transmitters. Then couple that with support for outdoor network cameras, or release a standalone iSight Extreme, for color video during the day and b&w w/ IR transmiters at night. Oh, and add an optional harness to strap them on to an alpaca... then I'm set. ;)

MrCrowbar
Mar 11, 2007, 12:44 AM
All I want is for Apple to release an "Airport Extreme XXL" (Airport Wambo?), which will transmit up to a 3,000' radius, like some of the hotspot transmitters. Then couple that with support for outdoor network cameras, or release a standalone iSight Extreme, for color video during the day and b&w w/ IR transmiters at night. Oh, and add an optional harness to strap them on to an alpaca... then I'm set. ;)

Or better, a motor driven directional antenna that always points to your location or looks for a reflecting surface to get you the best signal. This way, you could have your own wireless network across your hometown...

I still like those mini-USB-sattelite-dishes that give you high speed, low latency internet access so you can get high-def video calls from the agent above you. :o

twoodcc
Mar 11, 2007, 01:29 AM
seems interesting. not sure if it effects me, but i guess we'll see

Analog Kid
Mar 11, 2007, 03:28 AM
All I want is for Apple to release an "Airport Extreme XXL" (Airport Wambo?), which will transmit up to a 3,000' radius, like some of the hotspot transmitters. Then couple that with support for outdoor network cameras, or release a standalone iSight Extreme, for color video during the day and b&w w/ IR transmiters at night. Oh, and add an optional harness to strap them on to an alpaca... then I'm set. ;)
I've been waiting for alpaca mount peripherals for ages, but I'm close to giving up. I'm thinking I'll just put mine on Ebay and try to pick up a used armadillo. Now that is the wave of the future. I'm sure of it.

Henri Gaudier
Mar 11, 2007, 06:10 AM
... if everybody harping at him wants them so bad - fine - have them. But those of us who don't want them get them too. RFID is going to be worse than CCTV. The conspiracy theory line was moronic too. Why is it that if you don't want what is prescribed for you by big business you're a crank?

Aeolius
Mar 11, 2007, 08:59 AM
I'm thinking I'll just put mine on Ebay and try to pick up a used armadillo. Now that is the wave of the future. I'm sure of it.

Mind you, these already work on a WiFi network and have built-in webcams:
http://www.ubergizmo.com/photos/2007/1/spyke-2.jpg

krieghoff123
Mar 11, 2007, 11:17 AM
It all ready pretty easy Just got an airport express yesterday and took me about 30 second to set it up. I find it even harder to belive it could become easier

longofest
Mar 11, 2007, 11:22 AM
The problem with the British passports is that the data transmitted contains real information not just a meaningless identification number. This is bad implementation. If RFID is broadcasting an identifier that is is divorced from other information, it allows you to track the device, but not to learn anything about the person carrying it. If the RFID carries useful information in itself, as it does with the passports, then you have a real privacy/security concern-- as with the ability to know the contents of and clone a passport without ever having held it.

Wallmart may know the ID for your shoes, and they may have even linked that ID to your credit card data so they know more about you which is spooky in itself, but for that threat to spread they'd need to share that information with others. If the RFID is spitting out your name and address, then it is poorly implemented and you've got the same problem that the passports have.

The way I see this fitting in with the Apple application is this: I don't care much if my iPod or remote control spits out a meaningless ID when polled. Maybe I'd feel differently if I was in a position where someone might want to activate a device only when I'm next to it, but there aren't many people with that concern and it's easier to accomplish the same goal with a pair of binoculars and a remote control anyway. What I don't want is anything on me to be spitting out anything that is useful in itself and this doesn't seem to do that on the device side-- only on the base station side (and this is easy enough to plug as I mentioned above).

Overall, it's a question of whether this is a net positive for security or a net negative. Despite what people are saying here on the forum, I know for a fact that there are a large number of people who aren't able to secure their networks properly and as the ubiquity of wireless links grows, the problem is only going to get worse. The threat of someone following my RFID tag around is much smaller than the threat of someone listening in to all of my WiFi transmissions-- because those transmission carry useful data.

The one remaining attack point that I'd be worried about is not rogue devices connecting to my base station, but rogue base stations linking to my device. If the device is dumb enough to connect to any base station it's close to then someone could set up a base station under a bus seat and harvest information by establishing secure links with any device that goes by then polling it for more useful data. A simple button press might be sufficient to mitigate this one as well...

The point of placing extraneous info on the tag is always one that I do not argue against. I have had extreme reservations in the way various countries are implementing their e-passports due to this exact reason.

However, if Apple wants to put an SSID on there, its nothing that you can't find over the airwaves anyways, so no big deal.

longofest
Mar 11, 2007, 11:25 AM
... if everybody harping at him wants them so bad - fine - have them. But those of us who don't want them get them too. RFID is going to be worse than CCTV. The conspiracy theory line was moronic too. Why is it that if you don't want what is prescribed for you by big business you're a crank?

The thought that people are going to use RFID to track your every movement is what I was getting at for the term "conspiracy theory". Being dilligent in making sure RFID isn't abused isn't a problem. However, I also have problems when people harp on RFID and ignore other more sinister things out there, as I have said before in previous posts.

Henri Gaudier
Mar 11, 2007, 12:07 PM
Unfortunately everything is abused. We're being hemmed in by successive governments and no one from the "political class" has the nerve to confront it. From Echelon to traffic flow cameras, SatNav in your car to the phone in your pocket. Everything is being co-opted by law enforcement to spy on people. Or you could argue the reason for cameras isn't for traffic management etc it is to spy under the auspices of "safety" etc. Face recognition and car plate reading cameras aren't about safety, they're about the government wanting to know what everyone is up to and where they're going. RFID will be sold as a security feature - police cars will be kitted out with RFID radars to aid in the detection of stolen goods - the media will jump on the bandwagon etc. Insurance premiums ill go up if you don't have them etc etc. 10 years sown the line - subcutaneous ID/credit/debit/card.

Rocketman
Mar 11, 2007, 01:34 PM
The thought that people are going to use RFID to track your every movement is what I was getting at for the term "conspiracy theory". Being dilligent in making sure RFID isn't abused isn't a problem. However, I also have problems when people harp on RFID and ignore other more sinister things out there, as I have said before in previous posts.

Once you identify a particular RFID (edit: or cellular GPS or GPS or IP address) with a particular person (even the public key can do that) as the government or a large retailer has the capacity to do for vast numbers of people, each and every time "your" device passes an RFID transceiver your whereabouts are known. Given the sheer number of activities that are already illegal and more being added every day, and the rapid advance of big brother to identify each and every small breach, it becomes practical for any "targeted" person to be shown voilating something, then be tracked and arrested.

At least for the past 100 years if you made a mistake you had to do it in front of a cop or a witness inclined to call the police. Now any of millions of machines can prove you committing a crime, even if you are not aware of it, and the perfection of proving it and arresting you is improving by the month to the point where lazy police can sit in front of computer terminals and pick and choose who to "pick off that day".

Selective enforcement perfected.

Someone should come up with a constitution and a bill of rights or something.

Rocketman

EagerDragon
Mar 11, 2007, 06:20 PM
... if everybody harping at him wants them so bad - fine - have them. But those of us who don't want them get them too. RFID is going to be worse than CCTV. The conspiracy theory line was moronic too. Why is it that if you don't want what is prescribed for you by big business you're a crank?

Specialy when the message is "If you are concerned ZAP the ones you don't need, protect the ones you do". If one is not concerned then do nothing, live happy.

EagerDragon
Mar 11, 2007, 06:22 PM
Once you identify a particular RFID with a particular person (even the public key can do that) as the government or a large retailer has the capacity to do for vast numbers of people, each and every time "your" device passes an RFID transceiver your whereabouts are known. Given the sheer number of activities that are already illegal and more being added every day, and the rapid advance of big brother to identify each and every small breach, it becomes practical for any "targeted" person to be shown voilating something, then be tracked and arrested.

At least for the past 100 years if you made a mistake you had to do it in front of a cop or a witness inclined to call the police. Now any of millions of machines can prove you committing a crime, even if you are not aware of it, and the perfection of proving it and arresting you is improving by the month to the point where lazy police can sit in front of computer terminals and pick and choose who to "pick off that day".

Selective enforcement perfected.

Someone should come up with a constitution and a bill of rights or something.

Rocketman

Very well said

e-coli
Mar 11, 2007, 08:44 PM
Could be for connecting iPods... sort of like what the Zune can do.

Exactly what I was thinking. Instant proximity connection.

Analog Kid
Mar 11, 2007, 10:07 PM
... if everybody harping at him wants them so bad - fine - have them. But those of us who don't want them get them too. RFID is going to be worse than CCTV. The conspiracy theory line was moronic too. Why is it that if you don't want what is prescribed for you by big business you're a crank?
I count myself among the more paranoid of the world, and I don't like anything that makes it easier for either businesses or the government to track me and my habits. Not because I have anything to hide, but because I'm a believer in the slippery slope. I'll hold of expounding on that further because it probably belongs in a different thread.

To function in the world, and reap its benefits you have to keep an eye on technology and use what makes life better while avoiding technologies that undermine our personal freedoms and privacy.

To do that, we need to be educated in how things work and where the threats are. There is nothing about RFID that inherently makes any more dangerous than Bluetooth, WiFi, cell phones or credit cards. In fact it is probably less so. RFID, because it has gotten so much attention, has come to encompass a broad range or technologies, but in the general sense, RFID emits a meaningless number when it is polled. There is nothing useful there. If it's embedded in an iPhone with WiFi and cellular, it's the least of your concerns.

I have to agree with longofest on this point-- the paranoia developing around RFID is only serving to obscure other threats to privacy and security that are much more grave.

If you're microwaving your shoes but calling your spouse while handing over your credit card, club card and drivers license at the grocery store every time you make a purchase then that looks a little misguided...

Once you identify a particular RFID (edit: or cellular GPS or GPS or IP address) with a particular person (even the public key can do that) as the government or a large retailer has the capacity to do for vast numbers of people, each and every time "your" device passes an RFID transceiver your whereabouts are known. Given the sheer number of activities that are already illegal and more being added every day, and the rapid advance of big brother to identify each and every small breach, it becomes practical for any "targeted" person to be shown voilating something, then be tracked and arrested.

At least for the past 100 years if you made a mistake you had to do it in front of a cop or a witness inclined to call the police. Now any of millions of machines can prove you committing a crime, even if you are not aware of it, and the perfection of proving it and arresting you is improving by the month to the point where lazy police can sit in front of computer terminals and pick and choose who to "pick off that day".

Selective enforcement perfected.

Someone should come up with a constitution and a bill of rights or something.

Rocketman

Again, there is nothing about GPS that can be tracked. Period. If you connect it to your cellphone and transmit your position that's a different problem, but the truth is your cellphone can be located nearly as well by triangulating the cellular signal.

I share your concern about states and businesses tracking people, but the truth is that your phone and your credit card are much more effective for this purpose than an RFID tag in your shoe with 3ft of range and a meaningless product code.

It's becoming increasingly true however that none of these methods are required for selective enforcement-- they merely have to say that they have information that you don't but their methods must be concealed for security reasons. Again, a topic for another thread.

stealthman1
Mar 11, 2007, 10:33 PM
For the ones you must carry like the credit cards you may want to use something like this, but I have not tested them so not sure how effective they are: http://www.rpi-polymath.com/ducttape/RFIDWallet.php
I'll wait for the Berluti version...:eek:

stealthman1
Mar 11, 2007, 10:35 PM
For the ones you must carry like the credit cards you may want to use something like this, but I have not tested them so not sure how effective they are: http://www.rpi-polymath.com/ducttape/RFIDWallet.php

No thanks, I'll wait for the Berluti version...;)

kcroy
Mar 11, 2007, 10:41 PM
http://www.macrumors.com/images/macrumorsthreadlogo.gif (http://www.macrumors.com)

In a patent application (http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=20070054616&OS=20070054616&RS=20070054616) revealed yesterday (http://hrmpf.com/wordpress/116/apple-suggests-rfid-to-allow-easy-wireless-network-setup-and-security) (#20070054616), Apple reveals that it is working on making configuring wireless networks, especially ones with devices with limited input/output capability, more simple.

The system describes using RFID tags in networking equipment that would communicate basic configuration settings when the devices got close to one another. The devices would then be able to establish a rudimentary network based on that information and be able to automatically finish setting up a more complex and secure wireless network.

Apple's innovative use of RFID appears to be aiming to simplify the setup of wireless devices (especially ones with limited user interfaces) while simultaneously promoting the use of secured wireless networks.

Could this be used to use a device for Leopard's iChat Screen Sharing function with Apple TV and iPhone.

I was watching some of the short QT clips on apple.com for the coming Leopard OS and watched one called: Screen Sharing with iChat...and there it is... THAT IS THE MISSING FEATURE ON THE iPhone!

... I believe we will be able to initiate a screen sharing session using iChat through both iPhone and Apple TV...giving you access to your computer while on the road and on your big screen TV.

All the phone and tv do is display the image...your computer will do the processing. It's brilliant!

To Apple's business mind think of all consumers will need... Leopard, .Mac, iPhone, apple TV, they make sales in all areas. Again, brilliant.

This is what makes the iPhone revolutionary.

I also think there is a hidden camera inside the touch screen of the phone that can see the user without flipping the phone around. It will have TWO cameras. We will have iChat on the iPhone.

Finally, when the iPhone is released the demonstration with Leopard & Apple TV integration will be mind boggling.

Starship77
Mar 12, 2007, 12:26 AM
Could this be used to use a device for Leopard's iChat Screen Sharing function with Apple TV and iPhone.

I was watching some of the short QT clips on apple.com for the coming Leopard OS and watched one called: Screen Sharing with iChat...and there it is... THAT IS THE MISSING FEATURE ON THE iPhone!

... I believe we will be able to initiate a screen sharing session using iChat through both iPhone and Apple TV...giving you access to your computer while on the road and on your big screen TV.

All the phone and tv do is display the image...your computer will do the processing. It's brilliant!

To Apple's business mind think of all consumers will need... Leopard, .Mac, iPhone, apple TV, they make sales in all areas. Again, brilliant.

This is what makes the iPhone revolutionary.

I also think there is a hidden camera inside the touch screen of the phone that can see the user without flipping the phone around. It will have TWO cameras. We will have iChat on the iPhone.

Finally, when the iPhone is released the demonstration with Leopard & Apple TV integration will be mind boggling.

I really, really hope you're right! This would be my dream come true! :D :D

cupique
Mar 12, 2007, 05:57 AM
You complain about the tracking abilities of RFID, yet you don't worry about the tracking ability of mobile phones? Mobile phones can be pinpointed and tracked over a far greater distance than RFID can. Same thing with GPS devices.

While I agree with you to an extent.One can turn off a mobile phone and/or GPS device.

And in some situations even that don't help. You have to remove batteries as well.
http://www.cellphonebeat.com/entry/fbi-hacking-cellphones-for-eavesdropping/