Mythbusters Blocked From Revealing RFID Myths
If you were ever hoping to see an episode of Mythbusters busting the myths behind RFID security, you might be saddened to hear it looks like that will never happen, and not due to a lack of interest either.
Adam Savage of Mythbusters, when speaking to the audience of The Last HOPE hacker conference, revealed why RFID has become a bit of a taboo topic at Discovery Channel. In response to an audience question about revisiting RFID as an episode, Adam responds, “Dude, the RFID thing. I’m sorry. It just is not going to happen. ... Here’s what happened. I’m not sure how much of this story I’m allowed to tell, but I’ll tell you what I know.” Mythbusters did cover RFID in an episode last January, but did not focus on RFID security concerns.
After some cheers from the audience, Adam says, “We were going to do RFID and on several levels, you know, how hackable, how reliable, how trackable, etc., etc., and one of our researchers called up Texas Instruments and they arranged a conference call between, I think, Tory and the head producer over there for the other team, Linda Wolkovitch, and one of the technicians at Texas Instruments. We were supposed to have a conference call to talk about the technology on like Tuesday at 10 am and Tuesday at 10 am, Linda and Tori get on the phone and they.. uh.. Texas Instruments comes on, along with the chief legal council for American Express, Visa, Discover, and everybody else.”
Adam continues, “I got chills just as I described it. They were way way out-gunned and they absolutely made it clear to Discovery they were not going to air this episode talking about how hackable this stuff was and Discovery backed way down, being a large corporation who depends upon the revenue of the advertisers. Uh, and now it’s on Discovery’s radar and they won’t let us go near it. So I’m sorry. It’s just one of those things, but man, that was.. Tory still gets a little white when he describes that phone conversation.”
On one episode of Mythbusters, biometric security is visited and attempts are made to see if fingerprint scanners, for example, could be bypassed easily. Sure enough, the Mythbusters were able to beat the fingerprint scanners, several ways. It is not surprising that such a popular show, attempting to publicize possible faults in RFID technology, would garner the attention of certain companies. With RFID chips finding their way into our credit cards, passports, and many other aspects of our lives, trusting the technology with our security and privacy is becoming an everyday scenario.
As Adam stated, some of the aspects of RFID that would be covered by Mythbusters, if they had their way, would include how hackable they are, how reliable they are, and how easy they are to track. Some security experts fear information stored on RFID chips could be read remotely by strangers, such as the personal information stored on credit cards or passports that use vulnerable RFID chips. While typically an RFID chip used in a credit card, for example, is designed to be read from only a short distance away, some believe as far as 40-feet away is possible. There are also concerns that the data encryption and other means of added security given to some RFID chips may be vulnerable.
It seems RFID-related myths regarding whether a person should be worried about the having their credit cards cloned, having their identity stolen, or just having a store know who they are and what is in their wallet when they walk in will just have to remain myths on Mythbusters.
[Update: September 3, 2008]
It appears Adam Savage of Mythbusters is retracting his statements made at The Last Hope conference, according to a statement issued to CNET News on Wednesday.
Adam Savage says in the issued statement, "There’s been a lot of talk about this RFID thing, and I have to admit that I got some of my facts wrong, as I wasn’t on that story, and as I said on the video, I wasn’t actually in on the call."
He continues, "Texas Instruments’ account of their call with Grant and our producer is factually correct. If I went into the detail of exactly why this story didn’t get filmed, it’s so bizarre and convoluted that no one would believe me, but suffice to say...the decision not to continue on with the RFID story was made by our production company, Beyond Productions, and had nothing to do with Discovery, or their ad sales department."
Adam Savage’s statement follows a previous statement issued to CNET News the day before from Texas Instruments stating things did not go exactly as Adam Savage described at The Last Hope conference. According to Texas Instruments, during the phone call technical questions were asked and answered, only a single legal council member was present on behalf of a contactless payment company and it sounds as if Mythbusters was not told they could not air the episode.
Does that mean it is okay to take off our tinfoil hats now?
- Mythbuster ,
- RFID ,
- HOPE
- Samsung: Blu-ray Has Five Years Left, OLED the Next Big Thing
- AMD, Nvidia Conspire to Price Fixing; Sued
- Dell Launching Inspiron 910 Mini Notebook Thursday
- Blu-ray Drives Hit 8X Write Speeds
- Nvidia Expanding for Intel Core i7
- Report: 88 Percent of IT Workers Would Steal Data If Fired
- Intel Adds 3 New Value CPUs
- Meet IE8: Resource Pig
- Microsoft Patents Page Up & Down Keys
- Dell Joins Netbook Fray With Inspiron Mini 9
- Sony Debuts Three All-In-One Desktop PCs With Blu-ray
- PNY and Sony To Release Movies On USB Flash Drives
- Sony VAIO Users Get Burned, Sony Recalls 440,000 units
- Gaming Consoles a Goldmine for More Than Just Games
- Six-Core Intel Xeon 7400 Shipping September 15
- Guy Makes a PC Out of Nintendo Wii
- Microsoft Doubles Storage Capacity For Netbooks
- TiVo's New HD XL DVR Could Save Your Marriage
You can take off your tinfoil hat, but keep the tinfoil in your wallet. If they don't want the myth busted, that means they know it's vulnerable...
Yea I agree this RFID technology is 100% stupid. Since when does supressing truth and facts lead anywhere good? I hope the entire world gets hacked and it is all because of RFID and their stupid weakness. The credit card companies might as well say "Well gee your credit cards are insanely hackable, and can easily be copied now without anybody even touching them... but we don't want you to know" de de deeee
Tory and Grant got owned ....... by lawyers.
Now they've ensured that everyone will be searching for a copy of that episode/a method to hack the chips.
Great work everybody, you really know what you're doing with your seven figure salaries. My god, this situation is even in the Harry Potter books.
The only way to make everyone interested in something is to ban it.
Lawlz.
Personally I think they should do it, and just wear masks and things like that *or anybody that knows enough to actually test the myths* and put it on youtube lol
No matter how much sugar coating they do while saying things, they got blackmailed from the companies using RFID, PERIOD.
You can take off your tinfoil hat, but keep the tinfoil in your wallet. If they don't want the myth busted, that means they know it's vulnerable...
Damn straight.I would of thought,you know,they would of asked them to test weaknesses and give it to the RFID user companies,but it seems they already know.Put your boots on men,there's alot of bullshit.
Who in the world has the authority to surpress an episode on RFID?
^ What can Discovery possibly do that can make them blackmailed?
My guess is Discovery just won't do any serious topics.
I'm sure some secret service will always want it possible to hack into peoples lives anyway.
Actually people can be tracked even without any hacking.
Hey, I remember when these parts came out. Engineers were commenting on how easy it is to read them and reprogram them. They are not safe by any means. Of course, it is better than a bar code. How simple it is to print one of them, so it maybe a step up in security,
so dude with RFID scanner in coat pocket bumps into lady with credit cards, licenses, social in her purse. RFID Scanner should be in range to pickup some sort of signal off these chips im guessing?
I have alot of respect for Mythbusters and their willingness to prove or disprove various myths. But when it comes to national security and finances in a matter that would cripple the exiting system to their knees they couldn't put this on the air.
We know damn well this is documented on YouTube, the newsgroups and fourms about hacks of this type. Despite the fact Mythbusters were able to prove or disprove the security issues with RFID it still puts the existing technology into jeopardy.
It's a shame really. I'm sure they did an incredible job of cracking the code of RFID technology but the way it is now they could actually bring the entire banking and security system to it's knees. I'm sure it's not something they want to be responsible for so the story got pulled, least for now.
I do live near San Francisco so would be cool to actually meet the crew of Mythbusters. Maybe someday.
Darkk
Everyone has the right to know exactly how secure/insecure the technology is they are relying their most intimate on.
Some example: The dutch group called toool specializes in physically opening door locks. They make a sport out of it and in the mean time publish whitepapers about their techniques. Now of course the lock companies don't like that at all, but in the end it forces them to build more secure locks.
Some 3 years ago on a big security convention the bluetooth sniper gun was successfully demonstrated and introduced to the public, showing how easy it was to hack those connections from a respectable distance. That was a good thing because some average Joes know now, that they should be careful.
Same goes for RFID technology. The public must be made absolutely aware of the risks involved in storing any kind of personal data on a RFID chip. I won't be walking around with one for sure anytime soon.
It is not about security, it is all about http://www.rfid-666.com/
I guess the would be crooks are really screwed now. Without the Myth Busters telling them how to hack RFID, how will they ever figure it out?
I think telling them to "stand by" is what they meant (trying to be positive, and giving the benefit of doubt), so they can come up with solutions before they tell the world about those flaws.
I would rather wait for that episode a little more and KNOW that those flaws are some-what "covered" by the companies.
If they (Texas Inst.) don't care about fixing them and just want them to shush, hell... Big fail.
Esop!
When they start implanting these things in people they don't want people knowing how to disable them.
Tin foil hat or not if people think people won't except using a RFID chip look what's going on down in Mexico with all the kidnapping there actually asking for these things to protect themselves.
>>the security issues with RFID it still puts the existing technology into jeopardy.
Gah! Existing technology puts us in jeopardy, and revealing it in the most embarrassing way possible will force the bigwigs to fix it. I think any law that insists that I keep another person's or company's secrets when they have put them out where anyone can discover them is crazy.
Many good points, but let me play devil's advocate for a moment. Do you think the Mythbusters should be allowed to create a computer network with identical software and security measures as major financial institutions and/or governmental systems then bust myths about how they can be hacked?
I agree that RFID systems have security vulnerabilities, and that the companies know of flaws and are trying to use legal obfuscation (read 'closed source solution' like many software applications) as a security measure.
However, I am still trying to weigh the reaction against historical changes like social security or ID cards/Drivers licenses. Sure, these pieces of data that are tied to a physical person could be used and abused, but more often than not they have also benefited people in many ways also. People often resist even beneficial change - but I have not yet decided if RFID is beneficial enough for the inherent risk involved.
personally speaking, let bankers and big brother use unsecure RFID to control us all. i mean, if you got the brains to hack thru their best security measures, you can exist as a ghost in the system. hell, just buy a metal wallet and your safe from plenty remote wallet reading.
hackers could very well be the freedom fighters of the future.
Reminds me of the movies Terminator and Matrix!
If it is the computers, corrupt government or greedy companies that wants to control everyday peoples life, then hackers may become the future freedom fighters indeed.
the truth is security through obscurity
The only security there can be, is when we know all the flaws and problems of the technology we use. Every single bit needs to be open source. This is the one and only way. And don't tell me you only want some obscure security firms and hackers to know of the inner workings of your passport, ID, bankcard and wallet...
I'm sure wallets in the future will have Faraday shielding built in - how hard would that be for a stainless steel mesh or maybe new high tech conductive fabrics? You don't have to scan someone's wallet to steal their credit cards though, you can just steal the card or better yet the number. How secure is that? I think credit cards should have a new number for each purchase at the very least - I was able to do this online with an old credit card so maybe future cards will have a OLED display on them or digital ink that will have a new number each time.
Yeah sure he got it totally wrong, that was no flying saucer, it was just swamp gas...got it? Swamp gas, oh and a kite some kid was flying.
Jeez they really do think the public is stupid.
Part of the Myth Busters episode was set to reveal that the face recognition software of a certain digital camera can be modified along with the addition of a VeriChip RFID implantable microchip, turning the camera into a real-time RFID scanner\recorder. A little white 'face' box appears around a subject's pocket or purse when RFID carrying contents are detected. A photo taken will contain Exif tags describing the contents found. So beware that stranger taking your picture from a dark alley, he may be stealing more than just your image.