-------- Original Message -------- Subject: Re: [Politech] Questions about FDA approval of the Verichip under-skinimplant [priv] Date: Mon, 18 Oct 2004 21:55:50 -0400 From: Danny Yavuzkurt <ayavuzk@private> To: Declan McCullagh <declan@private> References: <4173CFDB.2050509@private> Well, it's all a matter of priorities, and individual choice.. (if there is such a thing as "individual choice" when it comes to government..) - if you value being able to breeze through a checkpoint to do whatever you're supposed to be there to do, and not having to worry about remembering your ID card, more than you value having the option of sometimes being *unidentified*, and *untracked*, then these RFIDs are a convenience. If you're afraid that you'll be force-implanted against your will (or "forced" by being marginalized or starved if you "choose" not to comply, ie, everyone today has to have a supermarket "membership card" to get large discounts on food, without which they might not be able to afford food), and you'd rather have choice and freedom than convenience, then of course you'll find it Orwellian and disturbing. So, like a lot of technologies, it opposes freedom to choose not to use the technology with the convenience and security of using it. Then, of course, there are the arguments about trusting technology to solve a traditional problem like identification.. once these chips are ubiquitous, counterfeit chips (or simply removing the chip from a victim) would make false identification easier. (Of course, with multiple safeguards like biometrics, it would be less of a problem. But with biometrics, why would you need an implant to begin with?) And it's probable that eventually, this will be a moot point; everyone will be using these chips to identify themselves, since it'll be cheaper and easier than having to carry around (and possibly forget) a traditional ID card - or a whole wallet full of ID, credit, membership, and other cards. People, I believe, will be more than willing to be trackable, live in a universal-ID-required society, and be scanned constantly, if it makes their everyday life easier and more affordable - that is, compared to not using it. Overall, things may get worse, but if there's a temporary advantage to using the new technology, even if there are long-term negative effects, people will jump on the short-term benefits. Just human nature. -Danny -------- Original Message -------- Subject: Re: [Politech] Questions about FDA approval of the Verichip under-skin implant [priv] Date: Mon, 18 Oct 2004 22:52:11 -0400 From: J.D. Abolins <jda-ir@private> To: Declan McCullagh <declan@private> References: <4173CFDB.2050509@private> Scott Courtney had mentioned a recent New York Times article <http://www.nytimes.com/2004/10/14/technology/14implant.html> about the FDA approval of the Verichip for medical uses. Scott quoted, among other things, this news item from the article: > "This summer, Rafael Macedo de la Concha, Mexico's attorney > general, announced that he and scores of his subordinates > had received implanted chips that control access to a secure > room and documents considered vital in Mexico's struggle > with drug cartels." To add to Scott great comments, the above application of RFID implants speaks of an "answer" in search of "questions". What makes the implant particularly better than biometrics, perhaps combine with another authentication method? If the Mexican AG's office is depending primarily upon the implants for access control, it has a distinct weaknesses. The Verichip, to the best of my understanding, does not test for liveness. Pardon the morbid scenario but an excised implant, a "transplanted" chip, or a severed limb with the chip would read the same as the implant in the intact person. (Dr. Dorothy Denning wrote a good essay about liveness, not secrecy, being crucial for biometrics. See "I Love Biometrics" at http://infosecuritymag.techtarget.com/articles/january01/columns_logoff.shtml ) It is quite a bother compared to some other modes of authentication, especially combination approaches. I believe Thomac C. Greene, of The Register, described the situation quite well in a recent aritcle <http://www.theregister.co.uk/2004/10/14/human_rfid_implants/>: <<< So, what is the problem that this technology solves? We don't think there is one, unless doctors' offices are being flooded with people who can't recall their own medical histories. Yes, some people do suffer from dementia, but these are most often found already in nursing facilities and hospitals, or at least supervised by a nurse or family member. >>> Mr. Green continues to point out the potential for problems if the database(s) that store the information connected with the unique identifier on the RFID implant aren't available. Compare that with, say, a dog tag or a medical alert type of a bracelet. (Sometimes people confuse RFIDs with smart card technology and assume that the RFIDs will, themselves store, all the mediacal wor what-have-you data. RFID, put simplistically, are ID tokens that communicate via radio waves.) Summed up, RFID implants might be "hot news" now but asking the appropriate security questions point to a variety of alternative answers with theri own strengths. J.D. Abolins _______________________________________________ Politech mailing list Archived at http://www.politechbot.com/ Moderated by Declan McCullagh (http://www.mccullagh.org/)
This archive was generated by hypermail 2.1.3 : Mon Oct 18 2004 - 20:37:03 PDT