Site Security Gaffe Uncovered by Consumer Group
Radio-frequency identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The tags contain electronically-stored information. Passive tags collect energy from a nearby RFID reader's interrogating radio waves. Active tags have a local power source such as a batter and may operate hundreds of meters from the RFID reader. Unlike a barcode, the tag need not be within the line of sight of the reader, so it may be embedded in the tracked object. RFID is one method for Automatic Identification and Data Capture.
The Auto-ID Center is the organization entrusted with developing a global Internet infrastructure for radio frequency identification (RFID). Their plans are to tag all the objects manufactured on the planet with RFID chips and track them via the Internet.
Privacy advocates are alarmed about the Center's plans because RFID technology could enable businesses to collect an unprecedented amount of information about consumers' possessions and physical movements. They point out that consumers might not even know they're being surveilled since tiny RFID chips can be embedded in plastic, sewn into the seams of garments, or otherwise hidden.
"How can we trust these people to secure the sensitive information of consumers if they can not even secure their own website? It's ironic that the same people who assure us that our private data will be safe because the security on the internet is very good, and it offers a strong layer of protection "
To directly discover the security vulnerabilities of the Auto-ID Center, simply visit the website http://www.autoidcenter.org and type "confidential" in the search box of the site. The Center encourages the exploration of this site :
Our website contains research materials and other information that everyone can download for free, as well as a limited section for sponsors, which includes information and documents not accessible to the general public. visit our site frequently to stay abreast of the Center's many activities.
Here are some other examples of sensitive documents available :
https://cryptome.org/rfid-docs.htm
Cryptome Wikileaks : https://wikileaks.org/wiki/Cryptome
Cryptome Archive : https://cryptome.wikileaks.org/
How can we trust these people with our personal data ?