"There's a reason you don't wear your Social Security number across your T-shirt," Albrecht says, "and beaming out your new, national RFID number in a 30-foot radius would be far worse."

There are no federal laws against the surreptitious skimming of Americans' RFID numbers, so it won't be long before people seek to profit from this, says Bruce Schneier, an author and chief security officer at BT, the British telecommunications operator.

Data brokers that compile computer dossiers on millions of individuals from public records, credit applications and other sources "will certainly maintain databases of RFID numbers and associated people," he says. "They'd do a disservice to their stockholders if they didn't."

Or put simply, everyone knows that this is scary beyond reason and we need to do something now BEFORE it's a problem.

Here is some more information from the source article:

In its October 2005 Federal Register notice, the State Department reassured Americans that the e-passport's chip — the ISO 14443 tag — would emit radio waves only within a 4-inch radius, making it tougher to hack.

Technologists in Israel and England, however, soon found otherwise. In May 2006, at the University of Tel Aviv, researchers cobbled together $110 worth of parts from hobbyists kits and directly skimmed an encrypted tag from several feet away. At the University of Cambridge, a student showed that a transmission between an e-passport and a legitimate reader could be intercepted from 160 feet.

The article also mentions a video that shows the results of his experiment. I was able to find it HERE.

Related topic(s):

How RFID Tags Could Be Used to Track Unsuspecting People

Here is an excellent short essay on how to fix airport security and restore a bit of our dignity and rights at the airports:

Fixing Airport Security

Also be aware that the TSA is making significant strides backwards when it comes to whole body imaging. Where they used to be looking at technology that wasn't as privacy invasive, they've now started making a major push for what some are calling a digital strip search. The most important issue here is that the scanners are being planned as a replacement for metal detectors which means you'd have no choice but to bare all for the TSA.

Bring on the tinfoil underwear…

This is so wrong, I barely know what to say. I sure hope this trend doesn't start to catch on, because a lot of people would give up the information when they're pressured instead of doing the right thing and refusing.

"Please list any and all, current personal or business websites, web pages or memberships on any Internet-based chat rooms, social clubs or forums, to include, but not limited to: Facebook, Google, Yahoo, YouTube.com, MySpace, etc." the form reads. But Bozeman isn't simply interested in finding out where to look for potentially embarrassing personal details; the city wants full disclosure, since the form demands username and password information for each.

This is way worse than all those sickening social networking sites asking for your e-mail address password.

The panel this morning consists of members of the FTC, Google, and Microsoft and the subject is profiling people online.

There are so many questions I want to ask such as why Google stores data for so long (which they've avoided answering before) and why the FTC doesn't promote credit freezes (which they've avoided answering before).

In the meantime, there's talk about the different types of data collection each group does and the standard rigamarole about customizing and targeting advertisements as if that's helpful to the end user. Granted having ads that are more appropriate are more useful than less, but I see that as the same as having a neighbor down the street that you hardly know bring you a box of your favorite beef jerky. It's nice, but damned creepy when someone knows that much about you when you don't know who they are, what their intentions are, and how much else they know about you.

I stood up to lecture the panel on the fact that personalized ads aren't necessary for small sites to exist if they use the product recommendation method versus random ad policy like me, opt-out is an unfair business practice since it requires that people become very knowledgeable about ads and how to stop them which is near impossible for regular people, and opt-in is not only necessary, it's easy.

I doubt the information I shared will have any positive effect on the industry, but it was still worth a try.

That bill that everyone's been talking about a while just passed with most of the good protections still in tact (go figure). Essentially, the bill is a shinging example of regulation at its best and industry at its worst as it mandates that credit companies stop doing things that are dishonest and one-sided.

Wow. Who knew that without laws to prevent it, companies would stoop to one-sided and dishonest policies for the sake of money… hmmm.

Some of the major points:

Plain-English contracts

Can't raise interest rates on existing balances unless the card holder is 60 days behind, then the rate has to be restored if payments are on time for six months.

45 days advance notice required for rate increases.

Credit card companies can't charge a late fee if they themselves are late processing a payment.

Statements have to get mailed 21 days before the payment is due.

Harder to give credit cards to people under 21.

Rates can be increased within the first year

Promotional rates have to last at least 6 month

So one of Obama's planes flew low around the New York city area inciting mass panic, but the real question is "why?"

The cost of this stunt was in the range of almost $400,000 and all for getting a shot of the plane flying with the Statue of Liberty in the background. You know, I'd have photoshopped that for half the price… They should have asked me.

Keeping true to his word, Obama is making sure that Lobbyists who want time with administration members submit requests in writing which will be posted online. Right on.

In a direct slap across the face to the barely legal Freecreditreport.com, the FTC has released a spoof video of the pirate restaurant ad to highlight that there's only ONE place to get free credit reports and the rest are all pay services in disguise.

The original ad

The FTC version

Beware of the others,

There's always a catch,

They claim to be free,

But there are strings attached,

Brilliant!

It's so very rare that regulatory agencies actually get it right! Send this link to everyone you know and make sure they see it too.

I've been waiting a long, long time for Bush to finally exit from the Presidency. If I had to sum up how I feel right now, I would say it's something like a stab victim feels after the stabbing stops. It's a relief, but a very shallow one.

What I and the rest of us need now is to see whether "Dr. Obama" really has the qualifications and smarts to fix up the hemorrhaging. And while healing is the most important thing, like any other victim, I would also very much like to see the perpetrator brought to justice.

Let's hope that lack of limelight doesn't let Bush and his inept crimes slide into darkness forever.

If you've ever wondered what the Department of Homeland Security knows about you, try filing a Freedom of Information Act request like this guy did.

Legal experts and environmental advocates say the practice of "sanitizing," or blacking out, this information not only strips vital information from the public, it violates the agency's own law.

Thus the EPA is broken. Is there any government agency that's actually doing its job and doing it well?

This comes from a long string of stories about how bad privacy is getting in the UK. As bad as it's become in the US, apparently our friends out there have it much worse.

(H/T to Slashdot for the link)

Until the ruling, recipients of so-called "national security letters" were legally forbidden from speaking out. The letters, usually a demand for documents, or a notice that private records had been searched by government authorities, were criticized as a cover-all for FBI abuses.

It's a good start.

The bailout from this year alone costs more than 3 wars and NASA's budget for as long as it's been in existence. Can we please stop talking about deregulation now?

Ha ha! I love the title of this post from Lifehacker today.

Though to be honest, I'm holding my full gloat for when Bush is walking out of the Whitehouse for the last time.

I've been barred from voting in Maryland before and I expected this to be no different. I was not disappointed.

Today I went to my polling place bright and early and explained to them that I'm a computer professional and refuse to use machines that have a proven record of insecurity. Such poorly designed machines are no better than playing video poker where your odds of winning aren't random, but decided by rules someone wrote into a computer.

They originally decided that I could use the provisional ballot, but once the two judges talked, they took it from me and said that if I wouldn't use the machines, I couldn't vote.

Now some would say, "don't be such a chump and just use the machines! You're like my grandfather who won't use computers because he's afraid of the technology!" But there's a huge difference between protesting the use of a technology out of suspicion and ignorant fear and doing so due to analysis of careful scholarly research. A simple Google search of "accuvote ts" brings up link after link of studies done on the Diebold machines showing flaw and security issues. These aren't hypotheicals, they've been done and demonstrated.

Then someone will likely say, "you knew this was going to be a problem, so why didn't you go to your elections office or request an absentee ballot or such?"

That's all well and good assuming you know about that. Granted, I knew this would likely be an issue because of last time, but what about the first time I tried or anyone else who runs into this issue during this election? Besides, it's not our job or responsibility to become familiar with all the voting rules, regulations, procedures, addendums etc. I wanted to see if the voting system worked the way it is currently set up so I read the information they sent in the mail and I went to my polling place and followed every direction.

Some have told me that I'm throwing away my vote, but am I really? I like to think that what I'm actually doing is sacrificing my vote to raise awareness of several important issues:

Maryland should not have purchased these machines, should have discontinued their use upon discovery of their vast array of vulnerabilities, should sue Diebold for our money back + punitive damages, and at the very least should give us the option of not using them. None of these came to be and the result is such that I'm forced to use the machines or not vote at all and that's not OK.

Transit Police will only inspect areas of bags that are capable of concealing explosives. Police will not be viewing the content of papers or other reading material. But if illegal items such as drugs are found, they will be confiscated as evidence, and police will cite or arrest the individual. Those who refuse to have their bags searched will not be allowed to enter. Transit Police will not arrest people who refuse to have their bags inspected.

The key here is that you have the right to refuse which most people probably wouldn't know about or exercise. If you don't know, ask. Ask "do I have the legal right to refuse the search and what are the consequences if I do so?" I have no idea if asking such a thing could create legal problems in some circumstances, but it's what I would do. Never submit to authority asking you to do things you don't think are right without at least questioning it (in my personal, non-legal, non-professional, opinion).

(H/T to Privacy.org for the link)

Maybe there's no meaning to a political candidate who will stand in the rain to speak to people. Maybe it's just a gimmick. Maybe after he's elected, he won't do things like that anymore. But you gotta admit, that's pretty classy.

Oh, and this:

"$150,000 for clothes and they apparently didn't buy her a raincoat."

Made me laugh

(H/T to Digg.com for the link)

While making it very clear that he wants to stay out of the politics, Schneier pointed out that Obama seems to get the point that security needs to balanced with the over-all goals of our country. In other words, Obama understands that security doesn't trump everything so one more point for Obama.

How would you like to be paid $50 a month to carry a cellphone that can be remotely activated as a listening device by the company that provides them?

The scary thing is, this is just software, it's not a special phone. If you have software like this, what's to stop you from installing it in your girlfriend's phone or a business contact. Where's my "phone only" phone?