Learning about RFID

Re: Learning about RFID

two points...

1. choosing a disabling method that looks innocuous or otherwise accidental can behoove you. for example, the crushing/squashing method is perfectly effective and can be explained away as routine wear and tear. the EMP method (which usually means microwave for casual home users) is effective, but can leave a small burn mark visible on the inner surface of the cover. that is harder to explain away if someone gives the passport extra scrutiny.

2. i've heard that some homebrew RF shielding can actually act as an antenna and increase (or at the very least fail to block) signals... true wire mesh is a great Faraday cage (hence, it's used in security wallets, etc) but aluminum cans (or even aluminum foil) isn't always as effective. any truth to that, my WiFi gods?

for good measure, here's some footage from ages ago (at our first HackCon in Norway) when Major and i were playing with another speaker's passport...

Re: Learning about RFID

lunchb0x, thanks for the link! I'm glad you posted that - I'd much rather have a pink one than the dull guyish ones I'd found on other sites.

valkyrie, good idea - I might back up everything on an external drive to leave at home then clear off most stuff from my laptop and keep a few iffy bits on my cute little innocent looking Hello Kitty mimobot :) The trip is still up in the air right now for around Christmas, and I mainly just need the laptop with me to work on my online classes. The bad thing is, even some of my class research (like the info warfare stuff) might seem incriminating in some countries.

Re: Learning about RFID

AgentDarkApple:

Keep all that stuff on a stick drive or CD. stash it in your check in, or put it in some innocuous place in your carry on. If you have the capability you can phone home your research papers and wipe them from your lappy. I do this with client data. The powers that be may think they have the right to "inspect" my tech, but they don't have the right to poke around my client's data without my clients permission.

Regards,

valkyrie
_________________________________________
sapere aude

Re: Learning about RFID

Ya know, that brings up an interesting point in relation to the Red Flag rules laid out by the FTC.

If you're carrying personal information of your clients, you're responsible for maintaining it's security through the transit. But if you're forced to turn over your laptop for further inspection to the TSA, I bet they're not held to the same responsibilities in keeping that information safe as you are.

Re: Learning about RFID

WiFi gods? <looking around> Where?

Anyway, I haven't heard that, although a poor design could in theory cause it to happen.

The best solution, IMHO, is a clean OS build and VPN link back to what ever critical data you need. Assuming, of course, that you have broadband at your final destination.

If ICE pulls you aside for further inspection at the border, they have the authority to go through ANY digital data. whether it's a laptop, MP3 player, or cute USB Hello Kitty mimobot drive. While you may minimize data being examined if it isn't in the laptop itself, they might notice whatever the device is, and demand an inspection. By the way, although we tend to hear of our own border issues I would suspect that many other countries give their border agents the same authority.

In the same vein, in a weird down-the-rabbit-hole kind of way, the US government is advocating travelers wipe their laptops and do a full OS re-install after visiting certain countries if you've used broadband there. Most notably it's PRC, but it's probably good advice after visiting a lot of places.

Re: Learning about RFID

I was actually thinking about something similar earlier...if someone's company or whatever was hacked into and info was stolen, and law enforcement becomes involved in the ordeal, what keeps the computer forensics people from snooping into anything else on the hard drives or servers? From what I understand, they generally seize it and/or try to copy EVERYTHING on it as is, in order to not compromise any evidence. We can assume with certainty that someone somewhere with that kind of job is not trustworthy. No matter what sworn statements or code of ethics they are held to when taking the job, there's always the chance that they're going to disregard it.

Re: Learning about RFID

I can answer this from personal experience, as I worked in law enforcement for twenty years, with the last five in forensics before I got out.

You are correct. Most HDs are imaged 1:1 for evidentiary purposes. That is a means to show the state of the HD in question at the time it was seized, and prevents questions of evidence tampering.

As to your question of revealing information, it doesn't really happen. First, a large majority of law enforcement officers have a VERY high standard of ethics, despite the stereotypical 'bad cops' in the movies and on TV. In that regard, many cops are closer to Boy Scouts than anything else. You might be surprised as to how lofty the ideals of some LEOS are.

Secondly, while some information may be "important" or "confidential" to the owner of the HD (or their client) it probably isn't important to the cops unless it pertains directly to the investigation at hand. Any investigation more complicated than a traffic accident generates huge amounts of information. Much of that is "important" and "confidential" to the people involved, and most of it doesn't mean a damn thing to the investigators. For example, if during the course of investigating a murder it's found out the mayor has a mistress, unless that fact pertains directly to the investigation, it might be amusing, but the investigators probably couldn't care less about it. It's the same thing about data on a HD. If it doesn't have something directly to do with the investigation, it probably is beneath the cops dealing with it for more than a few minutes to see if it is evidentiary in nature. In fact, due to the tools used in analysis, there is a chance it might not even be noticed.

Cops see where a lot of bodies are buried, literally and figuratively. (We usually dig up the real ones...) If we wanted to violated the ethics and to act on such things it would be pretty easy for a lot of investigators. But the low hanging fruit would be blackmailing the mayor about his mistress, not blackmailing the FatCat Corp. about revealing some "important" document to the press. That's a movie plot, not real life.

Re: Learning about RFID

Complete response as always, BUT, I think the main concern with people in this situation would be the custody of the evidence. While the LEO's may hold high ideals, not everyone that may have access to the data does not.

Plus, if it's evidence, that also means that attorneys have the right of discovery on the evidence, so don't they have to turn over the entire drive image to the defense? We know that all attorneys aren't exactly known to have the same ideals as the LEO's.

I could see a case where an attorney discovers something about a person, whether they be the prosecutor or defender and then use it against them or sell it outright to someone else.

On another note, I know that the local PD's down here, when they have a computer based crime or one that involves retrieving evidence from a computer it is farmed out to the State Police Crime Lab. In the one case that I was directly involved in working with, the SPCL sent the relevant data to the detective on a CD. I'd hope that since it was evidence it was sent by some secure method, but who knows?

Then you have to wonder, with all these small PD's around without decent resources, are they storing the data in such a way that it isn't accessible to the outside world, as well as any law firms that may have that data due to discovery rules.

I don't think the FTC Red Flag rules covers these instances as I believe it's more design for the Company/Customer relationship.

Re: Learning about RFID

Most attorneys have pretty high standards for ethics in these situations, believe it or not.

There are pretty clear procedures for that type of thing. If both the SPCL and the local PD didn't follow them, the defense would have a field day.

I've seen evidence custody range from excellent to poor, with most being good enough to pass review by the courts. If they didn't, the defense would tear them to pieces. Those that are poor due get caught in court sooner or later.

Yeah, having a PC caught up in a criminal investigation probably exceeds the scope and expectation of most data compliance issues.

Re: Learning about RFID

Sorry Thorn, I assumed that readers of my post would understand that without clarifying. Wrong assumption. Clean build coming and going. Always a secure link to phone home. If not a link, there are other ways to transmit the data safely without onerous intrusion.

Regards,

valkyrie
__________________________________________
sapere aude