...because RFID is The Mark of the Beast. No, really.Northside Independent School District in San Antonio began issuing the RFID-chip-laden student-body cards when the semester began in the fall. The ID badge has a bar code associated with a student's Social Security number, and the RFID chip monitors pupils' movements on campus, from when they arrive until when they leave.
The suspended student, sophomore Andrea Hernandez, was notified by the Northside Independent School District in San Antonio that she won't be able to continue attending John Jay High School unless she wears the badge around her neck, which she has been refusing to do.
The Rutherford Institute said it would go to court and try to nullify the district's decision. The institute said that the district's stated purpose for the program -- to enhance their coffers -- is "fundamentally disturbing."
Like most state-financed schools, the district's budget is tied to average daily attendance. If a student is not in his seat during morning roll call, the district doesn't receive daily funding for that pupil because the school has no way of knowing for sure if the student is there. But with the RFID tracking, students not at their desk but tracked on campus are counted as being in school that day, and the district receives its daily allotment for that student.
This is what we call "burying the lead":
The Hernandez family, which is Christian, told InfoWars that the sophomore is declining to wear the badge because it signifies Satan, or the Mark of the Beast warning in Revelations 13: 16-18.
The district, in a letter last week to the family, said it would allow her to continue attending the magnate school with "the battery and chip removed." But the girl's father, Steve Hernandez, said the district told him that the offer came on the condition that he must "agree to stop criticizing the program and publicly support it," a proposition the father told WND Education that he could not stomach.
Apparently the removal of batteries also removes... the... Satan?
It's (usually) "burying the lede"
No, "Lede" is archaic ahistorical nonsense.
How do you feel about "graf"?
What did graf mean before 1920?
Archaic and ahistorical?
Yes, it is both! It's made-up history that is old made-up history!
ahistorical as in "common among journalists for decades"? Howard Owens may have proved that it didn't come into regular use until the 1970s, but since then it's quite normal; I first encountered it in 1978 and it's never gone completely out of style.
I'm not saying "lead" is wrong, since it's the more common spelling. But relying on 1950s textbooks for 21st century usage guidelines is a form of strict constructionism that leads nowhere useful.
"ledes nowhere useful."
Sorry.
Everyone I know who worked in the publishing industry learned "lead". This includes the people who have used Linotype machines to cast "lead" for "leads".
They also asked that everyone get off their laune.
(Admittedly, this n=3).
So keeping the badge in the locker all the time would work.
Alternatively, they should just inject the kids with a chip. So much easier that way, and you can track the student, and not merely the badge.
Of course, why are they using their SS number? You'd think that doing something like that would be a playground for identity thieves. A lot of universities have moved away from having their student ID = their SSN for this reason.
I once found -- on my desk at work, no idea how it got there -- a pamphlet equating Chip-and-PIN cards to the Mark of the Beast, as per Revelations. It was several pages long, and was quite an entertaining read.
I've since mislaid the pamphlet, which is a shame, and I've never been able to find an equivalent diatribe on the Internet. I don't know whether that's to be expected (computers are Satan's work) or not (there's plenty of crazies^W evangelical types happily using the Internet).
They've moved beyond mere pamphets: The Spychips Threat: Why Christians Should Resist RFID and Electronic Surveillance
Religious nonsense aside, I'm not sure they're wrong.
Woah woah woah. Christians against monitoring and control? That really is insane.
Anyone know what a "magnate school" is?
And if the purpose is to track the RFID to verify students' presence to get funding, then wearing the badge without the chip and battery wouldn't accomplish that purpose, would it?
Does it just come down to "you questioned my authority, you don't have to do what I'm claiming to want, as long as you acknowledge my authority in some other way"?
Same as a Magnet School, just misspelled. Lots of places spell it that way for some reason. See "lede". ;)
No. Did you read the whole sentence? The offer came on the condition that he must "agree to stop criticizing the program and publicly support it."
Obviously the program is on shaky legal ground, shaky moral ground, and the last thing they want is parents giving this two seconds of thought or making any kind of informed decision. All they want is to quit having bad press. They're willing to sacrifice the kid's funding. Especially because they will get slapped very hard for keeping the girl out of school for no good reason.
A term just waiting to be coined for an exclusive private school receiving pubic money through an education voucher programme, surely?
Why would they agree to remove the chip and battery when the point of the badges is to be able to scan for number of students attending?
Furthermore, since they can scan them even if they're in a backpack or pocket, why the demand that they be displayed publicly?
And if it really were the mark of the beast, wouldn't it have to be worn on their forehead or attached to their right hand?
> why the demand that they be displayed publicly?
Conformity, obviously. What American public school system did you go to?
That, and because school children lie and say shit's in their pocket or underwear when it's not. Then what do you do, as a teacher or administrator? Search them? Every child? Every day?
If my child's school tried RFID badges I would sue the shit out of them. I've already lost the fight for myself: my school uses RFID building access.
My mother works for the school district in my home town. After 9/11, all the adults had to wear badges to identify themselves as, basically, "not terrorists". Later, after some horrendous child abduction, they were also given to "registered visitors" so that any adult without one could easily be identified as a "potentially dangerous trespasser".
Now, the fear is gangs. So having a badge (because, you know, NOBODY can just like, TAKE IT TO KINKOS or something) is supposed to indicate that you are not, in fact, a member of a rival gang here to shiv a bitch during lunch period and then peel out of the parking lot and head back to Oakland or whatever. (This actually happened at my high school at some point before I was there. It was their justification for the giant fences.)
Or because schoolchildren lie and say they were at school when they were not. Maybe I'm dumb, brainwashed or have an RFID chip embedded in my brain, but I'm not sure what the big deal is, using technology to streamline school attendance records.
I work in a secure facility and I like my RFID badge. Keep the riff-raff out. I basically work in a basement so if the big one hits and the building collapses on me, might be nice for the living to know roughly where I am (or am not.)
I'll go with brainwashed. Or maybe you simply haven't had a chance to think about it.
One point is that the amount of money they could possibly be saving--all children in the building but not provably in the building by any other means (such as a teacher's note)--is smaller than the amount of money they have spent or will spend on implementing and maintaining those RFID badges. Their website even deliberately misinforms: "NISD will spend approximately $261,000 on this pilot for the two schools and expects to realize $2 million in additional revenues." The $2M is the expectation for the full program (a reasonable estimate), but they compare it to the cost of the pilot (2 schools for one year). Scaling the cost up to 112 schools and maintaining it for, say, five years makes the cost well above $2M. And this assumes the program isn't a financial boondoggle or PR nightmare.
Another point is that RFID broadcasts its information to anyone who asks, wherever the wearer might be. (Another lie from their website: "The "smart" ID cards only work within the school.") It's not just the lock in front of your "secure" building, or when you're inside the building. So all wearers now broadcast their location everywhere. See, for example, all those "Girls Around Me" and "Please Rob Me" apps.
Another reason why this is a bad idea is that the system provides reduced control of getting a new identity. In the case of your front door lock, you just get a higher security lock. You have control over that. In the case of a biometric marker (fingerprint, face print, retina scan, DNA) you are completely screwed. There is no way to get a new fingerprint, eyeball, or DNA. This RFID system is more like the latter. 112 school's worth of children will be broadcasting their location at all times and they will have little capability to change their identity or security level if they are targeted. (NISD says the ID number has "no value", but they don't understand how espionage works.)
Your "disaster" argument is also problematic. "If there's a not-yet-anticipated disaster, my badge may or may not be able to tell people where I am and absolutely no way to say whether I am alive." Come on, the chance of you being away from your badge is tens of thousands of times more likely than any such disaster. Also, far more likely is a disaster which cuts off electricity for a long time. Then what does the security of your building look like? These systems have no fallback value.
Saying RFID card entry "just works" is pointless, because keys and locks have also "kept the riff-raff out" for all of recorded history.
There's certain overhead in implementing a system initially, vs adding more users to it over time. Costs approach zero with enough users over time. I'm not going to delve into budgets and costs but my experience in software/hardware systems tells me that implementing the first 2 schools is a lot more expensive than implementing the last 2.
Most RFID, including the RFID type specifically mentioned in the articles, does not broadcast anything. This is a fundamental piece of FUD that is widely spread and believed. You need a reader to read it and most have a range of less than 10 feet.
I won't go into too much detail about how disingenuous it is to equate an app on a phone that literally broadcasts your GPS position and how it has nothing to do with RFID or how it works.
RFID generally, and specifically in this case and in almost all cases using current technology, contain an ID that correlates to a database. Without access to that correlation the data you gather is as useless as having a driver's license number but no way of matching it to a person or address. It's like having a list of credit card numbers but no name, address, zip or 3 digit code from the back of said card. When the article says that the RFID 'won't work' outside the school, I think this is what he's trying to say. People outside the school don't have access to the database, therefore they are not able to correlate any information about the badge.
I'm not even sure where you get RFID is close to DNA. It is not. It's a number, which you can change all you want. I've had three different badges at my work with three different ID numbers attached to them. My old badges are useless because the readers don't recognize those numbers any more. Or more accurately, the database doesn't correlate those two old ID numbers to a person any more.
Now knowing that RFID badges don't broadcast information, I think you misunderstand the disaster scenario. One of the articles mentioned elsewhere in this thread mentions a fire drill where they found a group of students had not evacuated. It's not that the badges themselves broadcast this info (they can't) but that the badges did not pass through a reader leading to outside the building. When I pull into my garage, I pass my badge by a reader. When I enter the actual building, I do it again. Then I have to go through one more locked door to get to my desk. This provides the database with a rough location. Or at least if I hadn't yet passed through that locked door they could surmise I'm stuck in an elevator. Electricity in the building has nothing to do with it, post-disaster. As long as the database can be read they can get a good idea of who is left in the building and who is likely to already be dead, focusing any rescue efforts.
Most of the anti-RFID stuff I read shows the basic misunderstandings mentioned above. I won't go so far as to say RFID couldn't be abused, but my point is that we're talking more about data security than anything. Access to the underlying database is key for exploitation. It's very difficult to use RFID data in any meaningful (nefarious) way if all you have access to is the number from short range.
I like driving home over the Bay Bridge and not having to stop to pay the toll (BTW, you can go through there at 50 mph, don't believe the posted speed limit), I like going online and seeing that the stuff I want to buy is in stock at a local store, I like not having to swipe or use a bar code reader at work. So, you know, lemme have my RFID.
I do not have misunderstandings about RFID.
Somewhere along the way from 2 schools to 112 schools, you advance from a cheap, simplistic database that no one cares about to a robust system with massive redundant backups, high-priority inter-school networking requirements, and ongoing IT overhead. The last two schools may be essentially free, but the 20th two or the 30th two aren't. I'll go on the record as predicting this thing costs far more than it saves in lost ADA funding.
If you say that this database is merely a growing list of IDs, locations, and timestamps, you don't understand the lifecycle of tracking databases or their insatiable hunger for more information.
Readers are cheap. Passive tags have ranges that vary with the power of the transmitter. These are active tags. They have a battery which allows them to broadcast at the maximum allowed range for their frequency. (We can assume that the implementation here will be that of ranged transmitters, since they clearly want to reach students sitting in stairwells or cafeterias and smoking in bathrooms. It's not enough that they walked in the door that morning. The student has to be accounted for at the time roll is taken.) The tags probably have a range of 50 or 100 meters. That means that a car driving by in visitor's the parking lot could conceivably read every tag in the entire school.
Here is another example of potential abuse: Someone could build a reader and drive up and down the neighborhood looking for houses with no RFID return signal. Did you get a ping from that house previously? Likely it's empty now! Remember we are talking about every house/apartment with children in a very large school district.
Yes, and it's a stupid viewpoint. Problems arise even without access to the "intended" database. Someone could plant a reader somewhere, read the same tag at the same time every day, and generally surmise a lot of information about the person's whereabouts and schedule.
Yes! Location data, even if it is initially anonymous, should still be kept secure!
No! Location data is profoundly useful and can be correlated to identities in a number of easy ways. Additionally, new databases can be built around the IDs. (This is called "anchoring.")
Even the government has acknowledged this: (http://www.dhs.gov/xlibrary/assets/foia/US-VISIT_RFIDattachE.pdf) "Moving personal data from the tag into a backend database does not address the location privacy concern. ... A network of strategically placed readers will provide information about an individual’s movement, enabling tracking of individuals. Additionally, because the tags can be read from a significant distance, mobile readers may be able to track them without being seen."
And we reach my biggest concern, in the same document:
"The number produced when the tag is read (either the true UID or the hash if UID is encrypted) can be used as an “anchor” for new databases, e.g., a database of individual purchasing habits or border crossing history. These databases may be compiled by entities that do not have any association with [the issuing entity] and used for commercial, criminal, or other purposes. While this may seem like an issue outside the scope of [the issuer's] concern, the creation of databases accessible via tag numbers would be possible only because [individuals] have no choice about [wearing a tag]."
That means, for example, Target can use the RFID of children shopping with their parents after school to enrich their databases.
I've mislaid the link, but toll keys provide a treasure trove of exploitable information.
This does not require RFID.
Fantastic. I assume you work at a private company. Enjoy your RFID. Don't attach RFID to six-year-olds. This makes them trackable all day long. (On a weekday, how many children are very far away from their backpacks?)
And especially don't attach it to every minor in a 10-mile radius.
Highly unlikely the schools are using tags with that range that cost upward of 4-5 dollars each, instead of shorter range tags that cost a quarter. They don't need that range because everyone walks through the front door of the school, and the door to a classroom. The articles cited specifically state that they don't care where in the school the students are, as long as they're there. They could be in the library, nurse's office, etc., they don't know and don't have to care because they only have to be within the walls of the school to be counted as there. They are looking to pick up students that are at school but not in the classroom, which is to say they are not tracking movement, just the minimum amount of info they need to prove they were in the building that day.
As long as we're speculating about what some RF savant who's bent on doing 'something' (never mentioned) to our kids by war driving a reader that can't reach the students, then perhaps we should talk about encryption and rolling codes, or any number of additional security measures available to RFID systems.
Just like they can now by simple observation. There are literally dozens of ways to get better, more accurate and more timely info about someone's whereabouts than scanning a tag at a distance and guessing whether or not the person is currently attached to that tag. I'm not saying that measures (mentioned above) should not be taken to provide reasonable security of the RFID ID, but the barrier to entry vs what one would get by war driving RFID tags doesn't (yet?) make it a useful avenue of 'attack'.
Most of that document outlines mitigation strategies to address these concerns. It's actually a really good document and anyone with any interest in RFID should read it. And I mean read the whole thing and understand it, not just cherry-pick an ominous sounding quote that seemingly supports your fears. I'm glad that someone is doing this research and offering actual, potential solutions to them. Perhaps the aluminum foil hat crowd could put their efforts into helping the effort of ushering in RFID 2 in a technologically and socially responsible way instead of spreading FUD in a shrill way.
Not without database access. And not much more than one can get from the photos they take of your license plate already. Glomming on to RFID as the evil, privacy-invading technology is missing the forest for the trees.
True, but stealing my identity and getting my location doesn't require RFID. Technology carries on and I think you'll see manual methods of inventory tracking falling into disuse.
That's a fascinating assumption, but remember what I said before. These tags have batteries, so they cost more than a quarter. Also, they're printed on durable cards with a unique barcode printed on the front and a photo (probably in color). The labels have to be printable on demand as students walk in and say, "I lost my tag." They cost more than $5. (The replacement cost to the student is, in fact, $10, but that could include nuisance fees as well as subsidies.)
They need batteries partly so that they can be robust. Lots of kids will be pouring through those doors all at once, and it needs to work right.
Also, the readers are expensive--probably up to $2000 each, especially including antenna(s) and installation. Your assumption calls for a reader at each doorway of a classroom, and there are hundreds of those doorways. And remember, they want their money even if the kid doesn't go near a classroom.
Finally, and most importantly, a reader at a doorway cannot tell if the kid is exiting or entering or did not go all the way through (unless it's really expensive). So in fact, it's a better assumption that the readers have to be able to sense kids anywhere they may be in the school. A doorway ping count is not enough. A little weird that they would EMF the entire school every day, but that's consistent with the nature of ADA funding: it doesn't matter if the kid was present before or after the main roll call, they have to be present at the time of the main roll call to win.
Their solutions for location privacy are pathetic: "tell everyone that this thing compromises location privacy", "issue a new ID every time the tag is replaced" in an implementation with little to no replacement events, and "physically shield the tag" which is good for passports, completely impractical for badges which must be visible and accessible at all times.
Pulling a relevant quote in a limited-space forum isn't cherry-picking. I gave you the link, pull a counter quote if there is one. Oh, wait. The document barely address the anchoring problem, because there are no solutions to the anchoring problem, except not to implement RFID, use static shielding (which the government does but NISD won't), or to revoke and reuse random IDs at random but frequent intervals (as you say, but which we all know won't be happening here).
Please. Everyone is already ignoring existing security measures that could be implemented. It's people like you who create these problems. You know that there are solutions, but don't care because it's easier to use a braindead implementation, and who would ever exploit the security hole it willfully opens?
There is no fear, uncertainty, or doubt here. I assure you RFID is actively hacked and exploited.
Perhaps that idea isn't profitable. I'm not a criminal, I don't know the best way to exploit location privacy. If I had to guess today, I'd monetize it by using tag IDs read at the checkout counter to link cash purchases. And I'd try to link them across vendors to get a truly rich behavior pattern.
I'm also fighting the government's illegal GPS tracking of location against our Fourth Amendment right to privacy. And I don't give out my SSN to anyone who doesn't report to the IRS.
True, but we don't have to use solutions that are both financial boondoggles and create new security holes. Unsecured RFID is a stupid solution here.
Ah, I see. You're not really reading what I'm saying here, are you?
jwz: it takes a really long time to scroll with this many nesting levels on my iphone 4s, with mobile safari and no extensions. each screen is rendered individually, and takes about two seconds each. sad panda?
Beats me. By the time you get to scroll, your browser has the whole document. There's no lazy-ajaxing going on here.
As long as I'm being chastised for making assumptions, let's talk about this one for a while. On what grounds are you dismissive about this? I don't know that this won't be happening here.
The document that you linked is proposing aspects of a standard for the second generation of RFID. Are you saying that this won't become part of the standard, or that people won't use it, or ...? This is probably one of the stronger suggestions in the doc, which even mentions RSA at one point (though in the context of not knowing exactly what they're doing.) I think this is a good answer to the location problem.
No it doesn't. Just the outside doors, really. It doesn't really need to know whether a tag is coming or going, that can easily be correlated by time of day. If the readers have a range of 50 - 100 meters then (depending on whether or not they penetrate walls, I have no idea) they wouldn't need as many. They only need to report that a student is on capus at all, not where they are, specifically, once they get there.
I'm not sure which side of your mouth I'm supposed to believe now. Expensive readers, too expensive for schools. But random criminals that want to follow our children home for whatever reason (pedophiles? nobody has really put a name to the threat) can afford them, and conceal them, and hide them in random places. Which doesn't make sense in the context of building a database of children's movements as they leave school. Oh, but wait, earlier in this thread you said:
So which is it? And where would one plant one? And how? How big are they? Would they plant it in a car and park it within 50 - 100 meters of the school? Then the only data the criminal has is that some students left school in that direction on that day. So he moves the reader, which basically invalidates the data he already has since he can't correlate what the ID's did at a different time on a different day, especially the ones that don't show up at his second position. He'd have to have a network of readers that are stationery to track an ID's movement. Or he just ends up following kids like a traditional pedophile. It would be cheaper and take way less work to lure them into his car with a Nintendo 3DS. This whole 'criminals tracking our children's movements' thing is starting to sound more and more absurd that when this conversation started.
Regarding anchor databases, the document does not specifically address that concept because it's merely a way of using the data after it is collected. Section 3.5 outlines mitigation strategies for clandestine data collection, which really has no relevance to what someone would do with that data once they get it.
So? So let's not try to make it better and implement solutions in future standards? Let's just dismiss the technology because people misuse it?
People speed all the time, so let's not set a speed limit. Makes perfect sense.
It's a liberal assumption on my part. Their website indicates they think security is maintained by having a backend database and random IDs.
It needs to tell if a student gets off the bus, is pinged by the doorway but walks past it down the street, skips school with his smoking buddies, and comes back at the end of school, walks past the doorway, and takes the bus home.
Eh. Cheap readers are cheap. Robust readers are expensive. After some thought, I changed my mind about what the school is probably doing. In any case, it's going to be an expensive implementation.
If you want to call certain scenarios absurd or impractical, I won't disagree. I can tell you that Target, Wal-Mart, and the federal government are prime candidates for abusing this technology. All three of them have a history of concerted efforts at amassing behavioral databases. Beyond that and I'm speculating.
I totally support that! I expect it will be about as utilized as secure bluetooth.
Merely? Did you read the article about Target? Have you read the controversies about Facebook privacy? I don't think you fully grok the government's analysis I quoted above.
Location data--and behavioral data in general--is used in ways that consistently creep people out when they realize how it is used. See the Target article above, "Girls Around Me", well known illegal government spying, Facebook, Google, Wal-Mart, and every other possessor of large amounts of behavioral data.
Location data leaked by these tags would not exist if NISD simply did their job. They're going to spend millions of tax dollars on a technology known to be exploited because they're lazy.
Here is another way to look at the issue: NISD feels like they are "losing" ADA money on students they don't reach (because they're not in class). NISD should think to themselves, "Hey, why don't we make sure students are in front of a teacher or counselor at this certain time of day? That's an express condition of our funding, right?" Instead, they've decided, "Let's try to steal that money some other way!"
NISD is going to spend millions in order to "recover" funds that they haven't earned. So instead of the ADA having those millions to give to other districts, it is going to go to some RFID manufacturer in China*. I have a problem with this.
* Nothing against China, they've propped up America for decades. But ADA's mission isn't to support the Chinese manufacturing industry.
It's unfortunate we need to hide behind separation of church and state with authoritative stupidity like this. "Because fuck you" should be all that's needed here.
The canonical girl name is now "Anson"? What the fuck do parents name their kids these days?
Whether or not Satan can be captured inside a Faraday cage reminds me of that PubMed thing about social dominance being caused by surviving heart attacks.
Amateurs. The smart kids are just putting them in the microwave for two seconds, or wrapping them in ESD bags. Christ.
Just put transparent tape across one side of the battery (I'm assuming it's a coin cell), or find a way to discharge the battery overnight, every night.
The problem with the microwave is that eventually the principal calls you and says your child will have to wear a working tag, repeat a grade, or change districts. The problem with ESD bags is that no one actually does that.
The words "told WND education" made me blink and check the source.
And yeah, no, clicking on your source tells me that THEIR source is WingNutDaily, which is another way of saying "about as credible as The Weekly World News or Timecube.com, only with less factual basis".
So, given that the story is sourced from WND and is, thus, complete bullshit from start to finish AND THEN reported by imbeciles, any idea what the real story might have been, from an actual news source?
Will the horse's mouth do? http://www.nisd.net/studentlocator/
Wired? http://www.wired.com/threatlevel/2012/09/rfid-chip-student-monitoring/
Regional news (KSAT)? http://www.ksat.com/news/NISD-student-ID-cards-cause-microchip-controversy/-/478452/16281066/-/n8kaaf/-/index.html
More regional news (KSN)? http://www.ksn.com/content/news/also/story/Students-rebel-against-tracking-chips/MwIlw0lUf0Od2qb5s0oEQw.cspx
Steven Hernandez is directly quoted in the KSAT article.