"Such an implant doesn’t get picked up at airports and so on, the amount of metal in it is far far less than wearing a watch or wedding ring."
why not use a device embedded in a watch or wedding ring instead of injecting yourself with a piece of tech that can be obsoleted with a patch? Security personnel won't suspect such things.
Turns out it wasn't installed too shallow, I just have thin and pale skin which makes it very visible. :) The scar did disappear completely. Still use it on my door locks and with a couple of apps on my phone.
Not sure if the antenna coil on this person's NFC chip is larger or better orientated than mine, but one thing I'll say is that it isn't that easy to get a random phone to pick it up. It took me several tries to figure out where I had to put my hand, and a few weeks before I could quickly and reliably get it to scan on the first try.
If I scan it with someone else's phone, it still takes several tries. The antenna on most phones isn't very large, and the antenna on the NFC chips are miniscule, so getting the right orientation and position isn't as easy as swiping an RFID or NFC badge.
>A combination of pallid skin, hoody and laptop is the biggest giveaway. Such hackneyed images of hackers are, of course, evidently wrong, bordering on offensive
Damn straight it's offensive. I spent a lot of money on a suit, skimask and laptop.
>Going by hacker stereotypes, it’d be pretty easy to physically identify anyone committing an act of digital crime. A combination of pallid skin, hoody and laptop is the biggest giveaway.
Our pen-testing group has members who fit that exact stereotype. We've found that people don't care, even when acting suspicious. In fact, it gets more interesting. Awhile back we all picked up blue prison work jumpsuits from a local surplus store that say "Work Crew" on the back in faded lettering. When combined with a small red toolbox it seems prison jumpsuits are as good as a firefighters uniform for gaining access to places. I've become bold enough while wearing mine that I've openly picked locks on doors in busy offices. I haven't been caught yet & the assessment photos really hit home far more in the end-of-review report. It's pretty easy for a manager to dismiss a compromise by someone dressed as a fire fighter but not so much when its some dude in a prison jumpsuit.
There's little research into these sort of implants, but lots of potential, IMHO.
At one point, I though about a subdermal RFID to use with an RFID door-lock. Then I realized it can trivially be copied and spoofed, so no. I'm currently considering the utility of an NFC chip which shares a vcard (vcf) to quickly share contact details. Sound doable, trivial, and somewhat useful.
This is one case where security by obscurity works- at least for now anyway. Only a very, very small percentage of people have implanted RFID chips- I doubt anyone would anticipate that. Furthermore, if you coupled it with a non working biometric reader or something you could do some serious mystifying to people trying to break in.
I've heard that these implants also get you some piece of mind knowing that you are safe/secure. Dogs get these implants too and they look more intelligent then those who don't get to have them.
> He first had to acquire the chip, designed to be injected into cattle for agricultural uses, from Chinese company Freevision (see images below for their animal products and the sizeable syringe used by Wahle). But the chip, which has just 888 bytes of memory
Something tells me that the 888 byte memory limit is intentional.
Think of all the ways you could tempt a phone user to visit a specific URL. An email, Twitter, a QR code, graffiti etc. This is just another one of those -- and not particularly easy to execute, at that.
And if I wanted to carry a URL across borders or into a secure facility I would memorise a bitly link.
All registered dogs already need a NFC implant. Hopefully this requirement will never ever carry on to human beings - it's like 1984.
[edit: Technically the dog implants use RFID. NFC standards cover communications protocols and data exchange formats, and are based on existing radio-frequency identification (RFID) standards including ISO/IEC 14443 and FeliCa. There are several RFID frequency bands like 13.56 MHz: http://en.wikipedia.org/wiki/Radio-frequency_identification#... ]
I've wanted to do this (implant an RFID chip, not exploit Android phones) for a while now but I can't figure out how to get it done here in Australia. Anyone have any suggestions?
It's not exactly an above-board medical procedure in the US, either. What are body modification laws like in Australia? I think most of the Americans with this sort of implant had them done by professional body piercers, which is legal in most US states (though possibly not Florida, going by the article). Of course, many piercers won't want to, and in any case they aren't licensed to use anesthesia, which you may consider a drawback.
I would say your best bet is to Google for info on how it's done and on the legality of under-skin cosmetic implants in Australia, then take your findings to local body piercers and see if you can find any willing to do it.
I had a magnetic implant done by Joeltron in Sydney. If he can't do it for you he'd at least know whether there's anyone who can: http://www.joeltron.com/ (some parts of that website are pretty nsfw)
[+] [-] binarymax|11 years ago|reply
why not use a device embedded in a watch or wedding ring instead of injecting yourself with a piece of tech that can be obsoleted with a patch? Security personnel won't suspect such things.
[+] [-] joeyspn|11 years ago|reply
[+] [-] _ikke_|11 years ago|reply
> Android-powered devices are usually looking for NFC tags when the screen is unlocked, unless NFC is disabled in the device's Settings menu.
So to use this, the hacker already needs an unlocked device, in which case it's just as easy to download the payload directly.
Usually, the range for NFC to work is quite close, 4 cm or less [1], and I don't think these chips have the capability to increase the range.
[0]: http://developer.android.com/guide/topics/connectivity/nfc/n...
[1]: https://developer.android.com/guide/topics/connectivity/nfc/...
[+] [-] ge0rg|11 years ago|reply
The same effect could probably be reached with an NFC tag in a ring or hidden in your wear, without the pain.
[+] [-] flintchip|11 years ago|reply
[+] [-] sschueller|11 years ago|reply
[0] https://www.tapit.ch/en
[+] [-] DEinspanjer|11 years ago|reply
This was an xNT NFC tag: https://dangerousthings.com/shop/xnt-ntag216-2x12mm-glass-ta...
Turns out it wasn't installed too shallow, I just have thin and pale skin which makes it very visible. :) The scar did disappear completely. Still use it on my door locks and with a couple of apps on my phone.
Not sure if the antenna coil on this person's NFC chip is larger or better orientated than mine, but one thing I'll say is that it isn't that easy to get a random phone to pick it up. It took me several tries to figure out where I had to put my hand, and a few weeks before I could quickly and reliably get it to scan on the first try.
If I scan it with someone else's phone, it still takes several tries. The antenna on most phones isn't very large, and the antenna on the NFC chips are miniscule, so getting the right orientation and position isn't as easy as swiping an RFID or NFC badge.
[+] [-] athoik|11 years ago|reply
[+] [-] FLUX-YOU|11 years ago|reply
Damn straight it's offensive. I spent a lot of money on a suit, skimask and laptop.
[+] [-] patcheudor|11 years ago|reply
Our pen-testing group has members who fit that exact stereotype. We've found that people don't care, even when acting suspicious. In fact, it gets more interesting. Awhile back we all picked up blue prison work jumpsuits from a local surplus store that say "Work Crew" on the back in faded lettering. When combined with a small red toolbox it seems prison jumpsuits are as good as a firefighters uniform for gaining access to places. I've become bold enough while wearing mine that I've openly picked locks on doors in busy offices. I haven't been caught yet & the assessment photos really hit home far more in the end-of-review report. It's pretty easy for a manager to dismiss a compromise by someone dressed as a fire fighter but not so much when its some dude in a prison jumpsuit.
[+] [-] davidgerard|11 years ago|reply
Bah (waves) everyone knows that hackers wear business suits and balaclavas. https://www.google.co.uk/search?q=stock+photo+hacker&tbm=isc...
[+] [-] hobarrera|11 years ago|reply
At one point, I though about a subdermal RFID to use with an RFID door-lock. Then I realized it can trivially be copied and spoofed, so no. I'm currently considering the utility of an NFC chip which shares a vcard (vcf) to quickly share contact details. Sound doable, trivial, and somewhat useful.
[+] [-] Vexs|11 years ago|reply
[+] [-] task_queue|11 years ago|reply
[+] [-] crististm|11 years ago|reply
[+] [-] fmela|11 years ago|reply
Something tells me that the 888 byte memory limit is intentional.
[+] [-] ptaipale|11 years ago|reply
[+] [-] discardorama|11 years ago|reply
[+] [-] mpclark|11 years ago|reply
And if I wanted to carry a URL across borders or into a secure facility I would memorise a bitly link.
[+] [-] DEinspanjer|11 years ago|reply
[+] [-] castell|11 years ago|reply
[edit: Technically the dog implants use RFID. NFC standards cover communications protocols and data exchange formats, and are based on existing radio-frequency identification (RFID) standards including ISO/IEC 14443 and FeliCa. There are several RFID frequency bands like 13.56 MHz: http://en.wikipedia.org/wiki/Radio-frequency_identification#... ]
[+] [-] narrowrail|11 years ago|reply
[+] [-] cgtyoder|11 years ago|reply
[+] [-] neotek|11 years ago|reply
[+] [-] PhasmaFelis|11 years ago|reply
I would say your best bet is to Google for info on how it's done and on the legality of under-skin cosmetic implants in Australia, then take your findings to local body piercers and see if you can find any willing to do it.
[+] [-] sgentle|11 years ago|reply
[+] [-] jordigh|11 years ago|reply
[+] [-] lucb1e|11 years ago|reply
[+] [-] frozenport|11 years ago|reply
[+] [-] juliangregorian|11 years ago|reply
[+] [-] rlonstein|11 years ago|reply
I suppose the bloviating about security and Android is a twist on the story.
[+] [-] amelius|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] before|11 years ago|reply
> It has an NFC antenna that pings Android phones, asking them to open a link.