On Sep 14, 2009, at 12:29 PM, Scott Brim wrote:
Excerpts from Eric Rescorla on Sun, Sep 13, 2009 11:09:31PM -0700:
At Sun, 13 Sep 2009 21:19:53 -0700 (PDT),
Ole Jacobsen wrote:
Eric,
The local hosts are reading the messages on this list and will take
appropriate steps including:
* Not displaying the ID number <--> attendee mapping anywhere
* Not assigning numbers sequencially
That seems like a good start. As Richard and I have both indicated,
however, this system seems to have substantial residual privacy
risk, even if the identifiers are assigned completely unpredictably
(and note that non-sequential and unpredictable are not at all the
same thing).
So don't carry it. Or carry it in your faraday cage passport holder.
Maybe we could do a test of this as part of the meeting. I often tell
people that a metal lunch box or
aluminum foil should be sufficient, but it might be good to see how
good they (plus the holders you can buy)
really are.
Also, since the RFID readers can be bought easily (they're probably at
Fry's), I would hope to hear of some good hack uses of this technology.
Regards
Marshall
I think it's fair to say that the people running this experiment
haven't done anything like full disclosure of the relevant
risks--and it's not even clear that they understand them themselves.
Please help them
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf
_______________________________________________
Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf