bit-tech.net

Mythbusters RFID episode banned

Mythbusters RFID episode banned

Were Adam and Jamie's plans for an RFID-busting episode banjaxed by the credit card companies?

Fresh from their success at Nvision, Adam Savage and Jamie Hyneman – better known as the Mythbusters – have found themselves in the middle of a global conspiracy conducted by major credit-card corporations. At least, if Adam's comments at a recent conference are true.

According to CNet, Savage was asked by an audience member at an un-named conference why the team – which host a show aimed at testing common myths in an often explosive manner – had never tested the well-publicised vulnerabilities of RFID chips, including the well-known (and well-cracked) MiFare Classic.

In a video of the conference, Savage details a call which took place between Tory Belleci – a member of the show's B-team – and Texas Instruments as part of the research carried out ahead of a planned RFID-busting episode. Sadly, Belleci got more than he bargained for: as well as Texas Instruments, the call featured the chief legal councils for American Express, Visa, Discover, and “everyone else” which left the team feeling “way, way out-gunned.”

In a fit of foot-stomping reminiscent of the recent court-ordered ban on a talk regarding the vulnerabilities in the MiFare Classic-based CharlieCard transport payment system, the Discovery Channel – which owns the show – were told in no uncertain terms that “they were not going to air this episode talking about how hackable this stuff was, and Discovery backed way down, being a large corporation that depends on the revenue of the advertisers.” Savage continues with the explanation that the idea of an RFID-busting show is now “on Discovery's radar and they won't let us go near it.

Bad news for a show which has, in the past, demonstrated shortcomings in PIR-based security systems, tumbler-based safes, and top-end biometric locking systems: especially when one considers that hiding the truth about RFID's security issues isn't going particularly well. As has been demonstrated so very many times in the past, security through obscurity is no security at all.

Texas Instruments, on the other hand, recalls the conversation very differently. In a statement, the company claims that the credit card companies were only involved “to help Mythbusters get the right information,” and that only “one contactless payment company's legal counsel member” was involved. The company further asserts that “technical questions were asked and answered” and that it was waiting “for Mythbusters to let us know when they were planning on showing the segment” when they heard “that the storyline had changed and they were pursuing a different angle which did not require our help.

Do you think Adam and Jamie should be allowed to show the TV-watching world how insecure in-the-wild RFID really is, or is it information that is better left unaired? Share your thoughts over in the forums.

19 Comments

Discuss in the forums Reply
kennethsross 3rd September 2008, 09:51 Quote
The way I see it, the guys who will exploit these vulnerabilities probably already know about it, and how to do it.

Showing this would not be a case of educating criminals, but informing potential victims
outlawaol 3rd September 2008, 10:05 Quote
Pheshh... Heck yea they should air that, if these corporations know about the vulnerabilities then clearly it isnt ready for mainstream use. Dosnt mean that counterfeiters, scammers and credit card fraud dont exist, but obviously this needs to be looked at twice. Heck, if a silly show cant air its feeble attempts at hacking and cracking it, its not worthy of use!

Stupid corporate america, being irresponsible, again....
Arkanrais 3rd September 2008, 10:16 Quote
I say, the myth busters should show some amateurs how to do a show about it and direct the whole thing, then spread it over the interblags and let the Streisand effect take hold.
NuTech 3rd September 2008, 10:19 Quote
If anyone's interested, the conference was TheLastHope.

Did anyone watch the entire thing btw? The pizza clay oven woman was crazy...
Darkedge 3rd September 2008, 10:45 Quote
I think it was probably dropped as it would be VERY BORING.
identikit 3rd September 2008, 11:28 Quote
I did a lot of research into card systems such as charliecards and oysters an absolute age ago. All the information you need is out there, a little smart engineering later and you've got what you want. I don't get why people need to be told how to do this and why the people doing the telling need to be gagged.
Bluephoenix 3rd September 2008, 13:41 Quote
hacking RFID systems is one of the easiest things in the world to do, all you need is a trip to your local electronics parts store, or if you're into miniaturization, then you might have to etch a circuit board or two.

after the appropriate device has been buitl the operation is pretty much automated.


one of the most vulnerable systems is actually exxon's speedpass system, because it doesn't contain system-unique info, but the actual credit-card info......
ZERO <ibis> 3rd September 2008, 20:22 Quote
It needs to be run so that people can see how this technology works and the security risks involved. Not running a show with information like this should be a crime. It is informing the public of already known and highly documented facts. What is the difference between this and investigative journalism?
NeMoD 3rd September 2008, 21:01 Quote
tranc3 3rd September 2008, 21:26 Quote
Eh wouldn't this follow under freedom of the press/speech? so much for that.
gpw111 3rd September 2008, 22:39 Quote
yeah its ridiculous that they can't show it. and it sounds like a bit of a cover up story on the part of the credit card companies.
Burdman27911 3rd September 2008, 22:39 Quote
Thanks for the video, that was actually a pretty interesting watch.
Neogumbercules 3rd September 2008, 23:04 Quote
Eh wouldn't this follow under freedom of the press/speech? so much for that.

No, it wouldn't. The network decides whether or not they want to air something. If legal pressure from the credit card companies forced them to back down, then that was their choice. It's not worth a legal battle just to make one TV episode. However, they could have aired the episode. No one was actually stopping them.
leexgx 3rd September 2008, 23:20 Quote
time index dead on play from 45 mins is about the RFID got banned bit

watched the all it very good shame about the banned part (guess every one knows now Not to ring the bank up now)
LordPyrinc 4th September 2008, 00:19 Quote
The companies using RFID need to Step-TFU and admit that there is a problem with the technology. While pretty much any security tech seems to be hackable these days, broadcasting/transmitting transaction information via RF is just asking for trouble. Don't get me wrong, I'm sure there are practical applications for the technology, but how lazy have we gotten? Is it so taxing to swipe a magnetic strip in a machine? Let me just wave near it instead... ah... much easier.
sunsue 4th September 2008, 06:16 Quote
[QUOTE=CardJoe;1816238]http://www.bit-tech.net/news/2008/09/03/mythbusters-rfid-episode-banned/1

Comments by Adam Savage at a conference tell the tale of a planned RFID-busting episode which was cancelled following legal leanings from credit card companies.

:duh-Gee Whiz - No **** Dick Tracy. With identy theft on the rise and credit card debt on the rise, don't you think people would be interested in this episode of Mythbusters?
defacedlawngnome 16th September 2009, 18:36 Quote
For anyone interested in further educating themselves on the vulnerabilities and future of RFID in our every day lives, I highly recommend reading Spychips by Katherine Albrecht > http://www.amazon.com/Spychips-Major-Corporations-Government-Purchase/dp/0452287669/ref=sr_1_1?ie=UTF8&s=books&qid=1253122575&sr=8-1
thehippoz 16th September 2009, 18:55 Quote
ratings
DianaK 22nd September 2009, 19:18 Quote
Too bad this episode never aired. More information on the vulnerabilities and RFID Blocking Wallets and Passport Cases to protect against these vulnerabilities at www.difrwear.com.
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums