[Noisebridge-discuss] RFID tokens
Torrie Fischer
tdfischer at hackerbots.net
Wed Aug 26 19:16:15 UTC 2015
hi, noisebridge.
i've been super duper busy the last few weeks so I haven't had an opportunity
to show up to a tuesday, but jeez, the meeting notes are way too sparse:
https://noisebridge.net/wiki/Meeting_Notes_2015_08_25
There's also this line:
> Leveling up the RFID tag and potentially adding anonymity would be
importnat. Some people care about anonymity, and this doesn't offer that. Also
the RFID is hackable, somebody can listen in.
What are folks concerns about the anonymity of the RFID system? This gets
brought up from time to time, and here are the known attributes of the system:
* Only capital-M members can add new users to the system
* New tokens that are added are anonymous and have a 30 day expiration
* That expiration can be dropped by filling in some data file with a chosen
nym and e-mail address
* nym is short for pseudonym, which means you don't need to give a "legal"
name or anything, which is also why I ask people "how would you like to be
identified in the system?" instead of asking for a name.
* The only people with SSH access to earl, and thus the ability to modify
membership/philanthropist/user/fulltimeuser status are Rubin, Henner, nthmost,
Patrick, and myself.
If folks are still worried about anonymity, I'd love to talk about it afk in
the space. That has alleviated the fears of everyone who has had them before.
There's also some small concern in the notes about how hackable RFID is, and
yeah, sure. Its hackable. FWIW, if someone wanted to break into the space, the
RFID system is not the weak point.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20150826/b011b90b/attachment-0002.sig>
More information about the Noisebridge-discuss
mailing list