Mythbusters RFID Episode Banned
Gareth Halfacree
Fresh from their success at Nvision, Adam Savage and Jamie Hyneman – better known as the Mythbusters – have found themselves in the middle of a global conspiracy conducted by major credit-card corporations. At least, if Adam's comments at a recent conference are true.
Were Adam and Jamie's plans for an RFID-busting episode banjaxed by the credit card companies?
According to CNet, Savage was asked by an audience member at an un-named conference why the team – which host a show aimed at testing common myths in an often explosive manner – had never tested the well-publicised vulnerabilities of RFID chips, including the well-known (and well-cracked) MiFare Classic.
In a video of the conference, Savage details a call which took place between Tory Belleci – a member of the show's B-team – and Texas Instruments as part of the research carried out ahead of a planned RFID-busting episode. Sadly, Belleci got more than he bargained for: as well as Texas Instruments, the call featured the chief legal councils for American Express, Visa, Discover, and “everyone else” which left the team feeling “way, way out-gunned.”
In a fit of foot-stomping reminiscent of the recent court-ordered ban on a talk regarding the vulnerabilities in the MiFare Classic-based CharlieCard transport payment system, the Discovery Channel – which owns the show – were told in no uncertain terms that “they were not going to air this episode talking about how hackable this stuff was, and Discovery backed way down, being a large corporation that depends on the revenue of the advertisers.” Savage continues with the explanation that the idea of an RFID-busting show is now “on Discovery's radar and they won't let us go near it.”
Bad news for a show which has, in the past, demonstrated shortcomings in PIR-based security systems, tumbler-based safes, and top-end biometric locking systems: especially when one considers that hiding the truth about RFID's security issues isn't going particularly well. As has been demonstrated so very many times in the past, security through obscurity is no security at all.
Texas Instruments, on the other hand, recalls the conversation very differently. In a statement, the company claims that the credit card companies were only involved “to help Mythbusters get the right information,” and that only “one contactless payment company's legal counsel member” was involved. The company further asserts that “technical questions were asked and answered” and that it was waiting “for Mythbusters to let us know when they were planning on showing the segment” when they heard “that the storyline had changed and they were pursuing a different angle which did not require our help.”
Do you think Adam and Jamie should be allowed to show the TV-watching world how insecure in-the-wild RFID really is, or is it information that is better left unaired? Share your thoughts over in the forums.
www.bit-tech.net/news/2008/09/03/mythbusters-rfid-episode-banned/1