by Trifecta » Tue Jan 31, 2006 6:35 am
VERICHIP RFID IMPLANT HACKED!<br><br>FOR IMMEDIATE RELEASE<br>January 27, 2006<br><br>VERICHIP RFID IMPLANT HACKED!<br>Will Security Problems Quash IPO Plans<br>for Controversial Company?<br><br><br>The VeriChip can be hacked! This revelation along with other worrisome<br>details could put a crimp in VeriChip Corporation's planned initial<br>public offering (IPO) of its common stock, say Katherine Albrecht and<br>Liz McIntyre.<br><br>The anti-RFID activists and authors of "Spychips: How Major Corporations<br>and Government Plan to Track Your Every Move with RFID" make no bones<br>about their objection to VeriChip's plans to inject glass encapsulated<br>RFID tags into people. But now they've discovered information that could<br>call VeriChip's entire business model into question.<br><br>"If you look at the VeriChip purely from the business angle, it's a<br>ridiculously flawed product," says McIntyre. She notes that security<br>researcher Jonathan Westhues has shown how easy it is to clone a<br>VeriChip implanted in a person's arm and program a new chip with the<br>same number.<br><br>Westhues, known for his prior work cloning RFID-based proximity cards,<br>has posted his VeriChip cloning demo online at <!--EZCODE AUTOLINK START--><a href="http://cq.cx/verichip.pl.">cq.cx/verichip.pl.</a><!--EZCODE AUTOLINK END--><br><br>The VeriChip "is not good for anything," says Westhues, has absolutely<br>no security and "solves a number of different non-problems badly."<br><br>The chip's security issues may spell trouble for those who have had one<br>of the microchips embedded in their flesh. These include eighteen<br>employees in the Mexican Attorney General's office who use an implanted<br>chip to enter a sensitive records room, and a handful bar patrons in<br>Europe who use the injected chips to pay for drinks. "What are these<br>people going to do now that their chips can be cloned?" says McIntyre.<br>"Wear tinfoil shirts or keep everyone at arm's length?"<br><br>Albrecht quips, "A man with a chip in his arm may soon find himself<br>wondering whether that cute gal on the next bar stool likes his smile or<br>wants to clone his VeriChip. It gives new meaning to the burning<br>question, 'Does she want my number?'"<br><br>But the VeriChip's problems don't stop there, says McInytre, who is also<br>a former bank examiner and financial writer. She has carefully analyzed<br>the company's SEC registration statement and associated chipping<br>information and discovered serious flaws. It turns out the company's own<br>literature indicates that chipped patients cannot undergo an MRI if<br>they're unconscious. What's more, the company admits that critical<br>medical information linked to the chip could be unavailable in a real<br>emergency. "These issues call VeriChip's promotional campaigns and<br>business plan into question," McIntyre says.<br><br>The instructions provided to medical personnel warn that chipped<br>patients should not undergo an MRI unless they are fully alert and able<br>to communicate any "unusual sensations or problems," like movement or<br>heating of the implant. This conflicts with company's efforts to promote<br>people who cannot speak for themselves, such as Alzheimer's patients,<br>those with dementia, the mentally disabled, and people concerned about<br>entering an emergency room unconscious.<br><br>"The irony is that implantees will have to wear a Medic Alert bracelet<br>or bear some obvious marking so they aren't mistakenly put in an MRI<br>machine," Albrecht says.<br><br>Chipped patients might also have to wear a Medic Alert bracelet as a<br>back-up in case the VeriChip database containing their critical medical<br>information is unavailable. The fine print on the back of the VeriChip<br>Patient Registration Form warns implantees that "the Company does not<br>warrant...that the website will be available at any particular time,"<br>and physicians are told the product might not function in places where<br>there are ambient radio transmissions--like ambulances. In addition,<br>patients are required to waive any claims related to the product's<br>"merchantability and fitness." The waiver paragraph as it appears on the<br>form is reprinted below:<br><br>"Patient...is fully aware of any risks, complications, risks of<br>loss, damage of any nature, and injury that may be associated<br>with this registration. Patient waives all claims and releases<br>any liability arising from this registration and acknowledges<br>that no warranties of any kind have been made or will be made<br>with respect to this registration. ALL WARRANTIES, WHETHER<br>EXPRESS OR IMPLIED, HOWEVER ARISING, WHETHER BY OPERATION OF LAW OR OTHERWISE,<br>INCLUDING BUT NOT LIMITED<br>TO ANY IMPLIED WARRANTIES OF MECHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE<br>EXCLUDED AND WAIVED. IN NO EVENT SHALL THE COMPANY BE LIABLE TO PATIENT FOR ANY<br>INCIDENTAL, SPECIAL OR CONSEQUENTIAL DAMAGES (INCLUDING LOST INCOME OR SAVINGS)<br>ARISING FROM ANY CAUSE WHATSOEVER, EVEN IF ADVISED OF THEIR POSSIBILITY,<br>REGARDLESS OF WHETHER SUCH DAMAGES ARE SOUGHT BASED ON BREACH OF CONTRACT,<br>NEGLIGENCE, OR ANY OTHER LEGAL THEORY." [Emphasis in the original.]<br><br>"For a life or death medical device, that's unbelievable," says McIntyre.<br>"I wouldn't buy toilet paper that required that kind of a disclaimer, never mind a<br>product that's supposed to serve as a lifeline in an emergency. "McIntyre contacted<br>the VeriChip Corporation for comments on these<br>issues and was initially promised a response. When the company failed to getto get<br>back to her, McIntyre followed up and was told that the employee had been instructed<br>not to answer her questions. The unanswered questions,<br>along with photos of the VeriChip and associated literature, are available at<br>www.spychips.com/verichip/unanswered-questions.html<br><<!--EZCODE AUTOLINK START--><a href="http://www.spychips.com/verichip/unanswered-questions.html>.">www.spychips.com/verichip...ons.html>.</a><!--EZCODE AUTOLINK END--><br> <p></p><i></i>
