[PiN-diskusjon] "Researchers See Privacy Pitfalls in No-Swipe Credit Cards"

[Petter Reinholdtsen]

Fant denne på slashdot,
<URL:http://www.nytimes.com/2006/10/23/business/23card.html?ex=1319256000&en=5ecec83b0ac06bd8&ei=5088&partner=rssnyt&emc=rss>.

Her er starten:

  AMHERST, Mass.  They call it the Johnny Carson attack, for his comic
  pose as a psychic divining the contents of an envelope.  Related
  Vulnerabilities in First-Generation RFID-enabled Credit Cards (pdf)
  RFID Payment Card Vulnerabilities Technical Report (pdf)


  Tom Heydt-Benjamin tapped an envelope against a black plastic box
  connected to his computer. Within moments, the screen showed a
  garbled string of characters that included this: fu/kevine, along
  with some numbers.

  Mr. Heydt-Benjamin then ripped open the envelope. Inside was a
  credit card, fresh from the issuing bank. The card bore the name of
  Kevin E. Fu, a computer science professor at the University of
  Massachusetts, Amherst, who was standing nearby. The card number and
  expiration date matched those numbers on the screen.

  The demonstration revealed potential security and privacy holes in a
  new generation of credit cards cards whose data is relayed by radio
  waves without need of a signature or physical swiping through a
  machine. Tens of millions of the cards have been issued, and
  equipment for their use is showing up at a growing number of
  locations, including CVS pharmacies, McDonalds restaurants and many
  movie theaters.

Den fortsetter med å referere til en av visepresidentene i visa som
hevder at dette ikke er et reelt problem.

Vennlig hilsen,
-- 
Petter Reinholdtsen