[PiN-diskusjon] "Researchers See Privacy Pitfalls in No-Swipe Credit Cards"
Petter Reinholdtsen
pere at hungry.com
Man 23. Okt 2006 15:26:58 CEST
Fant denne på slashdot,
<URL:http://www.nytimes.com/2006/10/23/business/23card.html?ex=1319256000&en=5ecec83b0ac06bd8&ei=5088&partner=rssnyt&emc=rss>.
Her er starten:
AMHERST, Mass. They call it the Johnny Carson attack, for his comic
pose as a psychic divining the contents of an envelope. Related
Vulnerabilities in First-Generation RFID-enabled Credit Cards (pdf)
RFID Payment Card Vulnerabilities Technical Report (pdf)
Tom Heydt-Benjamin tapped an envelope against a black plastic box
connected to his computer. Within moments, the screen showed a
garbled string of characters that included this: fu/kevine, along
with some numbers.
Mr. Heydt-Benjamin then ripped open the envelope. Inside was a
credit card, fresh from the issuing bank. The card bore the name of
Kevin E. Fu, a computer science professor at the University of
Massachusetts, Amherst, who was standing nearby. The card number and
expiration date matched those numbers on the screen.
The demonstration revealed potential security and privacy holes in a
new generation of credit cards cards whose data is relayed by radio
waves without need of a signature or physical swiping through a
machine. Tens of millions of the cards have been issued, and
equipment for their use is showing up at a growing number of
locations, including CVS pharmacies, McDonalds restaurants and many
movie theaters.
Den fortsetter med å referere til en av visepresidentene i visa som
hevder at dette ikke er et reelt problem.
Vennlig hilsen,
--
Petter Reinholdtsen
More information about the pin-diskusjon
mailing list