What is Digg?Sponsored by openforum.com
A Conversation with Aaron Patzer view!
openforum.com - The CEO and founder of Mint.com didn't plan on flipping his startup for $170 million.
56 Comments
- Chompy, on 10/12/2007, -2/+13Are we really so lazy now that we can't even be bothered to swipe a frigging credit card? Does it really save you that much time by waving a RFID tag at a sensor versus swipping a credit card?
What will you do with the extra .001 seconds you saved today? - 2gunnZ, on 10/12/2007, -1/+12"But JPMorgan Chase & Co., the nation's second-largest financial services provider and its premier credit card issuer, has maintained the no-swipe method provides the same level of security as the traditional swiping method." Well of course they are going to say that. Personally there is no way Im getting one of these unless I have to.
- retral, on 10/12/2007, -2/+11Duh?
- ZeroMP, on 10/12/2007, -0/+6Don't you know how to use the three seashells?
- ScornForSega, on 10/12/2007, -0/+5I see these becoming very popular:
http://www.thinkgeek.com/gadgets/security/8cdd/ - Clark3934, on 10/12/2007, -1/+6These Senators are sooooo smart.
- 1911wolf, on 10/12/2007, -0/+5Where was Chuck when the new super hackable RFID Passport became mandatory? I'm waiting Chuck...
- Kericr, on 10/12/2007, -0/+4We've been through this song-and-dance before. That's what the Mobil speedpass is about. The security on RFID cards right now is far too easy to crack. JP morgan provides the same level of encryption with their wireless as a magnetic strip, but it doesn't provide the same level of security because the magnetic strip isn't broadcasting it's signal over unsecured air waves.
- UnclePunk, on 10/12/2007, -0/+4Chucky Chee Schumer is such a media whore. He has a press conference every Sunday, which is usually a slow news day, and guarantees himself coverage on most of the new outlets.
- kuwan, on 10/12/2007, -0/+4Schumer gives media whores a bad name.
1) Shumer know absolutely nothing about any of this. He's just piping out hot air because that's all he does - spew whatever stupid ***** his staffers have fed him for the day.
2) His solution is more regulation - IOW, more government intervention and control, more laws, more ***** meaning more taxpayer money.
The bottom line is that the moron doesn't even have a solution to propose. He just wants to create more laws and throw money at it and let some other moron come up with a solution that won't work but will cost us $5,000,000,000. - dancpsu, on 10/12/2007, -1/+5Why don't they put a momentary contact button on the card? Just have it disconnect the antenna unless pressed and you're all set. Nothing happens except when you want it to.
- otheruser, on 10/12/2007, -0/+4Of course, Sen. Schumer knows all about RFID technology.
- jawngee, on 10/12/2007, -0/+3flarn2006> I have a Toto and there is no way I'd go back to a regular toilet if you paid me.
First of all, toilet paper consumption is down to one square per squat, no kidding. Second of all, for men with hairy asses, let's just say swamp ass is a continual battle, but no longer. Just a few seconds of warm water up the keyhole and no swamp ass worries ever.
BUT, the best feature is the deodorizer that cycles the air in the toilet through a carbon filter. You can seriously take the nastiest ***** in recorded history and nobody will smell it if you have the deodorizer turned on.
I would strongly urge people to check it out, it's been great for my ass and could be for yours too! - whisk3rs, on 10/12/2007, -0/+3A couple individuals at my university did research on this, Boston Globe wrote about them and they made an appearance, I think, on "Good Morning, America". Two most important findings were (from the paper abstract):
(1) the cardholder’s name and often credit card number and expiration are leaked in plaintext to unauthenticated readers
(2) our homemade device costing around $150 effectively clones one type of skimmed cards— providing a proof-of-concept of the RF replay attack for cards
Of course, companies responded with "your research sucks, it doesn't mean anything"
Here's an "english" version of their study via NY Times: http://www.nytimes.com/2006/10/23/business/23card.html?ei=5090&en=76401b1601fc06e3&ex=1319256000&pagewanted=all
If anyone wants to read the actual paper, http://prisms.cs.umass.edu/~kevinfu/papers/RFID-CC-manuscript.pdf - crilen007, on 10/12/2007, -0/+3For some of the geeks, thats enough to get off.
- craive, on 10/12/2007, -0/+3It was on dateline or 20/20 or some news show a few months ago, they even stole some info from a guy standing in line at a 7-11.
I reiterate the "DUH!" - JonBuddy, on 10/12/2007, -0/+3It seems obvious that these cards could put you in danger of identity theft. You could probably set up one of the receptors on a city street to make charges on "no-swipe" credit card users passing by.
- chemman, on 10/12/2007, -0/+3Wait a minute, these no swipe cards are not safe and could have a high risk for identity theft??? Isn't this the exact same technology the government is requiring be embedded in all passports by next year? They are mandating RFID tags in passports and claim they are safe, yet not safe enough for credit card use.
Anyone else see a problem with this? I went out and renewed my passport now so I won't have to get an RFID'd one for the longest possible time because I know they will be cracked and quite quickly, I might add. - bouche, on 10/12/2007, -0/+3how could anyone perceive the Swipe as slow? It takes less than a second to swipe a card.
what's next? No-wipe toiletpaper? - robbclark, on 10/12/2007, -0/+3yeah Schumer is a freaking genius
- joeTaco, on 10/12/2007, -0/+3Instead of requiring that you give the thief your credit card, with RFID they just have to be within spitting distance. I'd call that wayyy more subject to compromise.
- sjbdallas, on 10/12/2007, -0/+2Credit card security in general is a joke, this is just another level.
When was the last time you had to show your ID when using your credit card? What about the new self-checkouts at all the stores now? If anyone had my credit card for a few hours before I realize it's gone then they'd be able to get a lot of stuff. - OneBallJ, on 10/12/2007, -0/+2I second that retral
I cant wait to see the head lines after the new year, identity theft number on the rise! - Doomhammer, on 10/12/2007, -0/+2I don't find the fact that they're insecure surprising/interesting, what I find surprising is the fact that tons of people are getting these cards and feeling totally safe?
- ZeroMP, on 10/12/2007, -2/+4orly?
- fracai, on 10/12/2007, -0/+2And then think about the extra hassle you have to go through when discarding the card.
I cut one up a few weeks ago. The RFID chip is approximately 2 mm square. I almost missed it before specifically searching for the thing. - madeingermany, on 10/12/2007, -1/+3If these card operate like RFID tags, as I presume, you have to get pretty close to read them (and to charge them before that).... like an inch.
And then it's not just copying what the card says - it's a bit more complicated then that - too complicated for a senator maybe? ;) - JimV, on 10/12/2007, -2/+4Give me a break. Whenever you hand your card over to some scrub at the grocery store you risk your info getting stolen. Every time you put your card number in a form online, you risk it getting stolen. RFID in your card is not going to make things much worse. I think the benefit outweighs the risk.
- mako, on 10/12/2007, -0/+2The problem is that Mag Strip cards are almost as vulnerable. People have been swiping data off other's mag strips for years. The most recent are waiters and other folks you hand your card to, taking them and swiping the mag strip across a portable unit and uploading the data to a fraud third party for a price per credit card. People are ultimately the weakest link in any security. I don't see the RFID version as being any more subject to compromise.
- flarn2006, on 10/12/2007, -0/+2What about those smart-toilets with built-in bidets? They are mostly only in Japan, but the Japanese company Toto which is famous for many of these toilets actually makes its most high-tech one available in the US as well. I called my nearest distributor and they said it cost $5000 though. :-(
- chemman, on 10/12/2007, -0/+2@whisk3rs,
I haven't tried it myself but have heard that microwaving the RFID chip will help disable it - Aumaden, on 10/12/2007, -0/+2@JimV
The difference is in all those cases you are actively presenting your information to someone. With RFID, I could walk through the mall with a concealed scanner and collect an id from anyone who walks past with a no-swipe card.
Aum - whisk3rs, on 10/12/2007, -0/+2Does anyone know of a clever way of disabling an RFID chip on a card without drilling it out or destroying the magnetic strip (which could be possible with a strong magnet)?
Edit: Damn it, wanted to reply to the thread but somehow replied to the top post again. - kagelump, on 10/12/2007, -0/+1But with rfid, you don't even have to be touching them
- inactive, on 10/12/2007, -0/+1It's like the CC companies are finding new ways to help CC theives... In Korea they use thumb scanning and PIN's which are dynamicly generated... Here we just broadcast our CC numbers.
- stevievep, on 10/12/2007, -0/+1i have one of these on my keychain and though it is cool, and i have taken these warnings under advisement, i still like it, partially because it seems 90% of these merchants have never seen it used before, but if it's any indication, it sometimes takes a little bit of effort to have it read by the scanner you intend to 'beam' the info to.
- Chompy, on 10/12/2007, -0/+1Write "SEE ID" on the back of your card. Sure, it doesn't always work.. but I get checked about 30% of the time with that on there. Better than nothing.
- Cardiakke, on 10/12/2007, -0/+1Yeah, Chuckie boy is now a security expert.
- FushBuck, on 10/12/2007, -0/+1It is RFID. They just don't want to use that term, as they know lots of people are opposed to the technology. So they call it "no-swipe card" instead.
- d00ley, on 10/12/2007, -0/+1Yeah, I was going to say that you could just construct some sort of Faraday cage wallet instead of destroying the card. I'm going to do this for sure if I ever get stuck with an RFID passport.
- d00ley, on 10/12/2007, -0/+1Though his concern is valid, I still have a serious aversion to Schumer. He's lame.
- inactive, on 10/12/2007, -0/+1Ok let's see what we have here:
1) "The cards use encrypted data, it said." [J P Morgan]
2) "The card and the reader in the terminal are safe and secure" [Thomas O'Donnell, senior vice president of Chase cards services]
3) "Schumer said thieves can equip themselves with the radio frequency readers to steal information from the credit cards"
If these don't trigger all your alarm bells and red flags, you probably deserve 15 of these RFID cards with a $10,000 limit on each as a special bonus Christmas gift. - crazyworld, on 10/12/2007, -1/+1"All you need to be is within a couple of feet of the customer," Schumer said. "You may as well put your credit card information on a big sign on your back."
umm thats a gross over-exaggeration especially since you wouldn't need to "equip yourself with the radio frequency readers." i believe is there was a sign on your back all someone would need is a pen. but i mean if you always carry around a radio frequency reader be my guest... - iamclint, on 10/12/2007, -0/+0What are you going todo brute force the encryption... i think not.
You could use a dictionary attack! haha
ok now all kidding aside
I would say these cards are on the same security level as any other.
if you feel someone touching your ass with an electronic device you might know something is up same as if someone tried to steal your wallet. - dancpsu, on 10/12/2007, -1/+1What would be cool is if the cards encoded a picture of you and displayed it to the clerk (or matched it with a camera?) when trying to buy something. You could even have the picture digitally signed with the number by the credit card company. It's not like we don't have the space anymore.
- nuteredardvark, on 10/12/2007, -1/+1i love how it takes a senator to point this common sense out
- ghartness, on 10/12/2007, -0/+0I don't get why we care. The banks are responsible for paying fraudulent charges if you notify them that a charge has been made without your knowledge, right? I guess I also don't understand why banks would employ bad technology on behalf of their own security. Sure, I guess it's a pain to have to watch your account closely and then report fraudulent activity; and, you might be out the money in the short term. But in the long run, isn't it in the banks interest to have a secure enough system to prevent fraud?
- FushBuck, on 10/12/2007, -0/+0Someone stole my sentence! Give it back right now!
- BullTaco, on 10/12/2007, -0/+0The banks recoup their fraud losses from other fees assessed to the merchant. So they attempt to maintain a level of security that makes economic sense.
The real problem is that the banks do not give a $#^$% about ID theft, because of this same economic argument.
They might be out a couple of thousand dollars collectively for one incident of ID theft but the consumer, possibly elderly, frail, caught up in some other life crises, etc., although usually not financially liable, is out much more than that in the amount of time spent and stress incurred by the incident. - AcidBurn, on 10/12/2007, -0/+0Most credit card companies will give a new card without the chip if you request one. Seems like it should be the opposite that you should have to opt in to getting a card with the chip, rather than opt out once they issue you the card with a chip
-
Show 51 - 56 of 56 discussions
