Thousands of travelers and consumers can fall victim to electronic pickpocketing and never even know it because they carry new credit cards and U.S. passports. Credit card issuers, along with the U.S. State Department, have begun installing radio frequency identification (RFID) chips in credit cards and passports because the technology holds more data than magnetic stripes and can be read quicker. But, that convenience, experts warn, can also put people at risk of having their information taken. RFID chips are commonly found in cards used to raise gates in parking garages and unlock doors at businesses. All one has to do is simply swipe the card in front of a reader. Within the last few years, that same technology has been introduced to credit cards and U.S. passports, potentially putting holders at risk. It does not matter if the cards are kept in a wallet or a purse since they can transmit through them when prompted by a RFID reader, which are for sale on eBay. Using free software, hackers using a RFID reader can easily obtain account numbers and expiration dates simply by placing the reader within a few inches of the card. [I guess the media hasn't found out about antennae, yet - rms] The only credit cards that are vulnerable are those that allow users to tap or pass a reader to pay rather than swiping. Some might also have a symbol on them that indicate they transmit. [It is, of course, the symbol that is dangerous - rms]
http://www.wfaa.com/home/Electronic-pick-pocketing-threatens-credit-cards- passports-72070657.html ====================== (quote inserted randomly by Pegasus Mailer) [email protected] [email protected] [email protected] What is written without effort is in general read without pleasure. - Samuel Johnson victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://twitter.com/NoticeBored http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
