[email protected] (Mike Schwab) writes: > There are car thieves who get a pair of transmitters. One is held > near the car and sends the car's query signal to the other receiver. > The other receiver is near the person leaving the car. It get's the > car's query and responds. This is sent back to the car by the > transmitter pair. The car thinks the owner has returned, and unlocks > and starts. The guy near the car hops in, waits for the pal to get > in, and leaves. After shopping for 30 seconds to 2 hours, the owner > comes back to an empty parking spot (if someone else hasn't taken it).
re: http://www.garlic.com/~lynn/2013h.html#22 Check out Moto X: Motorola reveals plans for ink and even pills to replace AL this is similar to vulnerability in the mid-90s that the EU identified regarding financial transactions involving compromised PCs and hardware token authentication (PC keyloggers could be leveraged to impersonate real user for hardware token use involving fraudulent financial transactions ... using the token w/o owner's knowledge) as well as displaying one transaction on the screen, asking the user to authenticate and actually executing a totally different transaction. in the 98 time-frame the EU created the FINREAD standard as countermeasure to both vulnerabilities (use of the token w/o user's knowledge and transaction that you believe you are authenticating is really the transaction that you are authenticating). -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
