Re: Unique number generation
From: none (_at_(none))
Date: 05/02/05
- Previous message: Carlos Moreno: "Re: couple more Q's on basic public key encryption techniques"
- In reply to: Jean-Luc Cooke: "Re: Unique number generation"
- Next in thread: paul_at_atom.sbrk.co.uk: "Re: Unique number generation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 03 May 2005 08:22:08 +1200
Jean-Luc Cooke wrote:
[snip]
> In short, his design goals arn't in lign with security. The parking
> meters in Ottawa have the same problem. They issue smart cards that
> help you save carrying change, but the meters don't talk back to home
> base to verify the smart card is valid. You can just:
> dd if=/dev/smartcard1 of=myFullSC.img
>
> And once you've spent your $25 on the SCard, you:
> dd if=myFullSC.img of=/dev/smartcard1
>
> And bob's your uncle.
>
> JLC
A little OT.
Well i'm in NZ so its not illegal to point out a security flaw.
We had almost the same thing with magnetic cards and vending machines.
Since in the hostel you practically live out of the vending machine, its
still about a bit of cash. The strip was encrypted, but some guy just
put some credit on *one* card, and copied the image to the other cards.
Took them months b4 they worked it out. Police and everything turned up.
but nothing happed.
Of course not paying for the food from the vending machine is illegal.
OTOH a heap of salt water down the coin slot on coke machines worked as
well, but getting 240 volts through you was a possibility.
Nobody...;)
- Previous message: Carlos Moreno: "Re: couple more Q's on basic public key encryption techniques"
- In reply to: Jean-Luc Cooke: "Re: Unique number generation"
- Next in thread: paul_at_atom.sbrk.co.uk: "Re: Unique number generation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
