Slashdot Mirror
Mandatory Banknote Detection Code?
metamatic writes "The European Union is planning to introduce legislation to make it mandatory for software developers to add black-box banknote detection code to their graphics software.How will this apply to open source software? Is it time to get writing to your Euro-MP?"
...will software developers be required to keep up with new note faces? If old software blocks all note faces as of 2004, will developers face penalties for not updating their software in 2008 when the currency is redesigned?
I don't like the idea of being legally required to update old software. Will this happen?
Does anyone know of a source for T-shirts with this yellow five circle pattern? Any photo with you in it would be impossible to digitally edit with the new software.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Yes - it's been in the media over here in Europe. In Germany apparently a good number of forgeries were even re-distributed through ATMs of some banks, who - for the sake of saving a couple of Euros - reloaded the ATM cartridges themselves, instead of carting of the money to the German National Bank who would check the banknotes and fill the ATM cartridges with absolutely authentic banknotes. The issue behind this is that normal merchant banks and people on the street do not know EVERY security detail of the Euro banknotes. Seven details have been published, the others are being kept secret by the national banks so that forgers will not get to hear about them.
Or use a solution that is available now:
Australia and New Zealand have adopted "plastic" notes for a while... I believe it is a big barrier for the cottage counterfeiting groups.
I think I read somewhere that a large percentage of the fake money is actually created by everyday people. This is an effort to stop that. If they think it's something more they're kidding themselves.
Well, Euro banknotes already have unique codes printed on them. E.g. I've got here one starting with X0688...
But of course, the unique codes only help partially: If you get two banknotes with the same code, you know one has to be wrong. But if you get only one banknote with a given code, how do you know if it's the original one or a copy? Also, when replicating per printer, it probably would't be too hard to give every one a different number.
But Euro banknotes have some security measures which I can't see how to replicate with a printer (like a metallic surface strip).
They don't have RFID, though (and I hope they'll not have them in the future - I wouldn't feel too well if any potential thief could just use an RFID reader to find out in advance if stealing my wallet would be worthwhile).
The Tao of math: The numbers you can count are not the real numbers.
And unlike the movies, I bet they are doing this in secret. Other things they could add to software is the printer to have small dots indicating when the money was print (based on the bios or os of the system), or maybe something to identify the system it was printed (like something unique like the mac address of the nic or something equally unique).
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
Austrailia has done a good job with thwarting forgery in more than just the media that the bills are printed on. Really good counterfeiting operations in the United States take a batch of one dollar bills and bleach them to remove all the stuff from the one, except they protect the serial number, then they reprint a higher bill's value onto it. That won't work in Austrailia, because every bill has braille and the larger the note's value, the larger the note. A one and a five arn't the same size.
Learn something new.
There are a number of problems with adding such code to printers:
* It is difficult to update. All counterfeiters have to do is find *one* image that can get past the blocking code. Futhermore, there is a *huge* set of printers out there that have no such blocking.
* Printers have limited memory and CPU capabilities. I really think that HP will not be thrilled with blowing a bunch of each on doing "currency detection" on every chunk of every page for each country that latches onto this.
* Printers have only the ability to "block". "Blocking" penalties for a detection of counterfeiting is the *easiest* variety of protection, since people just poke at their images until they print. Photoshop or other can "phone home". Some folks might think ahead enough to have a fully-disconnected computer, but as network connectivity grows...and it only takes one "phone home" with a detected serial number of a page of bills that are showing up with bogus numbers to nail someone.
* Printers were never designed to be highly secure embedded devices (for example, a number have easily-replaced firmware slots). It's a good bet that printer manufacturers don't go to a lot of trouble to hide diagnostic data. Sure, no random counterfeiter might be able to crack such a system -- but (a) there's lots of money involved to hire such a geek, and (b) there are major "geek points" involved in figuring out how to break such a system, and legitimate reasons for doing so. Remember the Xbox -- yes, it was cracked so that people could put Linux on it, but it opens things up to piracy. What if people want to improve image quality, add their own rendering engines (because it's not like they can easily build modern printers in their basement)? When someone distributes detailed instructions for how to disable such protection, it won't take a brilliant counterfeiter to beat the thing.
I really think that this is more a case of "we need to do something new with our currency". Currency was designed in a day and age when it was hard to accurately reproduce detailed images on a piece of paper. It was a very good design for that environment. I think that if we had to come up with a new system, we'd have something wildly different today.
You know what *could* make a major improvement?
Smart cards replacing "stupid magnetic strip" credit cards.
Currently, the reason that you can't use credit cards everywhere is because the credit card companies rake in money on each card, and it imposes overhead that not every retailer wants to pay (in vendor fees and per-charge costs).
Smart cards (with *associated readers*) make credit card fraud much more difficult, and thus reduce credit card company costs, and ultimately reduce prices to retailers.
This will help produce smart cards be more commonly used.
Of course, the downside is the big credit card issue -- more easy tracking of money flow, which is a bit Orwellian. Technically, it's possible to build a system that doesn't track fund flows (and still has the hard-to-counterfeit benefits), even if your credit card vendor is malicious, but there is probably little public interest in such a property. Plus, given the commercial value of people's credit card records (and pressure from law enforcement to monitor them) I don't think that it will happen.
May we never see th
Well, having been in a related situation, here's my story:
I was mugged, and the PIN to my debit card beaten out of me.
The bank pointed out that they had the PIN, therefore the bank wasn't liable. In addition, they argued, the crime wasn't reported to the police until after the money was removed. [0]
I accept that this is a different situation, in so much as it was a debit card, not a credit card. However, the legal situation is exactly the same - insofar as the argument of authorisation applies.
In the end, the bank gave me part of the money back, as a 'goodwill' gesture. Making it quite clear they didn't have to.
Note that this is a specific case of PIN being forcibly extracted - other forms of fraudulaent use will be covered as before.
Also note that if my signature had been forged, then that would have been clearly fraudulent. Because it was a number, it was considered authorised. This was despite injuries sustained in attepting not to reveal it.
As far as the law stands (UK), you give out the PIN, you are liable. Period.
[0] No shit, Sherlock. One went off with the card and PIN, whilst his (armed) mates stayed with me.