Slashdot Mirror
Mandatory Banknote Detection Code?
metamatic writes "The European Union is planning to introduce legislation to make it mandatory for software developers to add black-box banknote detection code to their graphics software.How will this apply to open source software? Is it time to get writing to your Euro-MP?"
It's interesting that now the EU wants to push problems with more
and more counterfeiting money appearing on the market to graphics
software makers...
How do they think, that this will improve the situation? Look at
what TODAY's Gimp, Photoshop, and others can do... All I would need
to do is stick with a current version and not upgrade, if I really
wanted to counterfeit money on my own. And if you would integrate
this into the printers, then I'll just print the banknote in two or
three passes (always just print another part of the banknote so
that the printer will never get to see the whole thing in one go).
Why not integrate this into the FUTURE banknotes (they already have RFIDs in there, don't they? All it would need to take would be to issue unique codes to EACH banknote so that they could verify the identity of the banknote there)
next time on CSI: man rendered invisible to the magic zoom-in photo software by wearing suit made of dollar bills
-You're wasting your time. Alfador only likes me.
Link here
got sig?
I'm not an OSS developer, but I would think they would ignore this. What's next? McDonald's pays software companies enough money to include their trademark detection? So you can't scan/recreate/modify/distribute their likiness?
I know they're probably attempting to stop (appearently) rampant counterfitting... but where will it end? I once scanned a dollar and sent it to someone on IRC as a joke (they said, someone DCC me some money). There has to be a better way. Like I said, isn't this really just admitting defeat?
FLR
Ok ill just go buy a OLD scanner, and find a older version of photoshop.
Kinda locking the door after the horse has bolted dont we think people?
oh and FP ! \o/
- http://www.milkme.co.uk
As far as in the USA, most scanners will print something over the scanned money. Generally its "Void" in stripes over the entire scan. Copiers are worse. There are several Xerox models that will literally lock up until a service tech fixes it if American money is inserted.
I see little in the need to copy a bill. We all have issues with forgeries and counterfitting ruining the value of the dollar/euro. Why not?
Sigs are nice guns
They (the counterfeiters) will just switch to another product, such as Macromedia Fireworks, GIMP, or Inkscape. This will only hurt the companies creating the products. Also, on another point, will there be GIMP EU edition, and GIMP Everyone Else Edition? How will this work?
got sig?
Just because your software is open-source doesn't make it suddenly immune to the laws of your country.
-Erwos
Plausible conjecture should not be misrepresented as proof positive.
...will software developers be required to keep up with new note faces? If old software blocks all note faces as of 2004, will developers face penalties for not updating their software in 2008 when the currency is redesigned?
I don't like the idea of being legally required to update old software. Will this happen?
Does anyone know of a source for T-shirts with this yellow five circle pattern? Any photo with you in it would be impossible to digitally edit with the new software.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Yes - it's been in the media over here in Europe. In Germany apparently a good number of forgeries were even re-distributed through ATMs of some banks, who - for the sake of saving a couple of Euros - reloaded the ATM cartridges themselves, instead of carting of the money to the German National Bank who would check the banknotes and fill the ATM cartridges with absolutely authentic banknotes. The issue behind this is that normal merchant banks and people on the street do not know EVERY security detail of the Euro banknotes. Seven details have been published, the others are being kept secret by the national banks so that forgers will not get to hear about them.
In an Open Source app, it can stop someone who don't know C from doing something, but if you know C you can simply remove the added code...
From the article:
The copies are often good enough to fool vending machines. By using a fake 20 note to purchase a 2 rail fare, the criminal can take away 18 in genuine change.
Follow this logic: While we can't make vending machines clever enough to tell the difference between real dollars and fake ones, we can make your computer smart enough to not let you do anything with money.
This'll work.....
Makes me wonder why us geeks try over here. Every time something comes along we wish to support the bastards in Brussels decide that screwing it up with more totally useless laws is a great idea.
Makes me wonder if Microsoft is slipping money into pockets over here to try and kill open source.
--- [Insert intresting Sig here]
How's that? Just because its Free doesn't mean OSS projects will be able to incorporate it. I didn't read anything about it being GPL.
The last thing we need is the government forcing OSS project to include some closed source code into every project that deals with graphics. If this goes through in the EU and not in the US then the EU is just going to having to do without OSS graphics software.
If you wanna get rich, you know that payback is a bitch
This is useless. Banknotes do, and should, have security markers on them that cannot be produced by normal software tools anyway (I am thinking of markers that have tactile feel, holograms, etc). Thus, you need advanced techniques to forge these: and anyone capable of such advanced techniques is going to be able to work around any of these standard software embedded countermeasures.
All these countermeasures are doing is addressing joe average who uses a scanner, photoshop and a printer to make poor forgeries: exactly the type of forgeries that are picked up easily.
Further: I'd like to hear more detailed assessment of forgery rates, nature of how forgeries are constructed and so on, to determine whether the cost of all of this is really justified.
How will this black-box banknote detection code work with GPL'ed software? If it's going to be added to a GPL project it can't be proprietary anymore.
The term for faking currency is "forgery" with fake currency being "counterfeit". "Piracy" has nothing to do with it.
I think I read somewhere that a large percentage of the fake money is actually created by everyday people. This is an effort to stop that. If they think it's something more they're kidding themselves.
Obviously adding any black-box code to a system with open source won't accomplish anything. I remeber hacking the OptimalJ by Compuware. It is a big application written in Java (so you can assume it to be Open Source - for instance use this), but it had some black-box module that has checked licenses and operating system. We were at the time OptimalJ licensee (so NO unlawful activity when copyright is considered) but wanted to run OptimalJ on FreeBSD (was 2xfaster than on Linux and 4xfaster than on Windows). Point was that this black-box module checked the operating system and made impossible for the program to start if it was not linux or windows. So we simply did circumvent the whole black-box module.
In my personal opinion if you want such regulations to have any effect both OpenSource and posession, use and selling of compilers/decompilers should be controlled by the state the same way as heavy arms/munitions. In particular it should be banned to own/use/sell/produce compilation tools, exept in the case you are a professional company having obtained a suitable license.
You can defy gravity... for a short time
if photoshop has to run each pic through a detection algorithim wouldn't that slow things down a bit. not that a slightly slower photoshop matters to most people, but i batch process thousands of frames for animations. maybe it wouldn't be a big slow down for one scan or import but it would for the amount that i process. and it doesn't really seem like this is going to stop anything.
And unlike the movies, I bet they are doing this in secret. Other things they could add to software is the printer to have small dots indicating when the money was print (based on the bios or os of the system), or maybe something to identify the system it was printed (like something unique like the mac address of the nic or something equally unique).
Rosco: "If brains were gunpowder, Enos couldn't blow his nose."
At least with open-source, you'll be able to disable the @!#$)@*!@#$ detection when the thing decides your new graphic work is actually money and your boss starts screaming at you...
Dear European Union,
I am an open source software developer. Could you please send me samples of all EU notes, so that I can include image protection in my software. 10-20 copies of each should be enough to complete the work needed.
http://www.kubuntu.org/
I just know some idiot will latch on to this and use it as an excuse why OSS is bad/evil/wrong.
See? We can tell Adobe to lock down their software to stop counterfeiting, and it happens. But not those OSS people. Having the source means you can change the source. It makes counterfeiting possible, promotes communism, and makes baby Jesus cry.
Unfortunately, it's not the software that's the problem - it's the law thinking it can mandate things like this that's the problem. But you watch - OSS is going to take a beating for this anyhow.
Weaselmancer
Weaselmancer
rediculous.
Just by even saying this it prooves without doubt that the EU has absolutely no idea about the issues involved. Have they even asked experts? do they have a technical panel? Even im qualified to say that this will not work and is a stupid in-the-clouds idea, why don't they atleast make a start and hire me?! ill work for next to nothing and i could sort out all their stupid issues on DRM, bank-note detection, censorship and patent laws, im not biased to any corporation im not even biased towards open-source (much). Can't they take a look at slashdot now and then? Or are they all corrupt already.
This comment does not represent the views or opinions of the user.
I don't understand how it is possible to be 100% sure that people will keep that black box into a piece of software distributed as source code. The black box is likely to be a binary-only library, but people can modify the surrounding code not to call the library.
Will it be a criminal offence to compile out the black box in graphics programs used within the EU? I bet it will, as soon as legislators realize that open source SW exists.
Will open source developers living outside the EU add the black box to their SW? I bet that not everybody will, unless the US adopt a similar law.
Rather then changing the virtual world, I think its time for the affected countries to 'upgrade' their banknote manufacturing processes.
I am going to try scanning a coin, printing it, then using it on a vending machine. Somehow MAYBE it won't work... Hmm... Maybe try on a laser printer...
Beta Sucks
Why is it we must resort to trying to push back the tide of capable graphics applications, when we really should just make money harder to counterfit? Why not have money with two different types of paper? Or with embedded RFID tags? Or with some form of cheezy hologram? Or a multi-level print system? What about bumpy, raised sections?
The fact of the matter is, there are many ways to make money more robust, and there are many excellent detection schemes on the market today. That US dollar bill marker is a good example. But like that US dollar bill marker, nobody uses them. It ads another thing to do. It's easier to just push this all onto the people making graphics applications, and assume the worst. Of course this will shut down most open source software packages and any pictures of money in commercials, but that's a small price to pay for piece of mind, right?
The ______ Agenda
1) And so it should be. I would be rather concerned about the Orwellian trojan horses that would be in such a blackbox
2) Forgers can also easily reverse-engineer the blackbox software, so what's the point.
I believe it is again one of those dumm ideas politicians have that are professional politicians without knowledge of the subject matter.
Photoshop and other graphic suites already have this in place, without the legal requirement to do so. You can bet that there won't be much resistance from them because they are already in compliance with this. Frankly, as someone who would never have to scan in money, I am quite indifferent about it, especially since I have been handed counterfeit cash twice (that I know) by a food vendor at my school. I am not saying that I want this law to pass anywhere, it's just that I think there are bigger battles to be won.
That's stupid - there's no such thing as black box code. If a computer can read it, a person can use a computer to read it. There's no such thing as black box code. That's the "soft" part of software.
In order to have "black box" information of any kind (code or no), you have to have some physical device that does not let that information out. A "black box" that can't be opened without destroying the information.
So they're going to make a law that requires "black box code", but there is no such thing. Brilliant.
1. Take open source graphics software
2. Remove banknote detection module
3. Profit!
The problem is proving (2) as long as I keep the modified software to myself. Oops - of course I meant-- as long as the counterfeiter keeps the modified software to himself. Come on, criminals break laws. A law more or less isn't going to make that much of a difference.
Visit http://ringbreak.dnd.utwente.nl/~mrjb/growingbettersoftware to download your free copy of the book
The FA mentions the fact early deduced, that these work by detecting a pattern of 5 small circles. So exactly how this is implemented isn't important or necessary to keep secret. More important from the bank's point of view is that OSS can simply be compiled from source with this code omitted (similar example is the code blocking printing of PDFs in Ghostscript, easily commented out).
*laughs*
OK. The last time this came up, it consumed about twelve straight hours of hackery. You can go ahead and play with some of the black boxed code using the demo version of Paint Shop Pro (or the latest Photoshops). Let me tell you: This has nothing to do with the circles. I was actually quite saddened by this fact, as I was planning to print up a "secure t-shirt" that would be unphotographable and unprintable by modern image manipulators. (It'd be a great excuse to talk at Black Hat wearing a T-Shirt *laughs*).
Alas, such adventures were not to be had. Experimenting with copy/paste between an unprotected app and the demo PSP, it quickly became clear that while some old copiers might indeed trigger on the inter-circle distances, counterfeiters now had a vastly more difficult system to fight. What there seems to be is some sort of size and position invariant image fingerprint function, probably wavelet based, that receives the full image after every large scale image transform, executes a fingerprint matching vs. a confidence value, and returns true or false depending on what the confidence threshold is set to. It's not perfect -- Stirmark does seem to cause the algorithm to occasionally stumble, though not consistently (see this gallery for details) -- but it's very good work nonetheless.
Certainly, it does not appear possible to manipulate the watermarking system to create new and unique images that appear, computationally, to still be money. That's a very good thing. And while it's somewhat problematic to have code refusing to obey its controller, the integrity of the financial system really is an important thing. Remember the privacy case for cash -- if paper money becomes something we all distrust, what exactly are we left with? The fault with the RFID approach is that it forces us to carry a reader to validate funds. If we cannot self-validate, we cannot trust (notably, the biggest weakness with the metal strip approach is that we cannot quickly notice that the metal strip has been removed -- the wealth is actually thus represented not by the bill but by an invisible strip of iron and plastic!).
I do not think that image manipulation software is the right place to put this code, specifically because it's too easy to write an image editor from scratch (what are you going to do, ban compilers?). Scanners and printers are however sufficiently single sourced that they're far superior places to trust that anti-counterfeiting logic will be in place. But then, that's just IMHO.
--Dan
1) cards give off a aura of being traceable. Even if they wont be. You can thank the tin foil hat crowd for that (quite a number of whom last I checked posted on slashdot.)
2) Cards have move of a risk to them in some ways.... you cant demagnitize money but you sure as hell can demagnitize a cash card, probabaly easier than destroying money in the fact that a lot of our world around us uses magnites strong enough. Since there cant be a main account assosiated to the card, that money is now lost. While yes you can lose real money too, your not going to lose the money with it still being in your pocket like you would with a card.
3) Cards could be hacked.... anyone posting on slashdot should know that whenever technology is used for good or to protect laws, some asshole is going to hack it in the spirit of "freespeech" Could you imagine the state of our economy if someone posted the code to hack into your cash card and change how much money you have on it! Unlike counterfitting where you could eventually trace the fake money, you really cant do that very easily with a card unless it did have some traceable elements to it.
Sorry but a "cash card" is a futurists pipe dream, people will always want to see the ammount of money they have without using a machine. I dont think even in 100 years we would have dropped paper money.
"Slashdot, where telling the truth is overrated but lying is insightful."
Similar to gun control measures, this only does one thing - takes a perfectly legal thing out of the hands of law-abiding people.
In this case, circumventing the technology (PARTICULARLY IF IT'S IN AN OSS PROJECT!) will prove to be fairly trivial to criminal counterfeiters. I myself can think of several ways that would take all of 5 minutes, although I won't share them here because I don't want the black helicopters landing on my front lawn.
In the meantime, some 37-year-old woman, with no criminal intent, trying to scan money to use in some car dealer's newspaper ad (DEALS DEALS! CASH BACK!) is going to go crazy. Likewise for the Art 101 student trying to make a collage out of GWB's face and the US $100. Likewise for the vending machine engineer trying to scan bills to teach the reader how to recognize them. And so on...
-JT
If "0" means "do not accept the image", I think it would be sufficient. However, you'd not find too many users of your program :-)
The Tao of math: The numbers you can count are not the real numbers.
If people become convinced that it is ***IMPOSSIBLE*** to counterfeit money, they will stop being suspicious, forget to triple check all the features and counterfeiters will have a field day...
money-wise, such as banknotes with RFID serial numbers (making anonymous transactions impossible even for cash, plus creating a huge data trail even for innocuous daily purchases, and finally giving robbers the opportunity to single out the most promising victim before aiming their gun or swinging the baseball bat), which seems to scare even the RFID industry itself, and
otherwise, especially with respect to the creation of dangerous additional intellectual property rights (undue powers for copyright holders, and software/business method patents).
This database should give everyone a good idea whom to elect, and whom to vote out of office ASAP.
The fact that so few people participate in European elections only adds to the weight of your votes.
A reasonably composed European Parliament (which can now veto most of the proposals by Commission and Council) is our best chance for (more) sensible lawmaking in the future.
Cash is old technology--hundreds of years. Why we insist on sticking with it is beyond me.
Because we know it works - more or less. We know what the risks are. They haven't changed substantially over the past 500 years. Technology that can counterfeit notes can be matched by technology that can detect forgeries.
Of course, nobody would ever think to remove that code!!!
I think that ultimately, a lot of software companies would push for this because they would want to see free software made illegal for one reason or another. The problem is that even in closed source proprietary black box software, someone who wants to counterfeit money will figure out, or hire someone to figure out, how to disable that code. And no matter how obfuscated the code is made, it is ALWAYS possible to do something like that. It's only a matter of time and money, and to the counterfeiters, the money is practically free anyway.
Technological measures designed to enforce the law will never work. While they might keep the honest people honest, those people are, by definition, honest anyway; but the dishonest will find a way around it. For example, by using old graphics software, or by modifying current software, be it free/open or proprietary.
I say just make the bills much harder to counterfeit, and do it in such a way that it's easy to detect the fake ones.
Create an army of autonomous solar powered hyper-Roombas.
Have them with scamper about with a video grabber and the black box algorithm.
Set them loose to harvest money.
Seriously, it seems to me that the black box library would just be
as easily used as a dependable proof reader for money image duplicators,
and a much more easily targeted point of failure.
Yes.
Make programming tools like compilers controlled in the sense that certain substances are controlled these days: get caught owning, using or selling them and you're going to spend the next 5-10 years in prison.
Then bring in controlled black-box computer hardware that will only run software that has been produced with a properly licensed compiler.
It will happen. Media giants, software giants and certain DoJ attorney generals would love such control too much.
The owls are not what they seem
Shsh... don't you give 'em politicians new ideas!
"Overheard from imaginary Members 1 to 4 of Some Parliament:"
Early attempts at marketing paper money, particularly the 'shinplasters' of the American Civil War, were marked by the same disdain you show for plastic now.
This was conquered over the long term by assuring the general public that they could turn in their dollar bills for real silver or gold, in the form of gold and silver certificates. By the time the Federal Reserve started issuing notes which weren't directly backed by gold or silver in 1914 or thereabouts, everyone had grown accustomed to using paper currency. Now, finding a silver certificate in your change is almost impossible, and even if you did, it won't be redeemed for a 90% silver dollar any longer. Yet people trust the paper. It's just paper!
In regards the fragility of magnetic cards - you can burn paper currency, right? Yet I don't see every person with a gas range (or smokers) losing their cash. This is analogous to the magnetic issue.
HBI's Law: Frequency of calling others Nazis is directly correlated with the likelihood of the accuser being Communist.
Legitimate uses of graphics software to manipulate currency images? What if I'm doing some research on the different types of currency or the history of currency? Do I need to get some kinda of congressional approval? Heck, what about simple history? The history of the 20 dollar bill? I have an image of a dollar bill and would like to resize it to fit my article?
This does not seem to be the right solution to me. Too many false-positives. I think somebody has already mentioned plastic bank notes.
Besides will it stop there? I mean, so my gfx software doesn't work with currency images. How do I know it isn't "phoning home" alerting some obscure agency that I just tried to open a currency image? This is quite ridiculous.
Find a job you like and you will never work a day in your life.
Color copiers usually scan the bill in a single pass and this somehow foils the CCD into not seeing the intended color and registering a paler shade of the background.
This is used in some other notes too (ours, Brazilian Real, for example), not only in the US.
Dear aunt, let's set so double the killer delete select all
This is a perfect place to weaken the conflict of national "trade secrets" with "viral" OSS licenses. Just include a rider in the banknote law removing the right of anybody to sue for copyright infringement, if the only reason to do so is the refusal to distribute the closed source required by the banknote law. This will remove the teeth from all GPL-like licenses, and thus render them unenforceable for this particular situation.
What Congress giveth, Congress can take away...
This isn't about counterfeiting, it's all about screwing the little guy.
The major sources of counterfeiting are other governments and large multinational crime organizations. They'll be able to get around this stuff.
Now that the little guy can make his own passable bills, they're all out to squash him down. Nothing new here.
Although the /. post says that the banknote detection software is "black-box", I see nothing to that effect in the Observer article. I wonder if in fact the software is closed source. If it isn't, then it isn't a problem for FLOSS, leaving aside details of license compatibility.
I've been in the photocopier business for 23 years. Seems with each new generation of full color copiers, they have to put some sort of counterfit device into them. The latest is two fold. There is a "black box" device that detects the color of green and some other attributes and will cause the machine to lock up, displaying a 1-800 number to call. Then someone from the manufacturer, along with your friendly treasurey agent drops by to find out what you were copying. I heard this from a support engineer that a teacher was copying some things for a class, and the background of her original was close enough to cause it to lock up. The 2nd line of defense is that on any full color copier, there is a row of tiny light yellow microdots printed in the border area, which has the date of manufacturer, serial number and date of the copy. This way, if something sneaks by the black box, it can be traced back to who sold it. The last thing, is that the resolution isn't good enough to pick up the microprinting around the portrait, not to mention the security thread, or the color shifting ink. But, take one of these counterfits into a busy nightclub, fast food place, or any other business where they are as busy as a three ring circus, and it's no wonder they get passed. I've been a reserve with the sheriff's office for 15 years, and you should see some of the pathetic attempts at forgery. The funniest ones are where they cut the corners off of 20's and paste them onto the corners of a one dollar bill!
I remember sometime in the early 90's watching a documentary on PBS or KQED or such, where the topic was money and dealing with counterfeiters.
I remember them pointing out that in Europe (which part, I cannot remember...) at the end of the business day, most or all major stores, shops, and other businesses are required to remit ALL their cash to a local bank or some sort of repository.
All the cash is loaded into special machines which electronically are synched and begin scanning for counterfeits. If two bills are duplicate in ID number, the source (pick up location) is correlated. In certain shops, where video surveillance devices are used, an actual passer of the bill might be gleaned, or even identified.
We have no such thing in the US, as I suppose. However, I wonder about the metal strip in the bills. I really want to know if anyone has tested it for signature properties, such as low-level self-identification. Maybe this is being measured in teh fast food restaurants, such as a Burger King I ate at in The Great Mall in Milpitas, CA, and at other places, such as a Jack in the Box near the Pruneyard in Campbell, CA.
The problem with countefeiters, to me, is not so much that they undermine "trust" (since maybe some 60% of US currency is shipped overseas to lube, stabilize or otherwise influence foreign markets and make pliant some foreign leaders), but that they further justify the excuses the government/s posit for dispensing with (getting rid of) paper (anonymous) cash all together.
We already see the gradual or complete disappearance of federal assistance vouchers, such as food stamps and help to WIC (Women, Infants and Children) recipients, and thanks to counterfeits, we may soon find our electronic purchases being video or biometrically recorded, even if we don't know about it. How? Pass a bill or hand over your credit (govt) card and it goes into a reader, capapble of identifying real-time or at least recording for later correlation, your DNA markers or material. I guess purchasing with Latex gloves on hand or using Purel prior to handing over the card might violate some future federal act.
What I'd also like to know is if anyone has done any test to find out if the metal strip in paper bills is designed to act as a "homing beacon" when pooled with other bills that are stolen from banks. Meaning, instead of using exploding dye packs, is it the case that palletized or box-sized bills in shrinkwrap act as a self-amplifying antenna? In certain metro areas, where antennae on the side of buildings can act as interrogators when triggered by a teller, the police could home in on the robbers from a safe distance and pounce them--if they can catch them before the interrogator loses the cells or bills.
Of course, it could be that RFID tags could be inserted between bills, but if the robbers fan the bills for just the pile they're stealing (if they think they have the time, or if they carry in their own portable metal detectors or demagnetizer wands), they could possibly elude being tracked.
Any ideas I've covered in this piece of writing which may be patentable and which currently are NOT in patent process are hereby cast into the public domain, CopyLeft, Creative Commons, and/or other mechanisms of public (non-government regulated) handling, so as to prevent some private firm from doing so and cornering the market for an obvious idea.
David Syes
Previously: "Linux... Toward the Sunrise..." Now: "Linux... Toward the-- No, now, part of Every Sunrise"
Can't Copy Me Tshirt
There are a number of problems with adding such code to printers:
* It is difficult to update. All counterfeiters have to do is find *one* image that can get past the blocking code. Futhermore, there is a *huge* set of printers out there that have no such blocking.
* Printers have limited memory and CPU capabilities. I really think that HP will not be thrilled with blowing a bunch of each on doing "currency detection" on every chunk of every page for each country that latches onto this.
* Printers have only the ability to "block". "Blocking" penalties for a detection of counterfeiting is the *easiest* variety of protection, since people just poke at their images until they print. Photoshop or other can "phone home". Some folks might think ahead enough to have a fully-disconnected computer, but as network connectivity grows...and it only takes one "phone home" with a detected serial number of a page of bills that are showing up with bogus numbers to nail someone.
* Printers were never designed to be highly secure embedded devices (for example, a number have easily-replaced firmware slots). It's a good bet that printer manufacturers don't go to a lot of trouble to hide diagnostic data. Sure, no random counterfeiter might be able to crack such a system -- but (a) there's lots of money involved to hire such a geek, and (b) there are major "geek points" involved in figuring out how to break such a system, and legitimate reasons for doing so. Remember the Xbox -- yes, it was cracked so that people could put Linux on it, but it opens things up to piracy. What if people want to improve image quality, add their own rendering engines (because it's not like they can easily build modern printers in their basement)? When someone distributes detailed instructions for how to disable such protection, it won't take a brilliant counterfeiter to beat the thing.
I really think that this is more a case of "we need to do something new with our currency". Currency was designed in a day and age when it was hard to accurately reproduce detailed images on a piece of paper. It was a very good design for that environment. I think that if we had to come up with a new system, we'd have something wildly different today.
You know what *could* make a major improvement?
Smart cards replacing "stupid magnetic strip" credit cards.
Currently, the reason that you can't use credit cards everywhere is because the credit card companies rake in money on each card, and it imposes overhead that not every retailer wants to pay (in vendor fees and per-charge costs).
Smart cards (with *associated readers*) make credit card fraud much more difficult, and thus reduce credit card company costs, and ultimately reduce prices to retailers.
This will help produce smart cards be more commonly used.
Of course, the downside is the big credit card issue -- more easy tracking of money flow, which is a bit Orwellian. Technically, it's possible to build a system that doesn't track fund flows (and still has the hard-to-counterfeit benefits), even if your credit card vendor is malicious, but there is probably little public interest in such a property. Plus, given the commercial value of people's credit card records (and pressure from law enforcement to monitor them) I don't think that it will happen.
May we never see th
In fact, as far as I'm concerned, Chip and PIN is a potential nightmare.
Instead of mugging victims finding themselves relieved of their wallets and purses I can forsee muggers demanding PINs too, so that they can use the cards that they've stolen.
Right now, if a card is fraudulently used and the signature doesn't match that of the cardholder then the bill is footed by the credit card company, even if the card hasn't been reported stolen. Sure, the costs are passed onto the consumer (well, to those consumers that don't clear their card balances at least) but there's no chance of you suddenly being presented with a four- or five-figure debt for the spending that a card fraudster has run up on you card.
But, if you find yourself in a situation where you give an assailant your PIN, even if it's to avoid physical harm, then you're responsible for all spending they clock up before your card is eventually cancelled.
Frankly, as a credit card holder, this scenario frightens me, even though the chance of it actually happening to me is next to nothing.
Of course, the card issuers are being very quiet about all this, which is no great surprise.
"Accept that some days you are the pigeon, and some days you are the statue." - David Brent, Wernham Hogg
This legislation is silly. The price of printer ink these days CLEARLY makes it uneconomical to print fake $100 bills. It'd cost you more for the ink than you would generate in counterfeit currency!
OK, they want software to stop working when it detects money? Good. Let's all start inserting The EURion Constellation [1] everywhere we can, on our websites, on our t-shirts, on our cars and literally everywhere. Then, when people start noticing that they cannot print their God damned holiday photos because there is some jerk with some freaking dots on his t-shirt on them, maybe they will stop using software inluding this stupid black-box banknote detection code. We can do it, people.
[1] It's a Google link, I don't want to link directly to eurion.pdf to avoid slashdotting the server.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
There was this idea of having a panic-pin for each card that will work as well as the normal pin, but which triggers a silent alarm when used, marks transcation as fraud or something like that.
Cool idea, i don't know why it never got implemented