Slashdot Mirror

← Back to Stories (view on slashdot.org)

Magnetic Stripe Snooping at Home

Posted by ryuzaki0 on from the because-you-can dept.

pbrinich writes "Have you ever wondered what information is actually stored on all those cards you have in your wallet? Well, it turns out you can find out yourself! An excellent project, Stripe Snoop started by Billy Hoffman, a Georgia Tech computer science student, contains schematics, source code and a wide variety of information about the standards used to store all sorts of information on your magnetic cards."

3 of 397 comments (clear)

  1. Changing the Strip by n0dalus · · Score: 5, Interesting

    How easy would it be to edit the data on the strips?
    For example, would it be possible for me to take my magnetic bus ticket and easily add another 10 trips to it?

  2. University IDs by langelgjm · · Score: 5, Interesting

    I'm an undergrad student in the University of Maryland system. I managed to write some simple C and Perl programs a while back for a reader I obtained, and ran quite a few cards through them. I found that our university issued ID cards have our social security numbers stored on them, unencrypted. A friend filed some public information request acts requesting to know if the university stored data such as the time and locations of card swipes, and if that data was attached to the student in any way. After initially denying this, the university eventually admitted that they do store data, and sent the guy a copy of his records, which indicate to the second when and where he swiped his card, in addition to when he went to the gym, how much he bought at the dining halls, etc. So much for privacy. I'm no engineer or programmer, and I was able to do this fairly easily; it can't be that hard to build an intercept and install it within a reader that's attached to a door, and voila - hundreds of SSNs. We're trying to contact some people in the school media and administration and have something done.

    --
    "Anyone who [rips a CD] is probably engaging in copyright infringement." - David O. Carson
  3. Guy's not an RMS fan by JackBuckley · · Score: 5, Interesting
    From Deep in TFA (tm):

    Q: Why did you release Stripe Snoop under the GPL?

    A: Well, its not because I like Richard Stallman, thats for sure. I don't believe that all code should be Free Software,and think he is pretty much a coding communist. One of the reasons Stripe Snoop was created was the lack of cheap or quality magstripe software, especially that would run on Linux. I have worked very hard on Stripe Snoop, and the last thing I want are the very companies that have expensive, crappy software from using my code and not contributing code themselves. In this regard the GPL provides the protections I want, even if I disagree with most of the creator's politics.

    Interesting to see a "security expert" (see earlier post--I can't verify this opinion) who thinks RMS is a code communist.