Slashdot Mirror
CC Companies Scotch Mythbusters Show On RFID Security
mathfeel passes along a video in which Mythbusters co-host Adam Savage recounts how credit card companies lawyered up to make sure the Discovery channel never, ever airs a segment on the flaws in RFID security. "Texas Instruments comes on [a scheduled conference call] along with chief legal counsel for American Express, Visa, Discover, and everybody else... They [Mythbusters producers] were way, way outgunned and they [lawyers] absolutely made it really clear to Discovery that they were not going to air this episode talking about how hackable this stuff was, and Discovery backed way down being a large corporation that depends upon the revenue of the advertisers. Now it's on Discovery's radar and they won't let us go near it."
Myth Confirmed.
They weren't able to stop this one, which, if you haven't seen yet, is pretty amazing.
-------------------
This is my SIG. There are many like it, but this one is mine.
I assume they were going to demonstrate a MIFARE classic attack, on which papers are plentiful.
Belief is the currency of delusion.
You missed the valid argument of the CC companies paying the bills. The CC companies aren't forced to advertise on Discovery, but Discovery IS forced, by virtue of having bills to pay, to seek advertising revenue from the CC companies.
This is one of the major flaws in most libertarian and anarchist theories: government has no monopoly on tyranny or injustice.
Try not to take me more seriously than I take myself.
not true... You are not required to be a lawyer to be on the supreme court of the united states
Or given that TI is mentioned, maybe it's more likely to be about Rubin et.al's attack on TI's Digital Signature Transponder. See Security Analysis of a Cryptographically-Enabled RFID Device (paper) and/or article.
Belief is the currency of delusion.
Not true... mostly. You are not required to be a lawyer in most (all?) jurisdictions of the United States. Judges are appointed and in many cases elected. I'm not aware that many jurisdictions require judges to be jurisdoctors (that is, earned a law degree.) Lawyers on the other hand must have earned a law degree and passed the legal bar examination of the state where they practice.
Python: 'And then suddenly you have a language which says "we're all stuck with whatever the whiniest coder wants".'
The Last HOPE was awesome. Adam gave a really fun talk and was really good from the front row! And when he came out with this information it was especially fun and really said something to the open flow of ideas at the conference. Hopefully, Discovery or any of the other companies don't give him any crap for it. Cheers. Some Last HOPE vids are available: http://hopetracker.donthax.me/
You're either misguided or disingenuous.
That wing of the party left with George Wallace after passage of the Civil Rights Act and the Voting Rights Act. Nixon was only too happy to pick up the so-called "States' Rights" voters, and pander to racists with his "the first civil right is safety [from black people]" rhetoric. Kennedy and Johnson's bravery in abandoning that voting block to the Republicans was heroic, and the South is majority Republican to this day.
Your assertion that the Democratic party is the party of racists is moronic. You should listen to less opinion radio.
For a good reference describing some of the problems with RFID technology, check out the book "Spy Chips" by Katherine Albrecht and Liz McIntyre http://www.amazon.com/Spychips-Major-Corporations-Government-Track/dp/1595550208/ref=sr_1_1?ie=UTF8&s=books&qid=1220142206&sr=8-1 This has been our for over 2 years now, but the general public has no idea on the capabilities or consequences of RFID systems. Give it a look.
There's a difference between "someone with a law degree" and "a lawyer".
The fact is that the law is sufficiently complicated that a law degree is of substantial benefit to people who don't actively practice law. I won't take a position on whether this is a result of the inherent complexity in high-stakes rules, or whether it is deliberate obfuscation by lawyers.
Additionally, there's a difference between types of lawyers. The lawyers that people generally look down on (and are probably most common) are defense lawyers (because most of their clients are less than wonderful people), personal-injury lawyers (because ambulance chasers and frivolous suits give the decent ones a bad name), and corporate lawyers (because they sit around all day). Both Obama and Biden are/were constitutional lawyers (in ranking lawyer sub-specialties, this is perhaps the least odious). They were also primarily non-tenure-track law professors.
That's correct. Corporations have done this to neighborhood associations to wear tenants down and free up neighborhoods for development, and it was successfully carried by the cult of Scientology to destroy the Cult Awareness Network. It's a fascinating case history of harassment and destruction by a demonstrably criminal organization against a citizen watch group. It's also done by regulatory agencies against criminal organizations: remember that Al Capone was not finally brought into court for murder and racketeereing, but for income tax evasion.
Just because the show hasn't aired doesn't mean it's not being talked about. The fact that such an investigation was undertaken, and the results so bad that the CC folks are so desperate to keep it under wraps, makes the issue now not merely the insecure nature of the system, but also the deception/concealment of those flaws from the general public and (most importantly) their cardholders. No matter how bad the results of the Mythbusters investigation, it will seem doubly bad if the results are kept secret and imaginations run wild. If they simply bit the bullet, let it be aired, acknowledged the flaws, and vowed to work on the problems, it would be far less damaging in the long run. Nothing stays secret for long in today's world -- the sooner you own up to it, the better the outcome. Nothing is so bad that it can't be made worse by trying to cover it up. (Think of Tricky Dicky...)
"Every great cause begins as a movement, becomes a business, and eventually degenerates into a racket." -- Eric Hoffer
There is no need. A few detailed videos, posted on PirateBay and Wikileaks by people who can do a decent job from a country where the DMCA does not apply, would do quite well to publish. Why spend all the money?
We already saw this with US passports, where the details on how to read the RFID tag is already available with a bit of Google searching. It's happening with subway passes in US cities such as Boston, which tried to prevent some hackers from presenting their paper at Defcon.
If you don't do business with the credit card companies, you will have a very low credit rating. If you don't do business with the banks that use RFID bank cards, you might not have any bank at all in many areas of the country. Without a credit card or bank account you will find your options for owning a house or a car reduced to nil. In Canada, you cannot pay your taxes in cash. You cannot get an iPhone with cash. And yes, it is legal for a business to refuse cash purchases.
The credit/currency corporations are the key to being "in the system" and if you are "out of the system" you will be homeless or in government housing in short order. I'm not saying that's a good thing, but it is an unfortunate reality. Perhaps you could lead a bank and credit card free life dealing only in Ithica Hours. But freedom from the financial corporate overlords is rare and hard won. Those overlords like RFID, so you will have RFID.
We are all just people.
You do realize that that very clip was in TFA? Not even linked, but embedded so all you had to do was click on play?
If you believe everything you read, you'd better not read. - Japanese proverb
"It's only a matter of time before this gets pulled off Youtube."
Save a copy to repost or post elsewhere.
https://addons.mozilla.org/en-US/firefox/addon/3006
"This post is an artistic work of fiction and falsehood. Only a fool would take anything posted here as fact."
"Texas Instruments comes on [a scheduled conference call] along with chief legal counsel for American Express, Visa, Discover, and everybody else... "
After discovering a flaw in one of Texas Instruments' RFID tags, researchers from RSA Labs and Johns Hopkins University say they plan to continue their testing with exploits against other RFID equipment.
Doesn't look like the secret everyone thinks it is. Note the date. And this just from a few seconds with Google.
Shai Schticks:"You don't make peace with friends, you make peace with enemies"
The signature is not a security feature. Unless you want to train tens of millions of clerks in precision handwriting analysis techniques.
It's merely a token of accession to contract terms. Having people write, "yes" would be just as effective.
Can you be Even More Awesome?!
YouTube is required by law to take down content when someone files a DMCA takedown notice, and put it back up after 14 days if the person who uploaded it files an uncontested counter notice. I believe that is what happened when the IOC mistakenly filed a notice against some video footage titled "Olympic Opening Ceremony" or something, which turned out to be footage of people protesting outside the Chinese embassy in New York.
They believed, due to the title, that it was their copyrighted material. When it turned out it was simply mislabeled, the footage was restored.
Well, you said it yourself. If YouTube wants to remain within the safe harbour offered by the DMCA to online service providers, they pretty much have to follow that procedure. If they didn't, they wouldn't be in business very long.
Besides, it's the users who would create any kind of "community" that would exist around YouTube, by creating and uploading original content, as the person who uploaded the video we are discussing did. If all you are doing is uploading copyright material that doesn't belong to you, there's not much YouTube can do to defend you.
I don't care why you're posting AC
I believe that a fairly recent ruling against a cell phone company would invalidate this clause of the contract by the precedence it set. I don't fully recall the details (and please, someone post links if you have them), but one of the large cell phone companies got the "binding arbitration" clause of their contract struck down. Their contract was judged to be a "contract of adhesion". Partly because of such, the consumer could not be forced to give up rights to seek legal redress.
The whores get mad when the sluts give it away for free.
"If you don't do business with the credit card companies, you will have a very low credit rating."
The only thing a credit rating is good for is getting into debt.
"it is legal for a business to refuse cash purchases."
But it is illegal to them to refuse cash in repayment for a debt.
"The credit/currency corporations are the key to being "in the system" and if you are "out of the system" you will be homeless or in government housing in short order."
That's a load of nonsense. Many people pay their rent with cash. You can buy a house and a car with cash, if you have the cash. You can immediately cash you paycheck and never use a bank account.
requiring binding arbitration as part of a "take it or leave it" agreement has already been ruled unconscionable.
Sorry, but the credit card companies won't escape on that one assuming the plaintiffs have any competence at all.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
Done:
http://en.wikipedia.org/wiki/Discovery_channel
It is dangerous to be right when the government is wrong.
Here, I added to the Mythbusters page as well:
http://en.wikipedia.org/wiki/Mythbusters
It is dangerous to be right when the government is wrong.