Slashdot Mirror

← Back to Stories (view on slashdot.org)

CC Companies Scotch Mythbusters Show On RFID Security

Posted by kdawson on from the next-comes-guns-and-money dept.

mathfeel passes along a video in which Mythbusters co-host Adam Savage recounts how credit card companies lawyered up to make sure the Discovery channel never, ever airs a segment on the flaws in RFID security. "Texas Instruments comes on [a scheduled conference call] along with chief legal counsel for American Express, Visa, Discover, and everybody else... They [Mythbusters producers] were way, way outgunned and they [lawyers] absolutely made it really clear to Discovery that they were not going to air this episode talking about how hackable this stuff was, and Discovery backed way down being a large corporation that depends upon the revenue of the advertisers. Now it's on Discovery's radar and they won't let us go near it."

8 of 466 comments (clear)

  1. I can just see the courtroom in 2010 by Hawthorne01 · · Score: 5, Interesting

    "So, if I Understand this correctly, you knew of these security holes back in 2008, and rather than fix them, you prevented the Mythbusters from talking about them."

    "Well, yes, Your Honor."

    "Give me another reason why I should listen to one word of your defense against this class action suit?"

    This will come back and bite them in the @$$. Hard.

    --
    "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
    1. Re:I can just see the courtroom in 2010 by ewhac · · Score: 5, Interesting

      "Give me another reason why I should listen to one word of your defense against this class action suit?"

      "Well, Your Honor, all of the persons the plaintiff has named as members of the class are invalid. All our cardmembers, as a provision of the cardmember agreement, must refer to independent Binding Arbitration, and expressly waive their right to participate in a class action. And all those that remain have no standing to file this action."

      When you enter a courtroom, you enter another world where such flagrant absurdities are taken seriously. Read your cardmember agreement. Then read Kafka.

      Schwab

      --
      Editor, A1-AAA AmeriCaptions
  2. Re:Upcoming Mythbusters Special! by Anonymous Coward · · Score: 5, Interesting

    I think this would be a good time to point out that Barack Obama and his running mate are lawyers.

  3. corporate games by sr8outtalotech · · Score: 5, Interesting

    It's a all about risk management for the companies involved. On one hand you have the Discovery Channel which depends on advertising revenues. On the other hand you have several large corporations that are using a flawed system. The question for the credit card companies is whether or not it's cheaper to use the system in place and pressure others not to disclose flaws or come up with something that works better. Sort of reminds me of Mitsubishi and the wheels flying off their heavy vehicles a few years ago. It was cheaper to payout settlements than recall and fix the vehicles. http://en.wikipedia.org/wiki/Mitsubishi_Motors#Vehicle_defect_cover-up

    I know the management of these companies have obligations to the shareholders but isn't about time they started to exhibit an obligation to not make fraud so easy with the current system?

  4. Re:Sometimes it neccesary by Anonymous Coward · · Score: 5, Interesting

    Bad analogy time:

    It's like a ship with holes in it. If the ship is already at sea, you shut up and man the pumps. But if the ship is in the dock, you yell "Look, hole!" and hopefully you wont have to pump quite as much later on.

  5. Re:Upcoming Mythbusters Special! by maxume · · Score: 5, Interesting

    If you were alive during the days that they just burned scientists and heretics at the stake, I am impressed. Perhaps you just mean that you yearn for the days? (this is probably a pretty narrow style issue, but whatever)

    If you really care, stop doing business with them. Stop doing business with the various financial companies because they would manipulate what is presented to you. Stop doing business with Discovery because they put profit before whatever-it-is. Stop doing business with people who do business with them. I mean, you don't actually have to sit through the bullshit if you don't want to, but damn if it isn't easier.

    What it comes down to is that if you don't stand up for a principle, you don't really have much business expecting anybody else to...

    --
    Nerd rage is the funniest rage.
  6. Re:Yeah, well... by kestasjk · · Score: 4, Interesting

    The BBC is excellent in this regard, by the way. If you read the news there it's crystal clear the government (nor the BBC higher ups) have any power over them. Even internal BBC scandals like Blue-Peter faking phone-in competitions are dutifully reported on.

    You'll feel sick reading/watching Fox, or even CNN etc, after reading/watching BBC.

    --
    // MD_Update(&m,buf,j);
  7. Unfortunately, it's true to a point by Sycraft-fu · · Score: 5, Interesting

    Especially when it comes to things that might be used for criminal ends. Reason is, most criminals aren't all that smart. Especially small time criminals. To the extent there are smart criminals, they are usually the ones on top, the drug lords and such. The small time criminals usually aren't the sort of people who do research or think things through. You can see this in things like copper theft. This really is not a very profitable mode of operation. Even with the price having doubled, copper prices are still talked about in single digit dollars per POUND. That's also the price you'd pay on a mercantile exchange, not the price a scrap dealer gives you. Thus it is dangerous (both in terms of getting arrested and risking death if the wires happen to be live), a good bit of work, and probably doesn't pay any better than a job at McDonalds.

    The point I'm getting at is that the large amount of petty, opportunity type criminals go for things their attention has been brought to. Copper prices skyrocketing made news so their attention got brought to it. They didn't realize that while the prices did double that was from about $2/lb to $4/lb.

    Now as related to RFID, well Mythbusters certainly could lead to slightly more sophisticated petty criminals trying it. Right now, there's little information out there on it. So you'd be talking doing a good deal of research, perhaps some of it original, to build a device that could nab card numbers. This assumes that they've even had it brought to their attention that such a ting can be done. If they don't read a site like Slashdot, chances are they don't know it has security issues, and perhaps aren't even aware it exists at all.

    However if Mythbusters calls attention to it, and shows a basic guide of how to exploit it, well then they might start trying.

    Now I'm not saying that this means the problem shouldn't get fixed, or that it is Mythbusters job to keep it under wraps. I am saying that there really is some merit to the idea that if the public isn't aware of the problem it's not a problem. Sure there are people out there who are both aware it is a problem and know enough to exploit it. Perhaps you are one of them. However, are you going to actually do it? No? Then no problem.

    I'm not saying this is the right way to approach the security of this issue, I am just saying that there is real merit to the idea that if the public doesn't know then it's not a problem. You probably meant that it would be happening but they'd be kept in the dark about it. No, not at all. What I mean is that if the public doesn't know about it, people won't try to exploit it.