Security App For the New German Personal ID Hacked
prefec2 writes "On Nov. 1st Germany started to issue new personal ID cards which include a security chip. In combination with a reading device and an application on a PC at home, secure transactions can be made. However, the required application can be compromised using DNS spoofing and a wrong SSL certificate (article in German)."
In that case you've already lost. This is Germany, right? Why don't they just cut to the chase and tattoo numbers on people's arms. Control is control. The purpose is irrelevant. When control is complete, the purposes always converge into the same thing.
discuusions on Do, and with any can be like FreeBSD is already can really ask of watershed essay,
From here:
Der Windows7-eigene Screenreader fängt beim Vorlesen die Eingaben über die Tastatur direkt ab. Dadurch wird auch die eingegebene PIN im Klartext vorgelesen.
Translation: The Windows7 built in screen reader captures entries directly from the keyboard when reading. Therefore also the entered PIN is read aloud in cleartext.
Which shows two things: :-)
(i) There should be a separate keypad on the card reader. You simply cannot trust the computer.
(ii) Using Windows7 can lead to unexpected security holes even on non-compromised computers (after all, this should apply to anything expecting passwords). But then, it's from Microsoft, so that's somewhat expected
The Tao of math: The numbers you can count are not the real numbers.