Having physical ownership of a smart card probably doesn't enable you to go around using the card (even if the picture on the card resembles you very closely) -- you'd need to know the PIN stored in the card in order to go around signing digital documents, or making purchases.
Furthermore, there is the mechanism for cardowners to get their ID card revoked when they discover that it is missing just like for credit cards.
There is a.pdf white paper for these European electronic ID cards here
Slashdot Mirror
here is the actual article
- options.gateway_addr = malloc(strlen(optarg));
+ options.gateway_addr = malloc(1 + strlen(optarg));
sprintf(options.gateway_addr,"%s",optarg);
You never know, this could lead to a buffer overrun and a possible exploit (options.gateway_addr is last seen going into getaddrinfo(...) ).
Having physical ownership of a smart card probably doesn't enable you to go around using the card (even if the picture on the card resembles you very closely) -- you'd need to know the PIN stored in the card in order to go around signing digital documents, or making purchases. Furthermore, there is the mechanism for cardowners to get their ID card revoked when they discover that it is missing just like for credit cards. There is a .pdf white paper for these European electronic ID cards here