[Clips] Why Some People Put These Credit Cards In the Microwave
R. A. Hettinga
rah at shipwright.com
Mon Apr 10 15:10:21 PDT 2006
--- begin forwarded text
Delivered-To: clips at philodox.com
Date: Mon, 10 Apr 2006 18:09:33 -0400
To: Philodox Clips List <clips at philodox.com>
From: "R. A. Hettinga" <rah at shipwright.com>
Subject: [Clips] Why Some People Put These Credit Cards In the Microwave
Reply-To: rah at philodox.com
Sender: clips-bounces at philodox.com
<http://online.wsj.com/article_print/SB114463085998921417.html>
The Wall Street Journal
April 10, 2006
PAGE ONE
Why Some People Put
These Credit Cards
In the Microwave
Mr. Walker Took a Hammer
To His New MasterCard --
To Stop the Radio Waves
By SUSAN WARREN
April 10, 2006; Page A1
When Brenden Walker got his new MasterCard PayPass ATM card in the mail
last month, he headed to the gas station to try it out.
To test the card's "Tap N Go" convenience, he passed it in front of the
scanner, which activated with a beep and displayed the word
"authorizing..." on its LCD screen.
That was quite enough for Mr. Walker. Without completing the transaction,
he put the card down on the pavement and took a hammer to it.
"I gave it a couple of good whacks," he says.
The PayPass card, which contains an embedded radio chip, had worked
perfectly. Other companies have their own versions: Exxon (SpeedPass),
American Express (ExpressPay) and Visa (Contactless and Blink). In each
case, the cards use an embedded electronic chip with miniature antenna.
When activated by a scanner, the chip transmits the user's account
information via radio signals. In just the wave of a hand, the purchase
amount is automatically drawn from an account.
But Mr. Walker, a 37-year-old software engineer in Canton, Ohio, is one of
a growing number of computer and technology experts who are becoming
anxious about possible abuses of the technology. Mr. Walker fears that
thieves will be able to eavesdrop on the radio transmission and buy gas at
his expense. He also figures that he himself could walk past the pump and
accidentally pay for somebody else's gas, though the card companies say he
would have to get within two inches of the scanner to accomplish that feat.
In any event, he wants no part of it. Hammering the card destroyed the
chip. "I tried it again and...nothing," he says. "I might as well have been
holding up a salami sandwich."
As the chips become more widespread, other militants are seeking them out
and destroying them. And a little industry is springing up on the Internet
to pitch an array of devices meant to protect consumers from abuses of the
technology, called radio frequency identification, or RFID. One example:
wallets with metal shields built in that block radio signals.
Radio chips have been around for decades performing other tasks, mostly
related to security access. They are the invisible passports that allow
motorists to breeze through highway tollbooths and let employees open their
office doors.
Pets and people are getting chip implants under their skin that carry
identification or medical information. Governments are beginning to use
radio chips in driver's licenses and passports. Retailers use them to track
inventory. The banks that are now using chips in their credit and cash
cards say they make transactions more efficient -- and more convenient for
customers.
Critics such as Mr. Walker worry that sensitive information will be
intercepted. Some privacy advocates envision businesses and government
furtively gathering personal data on unsuspecting consumers, and criminals
taking identify theft to a whole new level.
A German group called FoeBud, which describes itself as a civil-rights
group for the digital age, is featuring an array of RFID-busting products
in the organization's online store. Items include "deactivator nippers,"
which look remarkably like a common hole-punch, priced at about $7. The
most popular item in the store has been a copper bracelet with a red light
that blinks when it is near an RFID scanner, says Rena Tangens, FoeBud's
founder. The store claims to have sold about a thousand bracelets so far at
about $18. "People think this is a cool gadget," Ms. Tangens says.
Others are using do-it-yourself methods for disabling radio chips,
including microwaving them. The electromagnetic energy emitted by a
microwave oven fries the chip and renders it useless. The downside: Tagged
items might burst into flames in the process, warns Caspian, a consumer
group campaigning against the widening use of radio tags. The group
suggests cutting out the chip with a pair of scissors, puncturing it with a
straight pin, crushing it or pulverizing it.
Several Web sites boast about -- but don't yet sell -- devices with names
like TagZapper and RFIDWasher, which are supposed to make disabling the
tags easier. Technology experts say some of these "zappers" work by
emitting a burst of electromagnetic energy that permanently destroys the
tag. Unfortunately, they say, it might also fry other nearby electronics,
including iPods and cellphones.
Some techies in Germany figured out how to make a Zapper by modifying a
disposable camera. When you hit the switch, instead of taking a picture, it
emits a burst of electromagnetic energy that fries any nearby electronics.
They have posted an extensive description of their project on the Internet.
Several technology experts contacted say it should work, but the developers
did not respond to emails requesting comment.
A Web site describing the gadget listed several potential hazards,
including electric shocks and Federal Communications Commission law
violations. It also warned, "Don't try it near your grandpa's pacemaker."
Makers of products using RFID say privacy and security safeguards are being
built into the chips to prevent abuses. MasterCard International says
multiple layers of security are available to prevent MasterCard data from
being stolen by electronic eavesdropping. It is up to the companies that
issue the card to decide which security measures to adopt, says Art
Kranzley, MasterCard's executive vice president in charge of new payment
technologies.
Customers who don't want RFID in their PayPass payment cards can ask to be
issued an old-fashioned chipless card, says Mr. Kranzley.
Kelly Lum, 23 years old, a computer-network engineer in Eatontown, N.J.,
recently bought a wallet online from a site called DIFRWear (RFID
backwards). The wallet has a metal insert designed to shield her radio-chip
bank card from being read without her knowledge.
The card Ms. Lum carries came without any information about security
safeguards, she says, so she decided to take no chances. "It's maybe a
little bit of a paranoia thing, but hey, it's my credit rating," she says.
Eric Caraszi, a 26-year-old computer programmer in Albany, N.Y., recently
bought an RFID-proof wallet after having a conversation with a co-worker
about different ways criminals might be able to exploit RFID-chip cards --
from sneaky scans on crowded elevators to high-powered scanners on the
roadside that could mine passing traffic.
"For every smart person trying to make a lock, there is going to be an
equally smart person trying to unlock that lock," he notes.
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
_______________________________________________
Clips mailing list
Clips at philodox.com
http://www.philodox.com/mailman/listinfo/clips
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
More information about the cypherpunks-legacy
mailing list