Mythbusters show not allowed to do anything on RFID

Youtube.com ^ | Adam Savage Mythbusters

[PapaBear3625]

Mythbusters guys not allowed to demonstrate what the RFID chips are doing.

The legal depts of the credit card companies (major advertisers on the channel) got on and told them they better not do the show.

This points out the major weakness of advertiser-supported TV and newspapers: you WILL NOT cover stories that major advertisers would get upset about, including stories that would result in boycott campaigns against your advertisers (mainly conducted by the Left). This is one method by which the Left captures media outlets.

[PapaBear3625]

They can and they do. I have read articles about how someone could stand behind you in line and read your cards in your wallet or purse if they have chips. Very scary indeed.

It can be done from further away than that.

RFID cards are designed to be read by cheap, mass-produced readers at a range of inches. They can also be read from longer ranges by more expensive gear with a good parabolic antenna. So just stick your gear in a cardboard box that's propped up by the rear window of your car, park the car on a busy street, and read the RFID info of everybody who passes by.

[PapaBear3625]

I have often wondered why someone couldn’t just capture credit card data from a credit card with a chip; simply by just walking closely to someone.

That's demonstrated in the youtube link in post #16

[Yorlik803]

Thank you....Kari is uber-hot.
Redheads rule......

[IronJack]

It isn't difficult to get a card reader that will record the information from an ATM card. You can buy those for a few bucks. What is difficult is to build a machine that looks like an ATM enough to fool someone into entering his PIN.

But if you could, you could potentially capture a lot of card/PIN information, and use it to drain a lot of accounts.

However, the cost of building the mock ATMs would very likely exceed the profit from many of the accounts. You have to figure that anyone stupid enough to fall for a fake ATM is probably not Gordon Gecko.

[cynwoody]

I think I heard about a PIN-pad swap at a fast food restaurant in Edmonton, in which the hacked PIN-pads were outfitted with a Bluetooth interface. That allowed the crooks to retrieve the intercepted card details while eating their lunch and without having to risk detection by messing with the devices. How the original swap took place, I don't recall. Quite possibly an inside job.

Last year some hackers penetrated the data network that links Hannaford Brothers' 300 grocery stores. They installed a piece of malware that intercepted 4.2 million credit card mag stripe images over a three month period and relayed them to a server in Russia.

[cynwoody]

With this scheme, it creates an incentive to kidnap well-off phone owners,get the PIN off them, and hold them until the kidnappers have drained their accounts.

That incentive already exists. They can kidnap somebody, take his cards, and force him to reveal his PIN. The problem for the bad guys, however, is the daily cash withdrawal limit. It makes draining a large account a tedious process.

Actually, a better strategy for the kidnappers would be to force the fat cat to transfer his assets to Russia, the trick being to do it in a way that wouldn't raise suspicions at his bank or brokerage and to get the money to a place where the bad guys can withdraw it without getting caught.

There was a case several decades ago where a guy who had learned Security Pacific's wire transfer protocols in detail while working there as an IT consultant initiated a fraudulent $10 million transfer to a European bank. He then flew over and used the money to buy diamonds from the Soviet diamond exporting firm. He got away clean with the diamonds, but then promptly got caught fencing them back in the US. Security Pacific didn't even realize they'd been robbed until the FBI told them.