It looks like you're using an Ad Blocker.

Please white-list or disable AboveTopSecret.com in your ad-blocking tool.

Thank you.

 

Some features of ATS will be disabled while you continue to use an ad-blocker.

 

!Intergrated Circuit Cards/EMVs!

page: 1
0

log in

join
share:

posted on Dec, 11 2011 @ 09:00 PM
link   

A smart card, chip card, or integrated circuit card (ICC), is any pocket-sized card with embedded integrated circuits. A smart card or microprocessor cards contain volatile memory and microprocessor components. The card is made of plastic, generally polyvinyl chloride, but sometimes acrylonitrile butadiene styrene or polycarbonate. Smart cards may also provide strong security authentication for single sign-on (SSO) within large organizations. wiki


I read this earlier and was was very alarmed.
It is possible for Chip and PIN use for security can be tampered with. But to what extent and for what purpose? Considering the below example... this was planned at the point of manufacture. Very scary stuff and I am not the only one to use the 'scary' word.

for eg:

In October 2008 it was reported that hundreds of Chip and PIN readers for use in Britain, Ireland, the Netherlands, Denmark, and Belgium had been expertly tampered with in China during or shortly after manufacture so that details and PINs of credit and debit cards were sent during the 9 months before over mobile phone networks to criminals in Lahore, Pakistan. US National Counterintelligence Executive Joel Brenner said "Previously only a nation state's intelligence service would have been capable of pulling off this type of operation. It's scary". Data were typically used a couple of months after the card transactions to make it harder for investigators to pin down the vulnerability.Main Page


Just how secure are we? CHIP and PIN from the example above is extremely vulnerable.

Criminals in Pakistan for eg...had connections in China... at the point of manufacture! intended for export to defraud or worst still attacks on IT or even database networks that we rely upon for our security.

The creativity of criminals is astounding... key encryptions have gone one step beyond...relying on patterns of any alpha/numeric arrangement. They interlock and create a pattern that works like a key. Usually one key recognises the lock by way of recognition of specific numbers or letters.

I think this might be part of the QR format that ATS does not want used:
QR Codes Prohibited on ATS in Avatars, Signatures, and Posts

The ICCs rely on the alpha/numeric system but the pattern within the CHIP is another access point.

Very scary stuff!

Any CHIP or PIN being used can be tampered with. And I am not just discussing money issues like credit cards. Security passes? Swipe cards, Validating checkpoints for eg: The London Pass:


The London Pass is a sightseeing city card - like a credit card with a computer chip inside - which gives you entry to a choice of over 55 popular tourist attractions in the city... info


These CHIPs are used in a wide variety of society.

STOP importing CHIPs from other Countries would be a step in the right direction!


edit on 11/12/2011 by Thurisaz because: delete spacing

edit on 11/12/2011 by Thurisaz because: add thread




posted on Dec, 11 2011 @ 09:16 PM
link   
reply to post by Thurisaz
 


Anything that can be made can be "broken." There are just variables concerning the length of time it will take. You can go to your dentist and pay $30 bucks to xray anything you want. If you know someone in material sciences at university, you can use the scanning electron microscope and perform a little die polarization macrophotography and physically read memory cells as well as complex circuits. If you want the encryption keys, you hack chips "live" (powered). Bin there done all that ;-) Anything can be cracked with time, motivation and tools.

The game that's afoot in this case has built in motivation, money for the sake of money. And like any business, they go for profit, so if the cost risk to profit ratio is correct, this kind of thing will continue to happen.

Cheers - Dave



posted on Dec, 12 2011 @ 05:52 AM
link   
reply to post by bobs_uruncle
 


yes you are right. Anything made can be broken.

Issue is the sheer volume of products manufactured in other Countries. We are all vulnerable because of this fact. How many items do you have in your home that are not made in your own Country?

How would a target be able to isolate products that have been tampered with or designed with a secondary purpose unknown to the purchaser?

It would be another 'too late scenario'...with consequences.



posted on Dec, 12 2011 @ 12:35 PM
link   
reply to post by Thurisaz
 


Yes, it is a too late scenario already. You can't check everything you have because most don't understand the technology and anyway with so many products it is far too time consuming as well as cost prohibitive from a technology standpoint. Plus who's to say that the technology used for analysis hasn't been tampered with if it is made overseas as well?

The best method of preventing these kinds of products from entering our borders is to produce the products within our borders. But I really don't think the corporations or the mil/industrial complex are going to allow that because it stimulates economic and technological development, employs people and gives them a sense real national pride.

Cheers - Dave
edit on 12/12.2011 by bobs_uruncle because: (no reason given)



posted on Dec, 12 2011 @ 09:59 PM
link   

Originally posted by bobs_uruncle
reply to post by Thurisaz
 


Plus who's to say that the technology used for analysis hasn't been tampered with if it is made overseas as well?


thx that just made me laugh! And that is so true.

It is one big can of worms!



posted on Dec, 13 2011 @ 07:53 AM
link   
reply to post by bobs_uruncle
 





Anything that can be made can be "broken." There are just variables concerning the length of time it will take.


You are incorrect. With the recent cyphers you are talking thousands of computer years to crack. And no putting 1000 computers on the project doesn't mean it can be done in one year.
Then you have to factor that the data will be irrelevant in 5 years.

This makes modern cyphers uncrackable. The word games doesn't change anything.



posted on Dec, 13 2011 @ 01:22 PM
link   

Originally posted by samkent
reply to post by bobs_uruncle
 





Anything that can be made can be "broken." There are just variables concerning the length of time it will take.


You are incorrect. With the recent cyphers you are talking thousands of computer years to crack. And no putting 1000 computers on the project doesn't mean it can be done in one year.
Then you have to factor that the data will be irrelevant in 5 years.

This makes modern cyphers uncrackable. The word games doesn't change anything.


Actually, you just agreed with the above statement LOL and I would have to disagree with your statement that 1000 computers over 1 year does not equal 1 computer over a 1000 years. Distributed processing has come a long way and that is why it is used extensively. If you understand encryption, then you understand the old FIPS 46 and 81 standards and what they entail. The XOR'ing, the barrel rolls, left-right shifts, public and private keys, etc. The technology really hasn't changed that much with AES, just the keys are larger and a little code modification here and there. There is a way to produce an almost uncrackable system, but I am not giving away the keys to the kingdom here ;-)

I don't know how long you have been doing this, but I go back to 1978 on arpa and 1981 in encryption. I was one of TDT, there were five of us and I removed all the code using a custom board I designed and a TI 7000 series emulator that eventually went to SDI for processor failure testing. This was for the satellite encryption systems in 1986 and as well as the TI7500 encryption processors (but that was a bet with TI) and I won, they gave me an XDS22/32 minicomputer emulator for TI processors and DSP's, I still have it actually. The code removal event from the embedded processors was serious enough that the Director of Security for GI (which had purchased the company) came to see me to tell me personally to cease and desist. Since then, I have performed encryption work for commercial and military clients and applications.

Breaking a system requires a lot of knowledge, a bit of creativity and a great deal of non-linear thinking, we are not all "wired" that way. And to be sure, there are always people smarter or with greater motivation that will try to or even break your code, you just have to be one step ahead and make it is difficult as possible ;-)

Arthur C. Clark said "When an esteemed scientist says something is possible he is most probably right, but when he says something is impossible, he is most certainly wrong".

Cheers - Dave
edit on 12/13.2011 by bobs_uruncle because: added a quote




top topics



 
0

log in

join