[119367] in cryptography@c2.net mail archive
Re: how to read information from RFID equipped credit cards
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Wed Apr 2 11:17:37 2008
Date: Tue, 1 Apr 2008 01:01:14 -0400
From: Victor Duchovni <Victor.Duchovni@morganstanley.com>
To: cryptography@metzdowd.com
Reply-To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <E1JgIUL-0007bZ-Oh@wintermute01.cs.auckland.ac.nz>
On Tue, Apr 01, 2008 at 12:47:45AM +1300, Peter Gutmann wrote:
> Actually there are already companies doing something like this
Which ones do you think are doing a decent job of this?
> but they've
> run into a problem that no-one has ever considered so far: The GTCYM needs a
> (relatively) high-bandwidth connection to a remote server, and there's no easy
> way to do this.
>
> (Hint: You can't use anything involving USB because many corporates lock down
> USB ports to prevent data leaking onto other corporates' networks, or
> conversely to prevent other corporates' data leaking onto their networks. Same
> for Ethernet, Firewire, ...).
Lock USB down completely, or block most devices and allow approved
ones? There is a non-empty set folks doing the latter, which opens
the possibility of this type of device being permitted, while others
are restricted.
Since *all* it needs is the ability to call "home" to its server, and
register to send/receive messages, it will not look like mass-storage,
and should not look like a network interface. Data leakage should not
be a concern if the device is built/marketted correctly.
--
Viktor.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
