A technology blog for The Economist Group IT team

Thursday, March 31, 2005

Issue 3

Phish and Chips
There is a lot of hype from the UK government and banks about the safety of chip and pin and the increased security features apparent with the implementation of the new strong encryption key on the card chip. Also, the argument goes, you no longer have to rely on people to physically check your signature and actually verify that you are who you are. You are the only one who knows your pin, after all... Only it may not be so. Like all forms of technology, this new and secure one is open to exploitation. However well you hide your pin from prying eyes, it is all too easy for the person behind/beside you or the cashier, or a shop assistant to see your pin while you are typing it. The same goes for waiters and even people who would be sitting at the a table nearby or at the same table with you at a restaurant. What banks do not really tell you is that by entering your pin during a transaction you are then legally bound to honour the purchase. This is something that they could not argue about if someone had simply faked your signature. All online transactions are as insecure as ever chip or no chip. One of the techniques is known as phishing, which targets individuals with emails that look genuine and request personal account information. It is illegal to phish, but, then again, so should be collecting personal information and then selling it on; but the latter one is not always illegal, it depends on who is doing it and how.

The "enter your pin to authenticate" idea is neither new nor does it require a chip. A good practice in Europe, where the measure was introduced (minus the chip) four years ago, is that the shop assistant will ask for official identification (ID card, passport or a similar official document) from the purchaser, otherwise the transaction cannot take place, even if you know your pin; some shops will ask you to sign as well anyway. Furthermore, it did not cost European governments and banks anything close to what it cost Britain, since no billions of cards had to be re-issued, with the ensuing mess, lost or delayed replacement cards, etc.

For the interesting things one can do with the new secure cards, you can visit the links below:
The official website
Sensible, BBC advice
Caveat user

Low cost, low security
The internet and its possibilities offer opportunities for scams that involve theft of identity by the use of VoIP phones. The technique is known as SPIT (SPam over Internet Telephony), and is directly linked to the fact that as voice travels on the internet, it is as vulnerable to hacking as any other form of data. The full story is in Wired.

Pyramidal nano-technology
NASA is working on nano (tetrahedral, as they resemble pyramids) robots that will be able to collaborate to form a larger machine. The robots, because of their flexibility and strength in numbers will be able to change shape, so they will be able to form a solar sail that will take them to Mars, where, upon arrival they will be able to land and change into a snake-like shape which will allow them to tackle Mars's terrain without any danger of toppling over. This is exciting news, especially since, it appears, NASA is at the moment saving money by stopping all the contracts related to tending its gardens, grass, flowers etc. Perhaps they are confident that the new pyramidal nano robots will effectively do the pruning as well as space travel.

Broken Voices
Since there is too much about the election campaigns in the papers these days, so much so that things that are important sometimes get sacrificed or get a much smaller space, here is a chance to watch something that is of better quality than political party attempts at deception: it is a play -- or a collection of small plays -- called Broken Voices (reviewed in the Guardian), which are thematically connected by the ballot box. It is shown at Tristan Bates Theatre, London, until April 23. Box office: 020-7240 6283
Comments: Post a Comment

This page is powered by Blogger. Isn't yours?