Defend your ski pass from hackers

Ski Pass Security

An RFID secure ski-pass (Image Copyright 2010 http://www.rfidprotect.co.uk)

If you’ve been issued with a new RFID enabled, or ‘contactless’ ski pass then there’s a risk that it may be intercepted, read or skimmed, and without your knowledge. A new generation of ski and lift passes are already being rolled out across US and European resorts, and you may not realise that contained within them is a small passive RFID microchip. This bit of clever kit enables swift access to the slopes, and other services off-piste. Great news!

The not so great news if you don’t want marketers to track your every movement, and transaction, whilst on holiday. Furthermore, it’s well documented that unscrupulous hackers have been able to skim these ‘contactless’ passes using low-cost readers freely available on line. The consequences can be that your personal information and movements can be tracked and exploited for commercial or criminal gain.

  • Keep your personal information safe
  • Shield your data from readers designed to track your movements
  • Have a look about for Ski pass shielding products – there are loads on offer and many reasonably priced
Advertisements

Google in major privacy breach.

Whoops!

Google has finally accepted that it harvested personal data from wireless networks as its fleet of vehicles drove down residential roads taking photographs for the Street View project.  And yet only a few months ago it would have screamed ‘blue murder’ if anyone intimated that this had happened.

Now it transpires that millions of internet users have potentially been affected.   Google’s acknowledgment of guilt is an interesting U-turn from its earlier assertion that no sensitive personal information had been taken.

Google has now confessed that its, “…vehicles had also gather(ed) information about the location of wireless networks, the devices which connect computers to the telecommunications network via radio waves.”

The Daily Telegraph newspaper reported that, “…Privacy International lodged a complaint with Scotland Yard earlier this year about Google’s Street View activities and officers are still considering whether a crime has been committed.

Google is facing prosecution in France and a class action in the US, with similar lawsuits pending in other countries.”

The full story can be read at: http://www.telegraph.co.uk/technology/google/8083008/Google-spied-on-British-emails-and-computer-passwords.html

Whilst this development does not relate specifically to RFID or contactless technology as such, nonetheless it’s an excellent example of a large multi-national operation initially stating – “guys, what’s the problem – there’s nothing to worry about your wireless internet connection because we’ve ensured that it’s 100% secure” – and then a few months later we arrive at a different place – “…er, you know that technology that we told you was secure, well there’s been a slight issue with it and as a result your email, passwords and other sensitive information are now in the public domain – whoops, sorry about that…”

Therefore it could be reasonably argued that whilst today contactless credit, debit, Oyster, and Olympics 2012 RFID passes are all being sold as 100% safe – tomorrow may bring with it a different view…

Watch this space, and in the meantime can you afford not to protect your biometric details now?