This page has been archived and commenting is disabled.

Cambridge Refuses To Cave To Banker Demands To Censor Paper Which Exposes Card PIN Hack

Tyler Durden's picture




 

Something amsuing out of England (and ever slightly less so if you happen to be the CTO for Capital One). After in late 2009 four Cambridge students uncovered a no-PIN attack that allowed those so inclined to hack ATM machines, and subsequently they made their findings public, a recent thesis paper by an Omar Choudary has summarized the findings, and has been in the public domain for some time. However, it appears that the UK banking cartel, with its 2010 bonuses finally safe and sound, has only now discovered this major weakness across their systems. But instead of taking prompt steps to fix the problem, in typical kleptocratic oligarchic fashion, the bankers' initial demand (apparently across the Atlantic, "UK Cards Association" is another name for the bailed out crew) is for Cambridge University to censor the paper. Alas, Cambridge has not agreed to fold like a lawn chair. The response that follows is quite hilarious. What will be less hilarious is if the no-PIN "attack" works in the US just as well as it did in the UK. Zero Hedge staff is currently enjoying the "all flights canceled" weather, testing out this particular null hypothesis.

From the response by Ross Anderson of the Cambridge Computer Lab:

Second, you seem to think that we might censor a student's thesis, which is lawful and already in the public domain, simply because a powerful interest finds it inconvenient. This shows a deep misconception of what universities are and how we work. Cambridge is the University of Erasmus, of Newton, and of Darwin; censoring writings that offend the powerful is offensive to our deepest values. Thus even though the decision to put the thesis online was Omar's, we have no choice but to back him. That would hold even if we did not agree with the material! Accordingly I have authorised the thesis to be issued as a Computer Laboratory Technical Report. This will make it easier for people to find and to cite, and will ensure that its presence on our web site is permanent....

...Fifth, you say 'Concern was expressed to us by the police that the student was allowed to falsify a transaction in a shop in Cambridge without first warning the merchant'. I fail to understand the basis for this. The banks in France had claimed (as you did) that their systems were secure; a French TV programme wished to discredit this claim (as Newsnight discredited yours); and I understand that Omar did a No-PIN transaction on the card of a French journalist with the journalist's consent and on camera. At no time was there any intent to commit fraud; the journalist's account was debited in due course in accordance with his mandate and the merchant was paid. It is perfectly clear that no transaction was falsified in any material sense. I would not consider such an experiment to require a reference to our ethics committee. By that time the Newsnight programme had appeared and the No-PIN attack was entirely in the public domain. The French television programme was clearly in the public interest, as it made it more difficult for banks in France to defraud their customers by claiming that their systems were secure when they were not.

You complain that our work may undermine public confidence in the payments system. What will support public confidence in the payments system is evidence that the banks are frank and honest in admitting its weaknesses when they are exposed, and diligent in effecting the necessary remedies. Your letter shows that, instead, your member banks do their lamentable best to deprecate the work of those outside their cosy club, and indeed to censor it.

And here is the original post from the blog of the Computer Laboratory at the University of Cambridge:

The bankers’ trade association has written to Cambridge University asking for the MPhil thesis of one of our research students, Omar Choudary, to be taken offline. They complain it contains too much detail of our No-PIN attack on Chip-and-PIN and thus “breaches the boundary of responsible disclosure”; they also complain about Omar’s post on the subject to this blog.

Needless to say, we’re not very impressed by this, and I made this clear in my response to the bankers.
(I am embarrassed to see I accidentally left Mike Bond off the list of
authors of the No-PIN vulnerability. Sorry, Mike!) There is one piece of
Christmas cheer, though: the No-PIN attack no longer works against
Barclays’ cards at a Barclays merchant. So at least they’ve started to
fix the bug – even if it’s taken them a year. We’ll check and report on
other banks later.

The bankers also fret that “future research, which may potentially be
more damaging, may also be published in this level of detail”. Indeed.
Omar is one of my coauthors on a new Chip-and-PIN paper that’s been
accepted for Financial Cryptography 2011. So here is our Christmas present to the bankers: it means you all have to come to this conference to hear what we have to say!

Yeah, yeah, shut up and give us the hack already so we may also enjoy some of that cool $3.3 trillion in taxpayer bailouts. The link is here.

h/t Ras Bongo

 

- advertisements -

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Sun, 12/26/2010 - 18:26 | 830846 Malcolm Tucker
Malcolm Tucker's picture

Glad to have blogged about this earlier today :)

http://fedupmontrealer.blogspot.com/2010/12/banks-try-to-cover-up-fraudagain.html

My post includes a BBC video that shows a live demonstration of the Chip and Pin security flaw

Thanks for highlighting this issue Tyler!

Sun, 12/26/2010 - 18:28 | 830850 trav7777
trav7777's picture

The Truth appears to be more than just the State's enemy, eh?

Sun, 12/26/2010 - 18:31 | 830852 Malcolm Tucker
Malcolm Tucker's picture

I thought you were going to say Truth Bitchez :)

Sun, 12/26/2010 - 20:37 | 830999 Red Neck Repugnicant
Red Neck Repugnicant's picture

censoring writings that offend the powerful is offensive to our deepest values

I can assure you this statement is total bullshit, especially at Eton College, just outside Windsor. Eton has a long, rich history in England and, in many ways, embodies everything that the British idealize about their schools.  

After writing a very satirical letter about the King's Scholarship recipient and Dr Andrew Gailey (he was my house master and is now the Vice Provost), I was kicked out of Eton due to:

"....a very poor attitude, coupled with lackluster performance that does not reflect the expectations of an Eton boy.  Furthermore, "RNR" has repeated his intention to sue the College after commencement for 'gross negligence in his development of a young man.'"

At Eton, freedom of speech is as warmly welcomed as passing around a school petition to have Tony Little (Eton Headmaster) shave his mustache as it "distracts from our studies and from the seriousness that would be expected from an Eton Headmaster. If Mr Little wishes to replicate the sexy image of Magnum PI, we wish that he would simply move to America and govern the student body of Long Beach Community College (LBCC)." 


Sun, 12/26/2010 - 21:02 | 831029 Cognitive Dissonance
Cognitive Dissonance's picture

"....a very poor attitude, coupled with lackluster performance that does not reflect the expectations of an Eton boy.

Nice to see you've continued with your "very poor attitude, coupled with lackluster performance" here on Zero Hedge. :>) 

Sun, 12/26/2010 - 21:17 | 831044 Red Neck Repugnicant
Red Neck Repugnicant's picture

Don't get froggy with me, CD. 

My new year's resolution is to be nicer to people, and this was my attempt to "open up" and express my vulnerabilities.  

Don't exploit it!

 

 

Sun, 12/26/2010 - 21:19 | 831050 Bob
Bob's picture

Diplomacy: Priceless. 

 

Sun, 12/26/2010 - 22:22 | 831101 Dumb Money
Dumb Money's picture

to CD: ZING!

to RNR: does your new found openness mean that you're buying gold?

to bob: HA!

Sun, 12/26/2010 - 21:19 | 831051 Bob
Bob's picture

Diplomacy: Priceless. 


Sun, 12/26/2010 - 21:36 | 831061 Cheesy Bastard
Cheesy Bastard's picture

Faux

When you start your comment with this:  "I can assure you this statement is total bullshit",  then maybe you do need work in this area, of being nicer.  I already know I do too, but in the spirit of the season,I just wanted to give you an idea.  Too bad you don't have anywhere to keep one!  Ha Ha. 

Sun, 12/26/2010 - 21:39 | 831062 Cheesy Bastard
Cheesy Bastard's picture

Happy New Year!

Sun, 12/26/2010 - 21:38 | 831063 Cheesy Bastard
Cheesy Bastard's picture

And God Bless!

Sun, 12/26/2010 - 21:55 | 831071 nmewn
nmewn's picture

"Furthermore, "RNR" has repeated his intention to sue the College after commencement for 'gross negligence in his development of a young man.'"

I'm guessin that's goin as well as OJ's furtive under-cover search for "the real killers" at Lovelock Correctional.

Sun, 12/26/2010 - 23:36 | 831148 RichardP
RichardP's picture

Don't bash the student body of Long Beach Community College.  People like them hold the world together.

Sun, 12/26/2010 - 23:51 | 831166 DoChenRollingBearing
DoChenRollingBearing's picture

Actually, this time I am with the Faux Red Neck:

"....a very poor attitude, coupled with lackluster performance that does not reflect the expectations of an SPS boy.

Those terms were used by my superiors at prep school and at the very LAST place I ever had a "job".  Plenty of room for everyone here at ZH.

Sun, 12/26/2010 - 19:01 | 830883 malikai
malikai's picture

So in that video the FED even said it was broken? What?! Its got to be bad then.

Anyway, chip+pin was theoretically broken before it was even implemented. If they had been smart and had an open review before bandwagoning the deal, it might have been better the first time. For even better lulz, check out the RFID passports. Those have lots of potential.

Sun, 12/26/2010 - 18:27 | 830847 trav7777
trav7777's picture

Cambridge, bitchez

Sun, 12/26/2010 - 18:38 | 830859 DoChenRollingBearing
DoChenRollingBearing's picture

.gov and banksters steal our money.  Then they complain when someone spots a hole in their security, and want to cover up that information.

Hypocrites.  Just spend the money now to fix ATM security, you ARE going to have to spend the money at some point.

+ 1000 to Cambridge, right on trav7777.

Mon, 12/27/2010 - 03:41 | 831309 Rusty Shorts
Rusty Shorts's picture

In Tim We Trust  

Sun, 12/26/2010 - 18:40 | 830862 MobBarley
MobBarley's picture

Someone please explain to me why a chip in your card is better than a magnetic stripe on the back.

Some kind of challenge/response system? Also, do current mag stripe ATM cards have this 'signature' verification thingy? And how would that work at an ATM machine?

Especially the kind that dispenses GOLD BARS bitchez!

Merry Christmas and Lots of Love to everyone :)

 

Sun, 12/26/2010 - 18:48 | 830871 Captain Benny
Captain Benny's picture

I'm not familiar with this exact technology, but the basic idea is that.

In theory you should be able to do a cryptographically-based challenge/response mechanism.  In practical implementation however this isn't quite secure, because I'm betting that most of these cards (if not all) come pre-shipped with their crypto-keys already known by the manufacturer and/or bank...

Sun, 12/26/2010 - 23:51 | 831168 virgule
virgule's picture

The chips are essentially micro computers, programable, and with an architecture that makes it somewhat harder to break into, than in your average "open device".

In the early designs (not sure if this is still in use today), the chips had a self-destruct feature, if someone tried to access them in a manner not compliant with the design protocols. In the most basic example, a micro-chip would self-destruct if your tried a brute force attack, entering too many PIN numbers with a stolen card. That is definitely much better than a passive magnetic stripe, which lets you read and write as much as you want.

For french-speakers who want more history on this invention, lookup Roland Moreno on the French Wikipedia.

Mon, 12/27/2010 - 03:40 | 831308 Byte Me
Byte Me's picture

The chips have better physical robusness against data corruption and potentially much higher data density.

Mag strips are easily damaged / corrupted as well and don't allow for the challenge / response protocols (however flawed they may be)

Mon, 12/27/2010 - 08:35 | 831414 Widowmaker
Widowmaker's picture

"Someone please explain to me why a chip in your card is better than a magnetic stripe on the back."

Three-fold:  

To eliminate (minimize) counterfeit cards.

Two-factor authentication (the system knows you are you) based on the chip itself (possession of it) and your PIN.

To track EVERYTHING bought and sold-- POLICED MONEY.

Welcome to the mark of the beast, where ALL control of your money (buying and selling) is anything but yours.

Sun, 12/26/2010 - 18:44 | 830863 Captain Benny
Captain Benny's picture

In America, these cards aren't prevalent yet.  In America, we use the far weaker system which involves easily clone-able mag-strips using technology from more than 30 years ago.  In Europe they've essentially removed one part from the transaction process (mag-swipe) and replaced it with a fundamentally flawed design which introduces this vulnerability.  Wow.  Stupid banking industry...  (NOTE: I didn't say they don't use mag-strips in the above statement...)

Sun, 12/26/2010 - 18:59 | 830882 MobBarley
MobBarley's picture

Pardon, but what makes SmartCHIP any more secure than a mag stripe?

Is it that it _should_ be much harder for someone to clone a SmartCHIP embedded ATM card?

I say _should_ because we all know that some black hat hacker group somewhere is already cloning the sh*t out of them in some attic somewhere, as usual.

Also, if the magstripe on the card merely presents your account information, routing number and account number, then surely it could be possible theoretically to merely enter this information by hand at a 'terminal', ATM machine for instance, and then your PIN

and have cash dispensed merely from information?

So by having the sheep beleive that some kind of CHIP is needed in the card..and then because the card can be lost or stolen the CHIP really ought to be embedded in your thick skull in your forehead or perhaps in your right hand...ring a bell?

 

Sun, 12/26/2010 - 19:15 | 830904 Captain Benny
Captain Benny's picture

Pardon, but what makes SmartCHIP any more secure than a mag stripe?

I didn't say it was any more secure.  In fact I said the exact opposite.  They removed the mag-stripe from being the common authentication mechanism and replaced it with a fundamentally broken design that is far worse.  This broken design allows for non-PIN based transactions.  I'm a personal believer that there shouldn't even be PINs anymore.  Anyone that has seen the Bloomberg authentication tokens (BUNITs see: http://blog.robwebb2k.com/2007/08/03/corporate-branding-the-bloomberg-b-unit/ ) knows that they are far more advanced than any stupid CC you find in the EU and US.  Its time to stop using stupid freakin pins on a wide scale.  They're fundamentally weak.

 

Sun, 12/26/2010 - 20:07 | 830972 Eternal Student
Eternal Student's picture

There are lots of misconceptions here. The card swiping biz is now big business. Please spare us with the old meme of some individual cracker working away in an attic. Organized crime has moved in, though they are smaller than the drug gangs. IMO, you're a total fool to use an ATM or Credit Card at a gas station, or other public places. You're not even safe at your bank, though those are harder targets. It depends on the Bank, really.

That's not to say that the chips are any safer. They make it easier to identify people carrying them, from afar. And they've historically had a number of issues. Security is not a priority with the Bank. Not when they can either harass you significantly, or just write it off as the cost of doing business.

Sun, 12/26/2010 - 20:55 | 831023 SilverBaron
SilverBaron's picture

Why even worry about it?  By law you are not responsible.  I've had money stolen from my acct. a couple of times and it was replaced free of charge.  Bad for visa, no big deal for me.

Mon, 12/27/2010 - 02:40 | 831289 Eternal Student
Eternal Student's picture

Are you talking about a debt card, or a credit card through Visa? Debit cards have no protections, and you're at the mercy of the bank. Credit cards are different, but people don't steal money from those, they just charge your card, which is a big difference. Even in that case, the process is a hassle, as you're in a dispute with a vendor. The outcome is also dependent on the amount charged, as it costs the vendor typically $50 or so to fight the claim. For more expensive items, the judgement can go against you, and yes, you can be on the hook for it. You are not guaranteed by law to not have to pay; you are only guaranteed if you can prove that it wasn't you in a normal vendor dispute. And the first judgement is made by the bank, not a court of law.

I prefer not to have these hassles, or liabilities.

 

Mon, 12/27/2010 - 16:09 | 832028 SilverBaron
SilverBaron's picture

Good point. I don't think they used my pin, just ran it as credit.  The first time was two $900 charges on a cruise ship somewhere, and the latest was just one cent at some home improvement store in NY.  The bank said they were probably just seeing if they could get away with it.

Mon, 12/27/2010 - 02:48 | 831293 Botox4U2
Botox4U2's picture

"Security is not a priority with the Bank." 

In spite of bank claims that the new RFID contactless 13.56Mhz chip cards are secure, their claims are disputed outright by various US and Canadian governments who use the same chip in the new biometric "enhanced" drivers licenses as well as the US, Canada and Mexico border services quick access service named NEXUS. When do you suppose the banks will tell the truth about RFID cards? In my opinion it's not about 50.00 that the banks will cover if there is a theft, but it's about strangers electronically pickpocketing people to get their names and card numbers and expiry dates which is the BEGINNING of identity theft.

This site explains a lot for those not too familiar

http://www.chipblockers.com

 

Mon, 12/27/2010 - 07:32 | 831402 MobBarley
MobBarley's picture

 How many misconceptions? Can you provide an itemized list?

 I ask that you spare me the meme of 'meme'. It was tired the day the first government sponsored psy op 'webbot' report came out. Thanks.

 I'm sorry that any form of romantic notion offends you. You really ought to write Tyler Durden and tell him how his moniker also offends you.

 I couldn't agree with you more that it is tempting fate to use your ATM or credit card at any facility or location where one has to rely on the honesty of the persons involved not to rob you blind.

 The only security is obscurity

 

Mon, 12/27/2010 - 08:40 | 831416 Widowmaker
Widowmaker's picture

Captain it depends on how you define "strength"

In a previous comment I pointed out how electronic money is actually far weaker in that it guts your ability to buy and sell without an intermediary.  That premise and the intermediary (effective control of all buying and selling), should scare the hell out of you.

If a person gets robbed electronically, such as system unavailability or a "glitch", is anything really stolen?  Where is proof in an electronic system - more electrons?  

Yearn for the day masses wake up to realize that everything they thought they owned is really borrowed from the "money-makers."  The joke is on literally everyone -- except gold-holders.

Sun, 12/26/2010 - 18:44 | 830866 knukles
knukles's picture

Douchebags.  Harrrrumph.  Christmas my ass. 

In order that we can ensure your card is not insecure on our secure network and in enhancing unnecessary and redundant upgrades to enforce impregnibale network security, an additional fee must be levied to set aside a reserve to compensate for any impossible unauthorized insecure unreimbursable thefts from our secure network.
Conversations may be recorded for your security.

Sun, 12/26/2010 - 18:50 | 830875 lynnybee
lynnybee's picture

..... don't use their damn "cards" !    When I was young we didn't even have ATM machines & we liked it that way !   I'm so old that I remember walking into the local bank & when we made a deposit in our savings account the teller got out an ink pad & stamper, changed the little numbers manually on the stamper, inked that little stamper & stamped the amount of the deposit onto our passbook !! 

Sun, 12/26/2010 - 22:37 | 831115 Rusty Shorts
Rusty Shorts's picture

Hey, I remember that !

Sun, 12/26/2010 - 18:56 | 830880 granolageek
granolageek's picture

Hey, where are all the bankster suck-ups that have hissy fits every time a state AG goes after a bank? This is a bunch of lefty academics  telling the banks to fuck off and die and expecting to get away with it. Surely the great gods Hayek, Rand and Rothbard will smite Cambridge University with three plagues and a lightning bolt.

Mon, 12/27/2010 - 01:40 | 830884 Ras Bongo
Ras Bongo's picture

Dear Melanie Johnson

UK Banksters Cards Association

 

FUCK YOU AND YOUR SPECIES!

 

Sincerely Pissed,

Triple Tuition Hiked UK Students

 

Thx 4 h/t. 

 

Sun, 12/26/2010 - 19:03 | 830888 Bearster
Bearster's picture

I certainly don't have any sympathy for their desire to impose censorship on Cambridge or anyone else.

But everyone sneering at them for a security bug would do well to look at the front door to his own house, his bank account passwords, and everything else from the perspective of a hacker who had more time, motivation, and expertise than he does.

Let's retain a little bit of good will and courtesy, and refrain from blaming the victim (in this case the banks with the bug).  They didn't make this bug on purpose just to hurt you!

Sun, 12/26/2010 - 19:59 | 830968 umop episdn
umop episdn's picture

I hope you are merely misguided on this issue. One of these new cards can be read without your knowledge-without you taking it out of your pocket. According to the banksters, this is a feature, not a bug. According to me, it is a huge invasion of privacy, even if it worked properly. I don't wish to be tracked everytime I pass by a card reader, thankyouverymuch.

Sun, 12/26/2010 - 20:07 | 830971 Poofter Priest
Poofter Priest's picture

Uh.....you're joking right?

 

Yes?  Please say yes.....

[They] HID this weakness as they push us to a no cash society.

Mon, 12/27/2010 - 01:57 | 831269 Creepy Lurker
Creepy Lurker's picture

No joke, unfortunately. That's why they sell those "secure sleeves" to keep your credit cards and passport quiet. (Yes, passports have them too.)

Sun, 12/26/2010 - 20:23 | 830985 drB
drB's picture

The difference is that banks are paid for their customers to have security; we do not get paid for our home security. Banks here are not a victim, they just, as usual, cut corners to get everything cheaper.

Sun, 12/26/2010 - 20:37 | 830994 granolageek
granolageek's picture

I knew the suckups would show.

Nope, I blame the banksters for ignoring the problem for a year after they were told about it, and then trying to prevent publication since that would show their wilful attempt to save a quid by not bothering to fix a problem they bleeping well knew about.

 

But corporations will never do wrong, nope.

Sun, 12/26/2010 - 21:18 | 831045 Cheesy Bastard
Cheesy Bastard's picture

Nope, I blame the banksters for ignoring the problem for a year after they were told about it, and then trying to prevent publication since that would show their wilful attempt to save a quid by not bothering to fix a problem they bleeping well knew about.

Nope, I blame the banksters for ignoring the problem for a year after they were told about it, and then trying to prevent publication since that would show their wilful attempt to save a Vampire Squid by not bothering to fix a problem they bleeping well knew about.

Fixed it for ya.

 

Sun, 12/26/2010 - 23:18 | 831137 Black Friday
Black Friday's picture

"They didn't make this bug on purpose just to hurt you"

Yes they did.

 

Mon, 12/27/2010 - 04:10 | 831317 Byte Me
Byte Me's picture

Let's retain a little bit of good will and courtesy, and refrain from blaming the victim (in this case the banks with the bug).  They didn't make this bug on purpose just to hurt you!

I shall always retain a modicum of courtesy and goodwill to any party worthy of it.

Exceptions to this would have to include the Banksta cartel who have made tremendous strides in recent times to rape the productive economy and undermine civilization itself without, for a moment, considering any form of apology even necessary.

When  some apologist for the 'victim' banks talks his book (that'll be YOU Bearster) - well, that's just too much for me.

Seasons fracking greetings to you.

 

 

Sun, 12/26/2010 - 19:04 | 830893 Atomizer
Atomizer's picture

Capital One is running out of serf taxpayer monies. Do you remember?

The Obama Stimulus and Bank Bailout Plans

http://smooz.4your.net/diplomatic-world/files/WEB_DW_22_Obama_Plan.pdf

The need for a cashless banking world is the recent CNBS think tank survey. Did you email Erin?

 

Sun, 12/26/2010 - 22:42 | 831117 Rusty Shorts
Rusty Shorts's picture

Is this why the Treasury has delayed, soon to be cancelled?, issuance of the new $100 note?

Sun, 12/26/2010 - 19:11 | 830903 Husk-Erzulie
Husk-Erzulie's picture

Damn, nice font Omar...anyone know what that is offhand?  Designer types, anyone? :-))

Sun, 12/26/2010 - 21:00 | 830907 Urban Roman
Urban Roman's picture

Yeah, yeah, shut up and give us the hack already so we may also enjoy some of that cool $3.3 trillion in taxpayer bailouts.

[edit]

They did, in the BBC video and in the linked article "chip-and-pin-is-broken". Trivial hack, but you need a microcontroller sitting between the SmartChip and the POS terminal.

Miniaturized "card sleeve" version from far east Asian clone shops in 3 .. 2 .. 1

SmartCard technology CAN be totally secure, but that would require them to hire someone who had, for example, skimmed through a textbook on network security. (as opposed to a committee of midlevel management hacks designing the protocol in a hotel banquet room in Palikir)

Sun, 12/26/2010 - 19:16 | 830910 TexDenim
TexDenim's picture

An ATM machine is like a piano. If you can massage those keys with nimble fingers, you can make beautiful music on the machine, which will reward you for your skill.

Sun, 12/26/2010 - 19:22 | 830920 Bearster
Bearster's picture

What is the difference between an anarchist and a socialist?

An anarchist thinks to take what he hasn't earned, by being clever and sneaky whereas a socialist thinks to take it via the State.

Sun, 12/26/2010 - 19:44 | 830952 LeBalance
LeBalance's picture

An anarchist perfects the art of theft by exercise and a refined mind, then tries to get others interested in the new mind puzzle created by this hard work.

The socialist lowers the education level of all, feeds off the poor performance level of the slaves, and then complains when latent anarchists spot the socialist in the broom closet whacking off.

Sun, 12/26/2010 - 20:05 | 830970 Lord Koos
Lord Koos's picture

Perhaps you could give us a comparison of the quality of education of the average American citizen vs that of the average citizen of the socialist EU? 

Sun, 12/26/2010 - 21:07 | 831015 keep the bastar...
keep the bastards honest's picture

And then came the fascist

BIG. the fusion of State and Corporates, hates the  socialists and silly anarchist bugs. Education? factory farming.

Sun, 12/26/2010 - 20:19 | 830982 Atomizer
Atomizer's picture

Fucking brilliant analogies on above posts. Some just don't understand.

PIL - Order of Death

http://www.youtube.com/watch?v=VEC5GFDbgl4

This is what you want
This is what you get
Here now
Night light
Windows
Waiting

Weakness
Waitin.
Silent
Payment

Guilty
Hauntin.
Calling
Claiming

Here now
Ending
One life
One knife

 

Sun, 12/26/2010 - 19:24 | 830926 doolittlegeorge
doolittlegeorge's picture

i'm yawning.

Sun, 12/26/2010 - 19:25 | 830930 NorthenSoul
NorthenSoul's picture

I cannot imagine any US university Computer Lab writing something of this kind to the American Banker Association.

But the Brits have kahunas...

Mon, 12/27/2010 - 23:45 | 832744 Arkadaba
Arkadaba's picture

The Brits still have independent funding via govt - or at least they used to.

Sun, 12/26/2010 - 19:38 | 830943 nmewn
nmewn's picture

"It is perfectly clear that no transaction was falsified in any material sense. I would not consider such an experiment to require a reference to our ethics committee. By that time the Newsnight programme had appeared and the No-PIN attack was entirely in the public domain. The French television programme was clearly in the public interest, as it made it more difficult for banks in France to defraud their customers by claiming that their systems were secure when they were not."

ROTFLMAO!!!

Give this man a cigar!

Sun, 12/26/2010 - 19:51 | 830961 liberal sodomy
liberal sodomy's picture

brits and free speech don't get along very well.

Sun, 12/26/2010 - 19:54 | 830964 caconhma
caconhma's picture


"you seem to think that we might censor a student's thesis, which is lawful and already in the public domain, simply because a powerful interest finds it inconvenient. This shows a deep misconception of what universities are and how we work. Cambridge is the University of Erasmus, of Newton, and of Darwin; censoring writings that offend the powerful is offensive to our deepest values. Thus even though the decision to put the thesis online was Omar's, we have no choice but to back him. That would hold even if we did not agree with the material! Accordingly I have authorised the thesis to be issued as a Computer Laboratory Technical Report. This will make it easier for people to find and to cite, and will ensure that its presence on our web site is permanent...."

 

God bless  Cambridge University!

Sun, 12/26/2010 - 20:29 | 830988 wretch
wretch's picture

Strawman's getting his ass kicked.

Sun, 12/26/2010 - 20:43 | 831006 Bob
Bob's picture

Higher education, bitches. 

Sun, 12/26/2010 - 20:42 | 831007 Salinger
Salinger's picture

great news

US to step up security at hotels and malls

16:45, Sunday 26 December 2010

 

 

The United States is stepping up security at "soft targets" like hotels and shopping malls, as well as trains and ports, as it counters the evolving Al-Qaeda threat, a top official said Sunday. A year after a foiled plot to bomb a US-bound passenger plane, Homeland Security Secretary Janet Napolitano told CNN's "State of the Union" program that other places and modes of transportation must now be scrutinized.

 

http://uk.finance.yahoo.com/news/US-step-security-hotels-malls-afp-11219...

Sun, 12/26/2010 - 20:53 | 831019 sabra1
sabra1's picture

of coarse, all of this being done to intimidate the public. i'm now selling rusty pitchforks!

Mon, 12/27/2010 - 10:14 | 831497 New_Meat
New_Meat's picture

Ya got it right in one: "coarse".

- Ned

Sun, 12/26/2010 - 21:06 | 831020 Bob
Bob's picture

We can never be too safe.  Apparently. 

315M served! 

Napolitano is one sick bitch, btw.  Saw her giving her safety spiel twice on teevee today.  Mark that face . . . a mustache is so passe (sorry, Adolf.)

She's a true believer.

Sun, 12/26/2010 - 20:55 | 831022 keep the bastar...
keep the bastards honest's picture

more groping 

incontinence rules

Sun, 12/26/2010 - 21:05 | 831034 gwar5
gwar5's picture

Yeah, I saw that already. They're already doing Wal-Mart and getting neighbors to rat out each other with DHS i-phone apps. Good thing they don't just profile for Islamic terrorists, that would offend some people. 

Pretty soon postal carriers will be schooled in impromtu genital pat downs and small towns will have to have the new scanners.... because you never know....  somebody might be a Ron Paul supporter...

It'll be a snap to collect future taxes and confiscate the evil PMs from those greedy hoarders and Jooos.

Mon, 12/27/2010 - 03:48 | 831119 Rusty Shorts
Rusty Shorts's picture

-

Sun, 12/26/2010 - 21:14 | 831043 Urban Roman
Urban Roman's picture

What %age of the stores need to be open for the mall to receive this extra DHS attention?

 

Sun, 12/26/2010 - 20:43 | 831010 gwar5
gwar5's picture

I'm assuming the students would let slip the information Wikileaks style anyway.

Sun, 12/26/2010 - 21:19 | 831047 Cheesy Bastard
Cheesy Bastard's picture

Off subject, Sorry I missed the open thread.  Merry Christmas and God Bless each and every one of us. 

Sun, 12/26/2010 - 21:40 | 831064 Dave
Dave's picture

You have a cell phone, computer, credit cards, you're tracked. Notice

how many CCTV cameras are around. So, what does one do? I

have my method. I can still be tracked but it takes more effort.

Hopefully I'm not important enough. Sabra1, how much you want

for those pitchforks?

Sun, 12/26/2010 - 21:55 | 831072 sabra1
sabra1's picture

pitchforks are free, the tetanus shots for the victims, priceless!

Sun, 12/26/2010 - 22:20 | 831099 Goldilocks
Sun, 12/26/2010 - 22:37 | 831114 Careless Whisper
Careless Whisper's picture

Those banks are no match for Google, who is the sponsor of the research.

http://www.cl.cam.ac.uk/~osc22/

 

 

 

Sun, 12/26/2010 - 23:17 | 831135 Doctor sahab
Doctor sahab's picture

Funny thing is Omar seems to have developed a device to decrease potential fraud. Safe and healthy start to the new year, bitchez.

Sun, 12/26/2010 - 23:58 | 831174 Oh regional Indian
Oh regional Indian's picture

Actually, what many people miss is the fact that banks make a LOT of money by nickel-and-dime errors that many connedsumers miss. 

In volume, it's kind of like HFT, it can make you a whole lot of money.

All the big one's launder drug and other illegal money. Swiss banks immunity anyone?

The whole system is a joke.

Only it's not funny and hopefully son to come apart (laughing) at the seams.

ORI

http://aadivaahan.wordpress.com

Mon, 12/27/2010 - 00:22 | 831198 titatu
titatu's picture

I have been in charge of all this atm's in some country.

I had to balance between the commercial interest of the builders of this machines and the security level.

Simply said: it was cheaper for the banks to allow fraud to a certain degree, then to built a secure system.

As i want i can easily crack any card in the world.

As long it is cheaper to allow the fraud, there will be no security.

The interest of the consumer has never been in issue, so softly sad, wake up!!

Mon, 12/27/2010 - 00:34 | 831209 margaris
margaris's picture

I am just happy to hear there are institutions out there that arent ultimately corrupt: Universities.

Although I can imagine there are bad universities all over the world too.

Mon, 12/27/2010 - 02:02 | 831272 Ras Bongo
Ras Bongo's picture

University, Bro. This is the first one that shows the middle finger in such a way to the Banksters (at least that I am aware of). Revolutions start with the immediate future. Can't fool no one with net nowadays . That's why They try to kill the freedom in it. 

Fight Them now with all you got 'cause there is little time left before they'll possess you:

Buy physical silver on the dip and get your coins out of banksta' virtual money machine.

Protect your family and informs your neighbours.

We sick an' tired of-a your ism-skism game -
Dyin' 'n' goin' to heaven in-a Jesus' name, Lord.
We know when we understand:
Almighty God is a living man.
You can fool some people sometimes,
But you can't fool all the people all the time.
So now we see the light
(What you gonna do?),
We gonna stand up for our rights!

Bob Marley

 

Mon, 12/27/2010 - 03:09 | 831297 Marc45
Marc45's picture

Yeah this raises the middle finger alright.  The trouble is that the banksters don't pay for it.  They pass it on to taxpayers and employees who get laid off.

What gets me is that there's all this effort going on with WikiLeaks, etc. and it's all for naught.  The banksters know that we know, they just don't give a fuck because in the end the politicians pray at the altar of the bankers.  A better fight might be to target the elected officials and get them out of office.  That's the only way the system will change.

Mon, 12/27/2010 - 10:21 | 831500 New_Meat
New_Meat's picture

Marc45:

"A better fight might be to target the elected officials and get them out of office.  That's the only way the system will change."

Well, I guess your hypothesis gets put to the test starting in a week or so.  Maybe Coburn gets some help, too.

http://www.foxnews.com/politics/2010/12/26/coburn-control-government-spe...

Times runnin' out.

- Ned

Mon, 12/27/2010 - 02:45 | 831291 Milton Waddams
Milton Waddams's picture

fractals

 

 

Mon, 12/27/2010 - 02:46 | 831292 Milton Waddams
Milton Waddams's picture

OMAR (s0unds foreign enough), ATMs, ATTACK... CODE RED, PANIC....

Oh wait, this was a "properly" educated scientist ...

Co-opt and difuse.

 

 

Mon, 12/27/2010 - 03:57 | 831313 Bill DeBurgh
Bill DeBurgh's picture

"You expect me to believe Omar is a stoolie because Sosa said so?"

Do NOT follow this link or you will be banned from the site!