wmartin@ALMSA-1.ARPA.UUCP (01/13/87)
The following items are from two different issues of the RISKS Digest, and are followups on the posting I sent to Telecom some issues back on the possibility of a scheme for toll fraud using the British "PhoneCard": Will Martin ----- Forwarded message > Date: Wed 24 Dec 86 09:36:03-PST > From: Peter G. Neumann <Neumann@CSL.SRI.COM> > Subject: Still More on PhoneCards > To: RISKS@CSL.SRI.COM > > I had a call from Colin Sex at British Telecom at 5PM Christmas Eve GMT. > He stated that "The card itself is completely secure." They indeed do a > READ-AFTER-WRITE check (along with some other checking), so that part of it > looks OK. However, there are problems with physical damage to the laser > reader/writer. In the case at hand, nail polish had been caked onto the > card, and gummed up the works. But in such cases the unit is supposed > either to reject the card, or else keep the card if it cannot eject it -- > and then shut down. I think they are still vulnerable to some active-card > attacks, but on the whole they think they protect themselves well against > the man on the street. > > ------------------------------ > > [It is altogether possible that BT is covering up. On the other hand, > their description of the system (by phone, to me) stated that the > READ-AFTER-WRITE check is properly implemented and that there are three > other checks as well. They claim that the Sunday Post will print a > retraction. (As yet no one has reported seeing it.) Of course, there > may be still be other vulnerabilities. RISKS readers are learning to look > the proverbial gift horse in the mouth, as well as the horse you had to > pay a fortune for. PGN] ----- End of forwarded messages