henry@zoo.toronto.edu (Henry Spencer) (09/25/90)
In article <10960034@hpldola.HP.COM> paul@hpldola.HP.COM (Paul Bame) writes: >Speaking of credit cards, why don't we use bar codes or some other optical >method rather than magnetic? Seems like it would be more reliable. Magnetic schemes have the vast advantage of being essentially immune to dirt and surface damage. For something that gets carried in pockets for years, this is a significant advantage. -- TCP/IP: handling tomorrow's loads today| Henry Spencer at U of Toronto Zoology OSI: handling yesterday's loads someday| henry@zoo.toronto.edu utzoo!henry
wayned@wddami.spoami.com (Wayne Diener) (09/26/90)
>In article <1990Sep25.153854.2812@zoo.toronto.edu> henry@zoo.toronto.edu (Henry Spencer) writes: >In article <10960034@hpldola.HP.COM> paul@hpldola.HP.COM (Paul Bame) writes: >>Speaking of credit cards, why don't we use bar codes or some other optical >>method rather than magnetic? Seems like it would be more reliable. > >Magnetic schemes have the vast advantage of being essentially immune to >dirt and surface damage. For something that gets carried in pockets for >years, this is a significant advantage. >-- Magnetic encoding is also quite a lot more difficult to duplicate than optical encoding would be (without going to UV or someother such thing) for your average (read "non-electronics hacker") person. -- |---------------------------------------------------------------| | // Wayne D. Diener | | // Spokane, WA | | \\ // E-mail reply to: | | \X/ To: isc-br!hawk!wddami!wayned@uunet.uu.net |
myers@hpfcdj.HP.COM (Bob Myers) (09/29/90)
>|Yeah, or didja ever stay at a hotel that has those new magnetic-card-reader >|locks? Ever try to explain to the front desk clerk that your card won't work >|anymore, because you spent the day at a monitor manufacturer and had occasion > >Far more effective to just tell them their darn locks are broken >and you can't get into the room you paid money for. > >Why assume any responsibility for it? Well, the full story is that the hotel in question had some sort of reader at the front desk, to confirm that a given "key" was properly programmed for a given room. The clerk was a bit surprised when the key he'd given me just that morning turned out not only to not match my room, but to be completely BLANK! (He had, of course, confirmed the key before giving it to me earlier.) >Phil Ngai, phil@amd.com {uunet,decwrl,ucbvax}!amdcad!phil >Freedom is dead, long live privacy! There's a difference? Bob Myers KC0EW HP Graphics Tech. Div.| Opinions expressed here are not Ft. Collins, Colorado | those of my employer or any other myers@fc.hp.com | sentient life-form on this planet.
rbrink@hubcap.clemson.edu (Rick Brink) (09/29/90)
From article <1990Sep25.153854.2812@zoo.toronto.edu>, by henry@zoo.toronto.edu (Henry Spencer): > In article <10960034@hpldola.HP.COM> paul@hpldola.HP.COM (Paul Bame) writes: >>Speaking of credit cards, why don't we use bar codes or some other optical >>method rather than magnetic? Seems like it would be more reliable. > > Magnetic schemes have the vast advantage of being essentially immune to > dirt and surface damage. For something that gets carried in pockets for > years, this is a significant advantage. > -- > TCP/IP: handling tomorrow's loads today| Henry Spencer at U of Toronto Zoology > OSI: handling yesterday's loads someday| henry@zoo.toronto.edu utzoo!henry
mmm@cup.portal.com (Mark Robert Thorson) (09/30/90)
> Magnetic encoding is also quite a lot more difficult to duplicate than > optical encoding would be (without going to UV or someother such thing) > for your average (read "non-electronics hacker") person. Not necessarily. I've seen some very low tech gadgets for duplicating cards. Imagine a plexiglas box with a few strips of plexiglas on top to form two parallel channels, each the width of a card. Under each channel, inside the box, are two tape heads. An amplifier is connected from one tape head to the other. A card is duplicated by running the blank and the master through the channels while the amplifier is on. No mechanism is needed for feeding the cards through -- you slide them through using the same hand, so that both cards travel the same speed at the same time, even if the speed varies a little. Making a high-density optical card would be much harder, if lasers or holograms were needed. Even darkroom work would be harder than building a card duplicator from scratch. An even simpler way to duplicate a magnetic card is to place two cards together, with the blank on top. (You make a card blank by wiping a magnet across it.) Then quickly wipe a hot iron across the top card. This briefly heats the magnetic stripe above its Curie point. When it cools down, it picks up the field of the card on the bottom. WRT non-hacker types doing this, I heard about the iron technique several years ago, when it was rumored that tickets for the Bay Area Rapid Transit (BART) system were being duplicated in this way by the average citizens of places like Oakland. Note that BART tickets are heavy paper, like a postcard; this technique probably wouldn't work with a plastic credit card because of the thickness.
wrf@mab.ecse.rpi.edu (Wm Randolph Franklin) (10/02/90)
In article <34388@cup.portal.com> mmm@cup.portal.com (Mark Robert Thorson) writes: > >WRT non-hacker types doing this, I heard about the iron technique several >years ago, when it was rumored that tickets for the Bay Area Rapid Transit >(BART) system were being duplicated in this way by the average citizens >of places like Oakland. Note that BART tickets are heavy paper, like a >postcard; this technique probably wouldn't work with a plastic credit >card because of the thickness. There was a story a year or two ago about people being convicted of counterfeiting BART tickets. How could this be detected since the individual tickets aren't serial numbered, are they? What difference is there between a ticket that BART added $10 to, and a copy of such a ticket? -- Wm. Randolph Franklin Internet: wrf@ecse.rpi.edu (or @cs.rpi.edu) Bitnet: Wrfrankl@Rpitsmts Telephone: (518) 276-6077; Telex: 6716050 RPI TROU; Fax: (518) 276-6261 Paper: ECSE Dept., 6026 JEC, Rensselaer Polytechnic Inst, Troy NY, 12180
wb8foz@mthvax.cs.miami.edu (David Lesher) (10/02/90)
>> >>WRT non-hacker types doing this, I heard about the iron technique several >>years ago, when it was rumored that tickets for the Bay Area Rapid Transit >>(BART) system were being duplicated in this way by the average citizens >>of places like Oakland. Wasn't John Draper (Captain Crunch) accused/pursued/ prosecuted/persecuted at one point for something having to do with? -- A host is a host from coast to coast.....wb8foz@mthvax.cs.miami.edu & no one will talk to a host that's close............(305) 255-RTFM Unless the host (that isn't close)......................pob 570-335 is busy, hung or dead....................................33257-0335
albaugh@dms.UUCP (Mike Albaugh) (10/02/90)
From article <!0P%+$+@rpi.edu>, by wrf@mab.ecse.rpi.edu (Wm Randolph Franklin): > In article <34388@cup.portal.com> mmm@cup.portal.com (Mark Robert Thorson) writes: >> [... the hot-iron duplicator hack ...] > There was a story a year or two ago about people being convicted of > counterfeiting BART tickets. How could this be detected since the > individual tickets aren't serial numbered, are they? What difference is > there between a ticket that BART added $10 to, and a copy of such a > ticket? As I recall, the mag-stripe on a _real_ BART ticket has a substantially higher Curie temperature than grut mag-tape. The hack involved using a stripe of 1/4" reel-to-reel tape, which was glued to an old ticket (or piece of paper) _after_ being "ironed". These hacks are quite detectable by _sight_, if the station agent happens to be suspicious. There may have been folks who managed to "iron" directly from one ticket to another, but I never heard of any. Note also that the iron technique would tend to produce "spread-out" patterns which may get "corrected" by the fare-gate reader, but could still show up on the more complex widget the station-agent uses to, for example, verify damaged tickets. Even if the counterfeiters had substantially higher-tech gear than the average hacker, it is hard to make money faking something worth $20 max, unless you _sell_ it. It is quite possible the arrests were made as a result of "normal police procedure", e.g. following up on street-talk. Of course, _I_ never had anything to do with this stuff and don't know anybody who did. Mike | Mike Albaugh (albaugh@dms.UUCP || {...decwrl!pyramid!}weitek!dms!albaugh) | Atari Games Corp (Arcade Games, no relation to the makers of the ST) | 675 Sycamore Dr. Milpitas, CA 95035 voice: (408)434-1709 | The opinions expressed are my own (Boy, are they ever)
ESV@psuvm.psu.edu (ANDREW COLL) (10/03/90)
In article <34388@cup.portal.com>, mmm@cup.portal.com (Mark Robert Thorson) says: >An even simpler way to duplicate a magnetic card is to place two cards >together, with the blank on top. (You make a card blank by wiping a magnet >across it.) Then quickly wipe a hot iron across the top card. This briefly >heats the magnetic stripe above its Curie point. When it cools down, it >picks up the field of the card on the bottom. > Along similar lines: Our university has as system in place where you can obtain photocopies or laserprinter output via a credit card of sorts. Its called a "vendacard" and you insert it into little card readers on either copiers or laserprinters. You buy the card by feeding dollar bills into a vending machine which credits your card with the amount of money minus $0.50 for the card. The cards are laminated plastic with a magnetic stripe on the back about 5mm wide. Occasionally the cards go bad and are unreadable. (usually due to scratches) I examined one of these unreadable cards and found that the magnetic strip was indeed coded with digital data. The interesting thing I found though was that these cards were exceptionally resistant to erasure by exposure to magnetic fields. I tried erasing the stripe using a 20oz permanent magnet: no luck, the data wasn't even degraded. I tried a tape head demagnatizer, same thing. I then remembered that when you got your card back from the reader, it was slightly warm. So I tried immersing the card in hot water and using the demagnatizer; still nothing. So I tried the ultimate torture: microwaving it in a dish of water. I microwaved it until the water boiled, at which point the laminated plastic card was so soft, it couldn't be picked up. In this state, I tried the demagnatizer again; after letting it cool enough so it would go into the reader, it still had the data intact. I came to the conclusion that these cards are extremely resistant to stray or not so stray magnetic fields, and the only way to damage them is physically. Therefore, I have extreme confidence in the integrity of my vendacoder card, and maybe a little more confidence in my credit and ATM cards. Andrew Coll ESV@PSUVM.BITNET ESV@PSUVM.PSU.EDU
ropg@ooc.uva.nl (Rop Gonggrijp) (10/04/90)
wrf@mab.ecse.rpi.edu (Wm Randolph Franklin) writes: >There was a story a year or two ago about people being convicted of >counterfeiting BART tickets. How could this be detected since the >individual tickets aren't serial numbered, are they? What difference is >there between a ticket that BART added $10 to, and a copy of such a >ticket? I know one of the people convicted of all that (he did the technology) and this is his story: This is Bill Squire and I will say you are right. Yes we took old five cent tickets and put $7.95 in "virtual cash" on them, and then put them in an add- fare machine, added a nickel and got a BART issued eight dollar ticket--total cost: ten cents. It was only when my friend (who was a minor at the time) got involved with "free" donuts at the "safe hollidays program" ran by the BART cops that a cop set us up to "make money" with $32 tickets printed on blanks. Note that the cops created the crime! Oh ain't that America!!! Send any replies to Bill through me..... -- Rop Gonggrijp (ropg@ooc.uva.nl) is also editor of Hack-Tic (hack/phreak mag.) quote: "We don't care about freedom of the mind, | Postbus 22953 (in DUTCH) freedom of signature will do just fine" | 1100 DL AMSTERDAM Any opinions in this posting are wasted on you | tel: +31 20 6001480