lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1149165174.15833@vs6119.vserver4free.de>
Date: Thu Jun  1 13:34:34 2006
From: sec-newsletter at vs6119.vserver4free.de (Chris)
Subject: RFID used at Olympics in Germany

In order to get a ticket you were engaged to give the following information 
to the FIFA: 

- complete name and surename

- adress

- date of birth

- nationality
 
- number of passport or "Reisepass" (travel passport)

- telephone number

- fan of what club (!)

- email-address
 
- number of bank- or creditcard


The FIFA as well as the DFB (German Soccer Association) have access to all this data! 


The information stored at the RFID-chip is the following: 

- a serial number 
- the passport-number of the ticket owner

Peter Buettgen, speaker of "The Federal Commissioner for Data Protection 
and Freedom of Information" said that "...no other personal information 
will be stored on the chip..."

The transmission of the data is secured. That is what they say. 

Now a lot of people started buying special "covers" for the tickets
that avoid the transmission. Nobody knows whether you have access
to the stadium in that case or not. There are even "gripper" available to
destroy the chip permanently. 



More information is available under: http://www.foebud.org/rfid/die-fussball-wm
(in german)


Chris



Josh L. Perrymon wrote ..
> http://www.csoonline.com.au/index.php?id=1926576695&eid=-302
> 
> So every ticket used at the olympics has an embedded RFID and is scanned
> as
> users enter the stadium (  over 64 events ).
> 
> ----snip---
>  Organizers have asked everyone requesting tickets to provide a wealth
> of
> personal data, including name, address, date of birth, nationality and
> number of ID card or passport. Never before have fans attending an event
> organized by the Federation Internationale de Football Association (FIFA)
> been required to provide so much information about themselves that can
> be
> accessed so quickly.
> 
> ---snip---
> 
> So everyone is going to have this RFID embedded ticket with name, address,
> passport or driver license number?
> 
> How easy would it be to walk around with an RFID scanner pulling down info
> from everyone that had a ticket?
> 
> JP
> CEO
> www.packetfocus.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ