Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Hacker Charlie Miller To Demo Dangers of Near-Field Communications

timothy posted more than 2 years ago | from the these-icons-sure-are-clastic dept.

Security 149

An anonymous reader writes "Apple's hacker nemesis Charlie Miller, who the company banned from its app store developer program, apparently hasn't been waiting around for his suspension to be lifted. His latest pet project is hacking near-field communications (NFC), and at Black Hat USA in Vegas this month, he will demonstrate the dangers of using your smartphone to pay your cab fare. (But when his Apple 'sentence' is up, look out)."

cancel ×

149 comments

Sorry! There are no comments related to the filter you selected.

What makes you think his "sentence" is ever up? (5, Insightful)

crazyjj (2598719) | more than 2 years ago | (#40628037)

iOS is a walled garden. Apple is under no obligation to let anyone develop for it. If you're going to embarrass and criticize Apple, they are under no obligation to let you do it on their iPhones and iPads (or Macs either, for that matter).

Re:What makes you think his "sentence" is ever up? (4, Insightful)

zoward (188110) | more than 2 years ago | (#40628115)

iOS is a walled garden. Apple is under no obligation to let anyone develop for it. If you're going to embarrass and criticize Apple, they are under no obligation to let you do it on their iPhones and iPads (or Macs either, for that matter).

On the flip side, he make both Apple and the public aware of the exploits he finds. I'd rather Apple get a black eye over this than have the exploits remain out there where someone nefarious can find them and sell them to an eastern European cartel.

Re:What makes you think his "sentence" is ever up? (-1)

Anonymous Coward | more than 2 years ago | (#40628175)

Why do you hate apple?

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40628317)

I don't hate apple, they make a lot of profit using people ignorance and theyre right to do it.

I tend to hate those who only pray by apple tho, and don't realize they are selling their product twice the price it should cost. When you buy a 500GB hd for $200 you deserve to be ripped of, apple understand that.

Re:What makes you think his "sentence" is ever up? (0, Informative)

Anonymous Coward | more than 2 years ago | (#40628415)

Most people don't buy Apple products because they're ignorant, they buy them for their perceived quality of the product.

And speaking of ignorance, let me point out a few things, friend:

* "people's"
* "they're"
* "though"

Oh, and no Apple product cost twice what it should, they are comparable in price to any business-class Dell or HP. There is no 500GB HD for $200, so you are just a filthy fucking liar trying to spread propaganda which you can't back up.

Re:What makes you think his "sentence" is ever up? (1)

CosaNostra Pizza Inc (1299163) | more than 2 years ago | (#40628781)

I did some shopping around and made price comparisons per laptop specs very recently between those three you just mentioned. As far as the most bang for the buck, HP wins. Dell comes in at an unimpressive second. Apple is a very distant third and IMO is a rip-off. I ended up getting an HP laptop with all or better specs than a comparable Ibook and at less than half the cost. The only difference is my laptop is not ultra-thin, which is unimportant to me.

Re:What makes you think his "sentence" is ever up? (2)

angel'o'sphere (80593) | more than 2 years ago | (#40628811)

Well those compariosions of Dells versus HP versus Apple make no sense to em at all.
If you don't want to run Mac OS X you are likely better off with a non Apple having the specs you want.
If you want to run Mac OS X you are likely better of running it on a Mac.
Why should I get a Mac to run Linux or Windows on it? Why should I get a Dell or HP to run Mac OS X on it???

Re:What makes you think his "sentence" is ever up? (1)

CosaNostra Pizza Inc (1299163) | more than 2 years ago | (#40628949)

That is very important for you or me but maybe not for someone else. Therefore, I intentionally did not account for that in the comparison. I just looked at hardware specs.

Re:What makes you think his "sentence" is ever up? (1)

CanHasDIY (1672858) | more than 2 years ago | (#40629315)

Why should I get a Dell or HP to run Mac OS X on it???

I once built a hackintosh, for 2 reasons - 1) I wanted to give OSX a try, but didn't want to have to drop a grand on hardware for the privilege, and 2) because I like a challenge, and the sheer joy of getting something like that to actually work.

Re:What makes you think his "sentence" is ever up? (1)

aztracker1 (702135) | more than 2 years ago | (#40629897)

Personally, the aluminum shell appeals to me... That has some value to it... Beyond that, I'm pretty much OS agnostic, if I can run VMWare for hosting a VM, I can get whatever I need to done. For the most part, my actual desktop will run whatever I need.

Comparable? I doubt it (2)

sjbe (173966) | more than 2 years ago | (#40629071)

I ended up getting an HP laptop with all or better specs than a comparable Ibook and at less than half the cost.

Really? You found an HP that runs OS X? Also where is this "Ibook" you are referring to? Apple does not sell any laptop branded Ibook or IAnything for that matter. And very much doubt you found anything that is truly similar for "less than half the cost" once you include ALL the hardware including the case and the rest of it. I've compared ultrabooks running Windows from various vendors to Apple's offerings myself. While Apple certainly wasn't the cheapest they weren't a whole lot more expensive once you compared their stuff to the most similar stuff from HP and the rest.

The only difference is my laptop is not ultra-thin, which is unimportant to me.

So the hardware is not the same. If you don't like Apple's products that's fine. Nothing wrong with that. My own laptop is an Acer and it is excellent. But unless you compared extremely similar hardware you weren't doing a serious comparison.

Re:Comparable? I doubt it (1)

CanHasDIY (1672858) | more than 2 years ago | (#40629261)

Really? You found an HP that runs OS X?

Several, actually [osx86project.org] :3

Re:Comparable? I doubt it (1)

KhabaLox (1906148) | more than 2 years ago | (#40630529)

Really? You found an HP that runs OS X?

So are you saying that the premium we pay for Apple products is because of the OS?

Re:What makes you think his "sentence" is ever up? (2)

MightyYar (622222) | more than 2 years ago | (#40629277)

The only difference is my laptop is not ultra-thin, which is unimportant to me.

You nailed it... much cheaper to make a heavy/large notebook. The HP/Dell/Lenovo models with same size, weight, and battery specs as the Apples are +/- 10% in cost, depending what part of the product cycles you are in. And Apple hardly ever has sales - though Amazon can often save you $100 bucks.

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40629855)

I don't understand why anyone would buy a 15+ inch heavy laptop. Why not just get a desktop, they're cheaper and more upgradeable. I want my laptop light, small, portable, and with decent battery life.

Re:What makes you think his "sentence" is ever up? (1)

Jaysyn (203771) | more than 2 years ago | (#40630255)

I have a 17" laptop because sometimes I have to draft in places other than my work or home office.

I used to have to lug a desktop around for that. Believe me, a large laptop is a lot easier to lug around than a small desktop.

Re:What makes you think his "sentence" is ever up? (3, Informative)

Gr8Apes (679165) | more than 2 years ago | (#40629757)

So, let's start with the cheapest laptop Apple makes, the 13 inch MBP - i5 with HD4000 graphics and 4GB RAM, 500GB drive at $1199.

Dell - no similar laptop, even their $1800 or so Lattitude [dell.com] only has HD3000 graphics, they're all 2nd gen i5 processors.

HP has two at first look: $999 model [hp.com] and a $1399 model [hp.com] . Reviewing the specs, however, show that these are actually competitors to the 13" Mac Air, at $1199 which weighs less and comes with better confirmed battery life than HP posted. So, HP is also appears to be out in most comparisons, although they might have a slightly less expensive Air model. I didn't look deep enough to figure out exactly what the differences between their $999 and $1399 models were, nor how they compare exactly with the Mac Air. I just gave them the benefit of the doubt and stated they were mostly comparable, and dropped the issue of screen resolution differences (HP is wider, but shorter than the Mac Air, but not enough to belabor over in this comparison)

I didn't bother to look any further - I think the above speaks for itself across 2 product comparisons and continues to support what I found a year ago when matching 15" laptops. There is little, if any, "Apple tax" on the surface, and none when looking at what comes with the system as a whole, at least for a large portion of their products.

Re:What makes you think his "sentence" is ever up? (1)

CosaNostra Pizza Inc (1299163) | more than 2 years ago | (#40630677)

I bought an HP 7012nr. Its a 15" laptop with a Geforce 650 GT GPU and 2GB dedicated GRAM, Intel i7 processor, 8 GB system memory, 720 GB 7200 RPM hard drive, 1080p display with non-reflective surface, bluetooth, and a spacious (optional backlight) keyboard with numeric keypad. Of course, it also had a camera and 802.11n. It also had fingerprint biometrics as a bonus. Battery life is decent. If I am mistaken (unlikely) about any of the specs, it is because I'm recounting them all from memory. It came with Windows 7 but I made it dualboot to run linux. The cost for all this... $1050...a better deal than any of the DELLs or Apple notebooks I looked at.

Re:What makes you think his "sentence" is ever up? (4, Informative)

andydread (758754) | more than 2 years ago | (#40628937)

Oh, and no Apple product cost twice what it should, they are comparable in price to any business-class Dell or HP. There is no 500GB HD for $200, so you are just a filthy fucking liar trying to spread propaganda which you can't back up.

They recently listed a 640 GB for $199 [apple.com]

They list a 4GB ECC 1333 DIMM module for $150 [apple.com]
Newegg has a 8GB ECC 1333 DIMM module for $68 [newegg.com]

So from where I sit it looks like Apple products cost twice what they should. .... just saying.

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40629725)

As long as you don't count labor costs, shipping costs, machinery costs, overhead costs, etc, etc. like every other business does.

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40629895)

That's actually 4x on the RAM.

Its the model. (0)

Anonymous Coward | more than 2 years ago | (#40629969)

A substantial surcharge is added to the products that are officially "blessed" and thats that. This model has been tried before and it just costs more. I queried a SUn hardware vendor about why their products were 2x the cost of COTS versions... I heard they used better components like screws and springs. See where it got them? How much "Room is under their tent"?? Scotty McNealy once crowed this. See where it got them, once there were alternatives?

Re:What makes you think his "sentence" is ever up? (1)

Anonymous Coward | more than 2 years ago | (#40630043)

Oh, and no Apple product cost twice what it should, they are comparable in price to any business-class Dell or HP. There is no 500GB HD for $200, so you are just a filthy fucking liar trying to spread propaganda which you can't back up.

They recently listed a 640 GB for $199 [apple.com]

They list a 4GB ECC 1333 DIMM module for $150 [apple.com]

Newegg has a 8GB ECC 1333 DIMM module for $68 [newegg.com]

So from where I sit it looks like Apple products cost twice what they should. .... just saying.

That's like comparing "EMC" hard drives to Seagate.
Show us Dell, IBM, and HP pricing for the se modules if you want to be fair, but thats not what you wanted /eyeroll

Re:What makes you think his "sentence" is ever up? (1)

murphtall (1979734) | more than 2 years ago | (#40630483)

But apple doesn't make ram or hard drives. They aren't apple branded. Yawn.

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40629145)

Do NOT feed the trolls.

Everyone on slashdot either knows the current price of HDD or can search newegg or any other pricing website just like a dozen or so people below.

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40628417)

Please stop. You sentence hurt my brane...

Re:What makes you think his "sentence" is ever up? (1)

gtall (79522) | more than 2 years ago | (#40628723)

Your problem is that MS and FOSS have taught you to disrespect software as valueless, and that the separation between software and hardware somehow bestows mysterious pixie dust that improves everything it touches. Apple does software well and they do integration well. Some of us choose to pay for that, others don't. So what is your problem again, altruism attempting to save the proles from some perceived miscarriage of justice?

Re:What makes you think his "sentence" is ever up? (4, Informative)

alen (225700) | more than 2 years ago | (#40628235)

there is no NFC on the iphone now, nothing has been announced for iOS 6 and it's only a rumor for the next iphone

how is he going to embarrass apple since they only have a few patents for NFC. and that's only because apple patents everything, even tech they don't end up using.

if anything he's going to embarrass google since they are pushing NFC and google wallet

Re:What makes you think his "sentence" is ever up? (1)

Electricity Likes Me (1098643) | more than 2 years ago | (#40629761)

Well, convincing everyone NFC is a horrible idea before it launches would be one of the better economic efficiency services of white hatting.

The reality is that there's a very important distinction between contact and contact-less communication, since if you have a suitable antenna you can pick out almost any signal, no matter how "short range". I mean America was snooping Soviet microwave transmission towers with satellites in tangential orbits during the cold war (hell, it's probably still being done).

Re:What makes you think his "sentence" is ever up? (1)

jellomizer (103300) | more than 2 years ago | (#40630157)

Or you could let Apple know, keep it quite for a reasonable amount of time before you broadcast it.
You know give them time to fix the problem, without letting everyone know to exasperate the problem, so Apple is forced to do a quick fix, where they could have done a better fix to the problem.

What this guy is doing is Showboating to show how cool he is, without any concern about the people general security.

Re:What makes you think his "sentence" is down? (4, Insightful)

dutchwhizzman (817898) | more than 2 years ago | (#40628167)

As if he couldn't get someone else to proxy for him already. If apple keeps him away and he finds something worth while, he'll find someone else that is willing to front for him and just submit another app to prove his point. Keeping people out is useless, they should be thankful for someone to hilight their security flaws, even if it's bad publicity for them at that moment. Not exposing it and letting someone commit a serious crime on a large scale will hurt Apple more than having someone expose it.

Re:What makes you think his "sentence" is down? (4, Insightful)

Anonymous Coward | more than 2 years ago | (#40628229)

Oh Apple is fully within its rights, aside from the breach of fiduciary responsibility. Smart companies pay people like this for their services. Smarter ones give them a free tshirt and work for free. Stupid ones attempt to censor and really stupid ones prosecute.

Re:What makes you think his "sentence" is down? (5, Informative)

DJRumpy (1345787) | more than 2 years ago | (#40628449)

How are they censoring him? He uploaded an exploit into the App Store. If he wanted to bring attention to it, all he had to do was to contact Apple or put something on the net. Instead he violated the terms of use and his developer agreement and uploaded said exploit instead.

Re:What makes you think his "sentence" is down? (1)

westlake (615356) | more than 2 years ago | (#40629147)

As if he couldn't get someone else to proxy for him already. If apple keeps him away and he finds something worth while, he'll find someone else that is willing to front for him and just submit another app to prove his point

That doesn't means the proxy gets to keep the new app in the app store.

Talk of using a front is talk of a forming a conspiracy against Apple. It becomes a whole new ball game where the stakes are much higher.

The very least that can be expected is that Apple will be screening its developers and its apps all that more closely. Where Apple leads, Amazon, Google, and Microsoft and all the rest are sure to follow.

The walled garden is walled higher.

doesn't matter (1)

poetmatt (793785) | more than 2 years ago | (#40628537)

Since when does apple have control over an individual's freedom of speech?

If people haven't figured out that NFC is a great tool for a ton of things but also anything but secure by now, I would say that they are completely oblivious. They're simply thinking that a communication tool (NFC) can also be relied on for security. I don't see anything wrong with him exposing exploits on the presumption that he already warned apple about them (which he commonly does). I don't think that has anything to do with "embarrassment" so much as calling into question why anyone would think that mobile phone + anything = secure?

If "showing apple that there are security holes" = embarrass/criticize, then you are simply misled.

Re:What makes you think his "sentence" is ever up? (0)

Anonymous Coward | more than 2 years ago | (#40628831)

Apple is under no obligation to let anyone develop for it.

This. Charlie Miller must be a Communist.

One Year Ban, Read TFA (0)

Anonymous Coward | more than 2 years ago | (#40630141)

"he's still serving the remainder of his one-year ban from Apple's App store developer program in the wake of a research app he was able to slip past its vetting process last year, so he can't get a prerelease peek at iOS images to find new bugs in the upcoming iOS 6"

Re:What makes you think his "sentence" is ever up? (2)

ogdenk (712300) | more than 2 years ago | (#40630275)

iOS is a walled garden. Apple is under no obligation to let anyone develop for it. If you're going to embarrass and criticize Apple, they are under no obligation to let you do it on their iPhones and iPads (or Macs either, for that matter).

1.) It's *MY* iPhone. Not Apple's. I bought it. If they don't like that they can stop selling hardware to end users.

2.) I'll write whatever code I feel like, distribute it and talk smack all I want and they can't do dick about it. Just because they invented the walled garden doesn't mean they get to rewrite copyright law and assert control of something I bought. Just like they can't stop me from building a hackintosh. Locking people out for helping you secure your devices is asinine and childish.

Wireless (2, Interesting)

tuck3r (987067) | more than 2 years ago | (#40628147)

Whenever something is wireless there will always be a way to spoof or block it. All you have to do is provide it the right information and it will divulge all of it's information.

To me this is just common sense. If you want something to be less prone to this type of hacking? Don't use a wireless product in general...

Re:Wireless (4, Insightful)

GameboyRMH (1153867) | more than 2 years ago | (#40628715)

Block, yes, spoof, no. Try spoofing a keyfile-secured SSH connection between a laptop and a wireless router.

Re:Wireless (0)

Anonymous Coward | more than 2 years ago | (#40629517)

All you have to do is provide it the right information and it will divulge all of it's information.

So, yes, you could spoof it, as long as you already have the relevant keys.

Re:Wireless (1)

GameboyRMH (1153867) | more than 2 years ago | (#40629573)

But that's not vulnerability of wireless networking in general.

Dear Apple: (3, Insightful)

circletimessquare (444983) | more than 2 years ago | (#40628169)

The guy is providing you with research and development, for free.

Hire him, you blind idiots.

You'd prefer this hack had been quietly discovered in the wild by somebody who isn't so upfront with the techniques? And then deal with the cost and PR fiasco of violated iPhone users?

Wake up, Apple HQ morons.

Your wallet product is being hardened against exploit, for FREE, and you punish the guy for it.

Re:Dear Apple: (1)

Anonymous Coward | more than 2 years ago | (#40628297)

"The guy is providing you with research and development, for free."

Umm, if the guy is already doing it for free, why hire him? :)

Re:Dear Apple: (2)

CanHasDIY (1672858) | more than 2 years ago | (#40628353)

"The guy is providing you with research and development, for free."

Umm, if the guy is already doing it for free, why hire him? :)

Because if they don't, someone else will, and that someone else doesn't care nearly as much about Apple's image as Apple does.

Re:Dear Apple: (4, Insightful)

sideslash (1865434) | more than 2 years ago | (#40628323)

I have to admit a little bit of schadenfreude at watching Apple gradually lose their reputation for having secure devices. If they didn't have such an arrogant and offensive attitude about the whole thing, it would be easier to sympathize.

Re:Dear Apple: (1, Informative)

Anonymous Coward | more than 2 years ago | (#40628467)

You realize it's ultimately Unix losing it, right?

Re:Dear Apple: (1)

GameboyRMH (1153867) | more than 2 years ago | (#40628739)

Stupid argument, can be used by Android fanboys as well, or for any closed *nix-like system...

Re:Dear Apple: (0)

Anonymous Coward | more than 2 years ago | (#40629129)

And Unix is your God?

If you look far back enough you'd realize that Unix wasn't regarded as secure in the old days, it was not as secure as stuff like Multics.

Re:Dear Apple: (0)

Anonymous Coward | more than 2 years ago | (#40629011)

Apple doesn't have an arrogant and offensive attitude about the whole thing. Show me where on Apple's site the big giant flashing "WE'RE THE MOST SECURE OS ON THE PLANET" is...

It's the users, my friend.

Re:Dear Apple: (1)

Eyezen (548114) | more than 2 years ago | (#40630041)

"Arrogant and offensive" You mean the standard apple response of: "secure personal electronic commerce? Why would anyone want to do that?"

Re:Dear Apple: (2)

Kenja (541830) | more than 2 years ago | (#40628339)

Why hire someone willing to work for free?

Re:Dear Apple: (4, Insightful)

jo_ham (604554) | more than 2 years ago | (#40628787)

What hack is that exactly?

There is no NFC hardware in the iPhone at present.

As to being "idiots", I'm not sure how you arrive at that conclusion. Charlie has a flair for the dramatic and a clear skill at finding holes, sure, but he also antagonises those who (presumably) he is trying to impress (assuming his aim is to be financially rewarded for his work, which I don't think it is).

There are better ways than very publicly violating the terms of your developer agreement and then expecting to get hired. If Apple *did* hire him after that, what does that say for the credibility of their developer agreements? Who would be the "blind idiot" then?

Re:Dear Apple: (1)

circletimessquare (444983) | more than 2 years ago | (#40629051)

what you want is a dramatic hacker without an ego. it kind of comes with the territory

so why don't you expect discretion and maturity from your fellow managers, and stop looking a gift horse in the mouth

NFC "Danger" (0)

Anonymous Coward | more than 2 years ago | (#40628171)

Simpler yet, refrain from using an NFC capable device to pay for your cab fair or anything else for that fact. It surprises me how lazy we all have become because of technology. One deserves to get hacked if they are too lazy to protect themselves.

Re:NFC "Danger" (1)

alen (225700) | more than 2 years ago | (#40628327)

but paying with a smartphone is so much cooler than cash or credit card

Re:NFC "Danger" (1)

CanHasDIY (1672858) | more than 2 years ago | (#40628433)

It surprises me how lazy we all have become because of technology.

This I don't get; when it comes to convenient form of payment, cash is king. Universally accepted, nice wide spectrum of denominations, easy to keep track of (assuming one can count), and difficult to compromise (one would have to physically accost me to get at my cash [not recommended, this one packs a heater]). Conversely, using an NFC requires updates to vendor systems (who do you think really pays for those?), linking accounts from a (hopefully) secure machine, is not a universally accepted payment medium, and of course, hopelessly insecure.

Never ceases to amaze me, the excessive effort "lazy" people put forth in order to avoid what they consider work...

Re:NFC "Danger" (0)

Anonymous Coward | more than 2 years ago | (#40628539)

having a gun on you doesn't keep your money safe. it just gets you shot or stabbed.

oh I know, I know, you're faster and smarter than anyone who would be robbing you, we won't worry

Re:NFC "Danger" (0)

Anonymous Coward | more than 2 years ago | (#40628815)

Re:NFC "Danger" (0)

Anonymous Coward | more than 2 years ago | (#40629415)

having a gun on you doesn't keep your money safe.

No shit. Being properly trained and highly skilled in their use, however, is mighty effective.

FYI, contrary to what anti-gun pussies want you to think, openly carrying a firearm is an effective deterrent to would-be thieves. Criminals are like electricity - they follow the path of least resistance. When your choice of marks is A) a mean looking guy with a large pistol strapped to his side, or B) a scrawny dork with a cell-phone where his pistol should be, the path to take is obvious.

Re:NFC "Danger" (2)

CanHasDIY (1672858) | more than 2 years ago | (#40630501)

having a gun on you doesn't keep your money safe.

No shit. Being properly trained and highly skilled in their use, however, is mighty effective.

Mostly correct - equally important to training is maintaining proper situational awareness. You can spend all the time you like practicing at the range, but unless you remain aware of your surroundings and the potential threats they may contain, all that training will be for naught.

The Wikipedia entry for John Cooper [wikipedia.org] is quite informative to this end, as well as providing excellent information regarding proper handling and safety measures in regards to firearms.

When your choice of marks is A) a mean looking guy with a large pistol strapped to his side, or B) a scrawny dork with a cell-phone where his pistol should be, the path to take is obvious.

This is where concealed carry / strong castle laws come in handy - though the "scrawny dork" isn't openly carrying, that doesn't mean he's not carrying. The choice of marks is less obvious, and the smart criminal (i.e., the one who lives to crime another day) would cut his potential losses and walk away.

Re:NFC "Danger" (1)

GameboyRMH (1153867) | more than 2 years ago | (#40628759)

Not to mention the privacy issues. Cash is very hard to impossible to trace. NFC is at least as trackable as a credit card.

Re:NFC "Danger" (1)

CanHasDIY (1672858) | more than 2 years ago | (#40629095)

Yup, that's what today's governments hate about cash - they can't use your purchase history against you, because they don't know what it is.

Precisely why the FBI has been going about attempting to convince retailers that those who pay with cash are probably terrorists. [publicintelligence.net]

Re:NFC "Danger" (0)

nitio (825314) | more than 2 years ago | (#40628797)

lolwut? easy to keep track? do you take the number of all your freaking bills?

cash is as traceable to the regular person as is your hair. don't even get me started on coins - worst invention ever.

not accepted may be a problem in your area or the type of business you're dealing with. this is such a subjective matter that I can pay from food delivery to newspaper in stands in my city in brazil with credit card.

I agree that cash is more secure- as soon as you lose it is gone anyways.

Re:NFC "Danger" (1)

CanHasDIY (1672858) | more than 2 years ago | (#40629033)

easy to keep track of (assuming one can count)

easy to keep track? do you take the number of all your freaking bills?

Whoosh.

Context, dude: it's important.

FYI, "keep track of" != "trace origin." I was specifically referring to keeping track of your balance, not tracing where the money was spent.

If I want to know how much I have in my bank account, I have to find a computer, log in to my bank's web portal, navigate to the proper account, and chances are, the balance shown isn't my actual balance, due to things like pending payments. Conversely, If I want to know how much cash I have on hand, I open my wallet and count it.

Re:NFC "Danger" (1)

nitio (825314) | more than 2 years ago | (#40629219)

not exactly a woosh moment in my dictionary but I can live with that. OTOH, knowing how much money you have at the time is not exactly an absolute truth:
sure you can see how much you have in hand right now, but as you said, there are pending payments and whatnot so even if you do have that amount in your hands it may not mean that's what you have to spend.

unless you determine yourself that any money in your wallet=any spend than yes but then it's just as you said- context

No wonder Apple hates him (4, Interesting)

sandytaru (1158959) | more than 2 years ago | (#40628191)

He's one of the guys that proved Apple isn't so unhackable and "immune to viruses" after all. He does have a point that NFC technology is too new to know whether it's safe, and honestly, I'm glad someone like him is on the case to determine just how exploitable it is. I've already had my bank account cleaned out once because of a hack into a store's debit card system.

Re:No wonder Apple hates him (0)

Anonymous Coward | more than 2 years ago | (#40628279)

No, he proved that you have to jailbreak your iPhone OR be a registered developer to do anything even remotely dangerous. Good Job!

Re:No wonder Apple hates him (4, Informative)

sideslash (1865434) | more than 2 years ago | (#40628333)

He proved there could be other malware apps like his successfully submitted and now lurking on the official App Store. So what was your point again?

Re:No wonder Apple hates him (1)

Anonymous Coward | more than 2 years ago | (#40628585)

This is Charlie Miller you dumbfuck. Do some research so you don't look like an idiot next time. His work isn't exactly obscure.

The Dangers of NFC (5, Insightful)

6031769 (829845) | more than 2 years ago | (#40628195)

Essentially with NFC you have this card/phone in your pocket which all day long is saying to every other device it meets, "Hey, are you an EPoS terminal? I'd really like to pay for something, now!". It is not clear to me why the dangers of this need to be demonstrated, least of all to delegates at BlackHat.

Re:The Dangers of NFC (2)

pnutjam (523990) | more than 2 years ago | (#40628431)

And phone companies have a long history of being nothing but trustworthy, it's why they consistently the most loved companies in consumer surveys.

Re:The Dangers of NFC (0)

Anonymous Coward | more than 2 years ago | (#40629297)

I want to use NFC on my Blackberry 9900, simply because unlike NFC I've seen before (tap a card), I can now (hopefully) punch in a code as well. So NFC hacking requires both an intercept of my code, and the NFC info.

Article submitter's an idiot (5, Informative)

Anonymous Coward | more than 2 years ago | (#40628219)

1) Apple phones don't have NFC chips in them so Charlie Miller cannot be "exposing them"

2) Charlie Millier will be exposing security problems of NFC with Android phones.

3) Charlie Miller is also Google's nemesis and has exposed how silly Android security testing is:

http://www.darkreading.com/vulnerability-management/167901026/security/client-security/240003490/apple-ban-gives-miller-time-to-hack-other-things.html [darkreading.com]

4) timothy seems to have an axe to grind against Apple so he's submitting these idiotic articles lately. It's he, however, that looks stupid as a result.

Re:Article submitter's an idiot (1, Informative)

sideslash (1865434) | more than 2 years ago | (#40628355)

It's he, however, that looks stupid as a result.

Please don't get grammar partially right. Either say "it's him, however, that..." or "it's he, however, who...". Thank you; carry on.

Re:Article submitter's an idiot (1)

sribe (304414) | more than 2 years ago | (#40628559)

Please don't get grammar partially right. Either say "it's him, however, that..." or "it's he, however, who...". Thank you; carry on.

Hey, at least you got 1 out 2 ;-)

Re:Article submitter's an idiot (0)

Anonymous Coward | more than 2 years ago | (#40629073)

Please use a comma before quoting something. Thanks.

ILLITERATE MODS ON CRACK!! (0)

Anonymous Coward | more than 2 years ago | (#40629625)

Um, what?

Does nobody here speak English?

How is this +2 Informative?!

He/him is subject/object.
Who/whom is subject/object.

That/(who/whom) is impersonal/personal.

Re:Article submitter's an idiot (1)

mj1856 (589031) | more than 2 years ago | (#40629671)

Uh, no. If you're going to be a grammar Nazi, at least get it right.

He/Him [englishforums.com] - the original poster is correct.

That/Who [suite101.com] - either are acceptable in this context, and it has no relationship to the he/him decision.

Reading comprehension is good for you (1, Interesting)

DeadCatX2 (950953) | more than 2 years ago | (#40628601)

Nowhere did the summary say Charlie Miller is hacking NFC in an Apple phone. In fact, nowhere in the summary does the string "expos" appear, so when you quote "exposing them", who are you quoting?

The summary said "Apple's hacker nemesis Charlie Miller". It's merely identifying Charlie Miller as a somewhat infamous Apple hacker. Any allusion to him hacking Apple devices in the summary is entirely the fault of people who are jumping to conclusions.

This would be like saying "Sony's hacker nemesis George Hotz is now showing how NFC can be dangerous".

Re:Reading comprehension is good for you (5, Insightful)

jo_ham (604554) | more than 2 years ago | (#40628865)

If you think that summary *isn't* a blatant swing at Apple, written to make Charlie's completely non-Apple-related NFC hacking look like something to do with Apple and the app store, then I have a bridge to sell you.

If we're jumping to conclusions about what this means for Apple when two of the three sentences specifically mention Apple and his link to them and the "ban" from the App Store for violating his dev agreement. If Apple, the App Store and iOS have nothing to with this then why is 66% of the summary dedicated to it?

The salient point appears to be that he will show something related to NFC hacking at a conference using a "smartphone". Interesting how the particular model of smartphone or the OS it runs is not mentioned, yet the other 66% of the summary heavily mentions Apple. Mmm. Seems legit.

Either way, we know it's not an iPhone or iOS since the iPhone doesn't have any NFC hardware in it, unless he managed to get his hands on the rumoured iPhone 5 prototype that might have it included but no one knows yet.

Reading comprehension is good for you...again (1)

DeadCatX2 (950953) | more than 2 years ago | (#40630035)

If you think that summary *isn't* a blatant swing at Apple

So far as I know, none of my statements alluded to whether or not I thought this was a swing at Apple. That's just another example of a reader jumping to conclusions, which isn't surprising if you already jumped to conclusions once. I wouldn't have worded the summary the way it was worded...perhaps the first sentence would have been the same, to help the audience identify who Charlie Miller is (because I certainly didn't recognize his name, being someone who doesn't give two shits about Apple), but that last parenthetical sentence is certainly out of place and useless.

I will agree that the summary should have stated the device and platform that was having NFC hacked and the omission is conspicuous. That is in fact the fault of the submitter. The lack of this detail allowed people to jump to conclusions, but it didn't push anybody; people jumped to conclusions on their own, and that is the fault of those people, not the submitter. But no one wants to admit they jumped to conclusions, because that means they made a mistake, so instead they just blame the submitter to avoid feeling bad about their own actions.

After all, you said it yourself. The iPhone doesn't have NFC and this is fairly well known. So how on earth could someone be confused that he's hacking an Apple device with NFC, when there isn't one?

Also, speaking of misleading...

yet the other 66% of the summary heavily mentions Apple. Mmm. Seems legit.

First sentence: 26 words.
Second sentence: 32 words
Third sentence: 9 words

35 words contained in sentences referencing Apple. Those sentences also involved identifying who the hell Charlie Miller is, but I'll give you the benefit of the doubt and we'll just say all those words are directed at Apple.

32 words involve the actual story of the danger of NFC devices.

This means at most, 52% of the summary was devoted to Apple.

Re:Article submitter's an idiot (2)

MagicM (85041) | more than 2 years ago | (#40628711)

Apple phones don't have NFC chips in them

Apparently there is some evidence [slashdot.org] that the next generation iPhones will have NFC chips in them.

Surprised? (1)

gstoddart (321705) | more than 2 years ago | (#40628307)

Is anybody surprised by this: "he will demonstrate the dangers of using your smartphone to pay your cab fare"?
I have always been a little leery of these things. Between credit cards which don't require contact or a signature, and several other things ... they seem like something built for convenience, but without any real security in them.

I'm betting this isn't even specific to Apple so much as the entire class of near-field tech.

Just iOS or NFC itself (1)

TejWC (758299) | more than 2 years ago | (#40628365)

The article seems to be light in the details of his exploit: particularly if it is specific to iOS or to the actual NFC spec. There are lots of other companies that have vested interest in NFC so it would be interesting to see his presentation when it comes around.

Re:Just iOS or NFC itself (2)

MachineShedFred (621896) | more than 2 years ago | (#40628475)

I doubt it's specific to iOS, as there are exactly zero iOS devices with NFC, and there is zero exposed support for NFC in either the production iOS 5.x, or the beta of 6.x.

Faraday Wallet How -to anyone?? (4, Funny)

RobertLTux (260313) | more than 2 years ago | (#40628409)

Does anybody have a good set of instructions on how to make a Faraday Cage wallet?? (note not how to buy said wallet or something on a split between 64 pages so we can get ad income for 64 page views thing like instructables)

Re:Faraday Wallet How -to anyone?? (1)

cryptizard (2629853) | more than 2 years ago | (#40628625)

You seem to be awfully picky for somebody who is too lazy (attention seeking?) to google it for themselves.

Re:Faraday Wallet How -to anyone?? (2)

Greyfox (87712) | more than 2 years ago | (#40628731)

Maybe make a duck tape wallet but add some layers of that copper fabric Adam used in the "Gun to a knife fight" episode of Mythbusters? You'd just need to make sure the copper completely surrounds your cash, cards, passport or phone. I think a good way to test it would be to turn on wlan on the phone, connect to your local router and then slap that sucker in the wallet and see if the router can still find its mac address.

RPI Polymath [rpi-polymath.com] has some instructions on making a duck tape wallet. For the copper fabric maybe just use a 2 side tape out the outermost skin and then tape the fabric to that. Make the fabric a bit longer all the way around so you can sew a metal zipper in. I'm not sure how well it would work, so definitely test it afterwards.

Re:Faraday Wallet How -to anyone?? (0)

Anonymous Coward | more than 2 years ago | (#40629721)

Or you could use aluminum foil, if you're already burying it in duct-tape (which gives adequate tear-resistance). Or window screen (but make sure it's metal -- the last few decades, they've been using plastic mesh instead of woven screen!) or any other wire cloth product handy.

Seriously, if GP can't figure it out, he should get the fuck off our collective lawn.

Re:Faraday Wallet How -to anyone?? (1)

ColdWetDog (752185) | more than 2 years ago | (#40629271)

Does anybody have a good set of instructions on how to make a Faraday Cage wallet?? (note not how to buy said wallet or something on a split between 64 pages so we can get ad income for 64 page views thing like instructables)

Just place it under your tin foil hat. You see, you've already got one....

Re:Faraday Wallet How -to anyone?? (0)

Anonymous Coward | more than 2 years ago | (#40630343)

Pack it in aluminum foil

NFC and Payments (5, Interesting)

TheGreatDonkey (779189) | more than 2 years ago | (#40628597)

So there I am standing at the gas station yesterday, and I catch a quick glimpse of one of those ad's on the TV screen offering to give you 5 cents off per gallon if you pay at the pump with NFC through your phone. I'm a bit amused by this as right next to it is a sign saying not to use your cell phone at the pump with a funny symbol of fire next to it. Curious as to the contrary suggestions, I look at the fine print of the NFC ad where it basically says "for your safety, you can only use this as a single pump" or basically trying to manage the risk by only using it briefly. This is somewhat funny as they can't seem to make up their mind as to whether is it safe, or isn't it?

Re:NFC and Payments (2)

Overzeetop (214511) | more than 2 years ago | (#40628871)

Load 120-150lbs of a flammable liquid designed to explode at a low-to-moderate concentration in air into a container
Strap said container to a box loaded with 1-7 humans
Energize the entire chassis with a stored energy source capable of providing several hundred amperes of potential current flow
Accelerate several hundred of such boxes to 100+fps velocity separated by 3-6 feet
Take a second group and send them towards the first so the to groups pass no more than 3-6 feet apart.
Make no provision for automatic/active avoidance
????
(profit, I suggest, is not the likely outcome for any participants)

I rarely concern me self with using a cell phone around gas stations, given the otherwise ridiculous amount of risk which is involved in the operation of a vehicle.

Re:NFC and Payments (1)

ColdWetDog (752185) | more than 2 years ago | (#40629293)

I think you've just come up with the plot of the next Micheal Bay movie!

Re:NFC and Payments (1)

ColdWetDog (752185) | more than 2 years ago | (#40629399)

Yes, and before anybody else brings this up, I realize the concepts of a Micheal Bay movie and a plot are somewhat orthogonal to each other.

Re:NFC and Payments (1)

TurinX (1323321) | more than 2 years ago | (#40629381)

Picture of your post using the obligatory: http://xkcd.com/1075/ [xkcd.com]

Re:NFC and Payments (-1, Offtopic)

vedux (2682995) | more than 2 years ago | (#40628875)

Hi , What i was searching for last 3 month i found in your website.Its quite interesting and easy to use with very good content.Actualy my name is ysak and i live in Dubai ( Papolar city forCars in dubai [dubiads.com] and Thousands of peoples searchingjobs in dubai [dubiads.com] ). I was Very young when i came in this beautiful city and settle down. My Father was searchingproperties in dubai [dubiads.com] and was workings as a Properties consultant in dubai. This City is famouse for cars and many peoples sellingused cars in dubai [dubiads.com] daily wise using internet. Many online classifieds websites are runing now a day one of the best website isDubizzle [dubiads.com] ,Gnads4u.com [gnads4u.com] ,Souq.com [dubiads.com] andQuikr.com [quikr.com] for india.Many peoples come here in dubai for making their career and searching Dubai jobs daily onbayt.com [dubiads.com] ,dubizzle jobs [dubiads.com] ,Gulfnews.com [gulfnews.com] andvedux.com [vedux.com]

How? (1)

BetaDays (2355424) | more than 2 years ago | (#40628607)

I just want to know how are they going to fit all the attendees into the cab so they can see what is going on?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?