×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Smart Cards Vulnerable to Photo-Flash Attacks?

CmdrTaco posted more than 11 years ago | from the now-thats-an-issue dept.

Security 217

belphegor writes "Researchers at the University of Cambridge have found a way to use a camera flash and microscope to extract data from smart cards. " Notable because its apparently relatively simple to do and really throws a monkey wrench into a variety of businesses that use smart cards to store important data.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

217 comments

DIE BITCH!!!!!!!!!! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3509875)

HI NATE

DIE AC!!!!!!!! (-1)

DonkeyHote (521235) | more than 11 years ago | (#3509903)

I claim this FP for the CLIT

DIE you AC SCUM!

Troll Power!
Troll Power!
Troll Power!

Re:DIE AC!!!!!!!! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3509911)

My neighbor's dog has a 5 inch CLIT

Re:DIE BITCH!!!!!!!!!! (-1)

Burritos (535298) | more than 11 years ago | (#3510058)

First Homer Simpson had a helper monkey. Now the dude off of Malcom in the MIddle had a helper monkey. Who is better?

i just got in (-1)

Anonymous Cowrad (571322) | more than 11 years ago | (#3509884)

and walked into an early post

not first, but hell, it's monday

GOOD JOB, WASTE MOD POINTS GUY!! (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3510237)

See subject for details! Keep 'em wasting their fucking mod points....

They should have used the iButton (4, Informative)

swagr (244747) | more than 11 years ago | (#3509886)

It immediatly destroys it's internal data when forced open.
Here's the link. [ibutton.com]

Re:They should have used the iButton (2)

Sc00ter (99550) | more than 11 years ago | (#3509915)

The iButton has some weird user/developer license (I'm sure some smart cards arn't any better). Also some iButtons use Java, and that brings on another layer of lame licensing. That's why one person I know won't mess with them. I however think they're way cool. I really like the ones that work as a key to open doors, and then you get one of those iButton rings. It's all James Bondish :)

Re:They should have used the iButton (1)

swagr (244747) | more than 11 years ago | (#3510209)

Also, you can download the API and IDE for iButton development for free, and the actual iButtons and adapters are cheap enough for hobbyists to afford.

Re:They should have used the iButton (4, Informative)

egomaniac (105476) | more than 11 years ago | (#3510230)

It's easy enough to open an iButton without destroying it. I seem to recall you just keep it in a pressurized N2 atmosphere while cracking the case, and it won't even realize that it has been opened.

Slashdot Beatitudes (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3509893)

And seeing the multitudes, He went up unto the mountain: and when He was set, his disciples came unto him: And He opened his mouth, and taught them, saying,

"Blessed are the poor in threshold: for theirs is the Kingdom of the Page-Lengthening and Page-Widening Posts.

"Blessed are they that mourn the death of *BSD: for they shall be comforted with an ultradense Linux server from VA Linux, now sold by California Digital Corporation.

"Blessed are the posters of smug one-liners: for they shall inherit an Account Capped at 50.

"Blessed are they which do hunger and thirst after The First Post: for they shall have the Third or Fourth Post.

"Blessed are the karma whores: for they shall obtain "Score: 5, Insightful".

"Blessed are those who dismiss out-of-hand: for they shall fail to see the Point of the Original Post.

"Blessed are those who seek to associate themselves with the latest techno-fad: for they shall be called 3L33T for at least Another Half Hour.

"Blessed are they which are persecuted for their own self-righteousness' sake: for theirs is the Kingdom of "Ask Slashdot".

"Blessed are the over-eager, who believe that Open Source is a social movement heralding the rise of a new generation: for they shall not realize that There Are No Sacred Cows.

"Blessed are ye, when men shall revile you, and persecute you, and shall say all manner of evil against you falsely, for the sake of your Favorite Operating System.

"Rejoice, and be exceeding glad: for great is your reward in Heaven: for so persecuted they the prophets which were before you.

THIS IS THE WORD OF THE LORD

smartcards have always been lacking (5, Informative)

Lumpy (12016) | more than 11 years ago | (#3509897)

there is very little tamper protection on smartcards due to their flimsy construction. you cant make a rapid zeroization system on something that isn't rigid and tough enough to be driven over repeatedly by a car or take the huge amount of abuse the human carrier provides every day.

except... dallas semiconductor long ago created the ibutton [ibutton.com] that is more secure and better than any smartcard..

(I know I sound like a broken record, but ibuttons are way better and cooler than any smartcard, and you as a home hacker can use them!)

Re:smartcards have always been lacking (1)

hagardtroll (562208) | more than 11 years ago | (#3510110)

In the article... More widely used in Europe than in the United States, the cards have long been promoted as the key to a cashless society as well as... Whats wrong with Cash? I like cash. Cash is good.

Re:smartcards have always been lacking (1)

JonWan (456212) | more than 11 years ago | (#3510152)

Whats wrong with Cash? I like cash. Cash is good.

The men in the Black Helicopters can't track you as easy.

Re:smartcards have always been lacking (2, Interesting)

hagardtroll (562208) | more than 11 years ago | (#3510192)

Don't be so sure about that. Take any dollar bill and visit the web site WheresGeorge [wheresgeorge.com] and see where it has been.

Re:smartcards have always been lacking (5, Interesting)

Jon Peterson (1443) | more than 11 years ago | (#3510137)

OK, so smart cards are not tamper resistant. I don't see that any attack based around stealing a smart card is anything to worry about, assuming the card itself only stores dumb information like a sum of money or an id number.

Guess what?! Criminals can read the information from a credit card using nothing more sophisticated than their eyes! Does this render credit cards an appalling security risk? No, because when it gets stolen you report it and cancel the card.

Now, if someone figures out a way to _write_ to the smart card to people can top up sums of money or whatever, that's a problem. Also, if the smartcard stores data that's useful in itself - say your real naem and address, or other bank account numbers, or what have you, then you certainly don't want that being read by someone else.

Re:smartcards have always been lacking (1, Informative)

Anonymous Coward | more than 11 years ago | (#3510240)

Um, the problem is when you have cryptographic information on the card.

Like a private RSA key and certificate. There are many companies that use that for authentication and encryption. The Navy's CAC card for example. Every people in the Navy will have one. You wouldn't want someone to be able to steal your private key off of your card.

Re:smartcards have always been lacking (3, Interesting)

SignoffTheSourcerer (567014) | more than 11 years ago | (#3510189)

This is really nothing new, many microcontrollers (like those used in smartcards) are vulnerable to different attacks, clock-glitches voltage reversals/spikes which may unlock their security features. Many of them are normally readable but are 'locked' by a fuse. This fuse may be reset by removing the UV protective coating and erase the card as an EPROM (this will ofcourse also destroy any data you wanted to read). There are however methods circumventing this, like using micro-film as masks for the UV-eraser, or using micro-probes to directly alter the bus. Many cards do not even have real protection, like the european pay-phone cards, all they are is a serial-EPROM which is burned a bit at a time for each credit, but they're fused so if you erase them (UV-wise) they will not allow you to re-program the low-area of the EPROM, but don't worry, just use som other blank card and copy it onto that.

oh no! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3509901)

I'll lose all of my personal attempts at recreating goatse man

as expected (-1, Offtopic)

tps12 (105590) | more than 11 years ago | (#3509908)

I think all of us at slashdot knew that something like this would happen sooner or later. The whole concept of smart cards is fatally flawed, in that it relies on such provably insecure methods as security through obscurity and planned obsolescence to provide "security".

Not to mention the fact that they invade privacy. In the Constitution, in Article 4, where Congress is given the power and duty to take a decannual census, it is specifically stated that, "Beyond such Actions and Surveys as are required in the Construction of said Census, any and all Inquiries by Congress into the Private Matters of the Lives of Citizens is Therefore Banned." Pretty strong language.

But I guess that's what our forefathers fought for back in '76. I sure would hate to try to explain this to them.

Re:as expected (0)

Anonymous Coward | more than 11 years ago | (#3509936)

"Beyond such Actions and Surveys as are required in the Construction of said Census, any and all Inquiries by Congress into the Private Matters of the Lives of Citizens is Therefore Banned."

Too bad that doesn't apply to the IRS.

IRS (-1)

DonkeyHote (521235) | more than 11 years ago | (#3510015)

I Rape Soviets
Inner Rectum Society
Igloo Raiding Slovanians
Inherently Raciest Sparkplug
Indians Read Slowly
Ida Rena Southpaw

The IRS took my children sold them into slavery and all I got was the yearly bill!

Re:as expected (1, Informative)

Anonymous Coward | more than 11 years ago | (#3510061)

Well and good, but the Constitution has no such language. I salute you for a troll subtle enough that most people wouldn't pick up on it, however.

Troll rating:

First paragraph sounds reasonable and authoritative: 1 point
Factual statement about privacy invasion: 1 point
Reference to the constitution with the word "decannual": 1 point
A spurious "quote" from the Constitution that only a slashdotter could have written: -1 point
Cliche'd ending sentence about our "forefathers": -1 point

While you should be proud that you have a troll rating in positive territory, that's still not enough to send you over the edge and spark a flame war. Try again, next time.

IT's only money? (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3509913)

well, not exactly. does any1 know how many cc #s have been filched doo to M$ IIS security "enhancemeNTs"? know? does any1 know why ecommerce is practically dead in the wwwater? IEaaaggghhh.ofInvasion [trustworthycomputing.com]

"Smart Cards" (0, Flamebait)

DarkZero (516460) | more than 11 years ago | (#3509917)

Oh my God! You mean the security device that corporations have been hailing as super ultra mega secure and completely impenetrable is easily circumvented?

SHOCK! HORROR! SURPRISE! Yawn...

Re:"Smart Cards" (0)

Anonymous Coward | more than 11 years ago | (#3510092)

Today smart card realized they were just dumb. Those that bought the smart cards realized they were dumb too. The problem is the way technology has been peddled the last twenty years instead of making a great product they all try to make a quick buck. The fix is to demand that hardware manufacturers open source their schemetics and those who buy hardware are giving the source code so they can review it and fix the problems as they find them. We have GPL Software well lets have GPL Hardware. Smart cards are dumb just like Microsoft is crapware. Your boss is really a dumbshit as if you did not know. If you still do not understand go read Dilbert!

No worries, we'll just pass more laws... (5, Insightful)

Dimensio (311070) | more than 11 years ago | (#3509922)

All that needs to happen is for makers of smart cards to send money to Congresscritters to pass laws against smart card "circumvention devices" and have anyone making, selling or posessing a flash-based camera arrested.

Remember, when a security technology is comprimised you don't improve the technology, you outlaw anything that exposes its weakness.

I hope that this is a joke (2, Insightful)

dmomo (256005) | more than 11 years ago | (#3509976)

Since laws only stop people who obey laws. Not people with a large enough incetive to benefit from sevurity circumvention.

Re:I hope that this is a joke (2)

ConceptJunkie (24823) | more than 11 years ago | (#3510043)

Since when did doing something useful ever take precedence over the appearance of doing something useful.

If Congress constained themselves to measures that were actually designed to _be_ useful rather than _sound_ useful they'd have a lot more time for sex scandals.

Sounds like a win-win situation for everyone but the interns.

Obligatory M$ Zinger Here (1)

LittleGuy (267282) | more than 11 years ago | (#3509995)

Remember, when a security technology is compromised you don't improve the technology, you outlaw anything that exposes its weakness.

Well, that's one way to get rid of Windows...

How they did it (2, Redundant)

Boiling_point_ (443831) | more than 11 years ago | (#3509926)

The relevant part of the article [yahoo.com]:

They were able to expose the circuit to the light by scraping most of the protective coating from the surface of the microprocessor circuit that is embedded in each smart card.

With more study, the researchers were able to focus the flash on individual transistors within the chip by beaming the flash through a standard laboratory microscope.

"We used duct tape to fix the photoflash lamp on the video port of a Wentworth Labs MP-901 manual probing station," they wrote in their paper.

By sequentially changing the values of the transistors used to store information, they were able to "reverse engineer" the memory address map, allowing them to extract the secret information contained in the smart card.

It's not prostitution if your karma is 50.

Trust us, OUR cards ARE smart... (3, Funny)

dpbsmith (263124) | more than 11 years ago | (#3509938)

"Alex Giakoumis... said his company had built defensive measures into its products that would make them invulnerable to such an attack. However, he said he was unwilling to be specific about the nature of the security system."

However, it is speculated that the card contains material that can obscure the flash, literally achieving "security through obscurity."

Re:Trust us, OUR cards ARE smart... (1, Interesting)

Anonymous Coward | more than 11 years ago | (#3510147)

However, it is speculated that the card contains material


(Following up a humorous post with facts. Oh well.)

Correct. If you have a spare metal layer, you put that in as an unbroken power rail. Very little light will pass the higher-numbered connective layers.

If someone tries to remove such a layer, they are looking at a daunting task, since they are also removing the power to the circuit. I am surprised they haven't taken the cost of putting in that extra layer already.

That still leaves attacks which probe the charge stored on the floating gates of the flash memories. They are significantly more costly, though.

Re:Trust us, OUR cards ARE smart... (0)

Anonymous Coward | more than 11 years ago | (#3510204)

Alex must be a friend of Bill :) His products must just as good as Microsoft. Of course the majority of people are stupid fucks who will buy shit and he will make a billion or two just like Bill Gates. Tech Support Call "Help me my smart card is really dumb and trashed information can you help me shit this guy at xyz company said it was just as reliable as Microsoft Windows geez I wonder if the card is running Windows Embedded and BSOD"

Now I just got to figure out (1)

jesseraf (230545) | more than 11 years ago | (#3509943)

Now I just got to figure out how to add money to my laundry card. That thing has eaten more money than I've used on the machines...

Re:Now I just got to figure out (2)

Sc00ter (99550) | more than 11 years ago | (#3509973)

usually those type of systems only keep an ID on your card, and keep the ammount in a computer somewhere. So doing anything to the card won't effect the ammount of money linked to it.

Re:Now I just got to figure out (1)

iuyterw (255460) | more than 11 years ago | (#3510067)

How exactly would that work? I don't think the washing machine in my apartment building dials in when I wash my clothes.

I don't really know dick about smart cards, but common sense would tell you that any card system for laundry would keep track of the monetary value on the card itself.

I'd be interested to know how the system works if it doesn't.

Re:Now I just got to figure out (2)

Sc00ter (99550) | more than 11 years ago | (#3510123)

Well how do you get money on the card? If you do it in the same machine that that machine probably keeps track of the ID money information. It's very rare for the card itself to keep the ammount of money on the card.

Re:Now I just got to figure out (0)

Anonymous Coward | more than 11 years ago | (#3510127)

Actually we had smart cards in our student ID's at the University of Arizona and they used both systems. They kept some cash value on the card, and your ID was stored on the card for the meal plans. I think the maximum value was $100 on the card, just so you couldn't lose *that* much if you lost the card.

duct tape (0)

Anonymous Coward | more than 11 years ago | (#3509949)

"We used duct tape to fix the photoflash lamp on the video port of a..."

Is there anything in this world that cannot be fixed with duct tape? :-)

Not very shocking news. Really. (2)

krtek (300869) | more than 11 years ago | (#3509951)

A few years ago I was told about similar technique involving elctron beam (or something like this). Generally, physical access to anything means full access to all contained infomation. Old security principle.

On the one hand it means no equipment may be trusted since it comes to customer's hands. On the second, I see no problem if I can rip the data which belongs to me (I know, it's generally not the case when it comes to SC). Smart Cards always have been security by obscurity for me. This lesson the industry never learns, I'm afraid.

Re:Not very shocking news. Really. (2)

bogado (25959) | more than 11 years ago | (#3510035)

At a certain level every security measure in computer are from obscurity, you are safe because no one knows your password. But the problem arises when the design of the security measures must be made secret to keep it safe. I don't know if this is the case with the smart cards, or at least with all of them.

So let me get this straight, (5, Interesting)

Civil_Disobedient (261825) | more than 11 years ago | (#3509952)

Lemme see if I understand right. Reverse engineer hardware to show its inherit ineffectualness -- that's ok. Reverse engineer software to show its inherit ineffectualness -- that's illegal.

Ok, just making sure.

Re:So let me get this straight, (1)

rmadmin (532701) | more than 11 years ago | (#3509992)

Insight into who has spent more money in congress eh? Personally, I think these companies need to spend less time filling the pockets of congress and try to actually produce a (more) secure, (better) quality product. Then they probably wouldn't have to suck off congress all the time.

Re:So let me get this straight, (0)

Anonymous Coward | more than 11 years ago | (#3510089)

Change your sig - went there to see what's up and got told you're rebuilding it :(

Easy solution: Nanotubes (4, Funny)

MontyP (26575) | more than 11 years ago | (#3509953)

All they need to do is intertwine single wall carbon based nano tubes throughout the memory. When the camera flash hits the memory, the memory will self destruct.

DMCA (1, Interesting)

Anonymous Coward | more than 11 years ago | (#3509957)

Isn't this circumventing a protection system? Its only a matter of time before these guys are arrested.

Re:DMCA (0)

Anonymous Coward | more than 11 years ago | (#3510225)

I worked with Ross Anderson for a spell a little over 10 years ago, and even then, everybody said
it was just a matter of time before he got arrested.
I doubt the DMCA will even slow him down.

At least they need to steal them first (2, Insightful)

eet23 (563082) | more than 11 years ago | (#3509959)

From the article:
They were able to expose the circuit to the light by scraping most of the protective coating from the surface of the microprocessor circuit that is embedded in each smart card.

With more study, the researchers were able to focus the flash on individual transistors within the chip by beaming the flash through a standard laboratory microscope.

Could they make the cards so that removing the coating destroyed the chip?

Easy to do? (4, Informative)

AlaskanUnderachiever (561294) | more than 11 years ago | (#3509960)

Ok, maybe everyone else on slashdot has a full clean room. I mean, it could be a possibility. But when I hear phrases like "focusing light on a single transistor" and "Wentworth Labs MP-901 manual probing station" I tend not to think of simple or easy to do. I'm not saying you couldn't hack one, I'm just asking what % of criminals are going to have access to a "manual probing station"?

Re:Easy to do? (0)

Anonymous Coward | more than 11 years ago | (#3510065)

I'm just asking what % of criminals are going to have access to a "manual probing station"?

Are you still talking about about Smartcards?

I guess this means that those UFO's will start leaving our rednecks alone and start taking our smart cards!

Re:Easy to do? (0)

Anonymous Coward | more than 11 years ago | (#3510125)

Don't worry about criminals. Worry about the board collage kids with access to full lab setups. Some times it only takes the info from one smart card to do some damage. I mean if this process can be used on Direct-tv HU-cards will start seeing emulators any day now.

Re:Easy to do? (0)

Anonymous Coward | more than 11 years ago | (#3510151)

Exactly. I mean, if you could read the data while you were passing the guy on the street or sitting outside their building, that would be one thing. But having to scrape the coating, put it under a microscope in a clean room, focus a flash on each transistor, and reverse engineer the data? Come on guys, this sounds to me like a whole lot of worry over nothing! Not many hackers are going to have access to a Wentworth Labs MP-901 manual probing station. How much does something like that cost anyway?

jds

Re:Easy to do? (2, Interesting)

jelizondo (183861) | more than 11 years ago | (#3510161)

It's not easy but if it was it there would not be any money on breaking them. For criminals, the way it works is like what they do with current credit cards: some criminal outfit with the money to buy the talent and equipment needed starts producing them in mass and the neighboorhood hudloom uses them.

Last year there was a spat of cases where waiters and other salespeople had been coerced into swiping customer's credit cards through a "special device" that reads the mag track and stores it. Then the device is handled back to low-life who in turns delivers it to someone who in turn reads the data and produces "genuine" credit cards for use by criminals.

It's not easy, but if there is money on doing it you can bet it will be done.

Smart, very smart? (0)

KDENCE (558103) | more than 11 years ago | (#3509965)

So much for technology! What is secure exactly? Seems like just as we start to believe that we are living in Ft. Leavenworth we realize that instead we are living in grandpa's shed. The good thing in all of this is that my credit card company is not technology minded so I do not have one of these. So for those of you that have one hope that the guy who steals your credit card is not a prior science nerd with a access to a camera (w/ flash of course).

. . . and the moral of the story is: Just 'cause something says that it is smart doesn't mean it is.

"Entertain the Brutes"

Re:Smart, very smart? (1)

tomsparrow (263122) | more than 11 years ago | (#3510045)

Quite right, it's a good job I don't have one of those weak smart chip things on my credit card.
yessiree, my magnetic strip if far safer, now I can give my credit card out to random stangers with no fear of getting ripped off.

don't write the PIN on the back of your smart card (3, Insightful)

Bogatyr (69476) | more than 11 years ago | (#3509967)

And if I'm not running an enccrypted filesystem on a hard drive, and someone steals the hard drive out of that computer, they can read the data. Now I consider this article's significance to be just another reminder that physical security is important.
(quoting from the linked article)
"The Pentagon (news - web sites) has armed soldiers with smart cards for online identity and physical access...Some of the information stored in the card is in the form of a number composed of ones and zeros that cryptographers refer to as a "private key." That key is part of a two-key system that is used to encode and decode information. The security of such systems is compromised if the private key is revealed. Typically, after the card holder authenticates the card by supplying a pin number, the private key will then be used to encrypt any sort of transaction using the card."

More Fun (0)

Anonymous Coward | more than 11 years ago | (#3509980)

It's more fun to use a good sized tightly focused flashgun to melt the plastic underneath dark ink on CD's and plastic bags. You can also try this trick on things like phone books and see a quick puff of smoke from the instantly vaporized ink and paper.

Just stick the chip under the skin (0)

Anonymous Coward | more than 11 years ago | (#3509988)

Use a digital angel type technology and stick the chip in your hand.

No flash bulbs or microscopes would be able to penetrate and you wouldn't have to worry about loosing the thing.

rev 14.9

Re:Just stick the chip under the skin (1)

QuodEratDemonstratum (569501) | more than 11 years ago | (#3510026)

No flash bulbs or microscopes would be able to penetrate

Scapals can penetrate though. I hope the badguys use anesthetic .

Re:Just stick the chip under the skin (0)

Anonymous Coward | more than 11 years ago | (#3510079)

People scream louder then Smart Cards.

Beside, if the standard EM pulse that a human nervous system broadcasts stops then have the chip wipes itself[ala the button technology talked about earlier].

Wow, wonder what mag power you need for the scope (2)

NoMoreNicksLeft (516230) | more than 11 years ago | (#3509993)

Wouldn't mind being able to do this to a DirecTV access card. Grab that juicy elliptic crypto key...

Seriously though, this works well for unlocking locked out cards, and reading the rom... but for other info that may be in a rom not directly accessible to the 8051 mcu, this isn't very valuable. Also, some of the nicest info, might not even be in a rom, but weaved into a crypto asic.

Still, if you can alter the value of a register with the microscope... could you actually read out by hand the values stored in a masked rom? Or reverse engineer an asic?

This could kick some serious ass.

Re:Wow, wonder what mag power you need for the sco (1)

gwizah (236406) | more than 11 years ago | (#3510048)

You still need access to a "manual probing station" I hear some online DSS reatailers have them...Not sure about the duct tape tho ;)

Yet another reminder... (1)

supercytro (527265) | more than 11 years ago | (#3510013)

...that it's best not to keep all your eggs in one basket. Knowledge of hardware and software security as well as common sense is required for if security is paramount.

Duct Tape (0)

Anonymous Coward | more than 11 years ago | (#3510014)

So versatile...!

You can't have a proper hack job without Duct Tape (capitalised because it is Holy) and this research was no different.

Smartcards are not 100% secure... but can they be made secure enough? And where do you draw the line? 1 in a million fakes, or 1 in a billion?

Mod-point wasting post! (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510021)

    • [redcoat.net]

      From Rob Malda's diary

      A few years ago, while browsing around the library downtown, I had to take a piss. As I entered the john a big beautiful all-American football hero type, about twenty-five, came out of one of the booths. I stood at the urinal looking at him out of the corner of my eye as he washed his hands. He didn't once look at me. He was "straight" and married -- and in any case I was sure I wouldn't have a chance with him.

      As soon as he left I darted into the booth he'd vacated, hoping there might be a lingering smell of shit and even a seat still warm from his sturdy young ass. I found not only the smell but the shit itself. He'd forgotten to flush. And what a treasure he had left behind. Three or four beautiful specimens floated in the bowl. It apparently had been a fairly dry, constipated shit, for all were fat, stiff, and ruggedly textured. The real prize was a great feast of turd -- a nine inch gastrointestinal triumph as thick as a man's wrist.

      I knelt before the bowl, inhaling the rich brown fragrance and wondered if I should obey the impulse building up inside me. I'd always been a heavy rimmer and had lapped up more than one little clump of shit, but that had been just an inevitable part of eating ass and not an end in itself. Of course I'd had jerkoff fantasies of devouring great loads of it (what rimmer hasn't), but I had never done it. Now, here I was, confronted with the most beautiful five-pound turd I'd ever feasted my eyes on, a sausage fit to star in any fantasy and one I knew to have been hatched from the asshole of the world's handsomest young stud.

      Why not? I plucked it from the bowl, holding it with both hands to keep it from breaking. I lifted it to my nose. It smelled like rich, ripe limburger (horrid, but thrilling), yet had the consistency of cheddar. What is cheese anyway but milk turning to shit without the benefit of a digestive tract?

      I gave it a lick and found that it tasted better then it smelled. I've found since then that shit nearly almost does.

      I hesitated no longer. I shoved the fucking thing as far into my mouth as I could get it and sucked on it like a big brown cock, beating my meat like a madman. I wanted to completely engulf it and bit off a large chunk, flooding my mouth with the intense, bittersweet flavor. To my delight I found that while the water in the bowl had chilled the outside of the turd, it was still warm inside. As I chewed I discovered that it was filled with hard little bits of something I soon identified as peanuts. He hadn't chewed them carefully and they'd passed through his body virtually unchanged. I ate it greedily, sending lump after peanutty lump sliding scratchily down my throat. My only regret was the donor of this feast wasn't there to wash it down with his piss.

      I soon reached a terrific climax. I caught my cum in the cupped palm of my hand and drank it down. Believe me, there is no more delightful combination of flavors than the hot sweetness of cum with the rich bitterness of shit.

      Afterwards I was sorry that I hadn't made it last longer. But then I realized that I still had a lot of fun in store for me. There was still a clutch of virile turds left in the bowl. I tenderly fished them out, rolled them into my handkerchief, and stashed them in my briefcase. In the week to come I found all kinds of ways to eat the shit without bolting it right down. Once eaten it's gone forever unless you want to filch it third hand out of your own asshole. Not an unreasonable recourse in moments of desperation or simple boredom.

      I stored the turds in the refrigerator when I was not using them but within a week they were all gone. The last one I held in my mouth without chewing, letting it slowly dissolve. I had liquid shit trickling down my throat for nearly four hours. I must have had six orgasms in the process.

      I often think of that lovely young guy dropping solid gold out of his sweet, pink asshole every day, never knowing what joy it could, and at least once did, bring to a grateful shiteater.

Also... (1)

shr3k (451065) | more than 11 years ago | (#3510022)

Differential Power Analysis [cryptography.com] and even Simple Power Analysis (SPA) can be used on a smart card.

Re:Also... (0)

Anonymous Coward | more than 11 years ago | (#3510131)

The nice thing about DPA is that it is non-intrusive, unlike this attack which requires access to an expensive probing station each time you wish to replicate it. DPA can be largely automated as well to compromise large quantities of cards once the general characteristic is found.

Like father like son (1)

dmccarty (152630) | more than 11 years ago | (#3510023)

Mr. Skorobogatov is a Russian emigrant who was once employed in the former Soviet Union's nuclear weapons program, where his job was to maintain bombs.

This wasn't mentioned in the article, but apparently young Skorobogatov discovered the smart-card vulnerability during the bright flashes of his dad's exploives tests at the tender age of six.

Re:Like father like son (1)

dmccarty (152630) | more than 11 years ago | (#3510207)

This wasn't mentioned in the article, but apparently young Skorobogatov discovered the smart-card vulnerability during the bright flashes of his dad's exploives tests at the tender age of six.

Gee, that wasn't nearly as funny as I thought it would be...

This is not a problem! (duh!) (2, Interesting)

@madeus (24818) | more than 11 years ago | (#3510033)

This is a neat trick, sure but it's not a big issue.

This could ALREADY be done by anyone with a smart card reader already (which is cheaper than a camera and a microscope I might add!).

Duh! :)

Sensitive data on cards are stored encrypted using the readers public key. The data on the smartcard can be sent from the reader to a centralised location (over a network, much like the way credit cards are verified in realtime just now) and then decoded and verified by a central point (or a selction of central points for redundancy).

It's a given that the smartcard could always be read - this has been accounted for in design of secure systems that use smart cards (we'll the good ones anyway, addmittedly there are quite few which don't (there are a lot of muppets in this industry) :).

Re:This is not a problem! (duh!) (1)

SirTwitchALot (576315) | more than 11 years ago | (#3510157)

This attack doesn't pertain to simple memory cards, but rather full blown microprocessor cards. Here's a good primer [scia.org] explaining some of the differences.

Basically in a 'real' smart card, you access the data through the microprocessor, not directly. The encryption is performed on the card itself, not the host, increasing security (at least until now I suppose.)

Re:This is not a problem! (duh!) (1)

cyr (571397) | more than 11 years ago | (#3510217)

Sounds to me the cards you are talking about are not "smart" cards but rather simple memory cards. A real smart card has a processor and private program and data memory you can't just read out.

Take the cards used for sat TV, you send it encrypted data and get the decrypted version back. The decryption key(s) is/are on the card and can't easily be read.

Mod-point wasting post (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3510044)


http://www.eveeieyhfgfcdoosammgwsnboivvbsczxlzga bc / /ooieiabdcdjsvbkeldfogjhiyeeejkagclmieooionoepdk / /abcdefmfighyiqxjklmonopqrosoyotuvwxoyqwertyuiov / /sdfghjklqewiuznmbjadzmcloeuirquakndsflksjdflkas / /fskdfasiewurznmcvweroiqewrnamdnzcvuowieramnfkas / /dfhzuxcihskjrnakjzkjcxbviusayrkajsfzxncvizudyri / /bakdnfbzkcvhgiuegriweramdnfzxlcvueirhamdnzkciue / /jranbsdmfzcowierandmfxzncbkjhfabsdifuweajzkxcuw / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /ooieiabdcdjsvbkeldfogjhiyeeejkagclmieooionoepdk / /abcdefmfighyiqxjklmonopqrosoyotuvwxoyqwertyuiov / /sdfghjklqewiuznmbjadzmcloeuirquakndsflksjdflkas / /fskdfasiewurznmcvweroiqewrnamdnzcvuowieramnfkas / /dfhzuxcihskjrnakjzkjcxbviusayrkajsfzxncvizudyri / /bakdnfbzkcvhgiuegriweramdnfzxlcvueirhamdnzkciue / /jranbsdmfzcowierandmfxzncbkjhfabsdifuweajzkxcuw / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /ooieiabdcdjsvbkeldfogjhiyeeejkagclmieooionoepdk / /abcdefmfighyiqxjklmonopqrosoyotuvwxoyqwertyuiov / /sdfghjklqewiuznmbjadzmcloeuirquakndsflksjdflkas / /fskdfasiewurznmcvweroiqewrnamdnzcvuowieramnfkas / /dfhzuxcihskjrnakjzkjcxbviusayrkajsfzxncvizudyri / /bakdnfbzkcvhgiuegriweramdnfzxlcvueirhamdnzkciue / /jranbsdmfzcowierandmfxzncbkjhfabsdifuweajzkxcuw / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois / /jfweknasdkfjzoxijkenraksjdfoizxjvlknwerlkajsdfo / /ooieiabdcdjsvbkeldfogjhiyeeejkagclmieooionoepdk / /abcdefmfighyiqxjklmonopqrosoyotuvwxoyqwertyuiov / /sdfghjklqewiuznmbjadzmcloeuirquakndsflksjdflkas / /fskdfasiewurznmcvweroiqewrnamdnzcvuowieramnfkas / /dfhzuxcihskjrnakjzkjcxbviusayrkajsfzxncvizudyri / /bakdnfbzkcvhgiuegriweramdnfzxlcvueirhamdnzkciue / /jranbsdmfzcowierandmfxzncbkjhfabsdifuweajzkxcuw / /erhasdfzxncvkjdfyiuzxcnvsikirkajeajsbdfkzxbuyef / /rahsdjbzcvxmnvcuweyriausdnfzxbcvkwueyrajnbvkjxg / /iwueyajdfkzxjcnbkeyriaushdfkjbzbuowrnasdkfbhuie / /asjmfnkkbyiurnakjsndfkzjbhiuwerajsknfkzbyhweiua / /dkfjbzkxvbjywekrjaskjnvzxjcweruiasdhfkzjxnsjkld / /fasoidfjalskdfasklhfxjdnmenrqoiuozxcopjgneaksjo / /nzxdkfajlsdfkljsdfoiasdfasndflzxkcvozixucoqweiu / /pwoeiruzxmncvoutyqwerizxnvmxmcnvoweurqmznxmbouw / /rmnzbkhuyrtjghanzxcvbkhgjweyriaudfbznbkweruyabz / /bcvnkdhityqhagsdfjglsieurakfsdnfbvfdsajkbiuyqwe / /kweorjasdknfbkjsdoifuzxbcmfgsltjewioahsdfnbzxcb / /heoiroaisjdfzbxckjksrhiuehadsfbzkxjcbhkeuryaksj / /fzbxcvkxlkcnvmndskfjwehaiursdfzjxnbjkdfhskdflas / /yroausdfzxmncvskeyiqozsjhfasdfoiwueranmcnzbkjhd / /ueafhksjfwheuirasdjhbzxiuewjhasmdnkfzxciurhaskj / /roiquwermcvkhiruhasdkjfnzxkjyeiuahsdbzxckjvopwe / /uqweuirjhvxzckjhweriuasydfoiqurnmxckvhweruiahdj / /znkxcvjhwierahsfzkxhhidufhsakjbzxjchiwueryqagsd / /kjhaksdfnbakwreyhaisknfjkzxbcvkoiqwueraskfzxcbk / /nlkwejrasoidjfxzlknvlkwjeroiasudflknzxlkbjeoiru / /slkdjfzxnmvkljdfawienzxveoriuaskdfjzxcmbnkseuri / /kfjlznxcvksjroeijasdklzjfowierqouasdhfzxncbkjhd / /jsdfljkweoriuasdfkjzxmcnvlkjdowuieraksdflkzxjbo / /werklasdnfmzxclkjewoijasdlfknzlkjwoeirqpweoiasd / /kjzxjvwperaksdjfxzweirjaslkdfzxnclvkjweroiasufd / /zxclkjeworijasdflknzlbkoiwuraksjflknxblkwjerois

It's relatively simple to do... (2, Interesting)

proverbialcow (177020) | more than 11 years ago | (#3510053)

...but not so easy to do without someone noticing. I mean, if you're going to have the Flash card in your possession long enough to perform the attack UNDER A MICROSCOPE, wouldn't it just be easier to yank the data with one of those smart-card reader/portable hard-drive things that ThinkGeek was advertising on here?

If this were in the US... (1)

EvilMagnus (32878) | more than 11 years ago | (#3510057)

...someone would already have slapped an injunction on them under the DMCA. Wheeee!

Mod-point wasting post (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510072)

(Reposted from an eariler story -- worth reading.)

It is now official - a Slashdot poll has confirmed: Slashdot is dying

Yet another crippling bombshell hit the beleaguered Slashdot community when recently a poll on the site confirmed that up-to-date and factually-correct stories account for less than 40 percent of all submitted news stories, that the user-moderation system has fallen to pieces through the oppressive power of the editors, and that subscribers don't need to pay and can use such software as JunkBuster to filter out adverts. Coming on the heels of the latest MSNBC survey which plainly states that Slashdot has lost more readers, this news serves to reinforce what we've known all along. Slashdot is collapsing in complete disarray, as further exemplified by failing dead last [kuro5hin.com] in the recent Kuro5hin technology site popularity test.

You don't need to be a Kreskin [amdest.com] to predict Slashdot's future. The hand writing is on the wall: Slashdot faces a bleak future. In fact there won't be any future at all for it because Slashdot is dying. Things are looking very bad for the site. As many of us are already aware, Slashdot continues to lose readers. Red ink flows like a river of blood. The subscribers scheme is the most endangered of them all, having lost 62% of its paying readers.

Let's keep to the facts and look at the numbers.

Slashdot editor and homosexual-rights campaigner Rob Malda (CmdrTaco) states that there are 700 paying subscribers to Slashdot. How many normal readers are there? Let's see. The number of subscriber versus reader posts on Slashdot is roughly in ratio of 1 to 4. Therefore there are about 700*4 = 2800 normal casual readers. Anonymous Coward posts are about half of the volume of the typical posts. Therefore there are about 1400 readers who can't be bothered setting up an account. A recent article put the Trolls, who post sexual insults, foul ASCII art pictures and links to vile sites, at about 80 percent of the Slashdot readership. Therefore there are (700+8400+4200)*4 = 19600 trolling readers. This is consistent with the number of Troll posts.

Due to the troubles of Andover.net, abysmal hit counts and so on, Slashdot went out of business and was taken over by OSDN who run another troubled site. Now OSDN is also dead, its corpse turned over to yet another charnel house.

All major surveys show that Slashdot has steadily declined in readership. It is very sick and its long term survival prospects are very dim. If Slashdot is to survive at all it will be among geeky hobbyist dabblers. Slashdot continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, Slashdot is dead.

So why now? Why did Slashdot fail? Once you get over the myriad of incompatible personalities, particularly among the editors who have repeatedly failed to check for serious inaccuracies in their stories (see the FreeBSD 4.5 "release" as a shocking example), it's clear that subscribers will continue to decrease. Using software such as JunkBuster, readers can eliminate adverts without having to pay any money. These two significant factors, along with the corrupted "moderation" scheme (where editors have infinite power over the regular moderators), only confirm yet further that Slashdot's glory days are coming to an end.

Fact: Slashdot is dying

The simple solution.... (0, Redundant)

docbrown42 (535974) | more than 11 years ago | (#3510082)

....is to start making smart cards out of nanotubes [slashdot.org]! That way, when the hackers try to extract the data with their camera flash, the cards will explode! BOOM!

-Ed

Graphic Design, Web Design, Computer Rendering, Role-Playing Games...All the Good stuff

docbrown.net [docbrown.net]

Not so smart.... (1)

anonymous cupboard (446159) | more than 11 years ago | (#3510084)

Smart cards can be attacked by messing with clocks, messing with the power and the type used for GSM, can be exhaustively attacked by using an "Identify" command. This is just one more attack. However, the truth of it, the protection of smartcards is generally adequate but perhaps not suitable for something like military level crypto keys. Of course, what do the military have with their Fortezza based cryptographic PCMCIA-cards, why smart cards of course!

I-buttons are being spoken about elsewhere here. They are nice and can fit nicely on a key ring, but the form factor of the smartcard is easier when you have more than one in your pocket.

However, a smartcard is better than a credit/debit card with a magnetic stripe. It is better than a physical key. Both of these can be duplicated in seconds. Someone has to have your smartcard in their possession for several hours before an attack is likely to succeed. Hopefully, you may have noticed by then and have cancelled the thing.

Mod-point wasting post (-1, Offtopic)

Anonymous Coward | more than 11 years ago | (#3510086)

88888888888888888888888888888888888888888888888
8/88888\8888888888888\888888888888/8888\8888888
|8888888|8888888888888\8888888888|888888|888888
|8888888`.8888888888888|888888888|8888888:88888
`88888888|8888888888888|88888888\|8888888|88888
8\8888888|8/8888888/88\\\888--__8\\8888888:8888
88\888888\/888_--~~8888888888~--__|8\88888|8888
888\888888\_-~88888888888888888888~-_\8888|8888
0000\_00000\00000000_.--------.______\|000|0000
000000\00000\______//0_0___0_0(_(__>00\000|000 0
0000000\000.00C0___)00______0(_(____>00|00/000 0
0000000/\0|000C0____)/ \0(_____>00|_/00000
000000/0/\|000C_____) |00(___>000/00\0000
00000|000(000_C_____)\______/00//0_/0/00000\000
00000|0000\00|__000\\_________//0(__/0000000|00
0000|0\0000\____)000`----000--'0000000000000|00
0000|00\_0000000000___\ /_0000000000_/0|0
000|00000000000000/0000| |00\000000000000|
000|0000000000000|0000/ \00\00000000000|0
666|6666666666/6/6666| |66\66666666666|0
666|666666666/6/666666\__/\___/6666|6666666666|
66|66666666666/66666666| |6666666|666666666|
66|6666666666|666666666| |6666666|666666666|

88888888888888888888888888888888888888888888888
8/88888\8888888888888\888888888888/8888\8888888
|8888888|8888888888888\8888888888|888888|888888
|8888888`.8888888888888|888888888|8888888:88888
`88888888|8888888888888|88888888\|8888888|88888
8\8888888|8/8888888/88\\\888--__8\\8888888:8888
88\888888\/888_--~~8888888888~--__|8\88888|8888
888\888888\_-~88888888888888888888~-_\8888|8888
0000\_00000\00000000_.--------.______\|000|0000
000000\00000\______//0_0___0_0(_(__>00\000|000 0
0000000\000.00C0___)00______0(_(____>00|00/000 0
0000000/\0|000C0____)/ \0(_____>00|_/00000
000000/0/\|000C_____) |00(___>000/00\0000
00000|000(000_C_____)\______/00//0_/0/00000\000
00000|0000\00|__000\\_________//0(__/0000000|00
0000|0\0000\____)000`----000--'0000000000000|00
0000|00\_0000000000___\ /_0000000000_/0|0
000|00000000000000/0000| |00\000000000000|
000|0000000000000|0000/ \00\00000000000|0
666|6666666666/6/6666| |66\66666666666|0
666|666666666/6/666666\__/\___/6666|6666666666|
66|66666666666/66666666| |6666666|666666666|
66|6666666666|666666666| |6666666|666666666|

88888888888888888888888888888888888888888888888 [goatse.cx]
8/88888\8888888888888\888888888888/8888\8888888
|8888888|8888888888888\8888888888|888888|888888 123456789012345678
|8888888`.8888888888888|888888888|8888888:88888
`88888888|8888888888888|88888888\|8888888|88888
8\8888888|8/8888888/88\\\888--__8\\8888888:8888
88\888888\/888_--~~8888888888~--__|8\88888|8888 123456789012
888\888888\_-~88888888888888888888~-_\8888|8888
0000\_00000\00000000_.--------.______\|000|0000
000000\00000\______//0_0___0_0(_(__>00\000|000 0
a0000000\000.00C0___)00______0(_(____>00|00/000 0
0000000/\0|000C0____)/ \0(_____>00|_/00000
000000/0/\|000C_____) |00(___>000/00\0000
00000|000(000_C_____)\______/00//0_/0/00000\000
00000|0000\00|__000\\_________//0(__/0000000|00
0000|0\0000\____)000`----000--'0000000000000|00
0000|00\_0000000000___\ /_0000000000_/0|0 asdasdasdasdasd
000|00000000000000/0000| |00\000000000000| alsjdhkjdhkajhakhqwe
000|0000000000000|0000/ \00\00000000000|0
666|6666666666/6/6666| |66\66666666666|0
666|666666666/6/666666\__/\___/6666|6666666666| basyguivfgyaeutgqgjsz
66|66666666666/66666666| |6666666|666666666| jqwbhrejkfio
66|6666666666|666666666| |6666666|666666666| jwqhrowuerir

Free Your Mind ... and the rest will follow ?? (1)

Discoteck (468081) | more than 11 years ago | (#3510099)

"Mr. Anderson is a well-known computer security researcher whose work in both computer security and cryptography is widely recognized."

Ya but can he leap from tall building to tall building and stop bullets with the force of will?
"Don't think you are - know you are."

-Neo

"The Matrix is a system, Neo. That system is our enemy. But when you're inside, you look around and what do you see? Businessmen, Teachers, Lawyers, Carpenters...the very minds of the people we're trying to save. "
-Morpheus

Mod-point wasting post (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510102)

Tip #1: Play Safe

There are some serious safety issues regarding anal sex that you need to be aware of at all times. First and foremost, whatever touches the anus shouldn't be touching anything else. Never never never take the penis out of the anus and put it into the vagina. That can lead to serious infections and other complications. After any kind of anal play, you should immediately change condoms and wash the relevant body parts thoroughly.

Of course, STDs are also a major concern with anal sex. This isn't just limited to AIDS; herpes, genital warts, syphilis, gonorrhea, etc. can all be transmitted through anal sex. You simply shouldn't be having anal sex without a condom; it's not worth the risk to either partner.

Tip #2: Lube, lube, lube

One of the most important thing to remember when thinking about anal sex is that, unlike the vagina, the anus isn't self-lubricating: you gotta bring your own grease. And, the more lube you use, the better. It will make the initial penetration much more easy and less painful for the woman and make the whole experience, for both of you, much more pleasant.

All kinds of lube are used for anal sex, from spit to Vaseline to high-tech silicone-based lubes. We'd strongly recommend spending a little money to get a high quality water-based lubricant; remember, an oil-based lubricant like Vaseline will degrade the latex in a condom, destroying its usefulness. We'd recommend products like AstroGlide or KY Jelly, available in any drug store. Note, though a condom may be "lubricated", they typically don't offer as much lube as we'd recommend for anal sex.

There are some specialty lubes designed for anal sex that include an anesthetic to numb the woman's sensation and make anal sex less painful. We'd advise against these products. The simple fact is, pain is a way of your body telling you that something's wrong. If you're in pain during anal sex, you need to focus on solving the root problems, not anesthetizing yourself so it's easier to endure.

Tip #3: Start Small

Simply put, a penis is an awful big to be the first thing you stick up someone's butt. Better to start with something smaller and work your way up. Fingers are an excellent beginning point. Use one finger, then two, to initiate your partner into the mysteries of anal penetration. Try it while performing oral sex for an extra thrill. Be sure not to forget the lube, and you might also want to wear latex gloves.

As your partner gets used to your fingers, you might graduate to a butt plug or a small dildo. Dildos are available in all shapes and sizes. Go shopping together to get one she thinks she can handle. Remember, though, don't put the dildo into the vagina after putting it into the anus. The safest way is to put a condom on the dildo before using it, and to wash it thoroughly immediately after.

They need to have your card first (2)

ChenLing (20932) | more than 11 years ago | (#3510116)

They can't do this from afar. They have to actually be in physical possession of your smart card, scrape the protective layers off, and put it under a microscope. The problem is that because smart cards are more "secure", they are trusted more, and so actual breaks in such security are harder to prove. So this is like an easy way to find out someone's PIN number once you have their ATM card.

Denying problem (2, Insightful)

hether (101201) | more than 11 years ago | (#3510132)

a manufacturer who had read the paper said it believed its products were not vulnerable to the attack.

I love how the smart card manufacturing companies are just denying that this is a problem and saying that they've already looked at that issue. Do you really think they feel that way and have covered this problem already, or off the record they are panicking to find a way to fix the problem? I would guess that this is new to them, but that they don't want to admit their cards are vulnerable.

BTW, The story is taken from the NY Times, so if you have problems getting to the Yahoo! version of the story, try this link:

http://www.nytimes.com/2002/05/13/technology/13SMA R.html?todaysheadlines [nytimes.com]

Mod-point wasting post (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510142)

THE CUCUMBER AND BEST FRIEND SESSION

Hey hey, Rob Malda (CmdrTaco) here. I have a story in the high school section about my first time, which was with my little brother's hottie friend a couple of months ago.

Anyway, as with most of us guys, masturbation has always been a big part of my life. Ever since I can remember, I've been choking the chicken on a daily basis. Starting puberty at 11, I've masturbated at least once a day ever since. If I miss a day, then I more than make up for it the next time. So, masturbating at least 7 times a week for the past 6 years or so, (I'm now 17), that adds up to a fair amount of cum ejaculated from my ball sac!

One of my favourite things to do while wanking is to stick phallic shaped objects up my ass. These have included my fingers, dildoes, cucumbers and anything basically resembling a cock!

Laying spread-eagled on my bed one day, slowly stroking my uncut 6.5" dick, I massaged my hairless balls between my fingers, moaning loudly. I reached under my bed, feeling for my newly purchased friend, Mr. Cucumber...

Finding the vegetable, I grabbed the lube and slowly lubed it up, spreading some on my expectant asshole. Thinking of what lay ahead, I slid a finger up my puckered boy hole. Then two. After adding a third, I thought it was enough so I set about getting the cucumber ready again.

Rubbing my lubed up swollen knob sent shivers of delight down my back. Doing that was gonna make me cum if I didn't stop! My balls lobbed from side to side with the sudden pick up of pace with which I was beating my meat. I picked up the cucumber and placed the rounded end against my hole, feeling myself opening up for the glorious pleasure maker. Slipping it in sent huge ripples of delight through me. I slowly slid the vegetable in and out, all the time jerking off. After a few minutes of furious beating and fucking, I was very close to cumming.

"Knock, knock...," was all I heard before my best friend Hemos barged in with an armful of school books.

"Whoa! What the hell?" was his shocked response to my little bit of exhibitionism, before bursting into a fit of laughter.

With my gorgeous best friend watching, a cucumber lodged up my ass and my frantically jacking off, it only took me about ten seconds more to burst forth with my sticky white juice. A huge glob flew at Hemos and landed at his feet, before I threw my legs in the air, with the rest of my cum landing on my chest and face.

With Hemos's raucous laughter still in my ears, I slowly pulled my cock, easing the last remaining drops of cum out, putting my fingers to my lips.

"Man, that's fuckin' sick, eating your own cum," he said, grinning.

"Yeah, well, I like the taste," I smiled, "and don't deny you don't do it!" I said, before wiping my finger over each drop of cum on my body and taking it to my hungry mouth.

Hemos continued laughing and started walking out.

"Meet you out front in 5," he said, "give you some time to clean up."

He strolled out, still shaking his head and laughing.

I was very satisfied. Although I have no doubts that Hemos was totally straight, it didn't hurt to fantasise about my tanned and gorgeous friend. His face and body are a recurring image in my masturbatory fantasies.

Mod-point wasting post (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510158)

88888888888888888888888888888888888888888888888
8/88888\8888888888888\888888888888/8888\8888888
|8888888|8888888888888\8888888888|888888|888888
|8888888`.8888888888888|888888888|8888888:88888
`88888888|8888888888888|88888888\|8888888|88888
8\8888888|8/8888888/88\\\888--__8\\8888888:8888
88\888888\/888_--~~8888888888~--__|8\88888|8888
888\888888\_-~88888888888888888888~-_\8888|8888
0000\_00000\00000000_.--------.______\|000|0000
000000\00000\______//0_0___0_0(_(__>00\000|000 0
0000000\000.00C0___)00______0(_(____>00|00/000 0
0000000/\0|000C0____)/ \0(_____>00|_/00000
000000/0/\|000C_____) |00(___>000/00\0000
00000|000(000_C_____)\______/00//0_/0/00000\000
00000|0000\00|__000\\_________//0(__/0000000|00
0000|0\0000\____)000`----000--'0000000000000|00
0000|00\_0000000000___\ /_0000000000_/0|0
000|00000000000000/0000| |00\000000000000|
000|0000000000000|0000/ \00\00000000000|0
666|6666666666/6/6666| |66\66666666666|0
666|666666666/6/666666\__/\___/6666|6666666666|
66|66666666666/66666666| |6666666|666666666|
66|6666666666|666666666| |6666666|666666666|

88888888888888888888888888888888888888888888888
8/88888\8888888888888\888888888888/8888\8888888
|8888888|8888888888888\8888888888|888888|888888
|8888888`.8888888888888|888888888|8888888:88888
`88888888|8888888888888|88888888\|8888888|88888
8\8888888|8/8888888/88\\\888--__8\\8888888:8888
88\888888\/888_--~~8888888888~--__|8\88888|8888
888\888888\_-~88888888888888888888~-_\8888|8888
0000\_00000\00000000_.--------.______\|000|0000
000000\00000\______//0_0___0_0(_(__>00\000|000 0
0000000\000.00C0___)00______0(_(____>00|00/000 0
0000000/\0|000C0____)/ \0(_____>00|_/00000
000000/0/\|000C_____) |00(___>000/00\0000
00000|000(000_C_____)\______/00//0_/0/00000\000
00000|0000\00|__000\\_________//0(__/0000000|00
0000|0\0000\____)000`----000--'0000000000000|00
0000|00\_0000000000___\ /_0000000000_/0|0
000|00000000000000/0000| |00\000000000000|
000|0000000000000|0000/ \00\00000000000|0
666|6666666666/6/6666| |66\66666666666|0
666|666666666/6/666666\__/\___/6666|6666666666|
66|66666666666/66666666| |6666666|666666666|
66|6666666666|666666666| |6666666|666666666|

88888888888888888888888888888888888888888888888 [goatse.cx]
8/88888\8888888888888\888888888888/8888\8888888
|8888888|8888888888888\8888888888|888888|888888 123456789012345678
|8888888`.8888888888888|888888888|8888888:88888
`88888888|8888888888888|88888888\|8888888|88888
8\8888888|8/8888888/88\\\888--__8\\8888888:8888
88\888888\/888_--~~8888888888~--__|8\88888|8888 123456789012
888\888888\_-~88888888888888888888~-_\8888|8888
0000\_00000\00000000_.--------.______\|000|0000
000000\00000\______//0_0___0_0(_(__>00\000|000 0
a0000000\000.00C0___)00______0(_(____>00|00/000 0
0000000/\0|000C0____)/ \0(_____>00|_/00000
000000/0/\|000C_____) |00(___>000/00\0000
00000|000(000_C_____)\______/00//0_/0/00000\000
00000|0000\00|__000\\_________//0(__/0000000|00
0000|0\0000\____)000`----000--'0000000000000|00
0000|00\_0000000000___\ /_0000000000_/0|0 asdasdasdasdasd
000|00000000000000/0000| |00\000000000000| alsjdhkjdhkajhakhqwe
000|0000000000000|0000/ \00\00000000000|0
666|6666666666/6/6666| |66\66666666666|0
666|666666666/6/666666\__/\___/6666|6666666666| basyguivfgyaeutgqgjsz
66|66666666666/66666666| |6666666|666666666| jqwbhrejkfio
66|6666666666|666666666| |6666666|666666666| jwqhrowuerir

The handyman's secret weapon (4, Funny)

gambit3 (463693) | more than 11 years ago | (#3510163)


"We used duct tape to fix the photoflash lamp on the video port of a Wentworth Labs MP-901 manual probing station," they wrote in their paper.

No matter how high tech, there's no experiment that can't be improved with duct tape

don't panic (1)

g4dget (579145) | more than 11 years ago | (#3510165)

The primary attacks smart cards are designed to protect against are eavesdropping and replay. They can do that because they can run zero knowledge and public key protocols. That's a whole lot better than the magnetic strip on your credit card and is unaffected by this attack.

Protection against physical tampering is secondary. It's nice, but even if it didn't exist at all, smart cards would still be very useful. This particular attack seems so tricky that it may not even be worth doing anything about.

Mod-point wasting post (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510174)

Anal Sex

Anal sex is not something that is experienced exclusively by gay men; it is a facet of our collective sexual identity which has been explored by previous cultures and continues to be explored today. Men and women of all walks of life enjoy anal sex as an alternative to everyday lovemaking. Its not for everyone, but anal sex may be what youre looking for if you want to try something completely different.

Why do people enjoy anal sex?

Anal sex is enjoyable because of the rich body of nerve endings in the anus. While people often experience pain when first attempting anal sex, as a person learns to relax, the pain often subsides into pleasure. For men, anal sex also offers stimulation to the prostate, an organ that provides the rush of pleasure during orgasm. Anal sex for many seems like a taboo activity, and much of society still shuns it. But statistics show that roughly 35% of heterosexuals and 50% of the gay community practice anal sex at least occasionally.

How can I make anal sex safer?

Anal sex can be a perfectly safe activity as long as you take the necessary precautions. You should remember that your anus and rectum do not have their own natural lubrication nor the kind of elasticity the mouth and vagina enjoy. That is why anal sex must be practiced with care. There are three things that should always be used whenever anal penetration is taking place; lubrication, condoms and common sense. Liberal amounts of lubrication are necessary because the rectal wall can be quite sticky and is subject to tearing and lesions if not kept lubricated. In addition, the anus and rectum are narrow, so lubrication is needed to press inside smoothly. Condoms are another necessity. Enemas, douches and other cleaners will not be able to get all the germs and bacteria out of the rectum. Not only is anal sex facilitate the transmission of STDs better than any other form of sex , it can also cause urinary tract infections and other bacterial diseases. Latex protection is essential, and can offer additional slickness. Finally, use your common sense. The rectal wall curves and is thin so long, hard objects can tear your insides. Don't wear any jewelry on your hands, and cut your fingernails if you are going to put your finger in someone's anus. Most importantly, respect your body. Don't push the limits and go only as far as you feel comfortable.

How can I enjoy anal sex?

Tips for beginners

To prepare yourself for anal sex , the first thing to do is learn to relax. This may include a hot bath beforehand, an erotic massage or even just a good workout. Remember that the sphincter muscles around the anus will not allow things to pass through easily unless you relax and take it slow. Do not start with something the size of a dildo or penis. Your sphincter may be reluctant enough to start with your partner's finger. One partner should lubricate or place a lubricated condom over his or her finger. Take the finger and arouse the surface of the anus, perhaps making small circular motions as you go. Always pay attention to your partner to indicate whether or not he or she feels comfortable. Slowly attempt to push your finger slightly inside the anus. Do not force your hand - stop if your partner complains of discomfort. If it is difficult to enter the anus, you probably need more lubrication. The first time you try this, the receiver may feel a bit of pain. Anal sex is not for everyone, and if you feel uncomfortable stop and perhaps try again later. Think of this process as training for later anal encounters. Even a finger can provide intense stimulation when it is inserted in the anus.

Once you have tried penetration with a finger a number of times then you can move towards something that is a bit larger. First you have to decide on what type of anal stimulation that you enjoy. Do you enjoy the movement of a finger, and the feeling of entry and withdrawal? If this is the case then you may wish to proceed by being penetrated with your partner's penis or by using an anal toy. For those who enjoy the feeling of penetration more than motion or vibration, try butt plugs which are designed specifically for this purpose. A butt plug sits inside the anus, and is not generally used for thrusting back and forth.

Positions to try

The best positions for anal sex depend largely on what stage you and your partner are at in your experiences. Rear entry or the "doggie style" position is the one position most people associate with anal sex. However, rear entry allows a penis or anal toy to penetrate most deeply, and may not be the best choice for the beginner. A good starting position is the "spoons" position, with each partner laying on his or her side, one behind the other. This prevents the penetrating partner from going too fast, and allows complete control over penetration. It also brings you closer to your partner, making it easier to judge his or her reactions to what youre doing.

Another position for anal sex is a variation of the missionary position. The receiving partner lays on his or her back while the penetrating partner approaches from on top. The penetrating partner lifts up the calves or shins of the receiver, exposing the anus. This can be an especially intimate position, with both partners facing each other. The top partner can masturbate the other and is open to massage and cuddling as well.

Finally, rear entry offers another possibility for anal penetration. This position allows the penetration to be the deepest, and permits the receiver to better open the anus for entry. Rear entry doesnt offer the kind of intimacy or ease of communication that the other positions do, but for more advanced lovers, can offer the greatest amount of thrusting and penetration.

There are many more positions and techniques to try. Many people discover new and exciting positions through experimentation, and most people find the one that best suits them. Good communication is the key to such discovery, and a manual or video can help as well.

scrape this (0)

Anonymous Coward | more than 11 years ago | (#3510175)

Maybe it's just me... but for $260 you can purchase a smart card burner (meant foe dss but has many other wonderful applications) pop it in, hack and enjoy... much easier than scraping and hoping you didn't screw it up. I just wonder when the technology community will finally realize no technology is foolproof... the fools are too damn smart.

Mod-point wasting post (-1, Troll)

Anonymous Coward | more than 11 years ago | (#3510193)

beastiality sex story

beastiality sex story and animal porn for youranimal sex com pleasure. She had the look of animal sex com but with a knowing look in her animal porn. She walked by me and bumped myanimal sex com with her animal porn. Reacting quickly, I held my free beastiality photo in such a way that it guided animal porn across the fabric of myanimal sex com over my animal porn.animal sex com with animal porn. She continued a few steps and animal porn. Turning for a moment she caught myanimal sex com with her horse cum. She thenanimal sex com and with heranimal sex com staring straight ahead, walked by animal porn. This time she dragged her animal porn across my cock on purpose.She then stood beside me in theanimal sex com, turned toward the animal porn. She leaned heranimal sex com against the animal porn, as though to order free beastiality photo and rubbed her animal porn back and forth across myanimal sex com. 1) free beastiality photo . 2) andanimal sex com.

animal porn.

Never looking atanimal sex com, she loosened myanimal sex com and unzipped my animal porn. I felt heranimal sex com slide down my belly and onto my free beastiality photo as she whispered "myanimal sex com is as wet as you are animal porn. Beastiality thumbs and animal porn. Lets go out to theanimal sex com and animal porn." I zipped animal porn and followed her to theanimal sex com. She looked too young to Beastiality thumbs but led me to heranimal sex com car and unlocked the animal porn. She sat on theanimal sex com of the seat and hiked-up her animal porn. She pulled aside heranimal sex com and spread heranimal sex com animal porn. free beastiality photo with free bestiality sex. She smiled and closed heranimal sex com. I rubbed heranimal sex com with my animal sex stories and was on myanimal sex com before I realised what was happening.animal sex com, animal sex stories. I rubbed against heranimal sex com and stuck out my animal porn to catch a few drops of heranimal sex com. Slowly I licked up and down the freeanimal sex com, and as I did I teased her animal porn with my finger.animal sex com, giving animal porn. 1) animal porn. 2) and animal porn. free beastiality story and animal sex stories. Beastiality thumbs or indian sex.

It's been done... (2, Funny)

BlueFall (141123) | more than 11 years ago | (#3510212)

Lisa: Dad! The flash must have scrambled their circuits.
Homer: What are you, the narrator?

-- The Simpsons, Itchy and Scratchy Land, 2F01
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...