Tag: NSA

Posted on

Protect Your PIN Number from Infrared Camera Theft

Since none of us use cash anymore (except for that one guy in accounting), often your PIN code is the only thing standing between a would-be thief and the piles of treasure you have stashed in your checking account.

Actually, the card plus PIN number is a reasonably good, if simple, implementation of the “something you have” plus “something you know” principle of security. Neither the card nor the PIN number is much good without the other. (We’re ignoring the fact that most debit cards can also be processed as credit cards for the moment.)

Obviously, hanging on to the card itself is a good start, so that covers the “something you have” side of the equation. But sleight of hand, accidental drops, and old-fashioned purse-snatching still happen today.

So that leaves us with the “something you know“ piece: your PIN.

Why Be Concerned About Infrared PIN Theft?

Being a security-minded person, I’m sure you’re already in the habit of covering your fingers when entering PIN numbers. After all, it takes only a tiny bit of effort, and it prevents cameras and sneaky eyes from catching what you’re entering, right?

But what about heat?

You did know your fingers transferred heat to those keys, right?

And since heat dissipates at a linear rate, the heat signature reveals not just which keys got pressed, but also the order in which they were pressed!

But that’s not really a problem, right? After all, who has equipment that can detect heat?

Until recently, the ability to walk up to a PIN pad and detect which buttons had just been pressed required an expensive (and bulky!) infrared camera that would pick up the heat signature left by your fingers.

But with the advent of relatively inexpensive ($349) iPhone attachments,  infrared smartphone camera technology is easily within reach of a ne’er-do-well… especially since they might recoup that much or more in just one ATM transaction. But even for one who’s looking for something less expensive (or who uses an Android device instead of an iPhone), there’s this Kickstarter project, or even a tutorial on how to build one with an old floppy disk! (…for the Macgyver types, evidently).

In other words: stealing your PIN even up to 1 minute after you enter it is pretty easy these days.

So What’s the Solution?

It’s pretty simple, really. Just touch your fingers to several buttons and hold them there while you’re entering your PIN.

Heat multiple buttons up, obfuscate the ones you pressed.

Not so sure about all of this? Mark Rober made this video to demonstrate:

Oh yeah… and don’t use PINs that are easy to guess!

Posted on

The Day Rand Fights Back

Senator Rand Paul
Photo: Gage Skidmore (Flickr: Rand Paul) [CC-BY-SA-2.0], via Wikimedia Commons
Yesterday, this website joined thousands of other websites in promoting The Day We Fight Back, a protest against massive illegal spying on US citizens by the NSA and other federal government agencies.

On one of our sister sites, I took the time to explore in greater detail why it’s time to pay attention to the NSA, which offers a bit of a primer in just how egregious this violation of our 4th Amendment rights really is.

The Day We Fight Back was more than just a protest, actually. With a banner displayed at the bottom of participating sites, visitors were given the opportunity to contact their legislative representatives via email and a phone call in order to express their views about the illegal activities and to request the support of two bills: the USA Freedom Act and the FISA Improvements Act.

More Legislation Is Not the Answer

I hope you took the time to contact your legislators and express your views about this issue. (If not, you may still do so—as of today, anyway—at the protest site linked above.) The sitting representatives need to hear from us about how we feel when our Constitutional rights are being violated.

…which brings me to why I believe more laws are not the answer.

The fact is that we already have a law, the supreme law of the land, which already guarantees our rights where this is concerned.

And that supreme law is being violated.

I appreciate the fact that members of Congress need to author bills because it’s part of the game they play. It ignites support from their constituents, and it’s great when you’re doing your fundraising (they’re always doing fundraising, aren’t they?).

But why should I, as a US Citizen, feel any better because a new law guaranteeing me freedom from oppressive government activities gets passed?

This is why I believe Senator Rand Paul has the right idea. In a press release issued yesterday, Senator Paul announced:

“I am filing a lawsuit against President Barack Obama because he has publicly refused to stop a clear and continuing violation of the 4th Amendment. The Bill of Rights protects all citizens from general warrants. I expect this case to go all the way to the Supreme Court and I predict the American people will win.”

The lawsuit will also name National Intelligence Director James Clapper, outgoing NSA Director Keith Alexander, and FBI Director James Comey. Joining Senator Paul in the class action is Matt Kibbe, President of FreedomWorks, and lead counsel Ken Cuccinelli.

While I’m sure this won’t hurt Senator Paul’s fundraising efforts either, this action is the right idea for our country. Congratulations to Senator Paul on using the checks and balances designed by the framers of our Constitution by going to the judicial branch of government to restrain the executive branch.

Now it’s our turn… it’s time for “we the people” to use our power as Citizens and vote based upon how well these politicians do or do not uphold the Constitution.