Full Disclosure mailing list archives

Re: RFID used at Olympics in Germany

From: Chris <sec-newsletter () vs6119 vserver4free de>
Date: Thu, 1 Jun 2006 14:32:54 +0200

In order to get a ticket you were engaged to give the following information 
to the FIFA: 

- complete name and surename

- adress

- date of birth

- nationality
 
- number of passport or "Reisepass" (travel passport)

- telephone number

- fan of what club (!)

- email-address
 
- number of bank- or creditcard


The FIFA as well as the DFB (German Soccer Association) have access to all this data! 


The information stored at the RFID-chip is the following: 

- a serial number 
- the passport-number of the ticket owner

Peter Buettgen, speaker of "The Federal Commissioner for Data Protection 
and Freedom of Information" said that "...no other personal information 
will be stored on the chip..."

The transmission of the data is secured. That is what they say. 

Now a lot of people started buying special "covers" for the tickets
that avoid the transmission. Nobody knows whether you have access
to the stadium in that case or not. There are even "gripper" available to
destroy the chip permanently. 



More information is available under: http://www.foebud.org/rfid/die-fussball-wm
(in german)


Chris



Josh L. Perrymon wrote ..

http://www.csoonline.com.au/index.php?id=1926576695&eid=-302

So every ticket used at the olympics has an embedded RFID and is scanned
as
users enter the stadium (  over 64 events ).

----snip---
 Organizers have asked everyone requesting tickets to provide a wealth
of
personal data, including name, address, date of birth, nationality and
number of ID card or passport. Never before have fans attending an event
organized by the Federation Internationale de Football Association (FIFA)
been required to provide so much information about themselves that can
be
accessed so quickly.

---snip---

So everyone is going to have this RFID embedded ticket with name, address,
passport or driver license number?

How easy would it be to walk around with an RFID scanner pulling down info
from everyone that had a ticket?

JP
CEO
www.packetfocus.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: RFID used at Olympics in Germany Chris (Jun 01)
- <Possible follow-ups>
- Re: RFID used at Olympics in Germany Adam Laurie (Jun 01)
- Re: RFID used at Olympics in Germany gboyce (Jun 01)