Tag Archives: security

Covid-19 and the ‘Protect Scotland’ app

This post is primarily for Australians because the Protect Scotland app does exactly what our own CovidSafe app was supposed to do… and doesn’t.

A trailer explaining how the app works and what protections it offers

How do we know the Protect Scotland app works?

We know it works because it was developed by Apple and Google [at the 1:00 minute mark] together. This means that the relevant bits of both operating systems that are needed to make the app work, actually talk to each other.

The Australian CovidSafe app failed so spectacularly in the Victorian outbreak because Apple and Android [Google] couldn’t be made to play nice with each other. The media have been silent about this failure, despite the fact that the Federal government’s whole recovery plan post-March was based on the app being able to contact-trace infections without human intervention.

Do I trust Apple and Google to be honest about how much of our privacy they retain? Ordinarily no, not it a month of Sundays. But with this app? I suspect that the rivalry between these two companies is what will ensure that they keep each other honest. After all, if one company manages to sneak something in that gives them a long term financial advantage, that could spell disaster for the other company.

So, if mobile phones can be used to track and trace people infected with Covid-19, then it might just be possible to ‘live with’ the virus. Maybe. Technology aside, though, just because the app alerts people to the fact that they may have been infected, that’s no guarantee that said people will do the right thing and self isolate.

Human nature is the big unknown, and given what we’ve seen conspiracy theorists doing already, I don’t like our chances of getting 100% voluntary compliance. I fear that things will have to get a great deal worse before the knuckleheads acknowledge that there is a problem, and that they are it.

In the meantime? Maybe Australia should buy the Protect Scotland app for those who actually give a flying fruit bat about their fellow human beings.

Meeks
[My thanks to Dr John Campbell for alerting me to the existence of the Protect Scotland app].


Dear PM – you can’t have your cake and eat it too

Dear Scott Morrison, PM,

Meeks here. As many countries, including our own, battle an up-surge in Covid-19 infections, one thing is becoming increasingly clear – the suppression model is just not working. As soon as lockdowns are relaxed [to save the economy], the virus surges back up again. If we had some effective tools to use against the virus, things might be different, but the truth is that we have nothing.

Remember that mobile phone app we borrowed from Singapore, PM? You know, the one that was going to keep track of everyone we came into contact with and then alert us if one of our contacts became infected? I think you called it CovidSafe, the app that was going to allow us to have our cake and eat it too.

Bad news, PM. The CovidSafe app failed, in large part because Apple phones and Android phones couldn’t or wouldn’t co-operate with each other. When the outbreak began in Victoria, the app was useless. It’s still useless, and as far as I know, no country has managed to develop one that actually works the way it should.

The failure of the CovidSafe app in Victoria has meant that the authorities here have had to track and trace every single contact manually. The backlog of untracked contacts is now in the thousands, one reason the Premier, Dan Andrews, has had to impose the harshest restrictions yet. These restrictions have seen the introduction of a nightly curfew and the shutdown of everything that is not [very] strictly essential. Workers in essential industries now have to have a permit to go to work.

These draconian restrictions became necessary, PM, because the virus has spread too far in the community. One reason for this spread is that the virus has many vectors [pathways] of spread available to it:

  • the most obvious vector is person-to-person contact – hugs, kisses etc. This is where social distancing comes in.
  • the next most important vector is the air. This is where masks come in as they greatly reduce the amount of virus being released into the air and being breathed in from the air. The virus spreads in the air via :
    • large droplets – e.g. when someone coughs or sneezes. These large droplets fall to the ground, or a surface, very quickly so are relatively easy to deal with.
    • aerosolized micro droplets that hang in the air for quite some time. In confined spaces such as public transport, or shopping centres where air is recirculated, these micro droplets can spread the virus very quickly.
  • next in line are surfaces. Both large and micro droplets can survive on various types of surfaces from a few hours to a few days. This is where hand hygiene is vital. If you touch something that has active virus on it and then touch your nose, mouth or eyes, the virus could easily enter your body via your own hand.

If we were all altruistic, compassionate people who practised strict social distancing, strict mask wearing, and strict hand hygiene until a vaccine arrived, we probably could have our cake and eat it too. Thailand has managed to do just that. Unfortunately, most Western countries are not like Thailand. We don’t seem to have the necessary sense of community responsibility. I’m surprised no one on your staff mentioned that to you, PM.

Anyway, as I’m sure you know, PM, Covid-19 has a number of incredibly powerful tools in its arsenal:

  • it has victims who are hell bent on spreading it to others
  • it has multiple vectors [pathways] for getting inside its victims
  • and it has THREE secret weapons :
    1. it is infectious for 2 – 3 days before symptoms appear,
    2. in many people, the symptoms are so mild, they don’t even know they’ve been infected,
    3. and there are some people who never get symptoms at all, not even mild ones, yet these asymptomatic people* are infectious and can spread the virus to others.

This is why the virus cannot actually be ‘controlled’. Sadly, PM this is also why your dream of suppression was never a realistic option.

So I guess the thing I’d like to know, PM, is what you intend to do now. Are you going to make us keep opening and closing all the time?

I sincerely hope not, PM, because everything I’ve seen so far indicates that businesses simply cannot survive much more of this. Being able to reopen safely and stay open, is vital to both people and business. The question, then, is how do we stay open safely?

I hate to say I-told-you-so, PM, but right from the start, I thought your government was wrong to opt for suppression instead of eradication. I also thought the schedule for reopening was wildly optimistic and didn’t demonstrate much of an understanding of human nature. And then there was the whole issue of whether Victoria was ready to reopen. With just 2 days of zero new infections in all of May, it didn’t look good.

But you and your government were determined to save the economy, PM, so Dan Andrews finally bowed to pressure. And there was a lot of it, wasn’t there? You said each state had to do what was right for that state, but many people in your Cabinet and in the Victorian Liberal Party were not so nice. I really think you should have a word with Dan Tehan, your education minister, along with Tim Smith and Michael O’Brien of Victoria. They said some naughty things behind your back, things designed to paint Dan Andrews as a megalomaniac who wanted to hurt his people.

I’d definitely have words with them, PM, because what happened next is at least partly their fault. With overseas travellers still arriving in Melbourne, Dan Andrews ordered that they stay in hotel quarantine for 14 days. A private security company was hired to stop them from leaving hotel quarantine. That private security company then apparently sub-contracted the work out. Unfortunately, those private security guards were poorly equipped and even more poorly trained.

Dear PM, I’m stressing the fact that it was a private company because Dan Andrews has been blamed for doing precisely what you and your government do all the time. You outsource to private companies because you believe that private industry always does a better job than the public service. Plus it’s part of your credo of ‘small government’. But that’s not always the case, is it, PM? I mean, look at the deaths in aged care! Most of them occurred in private aged care facilities regulated and controlled by your government in Canberra.

Getting back to those private security guards, PM, I won’t speculate about how they caught Covid-19 from the quarantined travellers, it’s enough that they did. Then, because large family get-togethers were once again allowed, they took the virus home to their families. From there, the virus spread like wildfire. Or should I say ‘bushfire’?

And of course, with all those new victims, the virus used every weapon in its considerable arsenal to leap from person to person, and from place to place.

In hindsight, PM, I do believe that Dan Andrews made a mistake in not putting all of Melbourne into hard lockdown along with the social housing towers, but the atmosphere of general discontent probably made that impossible. We’d been hearing about how hard it was to be in lockdown, how miserable we were for such a long time that we would have rebelled.

Speaking of discontent, PM, did you have anything to do with that? You see, I was rather shocked by how skewed the reporting was, even on the ABC. Instead of inspiring stories about people helping each other, or sad stories about people who had lost loved ones, everything was skewed towards the negative. Stories about how tough it was for small business, how tough it was for parents having to supervise their kids’ schooling, how sad we all were at not being able to visit friends and family…

But I digress, PM. I’d like to talk about what might have happened if we had opted for eradication like New Zealand. Import and export would have continued. The only thing we would not have had were foreign tourists and foreign students. But hey, we ended up not having them anyway.

The real difference would have been in what came after. With the virus eradicated, the Australian states could have remained ‘open’, and both tourism and the tertiary sector could have remained ticking over thanks to domestic demand. Instead, both sectors are dying because you somehow forgot about them when you were handing out the largesse.

Not that I blame you, PM. It’s easy to make mistakes when you’re dealing with a crisis. I mean, do you remember those long, long, long queues outside the Centrelink offices when you announced the first, rather short shutdown? And how long it took for people to receive their first payments. Mistakes do happen, don’t they?

https://www.theguardian.com/australia-news/2020/mar/24/newly-unemployed-australians-queue-at-centrelink-offices-as-mygov-website-crashes-again

But I digress again. Getting back to eradication, PM, I know what you’re going to say, eradication of the virus would have been hard. For starters, all of Australia would have had to stay in hard lockdown long enough to stop ALL the ways the virus can spread. That would have taken time, and it would have cost your government a lot more money. Then again, it looks as if suppression is going to cost more too.

In fact, I can’t help wondering if it wouldn’t have been a whole lot cheaper to lockdown once and eradicate the virus the first time round? I mean, I know not every country can successfully eradicate the virus, but we can! Australia may be big, but we are an island you know.

Anyway, there is good news, PM. It’s not too late to change your policy and go for eradication. Once Victoria finally grinds the virus down to zero, I think you’ll find that none of the other states want to risk being the next Covid-19 hot spot. No one will want to open their borders, and you know how disastrous that would be for your economy. No money coming in, lots of money going out. Not good.

So don’t think about the cost, PM, think about the benefits we’d get from eradication. With the virus gone, we’d all be able to:

  • go back to work,
  • go back to school,
  • go back to travel [within Australia],
  • go back to holidays [within Australia],
  • go back to coffee with friends,
  • go back to dinner parties,
  • go back to birthday parties,
  • go back to drinks at the pub,
  • go back to sport as real live spectators,
  • go back to weddings,
  • and yes, we could attend funerals again…but there would be far fewer of them.

And let’s not forget business, PM. Businesses, especially the small ones, will be able to reopen and stay open. They’ll be able to plan for weeks or months ahead. They’ll be able to grow again. And people will stimulate the economy by spending! Yay, right?

But first, PM, you and your government have to bite the bullet and admit that we cannot control this virus. We don’t have the tools or the social structure to stop it from breaking out again. The best we can do is eradicate it within the country and then keep it from returning.

That way lies hope. And who knows, maybe in time, New Zealand and other, successful South East Asian countries will let us join their bubble. Wouldn’t that be nice?

Suppression though, that’s a dead end, PM, literally. So how about it? Shall we give eradication a go?

Most sincerely,
Meeks

* The first person to ever be identified as an asymptomatic carrier was Mary Mallon, nicknamed Typhoid Mary. She remained infectious her whole life because she lived at a time when there was no safe or easy way to rid her of the virus. https://en.wikipedia.org/wiki/Mary_Mallon


The price of convenience

I’ve been concerned about online privacy for a couple of years now, but the article I just read still shocked me. It’s titled ‘Your Apps Know Where You Were Last Night, And They’re Not Keeping It Secret’.

You can read the entire article here:

https://www.nytimes.com/interactive/2018/12/10/business/location-data-privacy-apps.html

I’ve had geo location turned off on my phone since I bought it, but until today, I always felt a little silly; was I being paranoid for no real reason?

You may be wondering that too, but the case study of Lisa Magrin, a 46-year-old math teacher, may change your mind. It certainly confirmed my fears.

An app on the device [smart phone] gathered her location information, which was then sold without her knowledge. It recorded her whereabouts as often as every two seconds, according to a database of more than a million phones in the New York area that was reviewed by The New York Times. While Ms. Magrin’s identity was not disclosed in those records, The Times was able to easily connect her to that dot.

Lisa Magrin’s movements over a four month period

Lisa Magrin’s every single move was recorded…without her knowledge or consent. Then that information was sold. The Times article doesn’t mention who or what the information was sold to, but there’s a good chance it was sold to an ad network that collated her location data with her online data – Facebook comments, Instagram pictures, websites she visited, products she bought with her credit card, all those convenient little things we take for granted every day.

That’s a lot of information, and it’s meant to be anonymous, but what does anonymous actually mean? When your ‘anonymous’ data knows where you live and can track everything you do, the fact that it doesn’t automatically name you means nothing.

The ad networks that mine this data don’t need your name to target you for advertising. But that information is for sale, and there are no guarantees that the buyer will be a ‘harmless’ advertiser.

“Pffft! I have nothing to hide,” you say. “Besides, who’d want to buy my boring info anyway?”

Nothing to hide, huh? I wonder.

Does your wife know you visit that massage parlour for a quickie when you should be at squash?

Does your Mum know you spend hours on that porn site?

Do you use your birthday as the password for every online game you play?

Are you absolutely sure there’s nothing you wouldn’t want your co-workers to know about you?

As for who would want to buy that boring information, hackers would, and stalkers, or your abusive ex-husband perhaps. The list is endless, and the danger is real, not just for you, personally, but for those near you who may be targeted via information you unwittingly provide.

Stealing this kind of information will become illegal eventually, but until then you have to ask yourself – is that little bit of convenience really worth it? Or is your life too high a price to pay?

Meeks

p.s. My thanks to Chris the StoryReadingApe for this point:

Some of the things that can happen when your data is hacked can also apply to data that’s been sold to hackers, either directly or indirectly.


Twitter users! Change your password, now

I subscribe to an Australian government website called ‘Stay Smart Online’. The site sends me notifications of current security alerts, and this is the latest:

‘As a precaution, Twitter is urging more than 330 million users to change their password after a glitch left log-in details exposed in the company’s internal computer system.

When you set a password for your account, Twitter uses technology that masks it, so no one can see your password.

The company recently identified a bug that stored unmasked passwords in an internal log. Twitter found this error itself, removed the passwords and is now looking at how it can prevent this from happening again.

Twitter has advised it has fixed the bug, and has no reason to believe the passwords left Twitter’s systems or were misused by anyone.’

Despite these assurances, however, you really should change your Twitter password now. More importantly, you should also change your password on any other sites where you used the same password.

I know you’re not supposed to ‘re-use’ passwords, but I’m just as guilty as everyone else because my memory is simply incapable of storing hundreds of passwords. I have special passwords for my banking accounts, or accounts that deal with money, that don’t get shared, but for the main social media accounts that I log in and out of multiple times a day, well….:(

Anyway, I’ve just gone through and changed mine, so I’m a good girl now. 🙂 Are you?

Please don’t ignore these warnings off as you never know when they’ll come back and bite you on the bum.

Meeks


How to uninstall Intel Security Truekey when all else fails

Before I get to the ‘how-to’, a quick explanation: I downloaded the latest version of Adobe Flash, from the Adobe website. I was not shown an opt-out screen for the two applications bundled with Flash – i.e. McAfee and Intel Security Truekey. All three applications were installed on my pc as I watched in fury, unable to stop it from happening.

As soon as the installation finished, I immediately uninstalled McAfee via the Control Panel, but for some reason, Truekey did not show up at all, not as ‘Truekey’ and not as ‘Intel Security Truekey’. Yet there it was on my desktop, cosily installed on my pc.

I went online and found suggestions that did not work. If you are in the same boat here is what you do:

  1. Go online and search for Intel Security True Key support in your home country. In Australia it’s – 1 800 073 267,
  2. Ring, and when you finally get through to a tech, do not give them your email address – it is not necessary,
  3. Do not agree to remote access support. Remote access means that someone, somewhere is given permission to get into your computer to fix it. Never, ever allow remote access because you have no way of knowing whether that access has been permanently closed or not,
  4. DO ask to speak to a supervisor. It may take a few minutes but this is your right, especially if you did not want the application in the first place.
  5. If the supervisor doesn’t offer it, demand a link to their software removal application. You will have to download it and install it on your pc, but you can check it with your own anti-virus application before you run it. The application I was given is called: MCPR.exe.

I had to run MCPR.exe twice as the first attempt was not successful:

After the first, unsuccessful attempt, I was told to restart my pc and then run MCPR.exe again. I did, and finally managed to get rid of Truekey completely, but I wasted a lot of time doing it.

To say that I’m angry is an understatement. Apparently there is an opt-out screen on which you can uncheck both McAfee and Truekey, BUT that opt out screen doesn’t always display. I know, because I found a lot of other angry people who could not opt out either. You’d think a company as large as Adobe could get something like that right, wouldn’t you?

Apparently not. And then, to add insult to injury, my research revealed that I didn’t need Flash in the first place! The only site I use regularly that did use Flash, once upon a time, is Youtube, and it doesn’t use Flash any more. There may be certain games that still require Flash, but the whole industry is moving away from it because of the constant security issues. That in itself should be a red flag.

So, my advice is to stay away from Adobe products like Flash unless you absolutely have to have them. And if you do download one of Adobe’s products, and become the victim of an unwanted application installation, don’t just shrug it away. User apathy is one reason these companies get away with behaviour that is one, small step away from malware.

Right, I feel a bit better now. Time to go make the Offspring’s birthday cake.

cheers,

Meeks

 


Stolen Dropbox passwords are circulating online. Here’s how to check if your account’s compromised — Quartz

If you got an email from Dropbox asking you to reset your password earlier this week, it’s a good idea to do it. Nearly 70 million stolen Dropbox passwords are circulating online, according to Motherboard, which obtained the data. The file-sharing service has confirmed the passwords are linked to a breach that took place in…

via Stolen Dropbox passwords are circulating online. Here’s how to check if your account’s compromised — Quartz

In view of my recent post about Cloud storage, this article from Quartz is super important…whether you use Dropbox or not.


#Cloud storage & #sync.com…….or a positive tech post for a change!

After coping with the security issues of Windows 10, it was such a pleasant surprise to find an ‘app’ that is unabashedly security conscious! And yes, Sync.com, I’m talking about you. But first, a quick word about the problems that sync.com solves: storage, backup and version control.

Normally, when you create a file on your computer, you save it to your computer – i.e. onto the harddrive inside the physical ‘box’. If you’re super organised, you may also save that file to an external harddrive or USB device, as a form of ongoing ‘backup’. Belt-and-braces type people might save that data to a DVD as well, giving them multiple backups in case of disaster.

But all of these various types of storage have one, critical downside – a change made in one copy of the data will NOT be reflected in the other copies. If you have 3 copies of a particular file, you will have to manually update each copy.

There is also another issue that can be a nightmare – version control. Let me give you an example. Every time I work on my WiP [work in progress], I save it to my desktop, and then I copy it to my USB device. The latest version from the desktop always over-writes the version on the USB. Obviously, this is so I always have at least one copy of my work no matter what happens [e.g. the house burns down in a bushfire or some other catastrophe].

But what if I have 2 computers and want to add to my WiP on both?

That is the problem I’ve been struggling with for the last few days: there’s no point having the laptop if I don’t use it for my work, but if I do use it while I’m away from home, how do I keep the versions straight?

My fear is that if I continue with the USB device, sooner or later I am going to get the latest version of the WiP wrong. In a moment of madness or tiredness or distraction, I’ll over-write the wrong copy and then I’ll be up the creek without a paddle. Enter cloud storage.

Like the USB drive or DVD etc., cloud storage saves your files outside your pc, usually in a server on the other side of the world. The file is ‘up-loaded’ to the cloud via your internet connection, and once it’s there, you can access it from any computer device you choose. You can also share that file with others if you wish.

For me, cloud storage means I can work on my WiP at home and have it synced to my laptop so if I go out, I can continue working on the WiP where I left off.

Lovely concept, right?

Unfortunately, the grand-daddy of cloud storage – Dropbox – showed that cloud storage can be hacked, and most reviews I’ve read say their security has not improved much if at all since then. Now, I’m not working on anything ‘naughty’ that I need to hide from anyone, but privacy is very important to me, and I would die if I lost four years worth of work through someone else’s ‘oopsie’. So no Dropbox.:(

I was trawling through the umpteenth review/comparison of cloud storage offerings – there are heaps of them! – when I came across Sync.com. And guess what! The thing that sets sync.com apart from the rest is its security. 🙂 Plus it’s Canadian, so not subject to some of the, um, government sponsored hacking found over the border.

And now for the acid test – does sync.com work?

Yes, yes, it does. 🙂

The two screenshots below show my desktop and the laptop. They’ve been synced via sync.com and the test files I used have shown up on both computers with only a very short delay – approx. 20 seconds or thereabouts.

sync com screenshots

So now I know the system works, and thankfully, getting it to work is really simple too.

How to use Sync.com

  1. First, register for the sync.com free, 5 GB plan: https://www.sync.com/install/
  2. Then download the installer to the first pc. Install Sync to the first pc using the account name you setup in step 1. Part of the setup process is the creation of a folder called ‘Sync’.
  3. Now, download and install the Sync installer to the second pc. Make sure you have a ‘Sync’ folder on the second pc as well.
  4. Drag and drop [or copy/paste] a file into the ‘Sync’ folder on the first pc.
  5. Wait 20? seconds and you will see that the file now appears in the ‘Sync’ folder of the second pc as well.

The Sync presence on your pc is minimal. If you need to do something with the actual app., you can find it inside ‘Show hidden icons’ on your taskbar:

sync taskbar icon

All other work is done on the website itself. Once I’ve worked out how to share files with friends, I’ll detail that in a separate post. For now, I’m really happy with my new way of working.

Last question: was finding and installing Sync as easy or convenient as using the default OneDrive cloud storage app offered by Windows 10?

Simple answer: no. Installing and learning how to use Sync didn’t take me long, but it still required some time and effort on my part, the payoff, however, is more than worth it:

  • I have an excellent cloud storage app.
  • It has excellent security features, and
  • I am in control, not Micro$oft
  • oh…and Sync is free [unless I want heaps more storage]

By contrast, I pay for the ‘convenience’ of Windows 10 by handing Micro$oft my privacy on a plate. No contest.

cheers

Meeks

 


RFID technology – aka Tap and Go, Paypass etc – and preventable fraud

RFID technology allows a chip on your credit/debit card to wirelessly communicate with a payment device at the supermarket, petrol station, McDonalds etc, and make a payment without you having to enter a PIN.

The point of this technology is supposed to be two-fold: on the one hand it’s supposed to fix security problems with cards that rely on a signature – because too many retailers don’t actually check the signature. RFID is also meant to make paying for smallish items more convenient for consumers – just wave the card in the air and hey presto, all done.

cat burglar picBy smallish transactions, we’re talking about items up to $100. The idea here is that if your RFID card is stolen, there will be a limit on how much the thief can get away with. Unfortunately, there is no limit on how many times you [or the thief] can use the RFID card in a day.

So what are the ramifications? Well, let’s say your card is stolen in the morning and it has $500 on it. You realise it is stolen at lunch time when you try to pay for your sandwich. You ring the bank, but between breakfast and lunch, the thief has used your stolen card 5 times for a total of… you guessed it, $500.00.

Now the banks say they have algorithms in place to alert them to unusual transactions, and maybe they do, but it will still be up to you to go through the hassle of proving that you did not make any of those transactions. In the meantime, you’ve lost $500. If that was all you had for food etc for that week then you’re in trouble because your money will not be refunded straight away..

Now to be honest, you will have the same hassles any time your card is stolen, that’s just how modern life goes. But what if you don’t know your card has been stolen, because it’s still sitting right there in your wallet?

This is where things get sticky. The credit card companies say it’s not possible to steal your card information without stealing the actual card. The banks, [who have no say in what tech. goes on credit/debit cards] say the same thing, and people like me who don’t believe the assurances are labeled as wackos, dinosaurs or conspiracy theorists.

But seeing is believing. In this first video you will see  how easy, and cheap, it is to steal card and account information. The truly scary part, however, is how easy it is to then clone that information.

The next video shows one of the presenters of the well-known Mythbusters TV show talking about how a proposed segment on RFID technology was gagged by the legal representatives of all the major players – i.e. Mastercard, Visa, etc.

If these two videos have made you concerned, you can find lots more information out on the net, some for, some against the technology, but one thing is consistent throughout – you can’t opt out of it.

I suspect the manufacturers did not put an opt out function on the RFID card technology because:

1) it would cost more to produce, or

2) they were worried too many people would opt out.

Either way, the banks have no say in the matter. If they want to offer their customers credit card facilities, they have to take what the credit card companies give them, and that is RFID technology..

This means no amount of complaints to the banks will do a speck of good. I know because I spent almost two, very frustrating hours on the phone to the Bendigo Bank yesterday. I was trying to work out what was going on, and why I couldn’t just say no. Then I tried to complain. Then I realised that even the Bendigo Bank didn’t give a shit because there was nothing they could do about it. I was told to get an ordinary cashcard if I was so worried.

Apparently these cashcards are debits cards issued by the banks themselves. They can be used at supermarkets, ATMs and all EFTPOS terminals, but they CANNOT be used for, say, online transactions. So if you buy stuff on Ebay you can’t use your cashcard. The same thing applies to PayPal. 😦

By this point I was grinding my teeth and yelling at the customer service representative. Think small, grey-haired terrier biting at the ankles of a giant. Yup.

But I would not be writing this post if I did not have a solution, of sorts.

Solution 1

Get a cashcard for all normal, local transactions and keep it in your wallet. Take all the money out of the RFID card and keep the card in a safe place at home. When you need to use it for an online transaction, transfer some money into the card via internet banking.

Doable? Yes. Convenient? Hah

Solution 2

Use your MyKi card to disrupt the RFID card. I found this info. on the internet and haven’t had a chance to try it out yet, but apparently whatever is on the MyKi card messes with the RFID on the credit/debit cards. I’ve also read that you can buy a wallet that stops the wireless transmission. Or you can wrap your card in tin foil. Oh wait, maybe it’s your head that’s meant to be wrapped in tin foil.

-cough-

If the MyKi solution works, you won’t have to worry about being scanned, and scammed, while you travel to work on a crowded train/tram/bus, or wait in line at a supermarket or airport. Of course you will still be a bit exposed when you actually take the card out to use it [via swipe or tap] but at least it would be safer.

The Daughter and I intend to order cashcards on Monday because we can’t afford to lose any money, period. We will also trial the MyKi card solution, and I’ll update you on the results.

In the meantime, if you love the convenience of Tap and Go then at least please be cautious enough not to keep too much money on the card at any one time. It’s just not worth the risk.

Meeks


%d bloggers like this: