Smart card reader security
wk at gnupg.org
Fri Oct 18 10:13:03 CEST 2013
On Thu, 17 Oct 2013 17:55, christian.weinz at gmail.com said:
> I bought a cyberJack go  to use it with my openPGP smart card for
> authentification. Since the firmware of that device is upgradeable and
> is capable of saving atleast 2 GB of data, how can I be sure it is not a
This is not just a reader but an identification token with lots of
embedded and upgradable software. It has already been shown that such
smart cards readers are fun to play with. IIRC, there have been
demonstrations turning the doctors health card terminals and PIN+chip
terminals into space invaders consoles.
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-users