Page 2 of 2 FirstFirst 12
Results 16 to 29 of 29
  1. #16

    • Member
    • Offline

    Join Date
    Oct 2005
    Location
    Too Far From Disney
    Posts
    3,497

    Re: RFID Braclets possible security risk

    RFID chips only have an identifying code on them and nothing more. The RFID reader that scans the chips will then compare the code to the information located in a database. This means that a hacker would have to then hack the database too. Also, there are probably some other security such as hashing on that server.
    DisneyTwins
    Since May 2003

  2. #17

    • Senior Minion
    • Offline

    Join Date
    Jan 2005
    Posts
    8,890

    Re: RFID Braclets possible security risk

    Quote Originally Posted by Disneytwins View Post
    This means that a hacker would have to then hack the database too.
    That's right. They would.


    Verizon customer database hacked; 300,000 entries leaked online
    According to ZDNet, a hacker has gained access to over 3 million records from a Verizon customer database. The information includes names, addresses, serial numbers, and passwords. The hacker gained access to the server on July 12, and claims to have contacted Verizon, but since the have reportedly ignored his report, he has pasted 300,000 of the records online.


    Zappos hacked: 24 million customers warned their personal information compromised
    Online shoe powerhouse Zappos.com fell victim to hackers over the weekend, leaving 24 million customers exposed. The company put out a statement late Sunday night informing customers of the incident and asking them to change their passwords. "We were recently the victim of a cyber attack by a criminal who gained access to parts of our internal network and systems through one of our servers in Kentucky," the company said in an email to employees, which was posted to the Zappos blog. "We are cooperating with law enforcement to undergo an exhaustive investigation."


    Kroger's customer information hacked
    Kroger released a statement Friday that explained their data base, which contains customers' names and email addresses, was hacked by someone outside of their company. Only those costumers who voluntarily gave their names and email addresses will be affected.


    McDonald's: Customer Database Hacked
    McDonald's Corp. says some of its customers' private information was exposed during a data breach. The company said Monday that a third party was able to get past security measures and see into a database of its customer information that included e-mail, phone numbers, addresses, birthdates and other specifics that they provided when signing up for online promotions or other subscriptions to its websites.


    Credit Card Data Breach at Barnes & Noble Stores
    Hackers have stolen credit card information for customers who shopped as recently as last month at 63 Barnes & Noble stores across the country, including stores in New York City, San Diego, Miami and Chicago, according to people briefed on the investigation. The company discovered around Sept. 14 that the information had been stolen but kept the matter quiet at the Justice Department’s request so the F.B.I. could determine who was behind the attacks, according to these people.


    Best Buy customer accounts hacked
    Best Buy says some customers' email accounts may have been hacked. The retail giant is notifying those customers via email, telling them their current passwords have been disabled and asking them to reset their passwords. The email, which went out Friday, says in part: "...Our investigation indicates that your account may have been accessed by these hackers. We are taking action now to help protect your account; we have disabled your current password, and ask that you take a few minutes to reset it."


    Acxiom Hacked, Customer Information Exposed
    Acxiom , one of the world's largest specialists in customer and information management, confirmed Friday that it had been hacked, and that information about some customers of its clients was downloaded. "An individual, who was a former employee of an Acxiom client, was arrested in conjunction with this incident," the company said in a statement Friday. "According to law enforcement, the individual arrested was a known sophisticated hacker. He evidentially gained access through hacking of encrypted passwords."


    Anonymous hackers claim to leak 28,000 PayPal passwords on global protest day
    Hacker group Anonymous has released confidential customer information, including 28,000 alleged account passwords that it says came from a hack of PayPal’s servers. Multiple Anonymous Twitter accounts announced the hack, linking to a set of Private Paste documents containing emails, names, and what appear to be possibly passwords from the payment service’s database.


    Sony sued, could bleed billions following PlayStation Network hack
    Gamers and government officials are irate over Sony's admission that a massive security breach gave hackers access to large amounts of personal data from the company's PlayStation Network and, surprise(!), one gamer has already filed a lawsuit. Meanwhile, analysts estimate the hammered game company could lose billions of dollars from the debacle.


    200,000 Students' Information Stolen in Massive Computer Hacking
    The Department of Education said hackers stole 200,000 records including names, Social Security numbers and birth dates for any student statewide who was eligible for Florida’s popular Bright Futures scholarships for the 2005-06 and 2006-07 school years. “We speculate this was a professional, coordinated attack by one or more hackers,” said Northwest Florida State College President, Ty Handy, in a memo that went out to employees on Monday.


    Wells Fargo becomes latest bank to be hacked by cyber gang
    The financial services industry group last week warned U.S. banks, brokerages and insurers to be on heightened alert for cyber attacks causing unexplained outages on their public websites.


    CitiGroup hacked, account information of 200,000 customers stolen
    2011 is rapidly turning into the year of the high-profile data breach -- and while yet another Sony website was compromised, it’s Citigroup which is making headlines this morning. According to a report filed by Reuters, personal information on more than 200,000 Citi customers was stolen, including their names, account numbers, and email addresses.


    Hacker swipes 3.6 million Social Security numbers, other data
    "By the time the computer crimes office of the U.S. Secret Service discovered a problem Oct. 10, a hacker had taken a database from the Department of Revenue's computers exposing 3.6 million Social Security numbers and 387,000 credit and debit card numbers, one of the largest computer breaches in the state or nation."


    Pentagon hacked, 24,000 files stolen
    Foreign hackers broke into the Pentagon computer system this spring and stole 24,000 files - one of the biggest cyber-attacks ever on the U.S. military, according to a Department of Defense official.


    Computer hacking and identity theft
    Hacking accounted for the largest number of compromised personal records in the last 12 months, involving an estimated 43 million Americans. Well-known brands that have lost data through computer hacking in the past 18 months include DSW Shoes, Polo Ralph Lauren, and BJ's Wholesale.


    New Interest in Hacking as Threat to Security
    During the five-month period between October and February, there were 86 reported attacks on computer systems in the United States that control critical infrastructure, factories and databases, according to the Department of Homeland Security, compared with 11 over the same period a year ago.



    ...oh, but it could never happen to Disney!
    "With the acquisition of Marvel and now of Lucasfilm,
    Disney may have finally found the grail. You don't need
    imagination or art. All you need is a brand."

    - Neil Gabler


  3. #18

    •   
    • Minion
    • Offline

    Join Date
    Apr 2009
    Location
    SF Bay Area, California, United States
    Posts
    2,604

    Re: RFID Braclets possible security risk

    Quote Originally Posted by Mr Wiggins View Post
    That's right. They would.


    ...oh, but it could never happen to Disney!
    Without quoting all those examples I would say it sounds like we have all been hacked already Oh well life goes on I guess. Might as well just give up on life and worry about everything. Typical news stories that really have no merit but since I am actually in the buisness of comstomer data I am at a unfair advantage and perspective in this matter. You can google all the bad things that happen and of course you can't see the companies out there who do a good job at it. My company is huge and we haven't had issues. Can it happen of course but we take whatever measures possible to protect against it. At least I believe in the security systems that keep information safe that's enough for me to continue my day. Like I said before i work in this field and understand it and most people fear the unknown and take the news at face value.

  4. #19

    • No Disassemble!
    • Offline

    Join Date
    Dec 2011
    Location
    San Diego
    Posts
    791

    Re: RFID Braclets possible security risk

    Quote Originally Posted by Mr Wiggins View Post
    ...oh, but it could never happen to Disney!
    It depends on how much talent Disney hires in to it's network security group. A lot of these high profile databases got hacked in the first place because of unchecked redundancy left lying around that was caused by these companies trying to stretch their "information systems" dollar after having 5 or so incident-free years. If Disney spends the appropriate amount of money on the project and hires in good talent for the long-term then their databases will most likely never be hacked.
    Many Bothans died to bring you these fastpasses.

  5. #20

    • Senior Minion
    • Offline

    Join Date
    Jan 2005
    Posts
    8,890

    Re: RFID Braclets possible security risk

    Quote Originally Posted by G24T View Post
    If Disney spends the appropriate amount of money on the project and hires in good talent for the
    long-term then their databases will most likely never be hacked.
    Spending the appropriate amount of money on a theme park project is not something Disney is known for. Corporate arrogance and short-range groupthink are.

    As to "never be hacked" -- that would assume a lot. Including that the world of hacking and the attractiveness of corporate targets are somehow magically different for Disney than for the rest of the corporate world, government agencies and educational institutions.
    "With the acquisition of Marvel and now of Lucasfilm,
    Disney may have finally found the grail. You don't need
    imagination or art. All you need is a brand."

    - Neil Gabler


  6. #21

    • Member
    • Offline

    Join Date
    Oct 2005
    Location
    Too Far From Disney
    Posts
    3,497

    Re: RFID Braclets possible security risk

    I'm not saying that they can't be hacked, I'm just saying that they could hack what they have already. This is nothing new.
    DisneyTwins
    Since May 2003

  7. #22

    • Senior Minion
    • Offline

    Join Date
    Jan 2005
    Posts
    8,890

    Re: RFID Braclets possible security risk

    Quote Originally Posted by biggsworth View Post
    Without quoting all those examples I would say it sounds like we have all been hacked already Oh well life goes on I guess. Might as well just give up on life and worry about everything. Typical news stories that really have no merit but since I am actually in the buisness of comstomer data I am at a unfair advantage and perspective in this matter. You can google all the bad things that happen and of course you can't see the companies out there who do a good job at it. My company is huge and we haven't had issues.
    Laughing off legitimate security concerns with "we know what we're doing" and "it won't happen here" is typical of the attitude of many companies toward computer security, and absolutely can be expected of the Disney Corporation.



    Quote Originally Posted by Disneytwins View Post
    I'm not saying that they can't be hacked, I'm just saying that they could hack what they have already. This is nothing new.
    What would be new is millions more people every year in Disney's database, the huge publicity about the RFID wrist bands, and how attractive a target that would make Disney for hackers.
    "With the acquisition of Marvel and now of Lucasfilm,
    Disney may have finally found the grail. You don't need
    imagination or art. All you need is a brand."

    - Neil Gabler


  8. #23

    • Inappropriate
    • Offline

    Join Date
    Mar 2005
    Location
    Utah
    Posts
    1,418

    Re: RFID Braclets possible security risk

    I have a question: In WDW, you can already link everything to your room key, including your credit card info. Isn't that pretty much what this bracelet thing is, but just with the added RFID? I mean, for years there's been a guest database with all sorts of personal info on it and credit card numbers. It hasn't been hacked yet, has it?

    (And I'm not saying it's not possible, just stating that it hasn't happened. Yet.)

    Click the banner! ^^^^
    Follow us on Twitter
    @mickeymutineers and on Facebook
    Mickey Mutineer Podcast now available in the blog and on iTunes!

  9. #24

    • New Member
    • Offline

    Join Date
    Jun 2010
    Location
    Brier, WA
    Posts
    4

    Re: RFID Braclets possible security risk

    I'm heading down to WDW come late this spring. If it works as a room key does on a cruise, it will be nice not to haul out my wallet each time I want a cupcake or something. BUT, I'm not too keen on the idea of scheduling my FastPass stuff ahead of time. I already get dirty looks from the standby guests as I head into the FastPass line ahead of them. I guess I'll be doing the same thing to the FastPass+ guests as they bypass us all.

  10. #25

    • Member
    • Offline

    Join Date
    Jun 2010
    Posts
    267

    Re: RFID Braclets possible security risk

    Quote Originally Posted by Mr Wiggins View Post
    Spending the appropriate amount of money on a theme park project is not something Disney is known for. Corporate arrogance and short-range groupthink are.

    As to "never be hacked" -- that would assume a lot. Including that the world of hacking and the attractiveness of corporate targets are somehow magically different for Disney than for the rest of the corporate world, government agencies and educational institutions.
    Given that Disney could be considered an "attractive target", some may find it an enticing challenge.

  11. #26

    • Member
    • Offline

    Join Date
    Jun 2010
    Posts
    267

    Re: RFID Braclets possible security risk

    Quote Originally Posted by Pizzapants View Post
    I have a question: In WDW, you can already link everything to your room key, including your credit card info. Isn't that pretty much what this bracelet thing is, but just with the added RFID? I mean, for years there's been a guest database with all sorts of personal info on it and credit card numbers. It hasn't been hacked yet, has it?

    (And I'm not saying it's not possible, just stating that it hasn't happened. Yet.)
    One difference with the Magic+ system appears that everyone, including the kids, will have their own "bracelet", not just the parent's holding the room key. With the kids running around, often on their own, the control over the family's access codes is less secure. A "bracelet" has a bigger chance of being lost or stolen, especially from kids, who may not even notice if it goes missing.

  12. #27

    • Inappropriate
    • Offline

    Join Date
    Mar 2005
    Location
    Utah
    Posts
    1,418

    Re: RFID Braclets possible security risk

    Quote Originally Posted by DLFan1995 View Post
    One difference with the Magic+ system appears that everyone, including the kids, will have their own "bracelet", not just the parent's holding the room key. With the kids running around, often on their own, the control over the family's access codes is less secure. A "bracelet" has a bigger chance of being lost or stolen, especially from kids, who may not even notice if it goes missing.
    But the bracelet is optional, right?

    Click the banner! ^^^^
    Follow us on Twitter
    @mickeymutineers and on Facebook
    Mickey Mutineer Podcast now available in the blog and on iTunes!

  13. #28

    • No Disassemble!
    • Offline

    Join Date
    Dec 2011
    Location
    San Diego
    Posts
    791

    Re: RFID Braclets possible security risk

    Quote Originally Posted by Mr Wiggins View Post
    As to "never be hacked" -- that would assume a lot. Including that the world of hacking and the attractiveness of corporate targets are somehow magically different for Disney than for the rest of the corporate world, government agencies and educational institutions.
    Exactly right, it's assuming that Disney would front the money & appropriate resources from the get-go to keep their stuff as hack-proof as possible, from the outside of course. The threat of an inside job is always the most effective way to crack a database but my statement was made toward threats that originate from some remote terminal.

    Disney, so far has successfully safeguarded it's existing core guest information database which is operating throughout most if not all Disney resort properties. If you guys remember the Epsilon fiasco back in 2011 that exposed Disney Destinations customer's email addresses to hackers it's a relevant example of what I mean when I mention redundancies that go unchecked. Basically they fell asleep on some protocols (negligently I might add) and the next day half the hacking underground had already had it's way with the core database. That's why it's important to have the right I.S. people so that nobody ever falls asleep at the wheel.

    Perhaps hiring Fisher Stevens as "The Plague" would be a good start.
    Last edited by G24T; 01-25-2013 at 01:52 PM.
    Many Bothans died to bring you these fastpasses.

  14. #29

    • former CM
    • Offline

    Join Date
    Jul 2006
    Location
    S. Cal. via Milw. & Madison Wisconsin
    Posts
    3,012

    RFID Braclets possibly not best use of $800,000,000

    Today and yesterday I became concerned that Disney will f this up. I went on the Disneyland website and it states that the Billies will perform and makes no mention the Golden Horseshoe Revue.

    So I called and was told (underconfidently) that, "The Golden Horseshoe Revue will not be performing on Saturday. . . oh, wait. . .hmmmm. There will be one performance at 3:30." That sounded unlikely so I called back today and was told that The Golden Horseshoe will be performing tomorrow, despite that the website has failed to mention it. And I was (overconfidently) told that guests don't sign up for shows earlier in the day, but just show up before each show.

    So Disney is putting out a lot of contradictory information. That and their failure to run a better website make me dubious about their $800,000,000 MyMagic+ investment.

    I wish Steve Jobs had lived and, as Disney's biggest shareholder, watched over this, and much else at the Disney parks

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Possible DCA Expansion Themes
    By ModHatter in forum Disneyland Resort
    Replies: 106
    Last Post: 12-04-2005, 01:18 PM
  2. Undercover Security
    By Tech_Disney in forum Disneyland Resort
    Replies: 100
    Last Post: 07-20-2005, 06:06 PM
  3. security checkpoint
    By idontneedaname in forum Disneyland Resort
    Replies: 70
    Last Post: 04-07-2005, 08:54 PM
  4. Should I Risk My Reputation?
    By Aladdin in forum MiceChat News Archive
    Replies: 12
    Last Post: 02-25-2005, 10:44 AM
  5. Your Plan to Ride Your Favourite Ride as Much as Possible
    By splashmountainfreak in forum Disneyland Resort
    Replies: 8
    Last Post: 01-18-2005, 07:15 AM

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •