<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>forgery &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/forgery/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Sat, 01 Nov 2025 15:54:34 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Faking Receipts with AI</title>
		<link>https://noise.getoto.net/2025/11/07/faking-receipts-with-ai/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 07 Nov 2025 12:01:46 +0000</pubDate>
				<category><![CDATA[AI]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[fraud]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=71119</guid>

					<description><![CDATA[<p>Over the past few decades, it’s become easier and easier to create fake receipts. Decades ago, it required special paper and printers—I remember a company in the UK advertising its services to people trying to cover up their affairs. Then, receipts became computerized, and faking them required some artistic skills to make the page look realistic.</p>
<p>Now, AI can <a href="https://arstechnica.com/ai/2025/10/ai-generated-receipts-make-submitting-fake-expenses-easier/">do it all</a>:</p>
<blockquote><p>Several receipts shown to the FT by expense management platforms demonstrated the realistic nature of the images, which included wrinkles in paper, detailed itemization that matched real-life menus, and signatures...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Parmesan Anti-Forgery Protection</title>
		<link>https://noise.getoto.net/2023/08/24/parmesan-anti-forgery-protection/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Thu, 24 Aug 2023 11:24:24 +0000</pubDate>
				<category><![CDATA[authentication]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=67719</guid>

					<description><![CDATA[The Guardian is reporting about microchips in wheels of Parmesan cheese as an anti-forgery measure.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>QR Code Scam</title>
		<link>https://noise.getoto.net/2022/12/28/qr-code-scam/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Wed, 28 Dec 2022 18:14:31 +0000</pubDate>
				<category><![CDATA[forgery]]></category>
		<category><![CDATA[QR codes]]></category>
		<category><![CDATA[scams]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=66421</guid>

					<description><![CDATA[An enterprising individual made fake parking tickets with a QR code for easy payment.
]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Forging Australian Driver’s Licenses</title>
		<link>https://noise.getoto.net/2022/05/23/forging-australian-drivers-licenses/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Mon, 23 May 2022 11:09:25 +0000</pubDate>
				<category><![CDATA[authorization]]></category>
		<category><![CDATA[cars]]></category>
		<category><![CDATA[encryption]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65446</guid>

					<description><![CDATA[<p>The New South Wales digital driver’s license has <a href="https://blog.dvuln.com/blogs/servicensw-digital-superbad">multiple implementation flaws</a> that allow for easy forgeries.</p>
<blockquote><p>This file is encrypted using AES-256-CBC encryption combined with Base64 encoding.</p>
<p>A 4-digit application PIN (which gets set during the initial onboarding when a user first instals the application) is the encryption password used to protect or encrypt the licence data.</p>
<p>The problem here is that an attacker who has access to the encrypted licence data (whether that be through accessing a phone backup, direct access to the device or remote compromise) could easily brute-force this 4-digit PIN by using a script that would try all 10,000 combinations…...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Java Cryptography Implementation Mistake Allows Digital-Signature Forgeries</title>
		<link>https://noise.getoto.net/2022/04/22/java-cryptography-implementation-mistake-allows-digital-signature-forgeries/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 22 Apr 2022 12:09:59 +0000</pubDate>
				<category><![CDATA[Cryptography]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[patching]]></category>
		<category><![CDATA[signatures]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65348</guid>

					<description><![CDATA[<p>Interesting <a href="https://arstechnica.com/information-technology/2022/04/major-crypto-blunder-in-java-enables-psychic-paper-forgeries/">implementation mistake</a>:</p>
<blockquote><p>The vulnerability, which <a href="https://www.oracle.com/security-alerts/cpuapr2022.html">Oracle patched on Tuesday</a>, affects the company’s implementation of the <a href="https://en.wikipedia.org/wiki/Elliptic_Curve_Digital_Signature_Algorithm">Elliptic Curve Digital Signature Algorithm</a> in Java versions 15 and above. ECDSA is an algorithm that uses the principles of <a href="https://arstechnica.com/information-technology/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/">elliptic curve cryptography</a> to authenticate messages digitally.</p>
<p>[…]</p>
<p>ECDSA signatures rely on a pseudo-random number, typically notated as K, that’s used to derive two additional numbers, R and S. To verify a signature as valid, a party must check the equation involving R and S, the signer’s public key, and a cryptographic hash of the message. When both sides of the equation are equal, the signature is valid. ...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Hackers Using Fake Police Data Requests against Tech Companies</title>
		<link>https://noise.getoto.net/2022/04/05/hackers-using-fake-police-data-requests-against-tech-companies/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Tue, 05 Apr 2022 11:04:10 +0000</pubDate>
				<category><![CDATA[courts]]></category>
		<category><![CDATA[extortion]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[hacking]]></category>
		<category><![CDATA[police]]></category>
		<category><![CDATA[scams]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65300</guid>

					<description><![CDATA[<p>Brian Krebs has a <a href="https://krebsonsecurity.com/2022/03/hackers-gaining-power-of-subpoena-via-fake-emergency-data-requests/">detailed post</a> about hackers using fake police data requests to trick companies into handing over data.</p>
<blockquote><p>Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.</p>
<p>But in certain circumstances ­– such as a case involving imminent harm or death –­ an investigating authority may make what’s known as an Emergency Data Request (EDR), which largely bypasses any official review and does not require the requestor to supply any court-approved documents...</p></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Why Vaccine Cards Are So Easily Forged</title>
		<link>https://noise.getoto.net/2022/03/18/why-vaccine-cards-are-so-easily-forged/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 18 Mar 2022 11:12:05 +0000</pubDate>
				<category><![CDATA[cheating]]></category>
		<category><![CDATA[COVID-19]]></category>
		<category><![CDATA[essays]]></category>
		<category><![CDATA[forgery]]></category>
		<category><![CDATA[security theater]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<category><![CDATA[vulnerabilities]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65236</guid>

					<description><![CDATA[<p>My proof of COVID-19 vaccination is recorded on an easy-to-forge <a href="https://www.theatlantic.com/health/archive/2021/08/covid-19-vaccine-cards-why-so-big/619707/">paper card</a>. With little trouble, I could print a blank form, fill it out, and snap a photo. Small imperfections wouldn’t pose any problem; you can’t see whether the paper’s weight is right in a digital image. When I fly internationally, I have to show a negative COVID-19 test result. That, too, would be easy to fake. I could change the date on an old test, or put my name on someone else’s test, or even just make something up on my computer. After all, there’s no standard format for test results; airlines accept anything that looks plausible...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 33/139 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-11 05:43:20 by W3 Total Cache
-->