A secure democratic Net is a fundamental right

Why should you try to skim a bank or creditcard reader when you can insert another chip in the machine before it is shipped to the banks and shops ? After the rumors about mobilphones that could become listening devices and chinese routers in the US that are in fact sniffers and 'sleeping' cyberwarinfrastructure now come the story that chinese made creditcard readers were found to be tampered with so they become skimmers. The information is sent to China where it is used to make new cards that are used for all kinds of payments.

This is also the case in Europe, not only the UK.

Some things are troubling in the story.

First the time it took to discover how it was done. Maybe they don't have the resources in their security and intelligence services, those creditcard companies.

Secondly the fact that a creditcardreader can send this information over. Isn't it a normal hardening procedure that a machine can only send information to certain servers and no other connection ? And if you can't do that on the machine, can't you do it on the PBX or the communication server (with an alert if some machine wants to connect to somewhere else ?).

THirdly isn't it curious that people in China are using creditcard information of UK shoppers in a local branch of a supermarket ? I don't know but that kind of dramatically change in use of the creditcard should have asked for a checking moment before accepting the order. Maybe creditcard users should be able to say that they don't travel and that for example they don't use their card on the internet (or use another one they only use for the internet). Shouldn't that eliminate already a great deal of fraud ?

And maybe such material should be produced in closed national high security factories. They are critical infrastructure. Just an idea.