a surprisingly disappointing article from ars, i expect better from them.

the author appears to be confusing “relay attacks” with “cloning” and doesn’t really explain the flow of the attach that well.

really this just sounds like a complicated MitM attack, using the victim’s phone as the “middle” component between the victim’s physical card and the attacker’s rooted phone.

the whole “cloning the UID attack” at the end of the article is irrelevant, NFC payment cards don’t work like that.

Microsoft creates secure boot: “we should be able to run whatever we want on our hardware!”

Microsoft lets users install crowdstrike on their computer: “Microsoft shouldn’t let us run this on our hardware!”