Dailydave mailing list archives

Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062

From: "Nathan Landon" <nathan.landon () digitaloperatives com>
Date: Fri, 15 Sep 2006 15:43:04 -0400

They showed it on the news here in Virginia.   They have security camera
footage of the guy who they believe is the perpetrator trying to pull out
$250 and getting $1000.   He did this twice apparently.   He doesn't look
like the "engineer" type.   They reported that he was able to turn on the
glitch through a series of entered numbers.    Doubtful he knew what he was
doing otherwise he could have turned it off between attempts.

It took 9 days apparently to catch the error when a good samaritan noticed
that they got more than they asked for and reported it.

It smells to me that it was either an inside job or a disgruntled employee.


Nate

--
Nathan Landon
President Digital Operatives
www.digitaloperatives.com



On 9/15/06, Dave Korn <dave.korn () artimi com> wrote:

On 15 September 2006 12:43, Halvar Flake wrote:

> Somebody tell me that the stuff in the subject is
> a joke.
>
> Cheers,
> Halvar

Hmmf.  It comes across as dubious at first sight, but if the guy did get
some kind of engineer's access to the ATM, he could perhaps mis-program it
as
to which kind of bills were loaded into which columns/containers in the
cash
bay.  (Correct me if I'm wrong, but aren't all dollar bills the same size?
This approach could not work in the UK where different denominations are
of
different sizes and need to be loaded into differently-sized cassettes
which
then automatically cue the machine as to the nature of the notes loaded
into
them).

It also sounds like a garbled reference to 2FA - the swipe card would be a

special engineer's identifier, and the "series of numbers" that he entered
would not have been "breaking the code", but merely misusing a legitimate
authority.

I guess we need to see a more technical report before we can reach
conclusions, but that's my attempt to read between the lines: it's not a
joke,
it's just what happens when a non-technical reporter attempts to cover a
hi-tech crime story.

   cheers,
     DaveK
--
Can't think of a witty .sigline today....

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave

Current thread:

[Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Halvar Flake (Sep 15)
- Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Dave Korn (Sep 15)
  - Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Nathan Landon (Sep 15)
    - Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Nathan Landon (Sep 15)
    - Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Remad (Sep 16)
    - Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Rao, Sarraju Narasinga (Sep 16)
  - Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Robert Clark (Sep 16)
- Re: [Dailydave] http://home.hamptonroads.com/stories/story.cfm?story=110889&ran=223062 Parity (Sep 18)