Hack of the Day: Chip and Pin Terminal Plays Tetris

["Fergie" <fergdawg () netzero net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sweet hack. :-)

Via Light Blue Touchpaper.

[snip]

Many discussions over the security of Chip & PIN have focused on the
tamper-resistance of terminals (for example in the aftermath of the Shell
Chip & PIN fraud). It is important to remember, however, that even perfect
tamper resistance only ensures that the terminal will no longer be able to
communicate with the bank once opened. It does not prevent anyone from
replacing most of the terminal’s hardware and presenting it to customers
as legitimate, so freely collecting card details and PINs.

[snip]

More:
http://www.lightbluetouchpaper.org/2006/12/24/chip-pin-terminal-playing-tet
ris/

You simply must watch the short video. :-)

Enjoy,

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.5.2 (Build 4075)

wj8DBQFFnei5q1pz9mNUZTMRArc2AKC3zvNBXRVZQFh8sCBSXuHHHQcbVACgtgAQ
xBA/IcXUYcEECx45tiO/ATA=
=NXjU
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.