funsec mailing list archives
Re: UK: Chip and Pin Scam 'Has Netted Millions From British Shoppers'
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Mon, 13 Oct 2008 18:34:34 +1300
Rob Slade wrote:
In what is known as a "supply chain attack"Using what is known as an "instant terminology attack," the author wrote ...
I've heard this term, or very similar, used before. A quick Google turned up a 2003 paper by Elias Levy named "Poisoning the Software Supply Chain" which apparently was published in the May/Jun issue of IEEE's Security & Privacy journal. Shah, Molina and Blaze had a 2006 Usenix paper called "Keyboards and Covert Channels" which discussed how the topic matter of their paper could be used in supply chain attacks. And the April 2006 "Federal Plan for Cyber Security and Information Assurance Research and Development" report by the Interagency Working Group on Cyber Security and Information Assurance (CSIA) discussed various supply chain attack issues, rating it as an issue worthy including in its own sub-section in the report: http://www.nitrd.gov/pubs/csia/csia_federal_plan.pdf Perhaps not a mainstream security term in widespread use, but hardly one reeking of recent journalistic rectal extraction either... Regards, Nick FitzGerald _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- UK: Chip and Pin Scam 'Has Netted Millions From British Shoppers' Paul Ferguson (Oct 10)
- Re: UK: Chip and Pin Scam 'Has Netted Millions From British Shoppers' Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 12)
- Re: UK: Chip and Pin Scam 'Has Netted Millions From British Shoppers' Nick FitzGerald (Oct 12)
- Re: UK: Chip and Pin Scam 'Has Netted Millions From British Shoppers' Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 12)