Re: ram scraper

[RandallM <randallm () fidmail com>]

On Thu, Dec 10, 2009 at 11:50 AM, Larry Seltzer <larry () larryseltzer com>wrote:

> For this approach to work the malware has to install on the system as a
> privileged process. Once that happens almost any conceivable defense is
> compromised. The mistake is that the system was left open to the
> malware.
>
> Larry Seltzer
> Contributing Editor, PC Magazine
> larry_seltzer () ziffdavis com
> http://blogs.pcmag.com/securitywatch/
>
>
> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
> On Behalf Of Valdis.Kletnieks () vt edu
> Sent: Thursday, December 10, 2009 11:57 AM
> To: RandallM
> Cc: funsec
> Subject: Re: [funsec] ram scraper
>
> On Thu, 10 Dec 2009 10:17:58 CST, RandallM said:
> > what is the types of processes to protect from RAM pilfering? I have
> > to admit I never thought this one.
> >
> > http://www.theregister.co.uk/2009/12/09/ram_scraper_credit_card_theft/
>
> "So-called RAM scrapers scour the random access memory of POS, or
> point-of-sale, terminals, where PINs and other credit card data must be
> stored in the clear so it can be processed. When valuable information
> passes through, it is uploaded to servers controlled by credit card
> thieves."
>
> So tell me - why is a POS terminal at all vulnerable to easy infection
> by malware?  Let me restate it:
>
> 'POS Terminal' == 'network-connected cash register'.
>
> These need to be easily reprogrammed (by owner or miscreant), why,
> exactly?
and the difference here to "allowing" any malware is....?????

-- 
been great, thanks
a.k.a System

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.