[Info-vax] One possible market for VMS: secure credit card
Jan-Erik Soderholm
jan-erik.soderholm at telia.com
Sun Mar 22 07:43:20 EDT 2015
JF Mezei skrev den 2015-03-22 09:15:
>
> Checking out ferry schedules for next summer, I find this:
>
> http://www.cmlf.com/DataSecurityInformationPage/tabid/1201/Default.aspx
> (the press releases links at bottom of page provide more info)
>
> Thankfully, during the time of vulnerability, I think I used cash at
> their food outlets. Lasted from Sept 2013 to August 8th 2014. They were
> advised of breach on July 30th 2014.
>
> I have to imagine...
As usual.
The common way to collect card information is to tamper with the
card terminals themselfs. These are normaly embedded equipment
and can be tampered with no matter what they "run". Usualy by
someone with good inside knowledge of the terminals.
> Imagine a small VMS box that is secure, has modern protocol support,
> especialy encryption, secure database, which would allow those outfits
> to provide secure credit card processing.
And why would not those interested in tampering with these
also be intersteding in learning VMS? Silly...
More information about the Info-vax
mailing list