[Info-vax] One possible market for VMS: secure credit card
Kerry Main
kerry.main at backtothefutureit.com
Sun Mar 22 10:23:39 EDT 2015
> -----Original Message-----
> From: Info-vax [mailto:info-vax-bounces at info-vax.com] On Behalf Of
> Jan-Erik Soderholm
> Sent: 22-Mar-15 7:43 AM
> To: info-vax at info-vax.com
> Subject: Re: [New Info-vax] One possible market for VMS: secure credit
> card
>
> JF Mezei skrev den 2015-03-22 09:15:
> >
> > Checking out ferry schedules for next summer, I find this:
> >
> >
> http://www.cmlf.com/DataSecurityInformationPage/tabid/1201/Default
> .aspx
> > (the press releases links at bottom of page provide more info)
> >
> > Thankfully, during the time of vulnerability, I think I used cash at
> > their food outlets. Lasted from Sept 2013 to August 8th 2014. They
> were
> > advised of breach on July 30th 2014.
> >
> > I have to imagine...
>
> As usual.
>
> The common way to collect card information is to tamper with the
> card terminals themselfs. These are normaly embedded equipment
> and can be tampered with no matter what they "run". Usualy by
> someone with good inside knowledge of the terminals.
>
>
> > Imagine a small VMS box that is secure, has modern protocol support,
> > especialy encryption, secure database, which would allow those outfits
> > to provide secure credit card processing.
>
Security is only as strong as its weakest link. All links in the solution need
to be reviewed regularly and enhanced as required.
> And why would not those interested in tampering with these
> also be intersteding in learning VMS? Silly...
>
Hackers go where the least amount of work stands to create the
greatest rewards.
With 98%+ of the typical hackers not even knowing what OpenVMS
Is, security by obscurity is a good thing.
This does not mean OpenVMS should be complacent - just the opposite.
It needs to continually invest in platform security features & supporting
processes.
Secure OpenVMS / X86-64 based "appliance" solutions are certainly
something to consider for future opportunities.
Regards,
Kerry Main
Back to the Future IT Inc.
.. Learning from the past to plan the future
Kerry dot main at backtothefutureit dot com
More information about the Info-vax
mailing list