[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Tue, Apr 30, 2013 at 10:51:49AM +0100, Brad Rogers wrote:
> IIRC, there are inserts that fit into the card slot of ATMs, or any other
> card reader for that matter, that gather all the data they contain and
> record the PIN. So, even keeping the card in full view is no guarantee.
>
> Whatever happened to cash? :-)
>
Looked up the old joke about the leopard and the running shoes:
There is an old joke about two men being chased by a leopard: one stops
to put his training shoes on, the other says; âthereâs no time for
that, you will never be able to run faster than the leopardâ, the first
man replies, âit is only you I need to run faster than!â
But the rest of the article is more interesting
http://www.techrepublic.com/blog/european-technology/out-running-the-leopard-dodging-targeted-attacks-in-cyber-space/1577
So presumably
1) Simple solutions (keep the card in sight at all times, block SSH port
22) will prevent stupid attacks and reduce headaches with not much work
2) Sophisticated attacks are much harder to prevent but presumably there
is a trade off issue. See all the material on the Bradley Manning and
Wikileaks issue.
www.schneier.com/blog/archives/2010/12/wikileaks_1.html
www.technologyreview.com/news/514066/what-happened-when-one-man-pinged-the-whole-internet/
--
Henry
Communication not signed with an original manual signature or an appropriately
verified digital signature is not binding.
Tue Apr 30 12:35:05 BST 2013
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
-- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq