General > General Technical Chat
"FU^%ING" Credit-Cards!!!
wilfred:
--- Quote from: free_electron on June 27, 2020, 01:40:27 am ---
--- Quote from: dr.diesel on June 27, 2020, 12:56:50 am ---And yeah checks are HORRIBLE, I always get stuck behind somebody slowly writing a check, especially at the farm/utility/hardware stores.
--- End quote ---
And those are the kind of people that invariably wait until they see the total to write in the other information. like date , who the check is for etc ...
I have to work very hard not to kick them so hard they bounce of the ceiling and when coming down bounce once more off the floor ... i hate check writers.
--- End quote ---
You'd kick my 90 year old aunt until she bounced from the ceiling?
I hope someone in the queue will help her to her feet again.
Brumby:
Bunnings have very high ceilings, especially in the single story stores. Kicking anybody - or anything for that matter - would be quite the achievement.
Rerouter:
Don't know the full details, but have heard of remote NFC payments being possible, there is enough of a delay period between expected responses that you can record it, and play back remotely, so theif 1 sits up next to where a card is, theif 2 starts a payment, and the reader and the card are essentially linked via TCPIP, however that would not explain the italy thing, think it only gave you about 500km of wiggle room.
Halcyon:
--- Quote from: Rerouter on June 27, 2020, 03:36:55 am ---Don't know the full details, but have heard of remote NFC payments being possible, there is enough of a delay period between expected responses that you can record it, and play back remotely, so theif 1 sits up next to where a card is, theif 2 starts a payment, and the reader and the card are essentially linked via TCPIP, however that would not explain the italy thing, think it only gave you about 500km of wiggle room.
--- End quote ---
These sorts of playback attacks won't work on card payment systems, since the challenge-response changes on each transaction. There are anecdotal reports of NFC "skimming" occurring or at least being possible, however in the real world, we're yet to see it actually occur. Of course it's possible to "read" someones card using an actual legitimate payment terminal through their wallet/pants, however even on legitimate terminals, the anti-collision mechanism kicks in. If more than one card responds, then all are rejected.
Companies have taken advantage of these scare campaigns to sell consumers RF blocking wallets and although I acknowledge that there are legitimate uses for such things, for the most part, it's never going to be a problem for most people. I've also seen charlatans who claim to be part of the cyber security community claiming that it's a huge issue (a person who actually calls himself an "eVestigator" is one example -- He is the laughing stock of the cyber security world and most people in the industry know him for all the wrong reasons).
Rerouter:
Not playback, literally remote man in the middle. one end a fake card that records the challenge, gets broadcast to the remote unit which play the challenge to the actual card, records the response, then sends it back to the fake card to play to the terminal. due to the cmplexity, I have only heard about it in cases where the card is stationary so they do not have to worry about collisions or the exact timing of the challenge
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version