In article <[EMAIL PROTECTED]>, Perry E. Metzger <[EMAIL PROTECTED]> writes
>Handheld "Chip & Pin" terminals for reading credit cards in the UK are >required to be tamperproof to avoid the possibility of people >suborning them. Here is a report from a group that has not merely >tampered with such a terminal, but has (as a demo) converted it into a >tetris game to demonstrate that they can make it do whatever they >like. > >http://www.lightbluetouchpaper.org/2006/12/24/chip-pin-terminal-playing-tetris/ I think the proof-of-concept has been slightly misunderstood :( The terminal is intended to be tamperproof in that once you have messed with it, it can no longer communicate with the bank. As far as I know the terminal delivers on this -- hard to say, because I bought it from eBay "as is" with no knowledge of who had used it before or what secrets it contained [it's legally my terminal, but that's the end of my involvement ! all the credit goes to Saar and Steven who had all the ideas and did all of the work] However, if you don't want your terminal to do payments but just wish to use it to capture PINs then it's tamper-evidence that is needed : and that requires not only fancy seals and such, but also training for the general public, such that they know what to look for. Also, mayhap, training for the merchant's staff if the merchant isn't in on the scam and the terminal's innards have been surreptitiously replaced. Of course you could have a bog-standard PC playing Tetris ... but it doesn't seem terribly likely that people would type their PIN on the keyboard; hence the subverting of a genuine device to clearly make the point that people have no idea what is a genuine terminal attached to a genuine credit card network. They just type and trust -- and the real story here is that the protocols are not end to end :( and hence a man- in-the-middle can do a great deal more than would be desirable :( Note also that without a payment going through for the card (there's that tamperproof property again), the credit card company's fancy pattern recognition schemes for spotting fraud have nothing to bite upon... ... at least until all the fraud victims complain that not only are there <n> unauthorised charges on their bill (which are being hotly disputed because the PIN was used so they "must" be genuine) but ALSO that there is one tell-tale missing charge, for the site at which the Tetris playing (well, that might be a give-away!) terminal was used. -- richard Richard Clayton Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. Benjamin Franklin 11 Nov 1755 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
