Export thread

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in please checkout the “Tips & Tricks” page for some very handy tips!

    /Steve.

  • BootAble – FreeDOS boot testing freeware

    To obtain direct, low-level access to a system's mass storage drives, SpinRite runs under a GRC-customized version of FreeDOS which has been modified to add compatibility with all file systems. In order to run SpinRite it must first be possible to boot FreeDOS.

    GRC's “BootAble” freeware allows anyone to easily create BIOS-bootable media in order to workout and confirm the details of getting a machine to boot FreeDOS through a BIOS. Once the means of doing that has been determined, the media created by SpinRite can be booted and run in the same way.

    The participants here, who have taken the time to share their knowledge and experience, their successes and some frustrations with booting their computers into FreeDOS, have created a valuable knowledgebase which will benefit everyone who follows.

    You may click on the image to the right to obtain your own copy of BootAble. Then use the knowledge and experience documented here to boot your computer(s) into FreeDOS. And please do not hesitate to ask questions – nowhere else can better answers be found.

    (You may permanently close this reminder with the 'X' in the upper right.)

NFC Flaws in POS Devices and ATMs

#1

Dave

Dave

https://www.schneier.com/crypto-gram/archives/2021/0715.html#cg1

NFC Flaws in POS Devices and ATMs​

[2021.06.28] It’s a series of vulnerabilities:
Josep Rodriguez, a researcher and consultant at security firm IOActive, has spent the last year digging up and reporting vulnerabilities in the so-called near-field communications reader chips used in millions of ATMs and point-of-sale systems worldwide. NFC systems are what let you wave a credit card over a reader — rather than swipe or insert it — to make a payment or extract money from a cash machine. You can find them on countless retail store and restaurant counters, vending machines, taxis, and parking meters around the globe.
Now Rodriguez has built an Android app that allows his smartphone to mimic those credit card radio communications and exploit flaws in the NFC systems’ firmware. With a wave of his phone, he can exploit a variety of bugs to crash point-of-sale devices, hack them to collect and transmit credit card data, invisibly change the value of transactions, and even lock the devices while displaying a ransomware message. Rodriguez says he can even force at least one brand of ATMs to dispense cash though that “jackpotting” hack only works in combination with additional bugs he says he’s found in the ATMs’ software. He declined to specify or disclose those flaws publicly due to nondisclosure agreements with the ATM vendors.
Click to expand...
Click to expand...


#2

danlock

danlock

Apparently, those systems really ARE POS systems. *rimshot*

Josep Rodriguez' method is much faster than using the Atari Portfolio DOS portable computer John Connor used in Terminator II for swiping and sorting to get a 4-digit PIN.


#3

Dave

Dave

danlock said:
Apparently, those systems really ARE POS systems. *rimshot*
Click to expand...
I had the same thought but left it for you. (That's the generic 'you'.)

Evoked a vague memory from WAY too many years ago. It might have even been Rowan_& Martin's Laugh-In. But someone picked up on an obvious opening and then added "You keep settin' 'em up, I'll keep bringin' 'em home!".


#4

rfrazier

rfrazier

FYI, this thread is also related to this topic in terms of credit card fraud.


May your bits be stable and your interfaces be fast. :cool: Ron


#5

rfrazier

rfrazier

@Dave Why the angry face emoticon?

Ron


#6

Dave

Dave

rfrazier said:
@Dave Why the angry face emoticon?

Ron
Click to expand...
Oh, sorry for the ambiguity. It was in reaction to the mention of "credit card fraud.".

Thanks for asking if it wasn't clear.

Sometimes I think honey and fire ants would be too good for some of these low-life predators.


#7

rfrazier

rfrazier

@Dave I tend to agree. Way too much slime on the planet.

May your bits be stable and your interfaces be fast. :cool: Ron


Top Bottom
Back