No. 1 Story
HP job cuts loom for Australian employees
A number of Australian employees of Hewlett-Packard are facing the loss of their jobs as the global computer giant looks to slash its worldwide workforce by up to 30,000.
read moreRelated Articles
ChipandPIN, card, security, easily, bypassedMore From
Chip-and-PIN card security easily bypassed
David Heath
Tuesday, 16 February 2010 00:06
Perhaps criminals have known about this for a long time, but security researchers have just announced the discovery of fundamental problems with the security of so-called Chip-and-PIN cards.
These flaws are so easily exploited that during a public demonstration of the problem, card after card owned by journalists present was verified for a transaction using the PIN 0000. In no case was this the correct PIN.
The researchers inserted a "wedge" between the stolen card and terminal, which tricks the terminal into believing that the PIN was correctly verified. In fact, the fraudster can enter any PIN, and the transaction will be accepted.
Steven J Murdoch, one of the team-members noted that, "We have tested this attack against cards issued by most major UK banks. All have been found to be vulnerable."
Saar Drimer, another member of the team also observed that "The technical sophistication for carrying out this attack is low, and the compact equipment will not be noticed by shop staff. A single criminal can develop and industrialize a kit to be used by others who do not need to understand how the attack works."
A video of the problem is available here.
Read on for details of the vulnerability.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
