At least this register isn't empty...
As most PC users are aware, one of the first steps you take when connecting that spanking new gaming rig to the internet is make sure you have installed and configured a firewall to safeguard your system and connection from unwanted intruders.
Apparently, for approximately 200 small businesses, including at least 150 Subway franchises, whoever set up their Point-of-Sale (POS) systems was absent the day they taught Network Security Basics in school. Over 80,000 customers had their credit card information stolen in a scam dating back to 2008, according to recently released court documents.
The culprit:
POS systems with open internet connections. All the hackers had to do was run a simple port scan to find a way into the system, then they set up their trojan to collect and dump the data periodically. Voila, free money. Well at least until they got caught.
POS systems are actually supposed to be secured according to standards set forth by the individual card vendors, such as Visa and MasterCard, although there is a trade group, PCI, which has some basic standards in place, but no methods to ensure compliance. PCI states that vendors should have two factor authentication in place if they accept swiped transactions, something that most likely would have prevented these attacks.
Think about this kind of stuff the next time you swipe your card to get that $5 footlong, and be vigilant in checking your account statements frequently to detect any fraudulent transactions. Be safe out there kiddies!
For more info, check out:
https://www.pcisecuritystandards.org/index.php
and
![|Source=http://flickr.com/photos/ice_professor/262725376/ |Date=2006-10-06 |Author=[http://flickr.com/people/ice_professor/ The Ice Professor] |Permission=CC-BY 2.0 |](http://upload.wikimedia.org/wikipedia/commons/4/40/PS3_at_CEATEC_2006_(vertical).jpg)
A potential landmark case is slowly meandering through the halls of justice and many people in the U.S. have either dismissed it as a bunch of gamer drama or have never even heard of it. The case is Sony v. Hotz, and it was filed in Federal District court in San Francisco on 11-Jan 2011. Sony is essentially seeking to have Hotz silenced for having jail-broken the PS3′s latest firmware. Sony had put into place a system to keep owners from running 3rd party operating systems and applications on the PS3, something they had allowed for quite some time previously. Hotz and his band of merry men decided they wanted to have the ability to run Linux and other apps on machines they owned, so they found and exploited a security flaw in the PS3′s firmware and developed a path that allowed them to run “unauthorized programs” on the PS3. They published this information on the web, and now Sony is trying to get that cat back into the bag.
Recent Discussion